Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/0fPJtklrDslo60rYvJqyGzbRQtU.roa
File: 0fPJtklrDslo60rYvJqyGzbRQtU.roa (raw, json)
Hash identifier: ERctq3FZP6UC1+CWJc8fnj1bMYtK89pMRqlgri6a0B8=
Subject key identifier: D1:F3:C9:B6:49:6B:0E:C9:68:EB:4A:D8:BC:9A:B2:1B:36:D1:42:D5
Certificate issuer: /CN=af734108705a95796e8577125dd300c751dfd9a8
Certificate serial: 046E3A4B
Authority key identifier: AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/0fPJtklrDslo60rYvJqyGzbRQtU.roa
Signing time: Fri 01 Apr 2022 07:12:01 +0000
ROA not before: Fri 01 Apr 2022 07:12:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212939
IP address blocks: 195.28.168.0/24 maxlen: 24
195.28.168.0/23 maxlen: 23
195.28.169.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74332747 (0x46e3a4b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af734108705a95796e8577125dd300c751dfd9a8
Validity
Not Before: Apr 1 07:12:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d1f3c9b6496b0ec968eb4ad8bc9ab21b36d142d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:07:bd:b9:9c:d1:7e:c3:7c:8d:71:6b:e3:98:
6e:dc:09:d9:20:f5:62:ee:fb:ed:a2:d7:6d:1e:ff:
7d:58:92:f1:43:5a:1d:d4:e0:73:cf:8d:f6:4a:8a:
86:0d:14:1e:8c:67:7c:27:15:d2:0e:c1:1d:a5:76:
9e:be:c1:7a:64:b1:cc:e5:20:60:fe:c3:43:d4:72:
e8:c0:53:a9:36:29:4a:3d:c9:0c:86:4b:9b:c5:7a:
bb:9a:64:d8:9b:38:59:4a:49:09:b5:e7:fa:6a:a2:
ec:19:3c:e9:15:88:f6:0f:04:9e:cd:31:d6:1e:03:
91:ed:ee:ca:98:c0:0d:d5:f5:c0:c2:2a:04:1f:c5:
b8:69:7b:84:05:b2:88:56:a7:d4:98:fd:04:21:7e:
5a:32:b0:3e:07:81:be:22:6b:ba:7c:17:7c:7a:a9:
5e:61:4b:9a:48:b2:a5:18:d5:a4:bf:69:0e:ec:9f:
d8:8f:97:e7:54:5f:73:da:bc:1b:2f:39:b4:af:14:
f6:4c:2f:7b:da:8e:de:91:4c:b9:5a:7d:8c:3a:ac:
42:05:ec:36:0e:f4:6e:16:29:b8:ef:1c:8e:57:38:
59:87:08:ef:06:85:1c:b0:54:9a:80:b8:81:74:f6:
c6:ae:be:4c:f6:c9:0f:a3:a8:57:70:14:6d:da:9c:
95:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:F3:C9:B6:49:6B:0E:C9:68:EB:4A:D8:BC:9A:B2:1B:36:D1:42:D5
X509v3 Authority Key Identifier:
keyid:AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/0fPJtklrDslo60rYvJqyGzbRQtU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/r3NBCHBalXluhXcSXdMAx1Hf2ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.28.168.0/23
Signature Algorithm: sha256WithRSAEncryption
0c:7c:bc:bc:3c:ff:20:be:f3:75:61:3e:da:48:74:3d:fe:ed:
cb:34:d8:45:f6:d5:74:58:96:31:6c:e1:a9:34:3e:b5:5c:d2:
ea:35:81:ac:06:a8:ea:95:5b:bd:35:4a:af:a3:41:e7:1a:70:
f3:ae:de:bf:6f:c8:d4:2b:4d:4f:b6:df:83:f3:c7:a8:83:6c:
93:78:81:2e:a9:6e:59:f1:47:f2:15:b6:71:a1:4d:a8:79:f0:
ea:c9:48:b7:41:7d:57:46:ea:db:54:40:ce:66:1b:65:31:78:
e3:6f:34:d9:08:c1:9e:32:99:25:26:e9:b4:47:e6:0c:28:7e:
cf:73:71:6c:21:66:01:0d:cc:13:73:bc:3a:4e:89:29:2e:c9:
fc:64:61:cd:8e:cb:2a:73:e8:e8:61:1c:40:ae:92:9b:ff:bb:
5c:18:bb:7c:29:3a:1b:7f:74:fe:dd:50:84:2a:5e:cc:0c:6c:
d0:b3:a5:0d:fb:c9:75:df:58:17:83:25:c1:43:27:f3:1b:a5:
f0:b4:a8:a9:60:8d:c7:0b:83:0e:ab:aa:0a:c7:8e:02:1d:59:
34:d6:5e:a4:53:d4:b7:8a:eb:90:56:91:ea:2c:10:3c:3b:6a:
b6:ee:b3:8e:18:a1:a7:6f:62:90:d1:9f:96:3c:8a:bc:b1:99:
dc:b6:97:b1
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBG46SzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZjczNDEwODcwNWE5NTc5NmU4NTc3MTI1ZGQzMDBjNzUxZGZkOWE4MB4XDTIyMDQw
MTA3MTIwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDFmM2M5YjY0OTZi
MGVjOTY4ZWI0YWQ4YmM5YWIyMWIzNmQxNDJkNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALoHvbmc0X7DfI1xa+OYbtwJ2SD1Yu777aLXbR7/fViS8UNa
HdTgc8+N9kqKhg0UHoxnfCcV0g7BHaV2nr7BemSxzOUgYP7DQ9Ry6MBTqTYpSj3J
DIZLm8V6u5pk2Js4WUpJCbXn+mqi7Bk86RWI9g8Ens0x1h4Dke3uypjADdX1wMIq
BB/FuGl7hAWyiFan1Jj9BCF+WjKwPgeBviJrunwXfHqpXmFLmkiypRjVpL9pDuyf
2I+X51Rfc9q8Gy85tK8U9kwve9qO3pFMuVp9jDqsQgXsNg70bhYpuO8cjlc4WYcI
7waFHLBUmoC4gXT2xq6+TPbJD6OoV3AUbdqclQkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTR88m2SWsOyWjrSti8mrIbNtFC1TAfBgNVHSMEGDAWgBSvc0EIcFqVeW6F
dxJd0wDHUd/ZqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3IzTkJDSEJhbFhsdWhYY1NYZE1BeDFIZjJhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWUvYzkzYTY2LWM3YzctNGMzMy1hNzI1LTE4ZDFhNDA2YWFlZC8x
LzBmUEp0a2xyRHNsbzYwcll2SnF5R3piUlF0VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWUv
YzkzYTY2LWM3YzctNGMzMy1hNzI1LTE4ZDFhNDA2YWFlZC8xL3IzTkJDSEJhbFhs
dWhYY1NYZE1BeDFIZjJhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcMcqDANBgkqhkiG9w0BAQsFAAOC
AQEADHy8vDz/IL7zdWE+2kh0Pf7tyzTYRfbVdFiWMWzhqTQ+tVzS6jWBrAao6pVb
vTVKr6NB5xpw867ev2/I1CtNT7bfg/PHqINsk3iBLqluWfFH8hW2caFNqHnw6slI
t0F9V0bq21RAzmYbZTF442802QjBnjKZJSbptEfmDCh+z3NxbCFmAQ3ME3O8Ok6J
KS7J/GRhzY7LKnPo6GEcQK6Sm/+7XBi7fCk6G390/t1QhCpezAxs0LOlDfvJdd9Y
F4MlwUMn8xul8LSoqWCNxwuDDquqCseOAh1ZNNZepFPUt4rrkFaR6iwQPDtqtu6z
jhihp29ikNGfljyKvLGZ3LaXsQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:05 2024 by rpki-client on console-fra.rpki-client.org