Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/hR-jMdJbEp-3XTF961t_kLVIucI.roa
File: hR-jMdJbEp-3XTF961t_kLVIucI.roa (raw, json)
Hash identifier: Apd6L5eNXj+LM1kejDAZwDv73jpsXVVcga7VuKQSk+A=
Subject key identifier: 85:1F:A3:31:D2:5B:12:9F:B7:5D:31:7D:EB:5B:7F:90:B5:48:B9:C2
Certificate issuer: /CN=9076f77da841b7b94215b6fac2d41a71c2151601
Certificate serial: 018CC7953A152553249C3A091AF310EAD60D
Authority key identifier: 90:76:F7:7D:A8:41:B7:B9:42:15:B6:FA:C2:D4:1A:71:C2:15:16:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kHb3fahBt7lCFbb6wtQaccIVFgE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/hR-jMdJbEp-3XTF961t_kLVIucI.roa
Signing time: Tue 02 Jan 2024 00:31:34 +0000
ROA not before: Tue 02 Jan 2024 00:31:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8455
IP address blocks: 130.193.4.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:3a:15:25:53:24:9c:3a:09:1a:f3:10:ea:d6:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9076f77da841b7b94215b6fac2d41a71c2151601
Validity
Not Before: Jan 2 00:31:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=851fa331d25b129fb75d317deb5b7f90b548b9c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:b1:e9:0e:33:b7:99:ad:68:60:1d:98:43:01:
92:2b:ff:94:35:f6:31:5a:52:f8:cd:82:e2:a8:92:
77:e6:ae:39:20:4d:f4:3d:c4:95:fe:c3:b7:74:40:
0f:62:d9:ad:cb:cd:89:53:0e:73:95:e4:46:99:02:
2c:d6:87:16:67:06:15:03:a2:3c:9d:57:31:ac:c6:
b2:e7:85:f3:2e:78:6b:4d:e1:23:77:1c:39:3b:88:
d2:4e:a3:86:54:96:38:56:cd:cb:b6:b4:f0:26:06:
8a:92:b0:8f:60:65:2b:53:a8:67:6c:53:b4:10:ff:
92:0c:82:00:ca:a9:01:52:18:30:7d:cd:20:33:11:
1a:d2:ff:f7:88:8f:57:e9:cb:35:97:be:41:a1:35:
a6:4a:e3:cb:05:77:ce:cc:82:f5:6e:7e:09:da:3e:
cb:a1:fc:33:bf:d0:d4:c4:39:e2:53:5f:ac:86:dd:
f3:7a:3c:61:6d:d5:60:f2:9c:03:97:d3:39:7b:d8:
71:67:2f:41:83:8d:1c:66:54:8b:e5:eb:ef:d4:db:
e1:67:51:9e:60:98:42:91:81:b0:4b:f5:5b:48:a2:
f4:fd:bb:6c:69:ea:34:62:d0:77:e6:24:19:19:0a:
65:39:8c:4d:2c:8f:44:44:58:21:d3:88:b2:be:03:
34:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:1F:A3:31:D2:5B:12:9F:B7:5D:31:7D:EB:5B:7F:90:B5:48:B9:C2
X509v3 Authority Key Identifier:
keyid:90:76:F7:7D:A8:41:B7:B9:42:15:B6:FA:C2:D4:1A:71:C2:15:16:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kHb3fahBt7lCFbb6wtQaccIVFgE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/hR-jMdJbEp-3XTF961t_kLVIucI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/kHb3fahBt7lCFbb6wtQaccIVFgE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.193.4.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:ff:0a:8b:03:b3:d0:01:17:d4:33:c6:40:59:4d:f6:2a:c1:
00:31:0d:d0:33:d6:0c:f7:5f:83:e6:9f:9a:72:41:ed:1f:ac:
c0:1a:ff:4d:3e:2c:49:b6:1c:b0:1c:25:4c:46:af:d4:40:29:
84:0b:50:63:31:6f:27:00:3b:a3:ab:27:c1:50:f3:4c:d5:07:
60:89:34:08:a6:b7:42:36:e5:33:76:53:03:a4:7e:84:a9:98:
a8:94:54:35:84:ed:4e:ec:35:a6:19:27:f2:80:b8:90:84:9d:
49:b3:9b:18:2e:7d:f4:41:35:44:6d:aa:90:22:21:b0:a4:2a:
b6:41:90:8a:a6:31:59:e0:cc:e8:5d:40:6d:04:06:36:5f:3d:
ca:e5:d0:b2:6d:e7:67:97:01:11:f2:73:5a:2d:ed:87:e0:f2:
5d:f3:9f:ce:cb:7a:43:e9:06:15:de:57:e6:f3:f3:90:ae:8c:
e3:55:fd:23:f5:6c:9c:21:13:23:27:c7:85:8f:d5:6f:3b:7a:
b2:72:86:65:46:a4:b0:67:ac:54:31:85:c0:22:95:71:e9:8d:
c4:c1:1d:0a:da:f8:05:bb:f0:4a:25:0e:f6:d2:24:69:4f:32:
dd:ca:27:7e:07:0a:fe:8e:0d:9d:a9:4c:a1:6f:b5:12:ca:69:
6a:f8:74:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlToVJVMknDoJGvMQ6tYNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwNzZmNzdkYTg0MWI3Yjk0MjE1YjZmYWMyZDQxYTcxYzIx
NTE2MDEwHhcNMjQwMTAyMDAzMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTFmYTMzMWQyNWIxMjlmYjc1ZDMxN2RlYjViN2Y5MGI1NDhiOWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg7HpDjO3ma1oYB2YQwGSK/+UNfYx
WlL4zYLiqJJ35q45IE30PcSV/sO3dEAPYtmty82JUw5zleRGmQIs1ocWZwYVA6I8
nVcxrMay54XzLnhrTeEjdxw5O4jSTqOGVJY4Vs3LtrTwJgaKkrCPYGUrU6hnbFO0
EP+SDIIAyqkBUhgwfc0gMxEa0v/3iI9X6cs1l75BoTWmSuPLBXfOzIL1bn4J2j7L
ofwzv9DUxDniU1+sht3zejxhbdVg8pwDl9M5e9hxZy9Bg40cZlSL5evv1NvhZ1Ge
YJhCkYGwS/VbSKL0/btsaeo0YtB35iQZGQplOYxNLI9ERFgh04iyvgM0YQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIUfozHSWxKft10xfetbf5C1SLnCMB8GA1UdIwQY
MBaAFJB2932oQbe5QhW2+sLUGnHCFRYBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0hiM2ZhaEJ0N2xDRmJiNnd0UWFjY0lWRmdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9lMWQ2YjctNTU1Yy00ZDliLWFmZTEt
ZTYzY2U1NTM3MGViLzEvaFItak1kSmJFcC0zWFRGOTYxdF9rTFZJdWNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9lMWQ2YjctNTU1Yy00ZDliLWFmZTEtZTYzY2U1NTM3MGVi
LzEva0hiM2ZhaEJ0N2xDRmJiNnd0UWFjY0lWRmdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAgsEEMA0G
CSqGSIb3DQEBCwUAA4IBAQAM/wqLA7PQARfUM8ZAWU32KsEAMQ3QM9YM91+D5p+a
ckHtH6zAGv9NPixJthywHCVMRq/UQCmEC1BjMW8nADujqyfBUPNM1QdgiTQIprdC
NuUzdlMDpH6EqZiolFQ1hO1O7DWmGSfygLiQhJ1Js5sYLn30QTVEbaqQIiGwpCq2
QZCKpjFZ4MzoXUBtBAY2Xz3K5dCybednlwER8nNaLe2H4PJd85/Oy3pD6QYV3lfm
8/OQrozjVf0j9WycIRMjJ8eFj9VvO3qycoZlRqSwZ6xUMYXAIpVx6Y3EwR0K2vgF
u/BKJQ720iRpTzLdyid+Bwr+jg2dqUyhb7USymlq+HR8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:59 2024 by rpki-client on console-fra.rpki-client.org