Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/lifBacJep_G0Fb44DQ5emKqp0D4.roa
File: lifBacJep_G0Fb44DQ5emKqp0D4.roa (raw, json)
Hash identifier: 107iB9Sw9iOj2n/Jujs1FWU+iLKa5278R49vjHYIz84=
Subject key identifier: 96:27:C1:69:C2:5E:A7:F1:B4:15:BE:38:0D:0E:5E:98:AA:A9:D0:3E
Certificate issuer: /CN=9076f77da841b7b94215b6fac2d41a71c2151601
Certificate serial: 018729F0A439AF81AD2536C58B94A96E3CFD
Authority key identifier: 90:76:F7:7D:A8:41:B7:B9:42:15:B6:FA:C2:D4:1A:71:C2:15:16:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kHb3fahBt7lCFbb6wtQaccIVFgE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/lifBacJep_G0Fb44DQ5emKqp0D4.roa
Signing time: Tue 28 Mar 2023 20:37:29 +0000
ROA not before: Tue 28 Mar 2023 20:37:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47543
IP address blocks: 130.193.4.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:29:f0:a4:39:af:81:ad:25:36:c5:8b:94:a9:6e:3c:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9076f77da841b7b94215b6fac2d41a71c2151601
Validity
Not Before: Mar 28 20:37:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9627c169c25ea7f1b415be380d0e5e98aaa9d03e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:29:19:d2:f7:19:96:6e:7c:72:33:ad:24:ff:
7c:e9:97:58:5e:59:6b:84:ca:4a:35:ad:28:44:1f:
e8:ea:85:51:22:ea:e7:4c:05:ed:f8:43:e9:36:f0:
5c:c5:cb:3f:85:fa:6e:a6:f7:9b:fb:77:e1:01:7c:
df:b5:6b:4b:c1:47:a8:0f:55:56:1e:cd:60:69:34:
9b:ae:39:0a:d7:bf:47:44:43:b2:c4:ac:5b:3b:d1:
1b:62:94:d5:a9:13:41:2d:1d:5c:14:dc:aa:d0:e0:
3a:64:a5:40:d2:95:df:e2:46:0a:b6:0c:67:51:9a:
e3:38:cc:91:cf:7a:9e:42:55:d3:2b:37:45:3a:81:
9d:15:39:fb:50:0e:4a:0f:72:77:c3:cb:70:b7:c6:
7f:d4:91:16:63:06:af:56:0d:bd:d6:67:8f:ca:7a:
a9:6a:1b:a6:89:49:63:d5:fb:83:24:39:b1:00:96:
26:0c:3d:45:b9:b8:07:40:ed:33:2b:46:d4:82:67:
7f:90:47:0a:31:fd:e2:2d:6f:65:a0:fd:e5:19:a8:
16:fb:57:ee:13:e5:db:21:d0:5a:89:20:1f:5a:d3:
3a:bf:ae:52:c1:18:52:d3:00:12:5f:53:82:ec:fb:
4b:14:4f:21:1f:6d:19:b1:d8:a2:ec:2c:ed:20:75:
8d:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:27:C1:69:C2:5E:A7:F1:B4:15:BE:38:0D:0E:5E:98:AA:A9:D0:3E
X509v3 Authority Key Identifier:
keyid:90:76:F7:7D:A8:41:B7:B9:42:15:B6:FA:C2:D4:1A:71:C2:15:16:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kHb3fahBt7lCFbb6wtQaccIVFgE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/lifBacJep_G0Fb44DQ5emKqp0D4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/kHb3fahBt7lCFbb6wtQaccIVFgE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.193.4.0/24
Signature Algorithm: sha256WithRSAEncryption
ce:11:8e:57:88:49:27:2d:c8:63:4a:09:aa:c4:32:f3:6b:fd:
59:27:1b:47:5c:28:85:ff:e1:37:8b:16:f7:0a:ca:6d:4f:42:
a4:56:c1:c6:a8:05:f1:e3:04:47:8d:d1:06:e6:87:fe:a5:90:
66:ee:0d:8e:cf:c9:79:34:3a:eb:97:52:d7:fe:9d:bb:f9:9f:
36:42:12:e0:7e:3c:63:1a:85:e3:5d:35:c4:9b:87:62:54:30:
20:4c:27:55:67:98:03:82:57:2e:f5:1d:0d:9a:b9:07:66:fc:
67:db:49:6f:0a:3f:b8:e6:54:8d:75:57:38:2d:f5:01:2d:92:
51:54:8d:da:85:47:5d:67:30:50:11:4d:0c:27:cd:66:fa:93:
a1:cd:9f:3b:ed:7d:4d:c1:1b:38:f0:b1:08:2a:49:7d:f8:d0:
41:07:16:3d:65:ce:51:97:49:b5:54:c0:65:04:7a:14:c7:7e:
1a:04:3d:64:bb:f1:3b:77:fc:f5:60:97:b3:fe:ea:87:bd:b1:
64:43:b5:3f:41:e4:de:db:92:14:bb:43:70:f8:03:bd:bd:2e:
91:67:ec:bf:eb:d1:29:30:06:41:95:10:8f:bb:3f:b5:9d:be:
05:e4:6e:e2:36:67:69:25:25:7c:29:7c:62:f4:30:31:60:ec:
7f:02:53:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcp8KQ5r4GtJTbFi5Spbjz9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwNzZmNzdkYTg0MWI3Yjk0MjE1YjZmYWMyZDQxYTcxYzIx
NTE2MDEwHhcNMjMwMzI4MjAzNzI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjI3YzE2OWMyNWVhN2YxYjQxNWJlMzgwZDBlNWU5OGFhYTlkMDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtikZ0vcZlm58cjOtJP986ZdYXllr
hMpKNa0oRB/o6oVRIurnTAXt+EPpNvBcxcs/hfpupveb+3fhAXzftWtLwUeoD1VW
Hs1gaTSbrjkK179HREOyxKxbO9EbYpTVqRNBLR1cFNyq0OA6ZKVA0pXf4kYKtgxn
UZrjOMyRz3qeQlXTKzdFOoGdFTn7UA5KD3J3w8twt8Z/1JEWYwavVg291mePynqp
ahumiUlj1fuDJDmxAJYmDD1FubgHQO0zK0bUgmd/kEcKMf3iLW9loP3lGagW+1fu
E+XbIdBaiSAfWtM6v65SwRhS0wASX1OC7PtLFE8hH20Zsdii7CztIHWNSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJYnwWnCXqfxtBW+OA0OXpiqqdA+MB8GA1UdIwQY
MBaAFJB2932oQbe5QhW2+sLUGnHCFRYBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0hiM2ZhaEJ0N2xDRmJiNnd0UWFjY0lWRmdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9lMWQ2YjctNTU1Yy00ZDliLWFmZTEt
ZTYzY2U1NTM3MGViLzEvbGlmQmFjSmVwX0cwRmI0NERRNWVtS3FwMEQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9lMWQ2YjctNTU1Yy00ZDliLWFmZTEtZTYzY2U1NTM3MGVi
LzEva0hiM2ZhaEJ0N2xDRmJiNnd0UWFjY0lWRmdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAgsEEMA0G
CSqGSIb3DQEBCwUAA4IBAQDOEY5XiEknLchjSgmqxDLza/1ZJxtHXCiF/+E3ixb3
CsptT0KkVsHGqAXx4wRHjdEG5of+pZBm7g2Oz8l5NDrrl1LX/p27+Z82QhLgfjxj
GoXjXTXEm4diVDAgTCdVZ5gDglcu9R0NmrkHZvxn20lvCj+45lSNdVc4LfUBLZJR
VI3ahUddZzBQEU0MJ81m+pOhzZ877X1NwRs48LEIKkl9+NBBBxY9Zc5Rl0m1VMBl
BHoUx34aBD1ku/E7d/z1YJez/uqHvbFkQ7U/QeTe25IUu0Nw+AO9vS6RZ+y/69Ep
MAZBlRCPuz+1nb4F5G7iNmdpJSV8KXxi9DAxYOx/AlPS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:01 2024 by rpki-client on console-ams.rpki-client.org