Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/ssXH1LqfywY4LIsXK0hEeQbhZpI.roa
File: ssXH1LqfywY4LIsXK0hEeQbhZpI.roa (raw, json)
Hash identifier: uWH/r1U528fAuuLOsC3iZfMchX04yIE2c4vaQKpJOdY=
Subject key identifier: B2:C5:C7:D4:BA:9F:CB:06:38:2C:8B:17:2B:48:44:79:06:E1:66:92
Certificate issuer: /CN=9076f77da841b7b94215b6fac2d41a71c2151601
Certificate serial: 010D2D17
Authority key identifier: 90:76:F7:7D:A8:41:B7:B9:42:15:B6:FA:C2:D4:1A:71:C2:15:16:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kHb3fahBt7lCFbb6wtQaccIVFgE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/ssXH1LqfywY4LIsXK0hEeQbhZpI.roa
Signing time: Sat 01 Jan 2022 12:55:47 +0000
ROA not before: Sat 01 Jan 2022 12:55:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8455
IP address blocks: 130.193.4.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17640727 (0x10d2d17)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9076f77da841b7b94215b6fac2d41a71c2151601
Validity
Not Before: Jan 1 12:55:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b2c5c7d4ba9fcb06382c8b172b48447906e16692
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:73:02:d2:4d:95:68:ef:77:75:64:a4:e8:a6:
98:39:cc:4d:96:19:50:85:df:07:40:2d:5f:49:23:
39:28:d4:70:bb:ee:82:51:08:10:42:5c:05:9b:df:
16:13:8c:10:f9:1c:83:4e:04:25:07:13:90:32:c4:
55:c4:70:ca:a0:d6:c5:2b:38:55:53:03:a4:25:65:
29:79:69:53:5f:18:8f:71:e1:cb:82:0b:e0:9a:37:
4b:63:e8:a3:5e:f2:cd:84:87:2c:b4:de:9a:6f:b3:
99:52:b4:20:81:7d:d8:53:8e:1f:79:95:4c:02:ca:
10:9f:aa:4e:fe:e5:bb:21:bf:07:1d:10:b7:6d:9d:
2b:69:4e:21:36:c4:08:d0:3d:41:13:64:bd:2c:59:
c2:9e:97:c5:64:77:c2:23:07:4e:8d:5f:9a:b4:8d:
24:a0:4e:8c:09:6d:a5:5f:16:ca:1d:a3:4b:32:62:
e9:87:99:3e:de:6c:27:84:e5:34:3e:82:8c:97:0e:
4f:33:a8:59:2b:32:ca:75:56:4f:c2:4e:75:ee:9b:
e4:fc:a5:26:cc:f1:86:c8:c5:56:f5:05:07:37:dd:
78:da:49:bd:e1:80:ff:d0:b1:23:ca:aa:39:5b:c6:
1d:60:5f:01:84:87:70:87:31:88:cb:5a:4a:0e:82:
c1:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:C5:C7:D4:BA:9F:CB:06:38:2C:8B:17:2B:48:44:79:06:E1:66:92
X509v3 Authority Key Identifier:
keyid:90:76:F7:7D:A8:41:B7:B9:42:15:B6:FA:C2:D4:1A:71:C2:15:16:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kHb3fahBt7lCFbb6wtQaccIVFgE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/ssXH1LqfywY4LIsXK0hEeQbhZpI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/kHb3fahBt7lCFbb6wtQaccIVFgE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.193.4.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:7a:7c:ac:7f:43:22:26:f1:2d:4a:c5:a0:f4:52:ca:55:d7:
6b:5a:e7:ff:b3:2a:b3:ae:4a:cc:49:00:99:e5:d7:83:81:78:
d9:8d:8e:f5:8e:8f:54:0e:8d:1e:b1:f7:0b:aa:48:4b:3d:a8:
a4:d9:9f:b7:32:a0:d1:18:65:ac:bc:f7:43:87:45:ff:93:28:
57:bf:f3:a4:ce:5d:fd:22:79:92:7d:dd:45:89:a6:46:71:4f:
ce:74:51:7c:c1:7c:1b:a8:46:3b:5f:55:f0:6f:1f:3f:2c:45:
60:76:51:22:8b:cd:c0:86:61:05:8d:b4:8b:7c:d2:77:f8:d1:
8a:19:17:d3:6a:cc:ed:57:90:be:b8:ad:b7:52:79:f9:59:8a:
03:94:20:4d:c7:7b:e6:31:3e:62:a8:a0:dc:b4:3a:03:72:32:
d5:1d:67:06:17:3b:91:3a:ac:24:3b:cd:70:53:e2:5c:58:83:
1d:58:1f:53:43:b9:ed:72:70:0f:f9:78:e0:72:8a:20:a9:5f:
06:e8:f5:cd:6c:a4:18:f3:74:22:b4:4d:05:9f:2e:99:7d:d3:
64:e6:ed:aa:5b:39:e1:3a:e1:4b:ef:b9:ac:60:b7:e1:22:45:
0a:ab:7e:cd:7b:a3:ee:ff:f3:b3:1a:aa:6e:4c:01:54:db:3d:
74:1b:ed:fd
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAQ0tFzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MDc2Zjc3ZGE4NDFiN2I5NDIxNWI2ZmFjMmQ0MWE3MWMyMTUxNjAxMB4XDTIyMDEw
MTEyNTU0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjJjNWM3ZDRiYTlm
Y2IwNjM4MmM4YjE3MmI0ODQ0NzkwNmUxNjY5MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANBzAtJNlWjvd3VkpOimmDnMTZYZUIXfB0AtX0kjOSjUcLvu
glEIEEJcBZvfFhOMEPkcg04EJQcTkDLEVcRwyqDWxSs4VVMDpCVlKXlpU18Yj3Hh
y4IL4Jo3S2Poo17yzYSHLLTemm+zmVK0IIF92FOOH3mVTALKEJ+qTv7luyG/Bx0Q
t22dK2lOITbECNA9QRNkvSxZwp6XxWR3wiMHTo1fmrSNJKBOjAltpV8Wyh2jSzJi
6YeZPt5sJ4TlND6CjJcOTzOoWSsyynVWT8JOde6b5PylJszxhsjFVvUFBzfdeNpJ
veGA/9CxI8qqOVvGHWBfAYSHcIcxiMtaSg6CwdMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSyxcfUup/LBjgsixcrSER5BuFmkjAfBgNVHSMEGDAWgBSQdvd9qEG3uUIV
tvrC1BpxwhUWATAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tIYjNmYWhCdDdsQ0ZiYjZ3dFFhY2NJVkZnRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTEvZTFkNmI3LTU1NWMtNGQ5Yi1hZmUxLWU2M2NlNTUzNzBlYi8x
L3NzWEgxTHFmeXdZNExJc1hLMGhFZVFiaFpwSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTEv
ZTFkNmI3LTU1NWMtNGQ5Yi1hZmUxLWU2M2NlNTUzNzBlYi8xL2tIYjNmYWhCdDds
Q0ZiYjZ3dFFhY2NJVkZnRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAILBBDANBgkqhkiG9w0BAQsFAAOC
AQEAtHp8rH9DIibxLUrFoPRSylXXa1rn/7Mqs65KzEkAmeXXg4F42Y2O9Y6PVA6N
HrH3C6pISz2opNmftzKg0RhlrLz3Q4dF/5MoV7/zpM5d/SJ5kn3dRYmmRnFPznRR
fMF8G6hGO19V8G8fPyxFYHZRIovNwIZhBY20i3zSd/jRihkX02rM7VeQvritt1J5
+VmKA5QgTcd75jE+Yqig3LQ6A3Iy1R1nBhc7kTqsJDvNcFPiXFiDHVgfU0O57XJw
D/l44HKKIKlfBuj1zWykGPN0IrRNBZ8umX3TZObtqls54TrhS++5rGC34SJFCqt+
zXuj7v/zsxqqbkwBVNs9dBvt/Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:01 2024 by rpki-client on console-ams.rpki-client.org