Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/0Q1Q3UldjUZjavMQe1ZipWbqhug.roa
File: 0Q1Q3UldjUZjavMQe1ZipWbqhug.roa (raw, json)
Hash identifier: RCYz6fCKi9AgxE28mhWishUppMaBqzlGfcP/RU950jo=
Subject key identifier: D1:0D:50:DD:49:5D:8D:46:63:6A:F3:10:7B:56:62:A5:66:EA:86:E8
Certificate issuer: /CN=2c96946c501ddf48696da2cf110fdceb286fac98
Certificate serial: 018571831EFCAED0D85F5A345499DE97AEC4
Authority key identifier: 2C:96:94:6C:50:1D:DF:48:69:6D:A2:CF:11:0F:DC:EB:28:6F:AC:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LJaUbFAd30hpbaLPEQ_c6yhvrJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/0Q1Q3UldjUZjavMQe1ZipWbqhug.roa
Signing time: Mon 02 Jan 2023 08:04:56 +0000
ROA not before: Mon 02 Jan 2023 08:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42812
IP address blocks: 193.202.75.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:83:1e:fc:ae:d0:d8:5f:5a:34:54:99:de:97:ae:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c96946c501ddf48696da2cf110fdceb286fac98
Validity
Not Before: Jan 2 08:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d10d50dd495d8d46636af3107b5662a566ea86e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:3d:d4:78:ec:b5:0a:91:90:3a:93:87:bb:06:
97:0c:f4:fa:95:3b:39:b3:2f:c7:c4:eb:48:9d:32:
c0:1c:40:46:21:12:a1:49:ab:ee:ce:bc:17:ac:1e:
c2:f6:0e:c7:62:52:8e:9e:55:08:7d:6d:98:9a:32:
00:54:e2:a1:34:1c:db:f0:9e:c6:44:a9:42:9f:5c:
15:f6:a2:9a:84:13:83:3b:02:ef:00:a0:0d:91:a5:
86:c0:a3:6d:9a:dd:30:97:9c:a2:0f:c9:75:9b:d5:
91:5f:f1:e7:ca:47:5d:a0:5a:a3:a9:37:86:dd:2e:
16:3e:ff:e4:f9:5b:b2:d8:d1:80:51:53:04:77:d6:
b6:5e:17:1d:20:ad:09:d0:71:6a:fb:12:98:7a:79:
f7:98:e5:88:f4:3c:7d:1e:94:71:50:54:cd:17:c6:
ee:e6:ec:96:f4:bf:4d:bd:94:eb:4a:9c:05:32:fb:
c0:a6:57:6a:5f:84:02:14:a5:b0:9c:69:da:0e:5a:
95:9d:66:a7:b3:64:f4:59:76:fa:45:89:43:55:de:
89:29:25:08:50:76:a2:79:86:80:36:87:05:80:8a:
f4:3b:05:f0:49:7d:32:bc:54:45:0f:8b:ec:96:d7:
a9:3b:72:04:eb:e6:e1:33:a0:d3:34:a4:be:de:a1:
6e:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:0D:50:DD:49:5D:8D:46:63:6A:F3:10:7B:56:62:A5:66:EA:86:E8
X509v3 Authority Key Identifier:
keyid:2C:96:94:6C:50:1D:DF:48:69:6D:A2:CF:11:0F:DC:EB:28:6F:AC:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LJaUbFAd30hpbaLPEQ_c6yhvrJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/0Q1Q3UldjUZjavMQe1ZipWbqhug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/LJaUbFAd30hpbaLPEQ_c6yhvrJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.202.75.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:e2:51:22:29:9a:95:d7:72:9b:25:19:e9:d5:b0:1f:34:6f:
f5:8c:0d:1b:f0:42:e6:c4:4c:10:51:f8:4f:e4:2d:6b:8f:4b:
23:8e:fd:5e:21:4a:61:4d:b5:51:05:33:03:f0:a4:50:f0:e4:
cc:ee:4d:4c:8e:f3:3b:75:20:44:1a:71:5d:22:92:d9:ab:4d:
02:c6:b5:cf:5f:38:4d:18:61:a4:16:1d:95:a3:b5:a0:34:bf:
6f:d6:8f:b3:b0:7e:93:c5:dd:e7:f4:54:f1:11:a8:47:54:82:
33:92:ea:d5:2f:61:26:6c:0b:1f:67:11:f2:b6:c3:ba:34:72:
96:31:33:24:61:19:18:39:48:92:36:58:8b:39:04:04:9a:e8:
3d:c4:aa:41:f3:a5:c1:92:c9:cc:25:59:ea:94:fa:e0:fe:e9:
04:1f:d6:68:5d:ea:f8:f1:28:41:66:0e:13:57:e9:ac:21:f8:
b9:56:a5:7c:44:e2:7c:df:fd:a7:a3:d5:c6:f6:f5:f3:e9:78:
ee:89:65:3a:84:f6:93:d2:2b:57:c7:05:1a:66:1a:84:78:5e:
63:c3:67:99:9c:2b:0d:a5:7c:30:b9:22:dc:01:a8:dd:9f:b6:
dd:60:83:b5:30:9b:e6:af:41:e9:71:18:b8:d7:58:09:88:23:
3a:51:69:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxgx78rtDYX1o0VJnel67EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjOTY5NDZjNTAxZGRmNDg2OTZkYTJjZjExMGZkY2ViMjg2
ZmFjOTgwHhcNMjMwMTAyMDgwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTBkNTBkZDQ5NWQ4ZDQ2NjM2YWYzMTA3YjU2NjJhNTY2ZWE4NmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0T3UeOy1CpGQOpOHuwaXDPT6lTs5
sy/HxOtInTLAHEBGIRKhSavuzrwXrB7C9g7HYlKOnlUIfW2YmjIAVOKhNBzb8J7G
RKlCn1wV9qKahBODOwLvAKANkaWGwKNtmt0wl5yiD8l1m9WRX/HnykddoFqjqTeG
3S4WPv/k+Vuy2NGAUVMEd9a2XhcdIK0J0HFq+xKYenn3mOWI9Dx9HpRxUFTNF8bu
5uyW9L9NvZTrSpwFMvvApldqX4QCFKWwnGnaDlqVnWans2T0WXb6RYlDVd6JKSUI
UHaieYaANocFgIr0OwXwSX0yvFRFD4vsltepO3IE6+bhM6DTNKS+3qFuBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNENUN1JXY1GY2rzEHtWYqVm6oboMB8GA1UdIwQY
MBaAFCyWlGxQHd9IaW2izxEP3Osob6yYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEphVWJGQWQzMGhwYmFMUEVRX2M2eWh2ckpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8wNGZlZjgtZDJkZi00ZjdhLTkyYjQt
N2Y5NzBhM2FmOWNkLzEvMFExUTNVbGRqVVpqYXZNUWUxWmlwV2JxaHVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8wNGZlZjgtZDJkZi00ZjdhLTkyYjQtN2Y5NzBhM2FmOWNk
LzEvTEphVWJGQWQzMGhwYmFMUEVRX2M2eWh2ckpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwcpLMA0G
CSqGSIb3DQEBCwUAA4IBAQC84lEiKZqV13KbJRnp1bAfNG/1jA0b8ELmxEwQUfhP
5C1rj0sjjv1eIUphTbVRBTMD8KRQ8OTM7k1MjvM7dSBEGnFdIpLZq00CxrXPXzhN
GGGkFh2Vo7WgNL9v1o+zsH6Txd3n9FTxEahHVIIzkurVL2EmbAsfZxHytsO6NHKW
MTMkYRkYOUiSNliLOQQEmug9xKpB86XBksnMJVnqlPrg/ukEH9ZoXer48ShBZg4T
V+msIfi5VqV8ROJ83/2no9XG9vXz6XjuiWU6hPaT0itXxwUaZhqEeF5jw2eZnCsN
pXwwuSLcAajdn7bdYIO1MJvmr0HpcRi411gJiCM6UWnh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:00 2024 by rpki-client on console-fra.rpki-client.org