Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/XSV-1hRPA48w-qtMKHCaDtI_n8Y.roa
File: XSV-1hRPA48w-qtMKHCaDtI_n8Y.roa (raw, json)
Hash identifier: 6d2WJceUYZWb+Fgc0cDL2Qz4iki22lo0m88YvCkAKo8=
Subject key identifier: 5D:25:7E:D6:14:4F:03:8F:30:FA:AB:4C:28:70:9A:0E:D2:3F:9F:C6
Certificate issuer: /CN=2c96946c501ddf48696da2cf110fdceb286fac98
Certificate serial: 0182016F11BA9E000340C96972A3CBE0B91B
Authority key identifier: 2C:96:94:6C:50:1D:DF:48:69:6D:A2:CF:11:0F:DC:EB:28:6F:AC:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LJaUbFAd30hpbaLPEQ_c6yhvrJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/XSV-1hRPA48w-qtMKHCaDtI_n8Y.roa
Signing time: Fri 15 Jul 2022 10:37:12 +0000
ROA not before: Fri 15 Jul 2022 10:37:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42812
IP address blocks: 193.202.75.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:01:6f:11:ba:9e:00:03:40:c9:69:72:a3:cb:e0:b9:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c96946c501ddf48696da2cf110fdceb286fac98
Validity
Not Before: Jul 15 10:37:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5d257ed6144f038f30faab4c28709a0ed23f9fc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:fd:4e:bd:fa:82:b7:c4:43:0f:15:6b:cc:a6:
e0:25:85:f7:7c:8b:87:47:43:ec:59:31:3d:ca:04:
3d:34:3b:18:92:13:9a:5a:62:cd:e0:e9:da:f8:a3:
ac:68:9e:72:a2:0a:90:be:fe:78:96:61:a1:9b:e0:
cc:45:ec:90:03:ed:4f:4f:94:ce:d3:e2:a6:f9:e1:
4e:16:34:1e:36:21:12:bc:ce:50:fa:82:c7:a9:73:
82:94:35:47:ed:56:9a:22:1b:e0:7e:f7:37:c3:5a:
f8:71:23:59:33:d4:e4:00:79:e4:d1:ea:a3:a5:9f:
52:11:1b:c6:88:d1:6f:b3:14:d4:96:6e:aa:79:b5:
a1:ab:02:ec:72:56:d9:5c:4a:d0:5d:24:23:d6:13:
ed:51:e9:07:b9:4f:f8:4a:75:d7:bc:4d:c0:7e:75:
3b:da:a0:55:65:9b:2e:35:55:ab:94:5c:43:ed:39:
01:72:93:d2:90:ec:57:ff:73:83:82:b7:08:26:6f:
a4:ad:15:95:c0:8d:7e:27:ea:86:4d:fb:48:84:d1:
64:ac:35:2d:55:74:5d:e6:dd:21:c4:a9:11:b7:c6:
03:22:10:9c:3e:fc:b9:d3:c6:c5:bd:f4:11:04:25:
a6:1d:7c:e8:42:f6:0b:0b:64:e0:6c:74:df:a6:fa:
c6:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:25:7E:D6:14:4F:03:8F:30:FA:AB:4C:28:70:9A:0E:D2:3F:9F:C6
X509v3 Authority Key Identifier:
keyid:2C:96:94:6C:50:1D:DF:48:69:6D:A2:CF:11:0F:DC:EB:28:6F:AC:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LJaUbFAd30hpbaLPEQ_c6yhvrJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/XSV-1hRPA48w-qtMKHCaDtI_n8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/LJaUbFAd30hpbaLPEQ_c6yhvrJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.202.75.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:7c:92:9d:be:a0:19:93:e1:60:60:f1:ae:c1:0c:c0:d1:72:
54:6f:39:ab:ac:49:c3:15:ea:7b:d0:77:a2:b7:f0:cf:e6:d7:
83:f3:41:25:63:38:27:ee:0e:31:6c:4e:44:6b:fa:8b:3c:26:
f9:ef:10:46:32:39:c7:6b:75:a3:b0:cb:9e:88:64:a9:e2:0e:
d1:95:04:55:e0:0d:7b:17:80:eb:31:db:13:a5:04:af:26:c7:
17:d8:8b:51:71:f9:5e:a3:1e:7d:86:3f:b5:21:49:bf:3a:67:
e7:78:66:be:4a:2d:24:b5:4b:ef:e0:cf:bc:69:e7:32:62:db:
f7:02:f1:fc:61:0f:23:66:5d:cf:59:00:f4:5b:43:a0:34:4b:
3e:9f:f6:c2:44:2d:15:bb:a1:84:c8:f5:11:8d:87:7c:11:f2:
7a:89:c5:17:af:34:b9:83:90:36:79:71:e1:54:e0:e9:62:85:
a6:48:18:3e:c2:a8:ba:01:a3:fa:da:00:0c:93:c5:11:8a:d2:
c8:2f:f7:6e:e3:54:9c:0c:d2:ac:95:db:e1:e6:5f:e9:51:3e:
3c:de:c9:68:cf:a1:1f:0e:c7:09:4f:39:a4:25:52:b2:d6:82:
3f:ee:c6:a4:c9:2f:d3:d2:7b:06:84:0a:75:95:33:c9:79:2d:
6f:6d:41:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIBbxG6ngADQMlpcqPL4LkbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjOTY5NDZjNTAxZGRmNDg2OTZkYTJjZjExMGZkY2ViMjg2
ZmFjOTgwHhcNMjIwNzE1MTAzNzEyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDI1N2VkNjE0NGYwMzhmMzBmYWFiNGMyODcwOWEwZWQyM2Y5ZmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/1OvfqCt8RDDxVrzKbgJYX3fIuH
R0PsWTE9ygQ9NDsYkhOaWmLN4Ona+KOsaJ5yogqQvv54lmGhm+DMReyQA+1PT5TO
0+Km+eFOFjQeNiESvM5Q+oLHqXOClDVH7VaaIhvgfvc3w1r4cSNZM9TkAHnk0eqj
pZ9SERvGiNFvsxTUlm6qebWhqwLsclbZXErQXSQj1hPtUekHuU/4SnXXvE3AfnU7
2qBVZZsuNVWrlFxD7TkBcpPSkOxX/3ODgrcIJm+krRWVwI1+J+qGTftIhNFkrDUt
VXRd5t0hxKkRt8YDIhCcPvy508bFvfQRBCWmHXzoQvYLC2TgbHTfpvrGkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF0lftYUTwOPMPqrTChwmg7SP5/GMB8GA1UdIwQY
MBaAFCyWlGxQHd9IaW2izxEP3Osob6yYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEphVWJGQWQzMGhwYmFMUEVRX2M2eWh2ckpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8wNGZlZjgtZDJkZi00ZjdhLTkyYjQt
N2Y5NzBhM2FmOWNkLzEvWFNWLTFoUlBBNDh3LXF0TUtIQ2FEdElfbjhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8wNGZlZjgtZDJkZi00ZjdhLTkyYjQtN2Y5NzBhM2FmOWNk
LzEvTEphVWJGQWQzMGhwYmFMUEVRX2M2eWh2ckpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwcpLMA0G
CSqGSIb3DQEBCwUAA4IBAQA+fJKdvqAZk+FgYPGuwQzA0XJUbzmrrEnDFep70Hei
t/DP5teD80ElYzgn7g4xbE5Ea/qLPCb57xBGMjnHa3WjsMueiGSp4g7RlQRV4A17
F4DrMdsTpQSvJscX2ItRcfleox59hj+1IUm/OmfneGa+Si0ktUvv4M+8aecyYtv3
AvH8YQ8jZl3PWQD0W0OgNEs+n/bCRC0Vu6GEyPURjYd8EfJ6icUXrzS5g5A2eXHh
VODpYoWmSBg+wqi6AaP62gAMk8URitLIL/du41ScDNKsldvh5l/pUT483sloz6Ef
DscJTzmkJVKy1oI/7sakyS/T0nsGhAp1lTPJeS1vbUGN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:00 2024 by rpki-client on console-fra.rpki-client.org