Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/8cca33-c2b1-4541-9ef2-aa0eb53e90b9/1/6rE_4LUTnV7VXuoi65__z_XpPbs.roa
File: 6rE_4LUTnV7VXuoi65__z_XpPbs.roa (raw, json)
Hash identifier: 3HwyEkRx4xV3kCVqIfWnsL4EaVo1m6T/zvnEEKY+guo=
Subject key identifier: EA:B1:3F:E0:B5:13:9D:5E:D5:5E:EA:22:EB:9F:FF:CF:F5:E9:3D:BB
Certificate issuer: /CN=f89e229f860b058d23fd28a2926161b8786330c6
Certificate serial: 01857227CF7B7F753644D735BCF4DA1DDA64
Authority key identifier: F8:9E:22:9F:86:0B:05:8D:23:FD:28:A2:92:61:61:B8:78:63:30:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-J4in4YLBY0j_SiikmFhuHhjMMY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/8cca33-c2b1-4541-9ef2-aa0eb53e90b9/1/6rE_4LUTnV7VXuoi65__z_XpPbs.roa
Signing time: Mon 02 Jan 2023 11:04:49 +0000
ROA not before: Mon 02 Jan 2023 11:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58092
IP address blocks: 193.102.77.0/24 maxlen: 24
193.102.78.0/24 maxlen: 24
193.102.79.0/24 maxlen: 24
194.62.20.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:27:cf:7b:7f:75:36:44:d7:35:bc:f4:da:1d:da:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f89e229f860b058d23fd28a2926161b8786330c6
Validity
Not Before: Jan 2 11:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eab13fe0b5139d5ed55eea22eb9fffcff5e93dbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:74:c6:e5:1a:e3:d8:e3:af:41:2c:a1:24:a3:
1b:e3:06:51:fc:07:05:aa:9b:68:fe:64:7f:3b:5e:
60:9a:f5:a2:57:92:09:1c:14:7f:24:f1:8b:4f:19:
56:58:e2:ce:e9:11:e2:5c:44:a6:f3:e8:51:2d:94:
d9:9f:a2:08:c2:cd:76:ed:af:f8:2f:23:16:b8:33:
a3:ff:87:e9:3a:35:70:b2:9c:83:f1:e3:01:03:2e:
83:2c:e6:6f:2f:e9:a5:97:8c:fa:2e:a4:2a:94:61:
ec:bc:d0:b8:25:5e:a6:75:89:32:5e:f0:91:94:1c:
23:98:e4:24:b3:4c:2b:eb:10:5a:80:67:8a:c1:6d:
37:aa:ee:54:c3:f3:eb:da:41:e6:c8:7d:d6:76:95:
23:36:92:f1:55:72:5f:cc:ef:db:b8:81:7a:65:54:
48:1a:bc:78:fe:d4:81:5e:27:25:32:f2:ee:75:fc:
5c:ce:e5:d3:f4:df:c5:74:5d:ef:fd:7f:a5:21:ff:
20:01:71:6d:d9:81:7f:60:68:38:b2:91:06:97:13:
f2:1d:c1:77:e0:2c:98:39:18:e8:87:0b:bd:9d:fa:
e4:70:f3:7f:bb:e5:e8:84:f2:94:08:36:a8:45:0c:
81:af:63:b9:f5:3f:ef:2b:31:70:97:ea:b9:fa:37:
98:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:B1:3F:E0:B5:13:9D:5E:D5:5E:EA:22:EB:9F:FF:CF:F5:E9:3D:BB
X509v3 Authority Key Identifier:
keyid:F8:9E:22:9F:86:0B:05:8D:23:FD:28:A2:92:61:61:B8:78:63:30:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-J4in4YLBY0j_SiikmFhuHhjMMY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/8cca33-c2b1-4541-9ef2-aa0eb53e90b9/1/6rE_4LUTnV7VXuoi65__z_XpPbs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/8cca33-c2b1-4541-9ef2-aa0eb53e90b9/1/1-J4in4YLBY0j_SiikmFhuHhjMMY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.102.77.0-193.102.79.255
194.62.20.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:34:72:0b:f4:40:b0:f7:eb:df:8c:a8:82:ec:11:63:55:c6:
e1:4c:d9:2d:9f:f5:34:c8:3a:63:49:f0:5d:99:8c:57:80:71:
04:c5:7d:a3:54:56:09:6d:8e:98:ce:f0:f8:ec:e5:17:65:51:
6a:99:b0:6e:5a:8f:54:53:b6:27:f3:5f:02:fe:82:21:ab:32:
07:41:e0:ea:6a:59:10:c5:eb:7f:62:47:14:b0:38:5b:40:f1:
6d:ca:17:2c:54:5f:29:76:d2:81:53:f8:df:ec:d7:dc:28:8c:
8b:75:80:e1:e3:e8:c9:b6:94:53:e9:80:93:e6:c0:90:50:94:
a9:43:5b:ae:0e:da:4a:d4:a0:32:24:32:e4:49:34:05:52:a2:
cb:f0:d1:1a:2b:2a:d5:ba:94:a2:32:82:37:8e:f0:04:ed:be:
ea:7a:e1:e8:73:6a:f3:f4:65:53:72:96:c2:52:96:e5:17:0c:
3c:b3:2d:63:5f:b4:71:c2:8a:72:12:37:8a:87:06:7c:2d:95:
9c:6b:e2:96:9c:51:a8:c3:b5:cf:4b:55:a9:28:a4:7e:15:88:
9e:6b:8d:d0:82:ed:16:1b:02:d3:33:37:53:8f:88:75:53:7c:
57:79:25:9b:1e:15:34:ea:a8:1a:71:96:54:85:d1:93:04:c0:
c1:f5:97:3e
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVyJ897f3U2RNc1vPTaHdpkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4OWUyMjlmODYwYjA1OGQyM2ZkMjhhMjkyNjE2MWI4Nzg2
MzMwYzYwHhcNMjMwMTAyMTEwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWIxM2ZlMGI1MTM5ZDVlZDU1ZWVhMjJlYjlmZmZjZmY1ZTkzZGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknTG5Rrj2OOvQSyhJKMb4wZR/AcF
qpto/mR/O15gmvWiV5IJHBR/JPGLTxlWWOLO6RHiXESm8+hRLZTZn6IIws127a/4
LyMWuDOj/4fpOjVwspyD8eMBAy6DLOZvL+mll4z6LqQqlGHsvNC4JV6mdYkyXvCR
lBwjmOQks0wr6xBagGeKwW03qu5Uw/Pr2kHmyH3WdpUjNpLxVXJfzO/buIF6ZVRI
Grx4/tSBXiclMvLudfxczuXT9N/FdF3v/X+lIf8gAXFt2YF/YGg4spEGlxPyHcF3
4CyYORjohwu9nfrkcPN/u+XohPKUCDaoRQyBr2O59T/vKzFwl+q5+jeYAQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFOqxP+C1E51e1V7qIuuf/8/16T27MB8GA1UdIwQY
MBaAFPieIp+GCwWNI/0oopJhYbh4YzDGMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1KNGluNFlMQlkwal9TaWlrbUZodUhoak1NWS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTQvOGNjYTMzLWMyYjEtNDU0MS05ZWYy
LWFhMGViNTNlOTBiOS8xLzZyRV80TFVUblY3Vlh1b2k2NV9fel9YcFBicy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTQvOGNjYTMzLWMyYjEtNDU0MS05ZWYyLWFhMGViNTNlOTBi
OS8xLzEtSjRpbjRZTEJZMGpfU2lpa21GaHVIaGpNTVkuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLQYIKwYBBQUHAQcBAf8EHjAcMBoEAgABMBQwDAMEAMFm
TQMEBMFmQAMEAMI+FDANBgkqhkiG9w0BAQsFAAOCAQEAXTRyC/RAsPfr34yoguwR
Y1XG4UzZLZ/1NMg6Y0nwXZmMV4BxBMV9o1RWCW2OmM7w+OzlF2VRapmwblqPVFO2
J/NfAv6CIasyB0Hg6mpZEMXrf2JHFLA4W0DxbcoXLFRfKXbSgVP43+zX3CiMi3WA
4ePoybaUU+mAk+bAkFCUqUNbrg7aStSgMiQy5Ek0BVKiy/DRGisq1bqUojKCN47w
BO2+6nrh6HNq8/RlU3KWwlKW5RcMPLMtY1+0ccKKchI3iocGfC2VnGvilpxRqMO1
z0tVqSikfhWInmuN0ILtFhsC0zM3U4+IdVN8V3klmx4VNOqoGnGWVIXRkwTAwfWX
Pg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:19 2024 by rpki-client on console-fra.rpki-client.org