Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/8cca33-c2b1-4541-9ef2-aa0eb53e90b9/1/P1KGubgq3aqyYdvk1s5e75r9mX0.roa
File: P1KGubgq3aqyYdvk1s5e75r9mX0.roa (raw, json)
Hash identifier: unoqqdhGUBidDVeitu/WLsybiRnkr46/PZ6dS7NGacM=
Subject key identifier: 3F:52:86:B9:B8:2A:DD:AA:B2:61:DB:E4:D6:CE:5E:EF:9A:FD:99:7D
Certificate issuer: /CN=f89e229f860b058d23fd28a2926161b8786330c6
Certificate serial: 018C5818D572ABA8A7B8DDA9FA757587ED2F
Authority key identifier: F8:9E:22:9F:86:0B:05:8D:23:FD:28:A2:92:61:61:B8:78:63:30:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-J4in4YLBY0j_SiikmFhuHhjMMY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/8cca33-c2b1-4541-9ef2-aa0eb53e90b9/1/P1KGubgq3aqyYdvk1s5e75r9mX0.roa
Signing time: Mon 11 Dec 2023 08:57:51 +0000
ROA not before: Mon 11 Dec 2023 08:57:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198673
IP address blocks: 193.102.77.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:58:18:d5:72:ab:a8:a7:b8:dd:a9:fa:75:75:87:ed:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f89e229f860b058d23fd28a2926161b8786330c6
Validity
Not Before: Dec 11 08:57:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f5286b9b82addaab261dbe4d6ce5eef9afd997d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:b5:39:88:14:02:39:e6:52:5e:1c:35:b9:72:
2c:1d:77:c4:c5:5f:2c:ea:05:13:5a:4f:a6:35:88:
02:ba:d8:cb:09:bb:dc:b9:22:44:6c:e8:a5:a5:1a:
38:7c:18:d1:a8:36:b8:67:03:bc:8b:9a:6f:b4:b6:
33:1d:d9:fe:4b:62:4f:4b:ba:7b:0c:fc:54:e0:2c:
8d:f4:11:5d:8e:aa:38:71:a3:b3:c4:2c:14:32:df:
45:7c:b0:c6:9a:b3:60:3f:1f:9c:39:cc:24:b4:3d:
0a:6e:87:0d:dc:5f:09:8e:3d:29:f9:42:d5:42:6c:
1c:d2:61:e8:a3:03:cf:24:fd:f7:91:4e:32:cf:d3:
c9:58:e5:87:24:c1:b4:61:4a:41:78:18:81:fb:dc:
f0:80:97:9b:fc:75:b6:78:d5:0f:d4:4b:22:ef:17:
ed:a0:71:9f:70:39:b5:b6:cb:64:13:41:f7:b5:17:
45:14:f7:78:0c:37:4e:60:ab:3b:f3:9f:3a:88:c1:
77:25:58:e1:3a:35:da:6e:76:2d:14:ca:10:7c:bc:
6e:a2:ad:51:33:a4:24:68:f5:48:17:70:7a:90:5a:
65:c0:54:ad:aa:4c:05:61:00:de:0c:41:c5:0c:67:
cb:8a:25:3e:c4:93:e6:ce:6d:f0:3d:dd:ea:c2:3f:
02:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:52:86:B9:B8:2A:DD:AA:B2:61:DB:E4:D6:CE:5E:EF:9A:FD:99:7D
X509v3 Authority Key Identifier:
keyid:F8:9E:22:9F:86:0B:05:8D:23:FD:28:A2:92:61:61:B8:78:63:30:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-J4in4YLBY0j_SiikmFhuHhjMMY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/8cca33-c2b1-4541-9ef2-aa0eb53e90b9/1/P1KGubgq3aqyYdvk1s5e75r9mX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/8cca33-c2b1-4541-9ef2-aa0eb53e90b9/1/1-J4in4YLBY0j_SiikmFhuHhjMMY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.102.77.0/24
Signature Algorithm: sha256WithRSAEncryption
80:6e:5b:9c:7d:2a:62:a2:b0:fe:18:fb:5d:6e:4d:25:e3:48:
aa:c4:88:1f:79:85:e2:53:a8:06:1f:98:d3:01:07:7f:59:84:
a6:2f:2b:a2:a3:68:5b:67:5e:4e:05:a2:7d:2c:39:f7:7c:79:
d4:f0:85:4f:08:3b:11:e4:8b:5b:33:70:58:96:01:4e:ca:a6:
6b:68:a8:09:a9:f8:06:02:e4:2c:54:6a:94:e1:e2:fa:87:f4:
da:8c:7a:ba:f9:cf:27:a2:da:f7:9f:ff:e0:e7:46:86:05:da:
f0:38:62:86:c1:be:da:51:e2:92:85:11:e6:df:45:49:eb:90:
1a:74:25:52:8e:a4:d1:ab:46:df:2c:f2:26:2b:97:ac:88:7c:
59:b0:13:02:13:68:d3:af:e6:de:21:57:27:fb:37:78:a4:bf:
b3:f2:2f:9d:fe:9f:ec:d7:af:00:fe:18:a3:6e:4e:6f:b1:6f:
3b:fb:b5:0a:15:59:61:59:a3:91:21:d3:17:f8:66:2c:29:01:
38:02:a5:b9:50:be:1e:40:ba:73:99:d1:1d:bc:a2:2b:57:e4:
ae:df:b5:da:8a:43:47:59:6c:8f:b2:b8:8e:0b:83:d8:54:30:
0e:7f:cc:a7:fc:1e:10:70:ec:2e:c2:7d:6c:91:c5:95:fc:61:
6f:ed:8b:f8
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYxYGNVyq6inuN2p+nV1h+0vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4OWUyMjlmODYwYjA1OGQyM2ZkMjhhMjkyNjE2MWI4Nzg2
MzMwYzYwHhcNMjMxMjExMDg1NzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjUyODZiOWI4MmFkZGFhYjI2MWRiZTRkNmNlNWVlZjlhZmQ5OTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLU5iBQCOeZSXhw1uXIsHXfExV8s
6gUTWk+mNYgCutjLCbvcuSJEbOilpRo4fBjRqDa4ZwO8i5pvtLYzHdn+S2JPS7p7
DPxU4CyN9BFdjqo4caOzxCwUMt9FfLDGmrNgPx+cOcwktD0KbocN3F8Jjj0p+ULV
Qmwc0mHoowPPJP33kU4yz9PJWOWHJMG0YUpBeBiB+9zwgJeb/HW2eNUP1Esi7xft
oHGfcDm1tstkE0H3tRdFFPd4DDdOYKs78586iMF3JVjhOjXabnYtFMoQfLxuoq1R
M6QkaPVIF3B6kFplwFStqkwFYQDeDEHFDGfLiiU+xJPmzm3wPd3qwj8CmQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFD9Shrm4Kt2qsmHb5NbOXu+a/Zl9MB8GA1UdIwQY
MBaAFPieIp+GCwWNI/0oopJhYbh4YzDGMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1KNGluNFlMQlkwal9TaWlrbUZodUhoak1NWS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTQvOGNjYTMzLWMyYjEtNDU0MS05ZWYy
LWFhMGViNTNlOTBiOS8xL1AxS0d1YmdxM2FxeVlkdmsxczVlNzVyOW1YMC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTQvOGNjYTMzLWMyYjEtNDU0MS05ZWYyLWFhMGViNTNlOTBi
OS8xLzEtSjRpbjRZTEJZMGpfU2lpa21GaHVIaGpNTVkuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADBZk0w
DQYJKoZIhvcNAQELBQADggEBAIBuW5x9KmKisP4Y+11uTSXjSKrEiB95heJTqAYf
mNMBB39ZhKYvK6KjaFtnXk4Fon0sOfd8edTwhU8IOxHki1szcFiWAU7KpmtoqAmp
+AYC5CxUapTh4vqH9NqMerr5zyei2vef/+DnRoYF2vA4YobBvtpR4pKFEebfRUnr
kBp0JVKOpNGrRt8s8iYrl6yIfFmwEwITaNOv5t4hVyf7N3ikv7PyL53+n+zXrwD+
GKNuTm+xbzv7tQoVWWFZo5Eh0xf4ZiwpATgCpblQvh5AunOZ0R28oitX5K7ftdqK
Q0dZbI+yuI4Lg9hUMA5/zKf8HhBw7C7CfWyRxZX8YW/ti/g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:19 2024 by rpki-client on console-fra.rpki-client.org