Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/c4073a-923b-4ecf-9566-4d777cacd9a4/1/U1m9H6rtS8ADTapLcJmh7hXUtZw.roa
File: U1m9H6rtS8ADTapLcJmh7hXUtZw.roa (raw, json)
Hash identifier: GnD98h51uQ6oIRvxW6Hv5EIQLqx2ecQk6rlPDo5VNWA=
Subject key identifier: 53:59:BD:1F:AA:ED:4B:C0:03:4D:AA:4B:70:99:A1:EE:15:D4:B5:9C
Certificate issuer: /CN=93a229e266b2558899f3547ee63d84ed6594768b
Certificate serial: 0190922B32D6F0943F2D1F32D9FE89E62D60
Authority key identifier: 93:A2:29:E2:66:B2:55:88:99:F3:54:7E:E6:3D:84:ED:65:94:76:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k6Ip4mayVYiZ81R-5j2E7WWUdos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/c4073a-923b-4ecf-9566-4d777cacd9a4/1/U1m9H6rtS8ADTapLcJmh7hXUtZw.roa
Signing time: Mon 08 Jul 2024 11:47:02 +0000
ROA not before: Mon 08 Jul 2024 11:47:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56655
IP address blocks: 198.140.141.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:92:2b:32:d6:f0:94:3f:2d:1f:32:d9:fe:89:e6:2d:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93a229e266b2558899f3547ee63d84ed6594768b
Validity
Not Before: Jul 8 11:47:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5359bd1faaed4bc0034daa4b7099a1ee15d4b59c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:2c:61:b7:9e:a0:5c:a3:d4:95:3d:d3:5f:d4:
cd:bf:4b:22:b1:28:76:79:38:07:46:3b:70:5f:6f:
62:2f:7d:90:b3:24:0d:26:a7:9d:eb:de:b3:99:4d:
ea:99:b4:f1:a4:6b:f9:5a:ee:cc:09:cc:ca:5c:7d:
84:98:87:1b:9d:ec:53:d9:7e:a6:8a:6f:3f:02:ee:
37:a1:85:98:01:d9:3d:46:40:bf:8a:a8:02:f9:70:
b8:bf:b7:ae:18:d8:a3:72:c8:0e:18:84:71:13:bf:
e7:d2:b3:2d:2f:64:68:d9:86:3b:ec:4b:9e:83:f6:
e7:67:6a:87:32:aa:71:80:23:9a:ff:31:3b:9f:f3:
55:f6:52:66:43:40:a4:12:31:7d:78:ac:74:ad:f3:
a5:63:78:eb:fc:ee:cb:9a:65:40:1f:a2:b2:c7:cd:
12:81:af:25:f5:5c:a3:7f:24:5c:df:33:96:56:b2:
3d:0b:bb:d6:b2:ad:fe:3f:37:fe:f1:fc:84:ab:e6:
73:89:d0:ba:85:8c:5f:4b:11:b1:ac:7d:4e:cd:60:
52:32:1c:7d:19:08:05:3c:5a:59:6a:3a:a9:46:c6:
20:e8:eb:db:66:7e:1a:54:e6:48:4f:f9:e4:4d:fa:
c9:f3:56:bd:af:8e:9c:de:83:c9:f3:a0:95:4e:a6:
8c:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:59:BD:1F:AA:ED:4B:C0:03:4D:AA:4B:70:99:A1:EE:15:D4:B5:9C
X509v3 Authority Key Identifier:
keyid:93:A2:29:E2:66:B2:55:88:99:F3:54:7E:E6:3D:84:ED:65:94:76:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k6Ip4mayVYiZ81R-5j2E7WWUdos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c4073a-923b-4ecf-9566-4d777cacd9a4/1/U1m9H6rtS8ADTapLcJmh7hXUtZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c4073a-923b-4ecf-9566-4d777cacd9a4/1/k6Ip4mayVYiZ81R-5j2E7WWUdos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
198.140.141.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:bb:2d:95:02:f9:fb:f3:ab:98:05:c4:f0:20:e0:08:da:c9:
fc:8f:d7:40:bb:43:bf:5b:f7:51:4c:56:f7:a1:c8:25:29:5f:
4d:56:11:88:65:ef:a3:11:be:09:b7:db:39:78:cf:14:21:aa:
ab:3b:d3:f8:34:34:e4:70:23:96:f6:d8:84:a6:cf:57:98:05:
88:d2:ad:dc:31:06:a6:4c:21:94:20:81:48:97:53:66:3b:16:
a4:6a:9b:bf:c6:a2:ee:6d:45:45:c3:07:d4:32:9c:66:8a:3b:
9d:88:76:28:e5:1b:6b:4c:f7:f1:82:4a:d5:8c:b3:c1:62:d4:
8e:7d:d8:de:6b:67:8c:1f:6e:97:46:90:12:74:c1:df:e5:06:
5f:5f:4e:bb:39:22:4e:92:66:24:b7:d3:4e:1d:17:e6:5b:2b:
e3:54:85:8b:60:08:ff:cb:42:43:fb:07:cf:53:a2:a1:8c:c5:
85:59:21:53:92:57:bc:3b:f1:6b:87:11:d5:5a:35:a0:25:b1:
9f:80:18:c4:79:54:de:11:6f:10:94:ab:a8:b7:20:b3:b8:68:
b5:38:27:72:a2:f9:d7:0d:d8:47:6e:3f:a8:d8:0a:35:97:0c:
5c:81:46:24:ef:d7:35:e9:a9:8c:9f:8f:63:9e:e3:70:3a:89:
11:8b:00:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZCSKzLW8JQ/LR8y2f6J5i1gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzYTIyOWUyNjZiMjU1ODg5OWYzNTQ3ZWU2M2Q4NGVkNjU5
NDc2OGIwHhcNMjQwNzA4MTE0NzAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzU5YmQxZmFhZWQ0YmMwMDM0ZGFhNGI3MDk5YTFlZTE1ZDRiNTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqCxht56gXKPUlT3TX9TNv0sisSh2
eTgHRjtwX29iL32QsyQNJqed696zmU3qmbTxpGv5Wu7MCczKXH2EmIcbnexT2X6m
im8/Au43oYWYAdk9RkC/iqgC+XC4v7euGNijcsgOGIRxE7/n0rMtL2Ro2YY77Eue
g/bnZ2qHMqpxgCOa/zE7n/NV9lJmQ0CkEjF9eKx0rfOlY3jr/O7LmmVAH6Kyx80S
ga8l9VyjfyRc3zOWVrI9C7vWsq3+Pzf+8fyEq+ZzidC6hYxfSxGxrH1OzWBSMhx9
GQgFPFpZajqpRsYg6OvbZn4aVOZIT/nkTfrJ81a9r46c3oPJ86CVTqaMFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFNZvR+q7UvAA02qS3CZoe4V1LWcMB8GA1UdIwQY
MBaAFJOiKeJmslWImfNUfuY9hO1llHaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazZJcDRtYXlWWWlaODFSLTVqMkU3V1dVZG9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9jNDA3M2EtOTIzYi00ZWNmLTk1NjYt
NGQ3NzdjYWNkOWE0LzEvVTFtOUg2cnRTOEFEVGFwTGNKbWg3aFhVdFp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9jNDA3M2EtOTIzYi00ZWNmLTk1NjYtNGQ3NzdjYWNkOWE0
LzEvazZJcDRtYXlWWWlaODFSLTVqMkU3V1dVZG9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAxoyNMA0G
CSqGSIb3DQEBCwUAA4IBAQAuuy2VAvn786uYBcTwIOAI2sn8j9dAu0O/W/dRTFb3
ocglKV9NVhGIZe+jEb4Jt9s5eM8UIaqrO9P4NDTkcCOW9tiEps9XmAWI0q3cMQam
TCGUIIFIl1NmOxakapu/xqLubUVFwwfUMpxmijudiHYo5RtrTPfxgkrVjLPBYtSO
fdjea2eMH26XRpASdMHf5QZfX067OSJOkmYkt9NOHRfmWyvjVIWLYAj/y0JD+wfP
U6KhjMWFWSFTkle8O/FrhxHVWjWgJbGfgBjEeVTeEW8QlKuotyCzuGi1OCdyovnX
DdhHbj+o2Ao1lwxcgUYk79c16amMn49jnuNwOokRiwAc
-----END CERTIFICATE-----
Generated at Fri Nov 1 13:22:31 2024 by rpki-client on console-ams.rpki-client.org