Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/1-jy4IHUtUvoCDFfBpCP-KPFOBj0.roa
File: 1-jy4IHUtUvoCDFfBpCP-KPFOBj0.roa (raw, json)
Hash identifier: WRrprHruz8kPlIaHTDAgeEmV1Wtk7XCVEq6oFVj+Vek=
Subject key identifier: FA:3C:B8:20:75:2D:52:FA:02:0C:57:C1:A4:23:FE:28:F1:4E:06:3D
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 12B5BCCA
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/1-jy4IHUtUvoCDFfBpCP-KPFOBj0.roa
Signing time: Fri 27 May 2022 08:08:16 +0000
ROA not before: Fri 27 May 2022 08:08:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6302
IP address blocks: 195.80.49.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 313900234 (0x12b5bcca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: May 27 08:08:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fa3cb820752d52fa020c57c1a423fe28f14e063d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:b0:13:4a:b7:de:28:1b:d0:5e:c8:54:65:6a:
07:41:59:aa:88:7c:b1:6b:94:2f:ea:26:7c:98:f8:
67:c1:df:37:c6:37:96:e4:a2:f9:fb:de:45:aa:71:
e1:e3:6b:22:09:8c:e5:3f:98:e9:21:33:66:51:47:
5a:40:78:8c:f4:47:95:9c:0b:62:58:99:d7:03:ba:
c4:f5:94:41:3e:55:9c:e4:8a:14:e4:88:49:4f:de:
ff:c1:b9:97:20:60:5d:e6:e3:ff:8d:fe:0f:5a:6c:
57:82:f3:58:53:90:7d:a1:c8:4a:8c:1d:cb:83:48:
db:30:2d:f1:95:8e:f6:99:61:ec:a8:15:96:37:65:
13:6a:37:ff:ec:4b:72:d4:d9:5d:07:43:ae:4c:1d:
b6:e1:10:27:be:1c:4c:5f:62:47:13:a8:77:ff:05:
46:74:4e:91:93:b4:01:52:e5:17:13:c8:51:65:cb:
55:9a:09:79:53:2f:b7:b7:a7:3c:70:fd:56:0d:d1:
4c:9a:1f:a5:6b:11:c0:98:77:30:0e:16:c7:9a:f0:
dc:85:45:7f:7e:73:7a:89:35:65:7f:4c:ad:12:cb:
a5:9b:a6:d9:24:07:d4:ea:26:a0:75:53:69:72:b5:
c0:58:1a:5e:f7:a1:1a:f6:4f:45:1d:3a:9f:1c:41:
58:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:3C:B8:20:75:2D:52:FA:02:0C:57:C1:A4:23:FE:28:F1:4E:06:3D
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/1-jy4IHUtUvoCDFfBpCP-KPFOBj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.80.49.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:44:38:a8:e6:b5:0f:b0:85:c0:ba:8e:c9:0e:ac:e2:6b:a9:
b9:9c:a9:90:79:5d:f2:1c:f3:53:9a:a0:07:5f:ed:1c:2e:7a:
a5:96:75:fa:23:63:34:4e:c0:d7:db:2a:77:e2:75:94:a0:8c:
b8:49:8d:4e:df:7c:19:9d:f3:35:e6:f7:c4:56:0d:70:b7:60:
f4:59:9f:0f:f8:22:47:24:c2:b3:3b:12:ec:9b:f7:b0:a2:ab:
cd:b4:91:ba:51:d0:ab:11:1a:3c:6b:4c:f1:d6:97:88:bc:d5:
a0:4b:d3:0f:66:fe:c3:2d:18:06:71:14:d8:0b:7b:b0:79:69:
c1:69:7d:cd:e2:ed:42:96:d0:9f:34:8b:e3:32:82:3a:7c:67:
41:0b:11:12:fa:56:a7:9a:c8:ff:98:b7:6a:be:2a:fc:97:b0:
cf:e3:d2:2c:f8:67:04:97:a8:d3:a2:f0:56:40:73:8c:b7:00:
58:4b:7e:4f:b1:59:47:22:3e:31:64:81:08:c3:c0:ff:b8:81:
7e:00:47:09:b1:d4:48:5b:b5:70:6d:0f:ed:e6:24:46:16:56:
9a:ac:be:de:07:fa:56:8c:74:0d:8f:af:25:63:2e:6f:d6:3f:
01:c7:44:d1:e5:a8:45:0d:a8:fa:17:0d:6c:56:91:a9:36:44:
de:77:11:5c
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEErW8yjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NWIxZDEzYzJlMjZlMTI3ODYyNDZhNWVjNGM1YmVhNjk4NjRiMjBmMB4XDTIyMDUy
NzA4MDgxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmEzY2I4MjA3NTJk
NTJmYTAyMGM1N2MxYTQyM2ZlMjhmMTRlMDYzZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIiwE0q33igb0F7IVGVqB0FZqoh8sWuUL+omfJj4Z8HfN8Y3
luSi+fveRapx4eNrIgmM5T+Y6SEzZlFHWkB4jPRHlZwLYliZ1wO6xPWUQT5VnOSK
FOSISU/e/8G5lyBgXebj/43+D1psV4LzWFOQfaHISowdy4NI2zAt8ZWO9plh7KgV
ljdlE2o3/+xLctTZXQdDrkwdtuEQJ74cTF9iRxOod/8FRnROkZO0AVLlFxPIUWXL
VZoJeVMvt7enPHD9Vg3RTJofpWsRwJh3MA4Wx5rw3IVFf35zeok1ZX9MrRLLpZum
2SQH1OomoHVTaXK1wFgaXvehGvZPRR06nxxBWMUCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBT6PLggdS1S+gIMV8GkI/4o8U4GPTAfBgNVHSMEGDAWgBQFsdE8LibhJ4Yk
al7Exb6mmGSyDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JiSFJQQzRtNFNlR0pHcGV4TVctcHBoa3NnOC5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTgvYzYxMDkyLTczNGEtNGVlZi05ZDY3LTQ5MDUyNDNiYzgyOC8x
LzEtank0SUhVdFV2b0NERmZCcENQLUtQRk9CajAucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2E4
L2M2MTA5Mi03MzRhLTRlZWYtOWQ2Ny00OTA1MjQzYmM4MjgvMS9CYkhSUEM0bTRT
ZUdKR3BleE1XLXBwaGtzZzguY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADDUDEwDQYJKoZIhvcNAQELBQAD
ggEBAH1EOKjmtQ+whcC6jskOrOJrqbmcqZB5XfIc81OaoAdf7RwueqWWdfojYzRO
wNfbKnfidZSgjLhJjU7ffBmd8zXm98RWDXC3YPRZnw/4IkckwrM7Euyb97Ciq820
kbpR0KsRGjxrTPHWl4i81aBL0w9m/sMtGAZxFNgLe7B5acFpfc3i7UKW0J80i+My
gjp8Z0ELERL6VqeayP+Yt2q+KvyXsM/j0iz4ZwSXqNOi8FZAc4y3AFhLfk+xWUci
PjFkgQjDwP+4gX4ARwmx1EhbtXBtD+3mJEYWVpqsvt4H+laMdA2PryVjLm/WPwHH
RNHlqEUNqPoXDWxWkak2RN53EVw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:54 2024 by rpki-client on console-fra.rpki-client.org