Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/LopVF2je6an2SfRR3huwNjf-wTY.roa
File: LopVF2je6an2SfRR3huwNjf-wTY.roa (raw, json)
Hash identifier: gi7ZWZIjCC1Yd+XVux+yu48ekOYvBn2yVx/Sj2sZjY0=
Subject key identifier: 2E:8A:55:17:68:DE:E9:A9:F6:49:F4:51:DE:1B:B0:36:37:FE:C1:36
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 01856E2FC2FC5A78925E974FBB80195390AA
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/LopVF2je6an2SfRR3huwNjf-wTY.roa
Signing time: Sun 01 Jan 2023 16:35:01 +0000
ROA not before: Sun 01 Jan 2023 16:35:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210512
IP address blocks: 194.5.94.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:c2:fc:5a:78:92:5e:97:4f:bb:80:19:53:90:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Jan 1 16:35:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2e8a551768dee9a9f649f451de1bb03637fec136
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:1b:5e:61:b7:bc:0c:d6:91:a6:5c:9a:5d:81:
a8:b6:32:15:66:9c:d9:77:12:e2:71:06:e4:2f:bd:
34:b9:e6:c9:f4:62:27:9b:40:65:6d:88:db:3d:56:
8d:60:23:3a:4c:73:fd:4e:4c:f5:eb:53:83:76:6c:
ed:d7:d0:64:30:a0:3f:0c:e7:87:f0:72:21:b6:4f:
e5:21:8c:f9:ef:29:19:11:bc:68:16:a1:32:fa:d0:
5c:d2:72:95:ec:e7:1f:11:16:e5:ea:0b:17:87:67:
53:a7:a7:f6:39:e7:a5:38:54:7d:f2:0a:a7:0c:b6:
ce:76:29:29:34:d4:43:87:1f:32:a5:a5:9b:4e:b9:
04:2a:19:43:8b:5a:a2:89:61:e3:25:5f:c5:ec:55:
2e:8b:3d:af:ff:00:22:0a:95:a2:a5:0c:12:ac:0a:
c1:33:79:cc:fa:ad:c8:ce:69:d8:26:e0:7a:36:59:
4a:7a:77:c1:d0:57:14:7c:df:9c:fd:cc:9f:77:a1:
ec:34:b5:b2:2f:09:08:f4:30:6a:cf:ad:cb:64:0d:
61:72:cf:c0:3f:1b:3b:51:1c:69:06:02:dc:72:9a:
d5:d2:4c:a1:d4:be:09:fd:c2:ba:5f:d1:66:eb:0a:
95:91:4a:84:ba:b9:34:87:f5:72:80:e7:d4:c7:17:
a2:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:8A:55:17:68:DE:E9:A9:F6:49:F4:51:DE:1B:B0:36:37:FE:C1:36
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/LopVF2je6an2SfRR3huwNjf-wTY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.5.94.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:01:01:c4:bf:87:35:97:5c:3c:fd:01:37:c8:cf:61:7c:a5:
03:59:be:d1:62:fd:56:fb:dc:a2:5b:1a:cb:68:ae:40:22:d8:
d2:fe:99:9e:bb:6f:ab:23:14:f5:c9:4a:cf:fd:1f:d9:6e:4b:
a0:b1:93:a1:5f:6a:fd:a2:10:fc:a2:d1:97:43:0f:a3:06:b5:
d8:1e:2c:eb:41:e2:c3:ab:89:93:68:be:d1:d8:07:77:a9:5a:
e4:43:ec:44:99:6b:3c:91:2e:de:f8:eb:d2:38:82:49:41:26:
41:ec:cd:64:a7:84:c0:e0:af:78:8d:be:d1:c9:b0:fe:33:92:
cb:e5:eb:8e:c7:62:53:0d:f4:d6:a9:8a:ac:e6:7a:bc:c1:91:
9d:db:6e:14:fd:19:03:fa:59:16:56:be:2b:93:15:05:be:ff:
d8:6c:2d:8c:6c:bf:94:e1:0e:e3:9e:61:c7:08:36:e4:e5:96:
c5:dc:b7:47:52:85:62:14:d4:d6:79:5c:1e:17:f7:9b:35:d0:
8d:97:97:17:8a:89:8d:cc:a4:a9:7e:40:90:40:32:da:e8:b2:
be:b9:48:4b:c4:cf:93:7d:f4:3e:66:dc:c8:49:33:83:05:27:
97:2b:ff:6a:ff:60:6f:55:fe:e6:8f:e3:35:f1:47:79:d1:07:
f3:8d:72:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuL8L8WniSXpdPu4AZU5CqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwMTAxMTYzNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZThhNTUxNzY4ZGVlOWE5ZjY0OWY0NTFkZTFiYjAzNjM3ZmVjMTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgRteYbe8DNaRplyaXYGotjIVZpzZ
dxLicQbkL700uebJ9GInm0BlbYjbPVaNYCM6THP9Tkz161ODdmzt19BkMKA/DOeH
8HIhtk/lIYz57ykZEbxoFqEy+tBc0nKV7OcfERbl6gsXh2dTp6f2OeelOFR98gqn
DLbOdikpNNRDhx8ypaWbTrkEKhlDi1qiiWHjJV/F7FUuiz2v/wAiCpWipQwSrArB
M3nM+q3IzmnYJuB6NllKenfB0FcUfN+c/cyfd6HsNLWyLwkI9DBqz63LZA1hcs/A
Pxs7URxpBgLccprV0kyh1L4J/cK6X9Fm6wqVkUqEurk0h/VygOfUxxeiqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC6KVRdo3ump9kn0Ud4bsDY3/sE2MB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvTG9wVkYyamU2YW4yU2ZSUjNodXdOamYtd1RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgVeMA0G
CSqGSIb3DQEBCwUAA4IBAQA6AQHEv4c1l1w8/QE3yM9hfKUDWb7RYv1W+9yiWxrL
aK5AItjS/pmeu2+rIxT1yUrP/R/ZbkugsZOhX2r9ohD8otGXQw+jBrXYHizrQeLD
q4mTaL7R2Ad3qVrkQ+xEmWs8kS7e+OvSOIJJQSZB7M1kp4TA4K94jb7RybD+M5LL
5euOx2JTDfTWqYqs5nq8wZGd224U/RkD+lkWVr4rkxUFvv/YbC2MbL+U4Q7jnmHH
CDbk5ZbF3LdHUoViFNTWeVweF/ebNdCNl5cXiomNzKSpfkCQQDLa6LK+uUhLxM+T
ffQ+ZtzISTODBSeXK/9q/2BvVf7mj+M18Ud50QfzjXKo
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:15 2024 by rpki-client on console-ams.rpki-client.org