Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/Y-jDYKIRYPNmyIB2Ft8VoOWnorA.roa
File: Y-jDYKIRYPNmyIB2Ft8VoOWnorA.roa (raw, json)
Hash identifier: SEgFtEppHwxtsiRCyg9WQ45Wvt3bI9NiLVrFBgcuB1s=
Subject key identifier: 63:E8:C3:60:A2:11:60:F3:66:C8:80:76:16:DF:15:A0:E5:A7:A2:B0
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 123E4E82
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/Y-jDYKIRYPNmyIB2Ft8VoOWnorA.roa
Signing time: Sun 03 Apr 2022 18:26:10 +0000
ROA not before: Sun 03 Apr 2022 18:26:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 148996
IP address blocks: 195.80.49.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 306073218 (0x123e4e82)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Apr 3 18:26:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63e8c360a21160f366c8807616df15a0e5a7a2b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:f7:74:b7:6d:a8:9e:b3:9a:22:17:0d:12:63:
b0:58:a2:76:30:9c:17:6a:b1:de:bf:60:80:95:94:
de:7d:f8:8c:a3:21:b6:9c:eb:a3:09:5b:c7:59:72:
83:86:7f:0a:a0:65:20:67:38:c9:c8:b2:45:d2:6b:
b6:e1:b0:22:44:9c:34:68:47:36:c1:05:5a:f1:29:
26:0b:34:0a:41:33:cb:9f:13:73:fa:22:7e:10:e9:
03:55:1e:29:e5:40:b2:11:c6:b1:41:44:a7:75:8a:
5d:04:2a:6c:38:bc:78:f2:b2:c4:3f:fd:8b:f9:16:
0e:99:1d:20:29:18:fa:c5:be:99:81:28:e2:04:30:
0f:53:22:8e:61:06:29:4e:f8:ec:35:02:ea:d8:e2:
7d:5c:f9:d7:ee:e7:6e:60:c1:28:dc:7d:48:88:da:
45:78:08:f7:82:73:81:bb:a5:33:91:8e:f2:8f:d6:
75:d4:5c:66:29:a6:76:79:ce:a1:ca:8b:53:77:5d:
6b:9c:c8:db:39:55:f3:8f:05:b4:04:db:7c:c5:5c:
a0:cd:e0:3c:c6:fc:05:3f:15:71:6b:c9:ce:51:b3:
58:e9:b2:88:7b:7b:8f:69:e3:83:46:0e:83:88:e4:
62:1b:2f:00:c6:2a:01:9e:af:36:76:01:b6:63:fd:
7e:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:E8:C3:60:A2:11:60:F3:66:C8:80:76:16:DF:15:A0:E5:A7:A2:B0
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/Y-jDYKIRYPNmyIB2Ft8VoOWnorA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.80.49.0/24
Signature Algorithm: sha256WithRSAEncryption
83:ee:64:af:ec:a6:c4:14:c2:6f:78:54:de:8f:3f:09:36:83:
a5:93:20:49:53:db:ff:55:73:70:a9:93:d0:df:30:9e:1b:c7:
70:24:f5:b1:9c:ff:53:e5:f5:b7:a6:13:9b:2c:83:27:e8:87:
69:87:0f:81:9d:e6:2d:a9:e3:88:b3:c2:ba:c4:a8:ad:aa:24:
d1:42:d1:d0:95:eb:fb:42:cc:4f:f0:0b:3b:ed:a2:da:4a:a7:
c0:b6:06:8d:52:d7:8f:a2:06:d9:01:e0:fb:1d:56:eb:82:b5:
be:62:c9:48:62:b2:3e:2e:dc:c7:9b:49:9c:af:cb:58:de:4e:
64:bf:0b:41:ac:d4:ae:f4:dd:6e:d0:9c:e3:1a:ba:5d:ef:18:
c5:1f:41:5b:c0:c5:b5:57:8f:c2:68:80:64:5b:de:fd:ff:d6:
22:0c:64:13:7f:91:84:03:15:1f:cd:53:ca:a6:0b:66:5a:52:
5e:30:e7:15:ee:01:95:49:8e:4d:80:a9:3b:b6:8b:ac:35:ff:
9f:f6:ff:25:7a:50:61:30:c1:69:5f:ec:33:ab:eb:b8:8c:46:
33:e9:37:93:5e:80:52:0e:32:55:bc:a4:79:86:45:44:4c:ce:
18:76:b8:a6:ad:d0:6a:20:09:f6:99:74:b5:5f:22:6c:c1:fc:
e2:a6:5a:19
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEj5OgjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NWIxZDEzYzJlMjZlMTI3ODYyNDZhNWVjNGM1YmVhNjk4NjRiMjBmMB4XDTIyMDQw
MzE4MjYxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjNlOGMzNjBhMjEx
NjBmMzY2Yzg4MDc2MTZkZjE1YTBlNWE3YTJiMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANX3dLdtqJ6zmiIXDRJjsFiidjCcF2qx3r9ggJWU3n34jKMh
tpzrowlbx1lyg4Z/CqBlIGc4yciyRdJrtuGwIkScNGhHNsEFWvEpJgs0CkEzy58T
c/oifhDpA1UeKeVAshHGsUFEp3WKXQQqbDi8ePKyxD/9i/kWDpkdICkY+sW+mYEo
4gQwD1MijmEGKU747DUC6tjifVz51+7nbmDBKNx9SIjaRXgI94JzgbulM5GO8o/W
ddRcZimmdnnOocqLU3dda5zI2zlV848FtATbfMVcoM3gPMb8BT8VcWvJzlGzWOmy
iHt7j2njg0YOg4jkYhsvAMYqAZ6vNnYBtmP9frUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRj6MNgohFg82bIgHYW3xWg5aeisDAfBgNVHSMEGDAWgBQFsdE8LibhJ4Yk
al7Exb6mmGSyDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JiSFJQQzRtNFNlR0pHcGV4TVctcHBoa3NnOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTgvYzYxMDkyLTczNGEtNGVlZi05ZDY3LTQ5MDUyNDNiYzgyOC8x
L1ktakRZS0lSWVBObXlJQjJGdDhWb09Xbm9yQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTgv
YzYxMDkyLTczNGEtNGVlZi05ZDY3LTQ5MDUyNDNiYzgyOC8xL0JiSFJQQzRtNFNl
R0pHcGV4TVctcHBoa3NnOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMNQMTANBgkqhkiG9w0BAQsFAAOC
AQEAg+5kr+ymxBTCb3hU3o8/CTaDpZMgSVPb/1VzcKmT0N8wnhvHcCT1sZz/U+X1
t6YTmyyDJ+iHaYcPgZ3mLanjiLPCusSoraok0ULR0JXr+0LMT/ALO+2i2kqnwLYG
jVLXj6IG2QHg+x1W64K1vmLJSGKyPi7cx5tJnK/LWN5OZL8LQazUrvTdbtCc4xq6
Xe8YxR9BW8DFtVePwmiAZFve/f/WIgxkE3+RhAMVH81TyqYLZlpSXjDnFe4BlUmO
TYCpO7aLrDX/n/b/JXpQYTDBaV/sM6vruIxGM+k3k16AUg4yVbykeYZFREzOGHa4
pq3QaiAJ9pl0tV8ibMH84qZaGQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:54 2024 by rpki-client on console-fra.rpki-client.org