Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/B3Hv9QDskI4BTfkruWsTFoGM8Sk.roa
File: B3Hv9QDskI4BTfkruWsTFoGM8Sk.roa (raw, json)
Hash identifier: UPCcXubx14+ZS2ehB1Db/sLmHkFW+yhFWsypX9+w6Sw=
Subject key identifier: 07:71:EF:F5:00:EC:90:8E:01:4D:F9:2B:B9:6B:13:16:81:8C:F1:29
Certificate issuer: /CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Certificate serial: 01842E3160DFC96E4239CB9C45048D328AC8
Authority key identifier: C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/B3Hv9QDskI4BTfkruWsTFoGM8Sk.roa
Signing time: Mon 31 Oct 2022 13:18:18 +0000
ROA not before: Mon 31 Oct 2022 13:18:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 517
IP address blocks: 194.45.183.0/24 maxlen: 24
194.45.98.0/24 maxlen: 24
194.45.99.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:2e:31:60:df:c9:6e:42:39:cb:9c:45:04:8d:32:8a:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Validity
Not Before: Oct 31 13:18:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0771eff500ec908e014df92bb96b1316818cf129
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:9e:15:02:14:75:52:93:da:57:cd:1b:05:d8:
18:70:5e:ca:9e:f6:f2:23:14:eb:ea:69:8d:86:5e:
b7:6a:17:f0:aa:0e:e0:6e:1e:6f:d3:d3:42:73:b9:
c5:90:c3:a5:ce:6a:29:e5:86:a0:39:30:36:1d:fd:
b6:02:6c:1c:2b:88:73:66:af:ba:0b:59:bd:81:e9:
42:7a:50:29:43:b1:87:47:6f:bf:9c:f6:7b:4d:b3:
49:41:1d:80:a4:8d:09:89:34:c0:e0:d5:f8:e0:e0:
a9:ba:8f:62:b6:5c:4d:47:d8:fe:d8:ed:29:7e:48:
11:27:d4:8c:f9:31:20:ff:86:0f:e7:a3:88:cc:be:
7b:83:5d:c5:d1:d8:c3:36:ae:db:42:82:86:1f:39:
8f:0c:39:67:d3:9e:dc:42:0f:70:a9:53:38:b2:db:
12:92:f5:01:61:68:13:09:f5:34:9a:69:ad:7f:1b:
03:b0:cd:b7:62:1d:6a:84:33:ae:fc:00:2a:f0:72:
ed:5c:57:04:10:ee:b1:48:7e:3d:5a:ca:b4:11:2b:
82:fa:8a:1b:03:c3:91:23:f3:6c:bd:bd:57:2c:c7:
9e:93:93:35:de:9b:1f:3e:0e:35:b6:73:c9:36:55:
7d:b8:73:0d:fd:a1:8c:d2:f7:b3:70:00:45:67:1b:
88:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:71:EF:F5:00:EC:90:8E:01:4D:F9:2B:B9:6B:13:16:81:8C:F1:29
X509v3 Authority Key Identifier:
keyid:C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/B3Hv9QDskI4BTfkruWsTFoGM8Sk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.45.98.0/23
194.45.183.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:0e:f1:ba:62:56:cc:9a:04:b5:6e:d7:ce:07:6b:ed:e0:a5:
d3:c4:c9:24:da:ab:ba:44:93:f5:f5:59:41:77:34:e9:ff:7e:
e8:13:36:27:e9:db:fe:28:78:4d:20:d2:b6:0e:b2:e6:81:13:
fb:a9:e6:d5:2a:e0:c1:ad:4c:cb:51:b6:ef:1d:8f:b4:7f:b4:
14:4c:af:1c:fb:c1:46:58:8e:40:da:20:d4:af:72:79:f2:d9:
78:96:e0:a1:fb:a7:5d:ff:1e:45:1e:b6:d4:c7:13:a2:0e:bf:
e7:bb:12:83:3f:41:54:6e:38:b5:1c:41:8d:24:f9:c8:ae:5c:
ec:20:c4:58:e9:b8:36:89:29:34:6b:12:6f:1a:0c:ca:db:02:
ab:a4:2b:cb:49:53:5b:f8:2f:99:9b:d0:ef:d7:1e:e8:9b:a7:
64:aa:7a:3b:85:69:fa:3b:8e:48:f6:69:3c:85:a6:13:64:7b:
ab:d7:0c:b6:ae:39:70:8c:5a:61:6e:a5:43:98:fb:3f:04:18:
ce:be:fa:d8:40:cc:c1:7f:4a:c7:9d:7b:f5:da:bb:3d:da:5b:
cb:3f:f4:97:0c:ca:91:e5:b0:a3:ae:c7:0a:29:e1:f8:98:dd:
56:db:2b:4a:e0:30:e4:b4:12:d7:3f:79:f9:b2:5b:44:52:d4:
7b:44:03:cb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYQuMWDfyW5COcucRQSNMorIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzOTgwNjBmMWJmMjJmMDk5OWNiMDcxYjFiNDI2OTZkYmM0
M2UxMGMwHhcNMjIxMDMxMTMxODE4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzcxZWZmNTAwZWM5MDhlMDE0ZGY5MmJiOTZiMTMxNjgxOGNmMTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJ4VAhR1UpPaV80bBdgYcF7Knvby
IxTr6mmNhl63ahfwqg7gbh5v09NCc7nFkMOlzmop5YagOTA2Hf22AmwcK4hzZq+6
C1m9gelCelApQ7GHR2+/nPZ7TbNJQR2ApI0JiTTA4NX44OCpuo9itlxNR9j+2O0p
fkgRJ9SM+TEg/4YP56OIzL57g13F0djDNq7bQoKGHzmPDDln057cQg9wqVM4stsS
kvUBYWgTCfU0mmmtfxsDsM23Yh1qhDOu/AAq8HLtXFcEEO6xSH49Wsq0ESuC+oob
A8ORI/Nsvb1XLMeek5M13psfPg41tnPJNlV9uHMN/aGM0vezcABFZxuIWwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAdx7/UA7JCOAU35K7lrExaBjPEpMB8GA1UdIwQY
MBaAFMOYBg8b8i8JmcsHGxtCaW28Q+EMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAt
YzkyN2I4YzJjN2M0LzEvQjNIdjlRRHNrSTRCVGZrcnVXc1RGb0dNOFNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAtYzkyN2I4YzJjN2M0
LzEvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwi1iAwQA
wi23MA0GCSqGSIb3DQEBCwUAA4IBAQB9DvG6YlbMmgS1btfOB2vt4KXTxMkk2qu6
RJP19VlBdzTp/37oEzYn6dv+KHhNINK2DrLmgRP7qebVKuDBrUzLUbbvHY+0f7QU
TK8c+8FGWI5A2iDUr3J58tl4luCh+6dd/x5FHrbUxxOiDr/nuxKDP0FUbji1HEGN
JPnIrlzsIMRY6bg2iSk0axJvGgzK2wKrpCvLSVNb+C+Zm9Dv1x7om6dkqno7hWn6
O45I9mk8haYTZHur1wy2rjlwjFphbqVDmPs/BBjOvvrYQMzBf0rHnXv12rs92lvL
P/SXDMqR5bCjrscKKeH4mN1W2ytK4DDktBLXP3n5sltEUtR7RAPL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:51 2024 by rpki-client on console-ams.rpki-client.org