Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/HDX54iI_DKwCbQ7qrEyb_3W2yTY.roa
File: HDX54iI_DKwCbQ7qrEyb_3W2yTY.roa (raw, json)
Hash identifier: Tr3cm6qg8jPIkdBVdhBjQiJbA1rgNZZhcZ/1CWQPC2M=
Subject key identifier: 1C:35:F9:E2:22:3F:0C:AC:02:6D:0E:EA:AC:4C:9B:FF:75:B6:C9:36
Certificate issuer: /CN=679a75debd65359a45317f203f11a321e14b2f2c
Certificate serial: 018570FBCBA43FEC9993421AF0458D3F247F
Authority key identifier: 67:9A:75:DE:BD:65:35:9A:45:31:7F:20:3F:11:A3:21:E1:4B:2F:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z5p13r1lNZpFMX8gPxGjIeFLLyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/HDX54iI_DKwCbQ7qrEyb_3W2yTY.roa
Signing time: Mon 02 Jan 2023 05:37:07 +0000
ROA not before: Mon 02 Jan 2023 05:37:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211178
IP address blocks: 94.176.96.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:cb:a4:3f:ec:99:93:42:1a:f0:45:8d:3f:24:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=679a75debd65359a45317f203f11a321e14b2f2c
Validity
Not Before: Jan 2 05:37:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c35f9e2223f0cac026d0eeaac4c9bff75b6c936
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:15:b0:22:08:3c:6b:1e:2b:8c:07:a0:13:e4:
8a:3d:cc:b1:50:9b:b1:b7:19:60:a7:60:38:9d:84:
ca:c8:a4:54:71:2b:af:19:38:e2:46:c7:4c:68:d4:
78:40:bf:dd:bb:76:43:36:15:6f:97:ef:78:7f:93:
f6:64:9a:e4:09:f9:b1:40:f7:2f:c8:93:ea:72:37:
5e:87:be:c8:c7:4d:39:0b:7a:a2:81:98:05:02:10:
70:65:8c:09:bd:ea:a5:01:05:a1:14:bf:9f:14:13:
de:8a:0b:09:3a:73:1f:f1:ad:01:5e:bf:c9:52:6c:
93:b7:e7:8f:28:da:d5:b7:f3:62:b9:2f:4c:75:53:
ac:3e:99:00:89:ff:9a:24:cf:c5:0c:79:39:39:1c:
40:a6:f3:c6:1e:4b:de:3e:9b:44:e5:48:3a:33:aa:
a0:16:a0:3c:d5:f3:35:ec:79:04:4b:e4:64:da:50:
f5:2b:ec:59:81:93:58:e8:aa:d2:81:3a:1c:ce:28:
35:52:9e:a7:16:7b:1f:cb:56:b8:9a:dc:f3:9d:74:
93:03:31:0d:7d:0d:72:c7:1d:05:2f:fa:7f:de:b1:
75:9d:b8:6a:ba:44:3b:70:62:2a:1c:40:c1:2a:d7:
1a:4f:7e:8f:28:99:44:1a:c7:b4:32:c4:c5:03:6a:
5e:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:35:F9:E2:22:3F:0C:AC:02:6D:0E:EA:AC:4C:9B:FF:75:B6:C9:36
X509v3 Authority Key Identifier:
keyid:67:9A:75:DE:BD:65:35:9A:45:31:7F:20:3F:11:A3:21:E1:4B:2F:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5p13r1lNZpFMX8gPxGjIeFLLyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/HDX54iI_DKwCbQ7qrEyb_3W2yTY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/Z5p13r1lNZpFMX8gPxGjIeFLLyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.176.96.0/24
Signature Algorithm: sha256WithRSAEncryption
04:0e:94:5d:c7:bc:9e:86:cb:aa:2f:ec:6b:c6:50:a2:06:9d:
b9:8e:e8:1b:f6:ec:8e:a3:21:38:d6:ef:c1:18:de:c4:9c:49:
89:c0:62:00:63:95:18:22:76:37:0d:84:77:b5:6c:61:4c:e3:
a7:40:e8:6a:11:e5:36:08:27:9e:39:18:82:d1:be:8c:bd:9f:
a9:a5:bf:ff:01:17:db:30:e2:88:fb:69:0f:58:2f:13:ec:36:
3c:21:6d:60:68:55:db:c5:69:2a:af:7d:46:8d:d6:6e:06:5f:
c9:6c:02:6b:13:d0:9d:e5:81:7e:62:e5:fa:fc:b0:fa:0b:f9:
55:9f:45:3d:fd:79:fc:8e:66:b8:6b:e6:58:89:5a:d4:82:c6:
c9:79:0f:cd:1e:a7:b4:8c:10:38:80:81:f7:82:31:73:0f:b3:
d6:23:6f:5e:07:01:28:f7:68:33:ac:01:c9:ea:b8:a0:0b:bd:
c5:e0:80:fe:e6:7a:a6:3b:3e:bc:8b:5e:7b:09:a2:9e:47:e1:
a3:25:81:74:5c:c7:83:44:27:b4:2e:bc:0e:cd:91:aa:42:53:
dd:0f:8f:70:b8:c2:f6:b8:f0:ff:9c:7e:52:f7:64:e3:28:a2:
4f:1a:22:9b:06:73:26:a5:e7:e0:f6:f5:09:32:8e:86:7c:03:
5a:69:68:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw+8ukP+yZk0Ia8EWNPyR/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3OWE3NWRlYmQ2NTM1OWE0NTMxN2YyMDNmMTFhMzIxZTE0
YjJmMmMwHhcNMjMwMTAyMDUzNzA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzM1ZjllMjIyM2YwY2FjMDI2ZDBlZWFhYzRjOWJmZjc1YjZjOTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRWwIgg8ax4rjAegE+SKPcyxUJux
txlgp2A4nYTKyKRUcSuvGTjiRsdMaNR4QL/du3ZDNhVvl+94f5P2ZJrkCfmxQPcv
yJPqcjdeh77Ix005C3qigZgFAhBwZYwJveqlAQWhFL+fFBPeigsJOnMf8a0BXr/J
UmyTt+ePKNrVt/NiuS9MdVOsPpkAif+aJM/FDHk5ORxApvPGHkvePptE5Ug6M6qg
FqA81fM17HkES+Rk2lD1K+xZgZNY6KrSgToczig1Up6nFnsfy1a4mtzznXSTAzEN
fQ1yxx0FL/p/3rF1nbhqukQ7cGIqHEDBKtcaT36PKJlEGse0MsTFA2pe9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBw1+eIiPwysAm0O6qxMm/91tsk2MB8GA1UdIwQY
MBaAFGeadd69ZTWaRTF/ID8RoyHhSy8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjVwMTNyMWxOWnBGTVg4Z1B4R2pJZUZMTHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS83YTM5YjEtMWQxYy00OTE5LWIxOWMt
M2VlYmU3MTk2OTcyLzEvSERYNTRpSV9ES3dDYlE3cXJFeWJfM1cyeVRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS83YTM5YjEtMWQxYy00OTE5LWIxOWMtM2VlYmU3MTk2OTcy
LzEvWjVwMTNyMWxOWnBGTVg4Z1B4R2pJZUZMTHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXrBgMA0G
CSqGSIb3DQEBCwUAA4IBAQAEDpRdx7yehsuqL+xrxlCiBp25jugb9uyOoyE41u/B
GN7EnEmJwGIAY5UYInY3DYR3tWxhTOOnQOhqEeU2CCeeORiC0b6MvZ+ppb//ARfb
MOKI+2kPWC8T7DY8IW1gaFXbxWkqr31GjdZuBl/JbAJrE9Cd5YF+YuX6/LD6C/lV
n0U9/Xn8jma4a+ZYiVrUgsbJeQ/NHqe0jBA4gIH3gjFzD7PWI29eBwEo92gzrAHJ
6rigC73F4ID+5nqmOz68i157CaKeR+GjJYF0XMeDRCe0LrwOzZGqQlPdD49wuML2
uPD/nH5S92TjKKJPGiKbBnMmpefg9vUJMo6GfANaaWiq
-----END CERTIFICATE-----
Generated at Wed Nov 8 10:35:00 2023 by rpki-client on console-ams.rpki-client.org