Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/74bbbc-9d72-44ec-859b-c767cb74bddb/1/w6tYpqDGwGBSR1hlUXJXzSkDNe0.roa
File: w6tYpqDGwGBSR1hlUXJXzSkDNe0.roa (raw, json)
Hash identifier: SwnxlewQwLOfnv0H/n05ZOzDJbH5jQGTTYJGFxRWLTY=
Subject key identifier: C3:AB:58:A6:A0:C6:C0:60:52:47:58:65:51:72:57:CD:29:03:35:ED
Certificate issuer: /CN=70d654f2e16fe8826e04ae96df5e5cb0a260380a
Certificate serial: 018CC79349BA6541661C498CCCDF020A8BF3
Authority key identifier: 70:D6:54:F2:E1:6F:E8:82:6E:04:AE:96:DF:5E:5C:B0:A2:60:38:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cNZU8uFv6IJuBK6W315csKJgOAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/74bbbc-9d72-44ec-859b-c767cb74bddb/1/w6tYpqDGwGBSR1hlUXJXzSkDNe0.roa
Signing time: Tue 02 Jan 2024 00:29:27 +0000
ROA not before: Tue 02 Jan 2024 00:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198505
IP address blocks: 193.8.201.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:49:ba:65:41:66:1c:49:8c:cc:df:02:0a:8b:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70d654f2e16fe8826e04ae96df5e5cb0a260380a
Validity
Not Before: Jan 2 00:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c3ab58a6a0c6c06052475865517257cd290335ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e4:aa:75:8b:b2:14:97:c2:e3:eb:b5:38:80:
ce:c8:6d:48:97:95:b2:40:23:df:ca:b6:14:b3:2e:
6f:8e:ac:91:1d:53:c1:c9:a1:44:58:ba:8c:cc:78:
14:7d:8a:a0:af:c4:1c:91:d6:cc:1e:db:39:51:82:
e2:40:89:64:e3:7a:6c:28:b6:f8:15:c4:63:00:92:
b7:a7:62:15:50:1c:50:ef:e1:e1:ab:8b:8c:0c:ae:
46:3d:b8:2e:39:ff:72:b3:ee:e5:39:4e:b2:f6:a0:
15:20:dd:a3:2f:f7:fe:5c:4b:65:7a:02:04:b4:c3:
8a:a8:de:45:54:76:d5:01:57:60:c4:76:3f:c2:d1:
74:a6:50:b4:98:c3:24:7c:00:6a:f5:02:92:fa:6f:
cb:b6:e9:8d:23:17:40:77:47:08:9e:78:51:0a:e1:
de:ef:9b:0c:ef:2d:2e:b3:b3:58:74:ed:62:35:2b:
22:75:13:15:88:a5:1f:21:3d:65:11:6e:60:ff:b1:
22:04:2b:0a:01:a0:40:42:c2:fa:9d:a7:97:ba:24:
a7:18:ca:a3:17:21:de:7e:53:4f:a3:de:fe:26:19:
92:e0:4a:e7:e1:fb:3a:27:4f:90:54:0f:ea:60:c1:
52:de:06:0a:ad:eb:ff:2b:b1:a4:14:be:84:2d:6a:
d4:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:AB:58:A6:A0:C6:C0:60:52:47:58:65:51:72:57:CD:29:03:35:ED
X509v3 Authority Key Identifier:
keyid:70:D6:54:F2:E1:6F:E8:82:6E:04:AE:96:DF:5E:5C:B0:A2:60:38:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cNZU8uFv6IJuBK6W315csKJgOAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/74bbbc-9d72-44ec-859b-c767cb74bddb/1/w6tYpqDGwGBSR1hlUXJXzSkDNe0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/74bbbc-9d72-44ec-859b-c767cb74bddb/1/cNZU8uFv6IJuBK6W315csKJgOAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.8.201.0/24
Signature Algorithm: sha256WithRSAEncryption
08:0f:10:61:cc:7c:8f:28:5f:28:66:bf:e6:19:74:bb:7d:3c:
47:2b:41:50:9f:59:f3:73:d8:c1:27:3d:00:a5:cc:4f:65:e8:
d8:43:8e:55:48:6d:79:32:bc:8f:4f:7a:08:3d:81:7e:22:19:
bb:9d:9d:2d:bb:6d:df:53:e5:9b:d9:7e:d4:1a:fa:68:f8:16:
8c:4d:9b:58:ae:6f:46:67:74:f4:33:1f:3e:6f:91:49:b5:2f:
fe:93:6e:8a:f2:95:ab:bb:89:bf:c0:6a:b0:a3:4d:7e:9d:04:
4d:48:43:4b:4d:c4:a5:0a:de:e0:46:6a:da:c2:b2:d2:ac:8f:
43:b8:1c:95:f1:2b:10:d5:47:10:e7:5d:1a:04:ea:50:e2:47:
99:f4:6e:32:32:27:be:b2:01:97:05:ef:17:78:c9:96:04:32:
8f:90:a7:af:b7:63:7d:28:50:20:d0:36:cf:6b:96:a7:e3:ad:
ff:06:21:48:d5:11:e3:c8:05:b5:10:88:9b:f4:e7:db:6b:16:
82:eb:cd:50:e0:b6:29:fb:bb:47:19:86:d2:61:fa:64:39:6b:
df:34:5c:48:16:f7:3e:25:6d:ad:59:5a:5c:de:85:ef:89:37:
0a:4b:05:7c:18:d8:d1:26:75:7c:23:a6:ae:41:5a:4a:ce:ff:
c9:dc:dd:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHk0m6ZUFmHEmMzN8CCovzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZDY1NGYyZTE2ZmU4ODI2ZTA0YWU5NmRmNWU1Y2IwYTI2
MDM4MGEwHhcNMjQwMTAyMDAyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2FiNThhNmEwYzZjMDYwNTI0NzU4NjU1MTcyNTdjZDI5MDMzNWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+SqdYuyFJfC4+u1OIDOyG1Il5Wy
QCPfyrYUsy5vjqyRHVPByaFEWLqMzHgUfYqgr8QckdbMHts5UYLiQIlk43psKLb4
FcRjAJK3p2IVUBxQ7+Hhq4uMDK5GPbguOf9ys+7lOU6y9qAVIN2jL/f+XEtlegIE
tMOKqN5FVHbVAVdgxHY/wtF0plC0mMMkfABq9QKS+m/LtumNIxdAd0cInnhRCuHe
75sM7y0us7NYdO1iNSsidRMViKUfIT1lEW5g/7EiBCsKAaBAQsL6naeXuiSnGMqj
FyHeflNPo97+JhmS4Ern4fs6J0+QVA/qYMFS3gYKrev/K7GkFL6ELWrU1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMOrWKagxsBgUkdYZVFyV80pAzXtMB8GA1UdIwQY
MBaAFHDWVPLhb+iCbgSult9eXLCiYDgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY05aVTh1RnY2SUp1Qks2VzMxNWNzS0pnT0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC83NGJiYmMtOWQ3Mi00NGVjLTg1OWIt
Yzc2N2NiNzRiZGRiLzEvdzZ0WXBxREd3R0JTUjFobFVYSlh6U2tETmUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC83NGJiYmMtOWQ3Mi00NGVjLTg1OWItYzc2N2NiNzRiZGRi
LzEvY05aVTh1RnY2SUp1Qks2VzMxNWNzS0pnT0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQjJMA0G
CSqGSIb3DQEBCwUAA4IBAQAIDxBhzHyPKF8oZr/mGXS7fTxHK0FQn1nzc9jBJz0A
pcxPZejYQ45VSG15MryPT3oIPYF+Ihm7nZ0tu23fU+Wb2X7UGvpo+BaMTZtYrm9G
Z3T0Mx8+b5FJtS/+k26K8pWru4m/wGqwo01+nQRNSENLTcSlCt7gRmrawrLSrI9D
uByV8SsQ1UcQ510aBOpQ4keZ9G4yMie+sgGXBe8XeMmWBDKPkKevt2N9KFAg0DbP
a5an463/BiFI1RHjyAW1EIib9OfbaxaC681Q4LYp+7tHGYbSYfpkOWvfNFxIFvc+
JW2tWVpc3oXviTcKSwV8GNjRJnV8I6auQVpKzv/J3N1N
Generated at Thu May 30 08:52:34 2024 by rpki-client on console-fra.rpki-client.org