Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/UnEBJXrsjxP1i3tgxxZBExxfI34.roa
File: UnEBJXrsjxP1i3tgxxZBExxfI34.roa (raw, json)
Hash identifier: PSbX8hLQ64xloV/0HNzOIfQvJexvXfpEpLD1DBpZnJM=
Subject key identifier: 52:71:01:25:7A:EC:8F:13:F5:8B:7B:60:C7:16:41:13:1C:5F:23:7E
Certificate issuer: /CN=b0c20ae1dacca31815b274702927c1a5a9dbc7b3
Certificate serial: 018226176483A10BFC8CCC8E4D03AB97717B
Authority key identifier: B0:C2:0A:E1:DA:CC:A3:18:15:B2:74:70:29:27:C1:A5:A9:DB:C7:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sMIK4drMoxgVsnRwKSfBpanbx7M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/UnEBJXrsjxP1i3tgxxZBExxfI34.roa
Signing time: Fri 22 Jul 2022 13:27:23 +0000
ROA not before: Fri 22 Jul 2022 13:27:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60995
IP address blocks: 193.32.29.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:26:17:64:83:a1:0b:fc:8c:cc:8e:4d:03:ab:97:71:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0c20ae1dacca31815b274702927c1a5a9dbc7b3
Validity
Not Before: Jul 22 13:27:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=527101257aec8f13f58b7b60c71641131c5f237e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d7:bd:18:3f:7c:8c:2c:c2:2e:13:a0:a9:26:
a3:13:62:29:39:f2:d1:67:ef:83:df:e5:47:90:56:
0b:d1:c4:f5:6d:6c:c7:85:e2:cd:02:1f:0a:dc:54:
b7:f3:e1:ef:7a:1c:22:bb:44:f9:b6:6f:b7:5b:c4:
f5:1e:df:c2:60:46:95:c9:23:26:15:76:2b:03:a6:
99:bb:52:f7:ca:57:42:16:fe:fc:ec:17:af:77:6e:
d4:03:8e:73:00:46:bb:a5:ae:08:a4:7f:41:cb:4c:
3e:f0:2a:3d:c5:48:04:a5:b5:5d:e6:ad:b9:9c:be:
15:8c:3e:cd:f7:c6:a8:b8:fc:18:41:13:49:8c:9c:
d2:95:70:f9:80:26:64:f9:5e:a4:c3:70:f4:fe:ed:
27:80:13:03:ea:03:14:0d:d4:9b:67:83:07:60:48:
2f:da:c5:ff:6c:1e:2e:71:cf:43:a8:48:1c:2f:44:
59:2b:93:a3:f9:16:0d:49:d5:99:b0:4d:39:30:bd:
89:f3:e6:52:4e:88:bb:b0:08:c5:01:a7:5b:14:64:
43:7c:a5:c9:ce:59:d9:63:33:45:39:af:86:ad:7e:
41:4a:ed:46:0e:90:61:53:aa:a0:46:41:46:35:f6:
ef:81:08:81:8a:e4:ad:8a:97:93:36:f3:94:e5:0b:
ac:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:71:01:25:7A:EC:8F:13:F5:8B:7B:60:C7:16:41:13:1C:5F:23:7E
X509v3 Authority Key Identifier:
keyid:B0:C2:0A:E1:DA:CC:A3:18:15:B2:74:70:29:27:C1:A5:A9:DB:C7:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sMIK4drMoxgVsnRwKSfBpanbx7M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/UnEBJXrsjxP1i3tgxxZBExxfI34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/sMIK4drMoxgVsnRwKSfBpanbx7M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.32.29.0/24
Signature Algorithm: sha256WithRSAEncryption
27:41:13:66:a5:d5:d5:8a:4b:1c:6c:c6:09:f3:0d:db:8b:71:
f1:6b:a4:de:a3:c2:02:5d:a4:d9:4f:68:01:c9:cf:70:fb:c6:
79:a0:dd:69:a9:c2:34:71:fd:1f:59:ca:69:b0:84:7c:fd:e1:
15:db:21:c1:7f:1c:e5:ee:ef:57:f5:86:2a:98:a6:40:c0:e7:
df:31:4e:ee:11:06:c3:f2:37:a6:97:d1:5d:36:8e:bc:57:37:
2b:25:16:72:08:f6:4b:95:01:80:b6:ed:01:3d:3e:e2:80:4b:
cc:bb:43:02:98:aa:b4:0a:9f:2a:59:92:04:a5:c4:93:bb:44:
44:45:4e:93:a6:73:98:98:eb:ed:83:54:c7:4a:e1:9c:81:1d:
bf:66:ec:59:d1:21:52:e3:06:e0:9d:b8:60:45:c8:c3:9b:35:
69:5d:7c:64:9d:68:12:24:25:a0:fd:90:cf:10:e3:a2:fe:36:
70:4a:d7:c6:5d:49:0a:af:4d:a8:ce:0e:38:44:b2:54:51:ea:
b1:cf:bf:94:1b:e8:0d:a0:17:dd:ab:a3:74:2a:2f:1a:f9:e4:
ca:3a:1e:99:57:6e:19:6e:e6:ee:ee:db:52:52:77:7f:64:d0:
07:26:99:59:03:d7:d6:1e:3f:fb:cc:df:ee:37:79:a3:8e:c9:
57:78:99:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYImF2SDoQv8jMyOTQOrl3F7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYzIwYWUxZGFjY2EzMTgxNWIyNzQ3MDI5MjdjMWE1YTlk
YmM3YjMwHhcNMjIwNzIyMTMyNzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjcxMDEyNTdhZWM4ZjEzZjU4YjdiNjBjNzE2NDExMzFjNWYyMzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApde9GD98jCzCLhOgqSajE2IpOfLR
Z++D3+VHkFYL0cT1bWzHheLNAh8K3FS38+Hvehwiu0T5tm+3W8T1Ht/CYEaVySMm
FXYrA6aZu1L3yldCFv787Bevd27UA45zAEa7pa4IpH9By0w+8Co9xUgEpbVd5q25
nL4VjD7N98aouPwYQRNJjJzSlXD5gCZk+V6kw3D0/u0ngBMD6gMUDdSbZ4MHYEgv
2sX/bB4ucc9DqEgcL0RZK5Oj+RYNSdWZsE05ML2J8+ZSToi7sAjFAadbFGRDfKXJ
zlnZYzNFOa+GrX5BSu1GDpBhU6qgRkFGNfbvgQiBiuStipeTNvOU5Qus6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFJxASV67I8T9Yt7YMcWQRMcXyN+MB8GA1UdIwQY
MBaAFLDCCuHazKMYFbJ0cCknwaWp28ezMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc01JSzRkck1veGdWc25Sd0tTZkJwYW5ieDdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ODg4NjktN2E2NS00MTViLWI2OGYt
NTQ4NDQwMmNlYjdhLzEvVW5FQkpYcnNqeFAxaTN0Z3h4WkJFeHhmSTM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ODg4NjktN2E2NS00MTViLWI2OGYtNTQ4NDQwMmNlYjdh
LzEvc01JSzRkck1veGdWc25Sd0tTZkJwYW5ieDdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSAdMA0G
CSqGSIb3DQEBCwUAA4IBAQAnQRNmpdXVikscbMYJ8w3bi3Hxa6Teo8ICXaTZT2gB
yc9w+8Z5oN1pqcI0cf0fWcppsIR8/eEV2yHBfxzl7u9X9YYqmKZAwOffMU7uEQbD
8jeml9FdNo68VzcrJRZyCPZLlQGAtu0BPT7igEvMu0MCmKq0Cp8qWZIEpcSTu0RE
RU6TpnOYmOvtg1THSuGcgR2/ZuxZ0SFS4wbgnbhgRcjDmzVpXXxknWgSJCWg/ZDP
EOOi/jZwStfGXUkKr02ozg44RLJUUeqxz7+UG+gNoBfdq6N0Ki8a+eTKOh6ZV24Z
bubu7ttSUnd/ZNAHJplZA9fWHj/7zN/uN3mjjslXeJl8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:07 2024 by rpki-client on console-fra.rpki-client.org