Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/vF2XLSm2ZUjjrvFspiPfWxJMXwM.roa
File: vF2XLSm2ZUjjrvFspiPfWxJMXwM.roa (raw, json)
Hash identifier: DfeBWMu3EJcEJIc+Lca4oAl+oT/P6VaBnHidt2KSUhc=
Subject key identifier: BC:5D:97:2D:29:B6:65:48:E3:AE:F1:6C:A6:23:DF:5B:12:4C:5F:03
Certificate issuer: /CN=b0c20ae1dacca31815b274702927c1a5a9dbc7b3
Certificate serial: 01857139B79C6F68EC1768F821ABACC7F371
Authority key identifier: B0:C2:0A:E1:DA:CC:A3:18:15:B2:74:70:29:27:C1:A5:A9:DB:C7:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sMIK4drMoxgVsnRwKSfBpanbx7M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/vF2XLSm2ZUjjrvFspiPfWxJMXwM.roa
Signing time: Mon 02 Jan 2023 06:44:45 +0000
ROA not before: Mon 02 Jan 2023 06:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28771
IP address blocks: 193.32.28.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:39:b7:9c:6f:68:ec:17:68:f8:21:ab:ac:c7:f3:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0c20ae1dacca31815b274702927c1a5a9dbc7b3
Validity
Not Before: Jan 2 06:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bc5d972d29b66548e3aef16ca623df5b124c5f03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:74:34:c8:3c:19:96:5b:ab:93:8e:ef:fb:f5:
a5:53:5e:df:8f:d6:c0:13:51:6b:7d:9b:84:e4:be:
0e:26:0c:e4:f2:76:b2:47:cf:23:19:2d:e3:8f:da:
b7:e7:ca:67:2a:80:96:3f:b6:80:ab:7e:c0:1e:59:
79:64:b8:35:21:d1:56:5d:31:b0:59:e9:94:80:f5:
48:e5:cb:0f:ba:0e:0f:8d:64:f7:36:0e:8d:d0:89:
06:38:d3:cb:61:53:66:06:9d:91:d4:41:b2:b6:a9:
6c:5a:2f:bc:3c:ec:d8:f9:1c:3a:1b:3e:fb:c4:b1:
15:c4:b4:a1:e5:62:3e:e8:94:78:4a:20:4b:7b:87:
fa:ae:d8:7a:0e:78:f1:57:70:8e:63:44:72:d5:55:
05:78:d4:6a:10:9a:e5:eb:ed:c2:f7:ef:5a:8a:3d:
b5:ac:f0:f5:a3:d5:83:88:6f:0e:e8:d4:3a:50:e0:
32:af:03:23:03:eb:da:12:8d:0e:50:18:dc:dc:7d:
45:0d:0c:e2:a4:c9:bb:bb:ab:3f:78:ab:02:f2:12:
b4:20:72:c6:b9:41:ca:c1:9b:5d:c4:1e:47:c8:fc:
bc:81:5a:be:8b:2c:85:77:7c:5c:66:6a:57:4e:cb:
9d:d2:d8:88:a5:f0:c5:ee:7b:e3:8d:a6:0b:dd:11:
55:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:5D:97:2D:29:B6:65:48:E3:AE:F1:6C:A6:23:DF:5B:12:4C:5F:03
X509v3 Authority Key Identifier:
keyid:B0:C2:0A:E1:DA:CC:A3:18:15:B2:74:70:29:27:C1:A5:A9:DB:C7:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sMIK4drMoxgVsnRwKSfBpanbx7M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/vF2XLSm2ZUjjrvFspiPfWxJMXwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/sMIK4drMoxgVsnRwKSfBpanbx7M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.32.28.0/23
Signature Algorithm: sha256WithRSAEncryption
60:03:17:3b:44:03:36:40:cb:9e:17:8b:99:88:32:24:5e:fd:
8d:d1:e6:92:c9:7b:4c:f3:42:9b:54:90:9a:3c:3c:d2:ce:c4:
b3:04:6d:ba:7e:eb:2b:7d:d4:e9:61:22:0e:4e:64:29:be:ab:
b5:60:17:17:ef:2e:06:0c:09:6d:64:b0:24:d2:8b:aa:cb:17:
cb:96:42:81:a6:f5:52:53:1f:8e:57:ac:a5:53:a9:c3:e6:d5:
98:f4:3c:6f:1e:a6:21:f4:81:c2:8c:6b:8d:e4:fb:52:ec:63:
9a:7d:a1:f9:03:82:48:8f:11:b5:48:4e:18:48:44:28:92:61:
2b:7a:f9:f3:e7:49:3a:12:16:2b:9d:6a:b1:3d:20:62:b5:e7:
0b:d3:50:87:23:8b:a9:ee:e8:0a:da:a4:cc:04:c6:6a:00:7a:
35:e4:31:14:2a:d1:36:e3:c7:5c:e1:50:56:73:51:b9:0f:89:
66:e5:1e:33:b5:37:e9:e9:1d:9b:12:90:bb:6f:30:e0:ec:70:
c1:d8:c6:b0:c2:dd:15:52:b2:c9:e4:86:ee:5e:4c:85:1e:be:
3d:fc:65:22:98:34:05:9c:92:a4:8c:80:91:ce:3d:fc:f8:d4:
8f:e8:98:5b:7f:1a:3e:85:9f:52:80:d9:09:d2:5d:e0:08:8f:
9f:71:a4:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxObecb2jsF2j4Iausx/NxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYzIwYWUxZGFjY2EzMTgxNWIyNzQ3MDI5MjdjMWE1YTlk
YmM3YjMwHhcNMjMwMTAyMDY0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzVkOTcyZDI5YjY2NTQ4ZTNhZWYxNmNhNjIzZGY1YjEyNGM1ZjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXQ0yDwZllurk47v+/WlU17fj9bA
E1FrfZuE5L4OJgzk8nayR88jGS3jj9q358pnKoCWP7aAq37AHll5ZLg1IdFWXTGw
WemUgPVI5csPug4PjWT3Ng6N0IkGONPLYVNmBp2R1EGytqlsWi+8POzY+Rw6Gz77
xLEVxLSh5WI+6JR4SiBLe4f6rth6DnjxV3COY0Ry1VUFeNRqEJrl6+3C9+9aij21
rPD1o9WDiG8O6NQ6UOAyrwMjA+vaEo0OUBjc3H1FDQzipMm7u6s/eKsC8hK0IHLG
uUHKwZtdxB5HyPy8gVq+iyyFd3xcZmpXTsud0tiIpfDF7nvjjaYL3RFV3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLxdly0ptmVI467xbKYj31sSTF8DMB8GA1UdIwQY
MBaAFLDCCuHazKMYFbJ0cCknwaWp28ezMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc01JSzRkck1veGdWc25Sd0tTZkJwYW5ieDdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ODg4NjktN2E2NS00MTViLWI2OGYt
NTQ4NDQwMmNlYjdhLzEvdkYyWExTbTJaVWpqcnZGc3BpUGZXeEpNWHdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ODg4NjktN2E2NS00MTViLWI2OGYtNTQ4NDQwMmNlYjdh
LzEvc01JSzRkck1veGdWc25Sd0tTZkJwYW5ieDdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwSAcMA0G
CSqGSIb3DQEBCwUAA4IBAQBgAxc7RAM2QMueF4uZiDIkXv2N0eaSyXtM80KbVJCa
PDzSzsSzBG26fusrfdTpYSIOTmQpvqu1YBcX7y4GDAltZLAk0ouqyxfLlkKBpvVS
Ux+OV6ylU6nD5tWY9DxvHqYh9IHCjGuN5PtS7GOafaH5A4JIjxG1SE4YSEQokmEr
evnz50k6EhYrnWqxPSBitecL01CHI4up7ugK2qTMBMZqAHo15DEUKtE248dc4VBW
c1G5D4lm5R4ztTfp6R2bEpC7bzDg7HDB2Mawwt0VUrLJ5IbuXkyFHr49/GUimDQF
nJKkjICRzj38+NSP6Jhbfxo+hZ9SgNkJ0l3gCI+fcaQm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:07 2024 by rpki-client on console-fra.rpki-client.org