Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/d7300f-de06-4f7b-a909-6598b4ceb069/1/1-yjJ5AEqprGN0uI-z0LrvxY9wPk.roa
File: 1-yjJ5AEqprGN0uI-z0LrvxY9wPk.roa (raw, json)
Hash identifier: 4sYavkT+THpnIgKcdDDzL0LQSqpo7squHgDdK28mSZ4=
Subject key identifier: FB:28:C9:E4:01:2A:A6:B1:8D:D2:E2:3E:CF:42:EB:BF:16:3D:C0:F9
Certificate issuer: /CN=12694f6945a21d08d30192cfc1a6b780de728e3b
Certificate serial: 01840F5000F612E2CA0183B37EE7E9381AB9
Authority key identifier: 12:69:4F:69:45:A2:1D:08:D3:01:92:CF:C1:A6:B7:80:DE:72:8E:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EmlPaUWiHQjTAZLPwaa3gN5yjjs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/d7300f-de06-4f7b-a909-6598b4ceb069/1/1-yjJ5AEqprGN0uI-z0LrvxY9wPk.roa
Signing time: Tue 25 Oct 2022 13:23:32 +0000
ROA not before: Tue 25 Oct 2022 13:23:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56553
IP address blocks: 193.219.119.0/24 maxlen: 24
5.83.38.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0f:50:00:f6:12:e2:ca:01:83:b3:7e:e7:e9:38:1a:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12694f6945a21d08d30192cfc1a6b780de728e3b
Validity
Not Before: Oct 25 13:23:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fb28c9e4012aa6b18dd2e23ecf42ebbf163dc0f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:a8:67:f0:50:dc:5f:aa:38:58:f7:48:f2:57:
21:b0:86:01:75:ce:27:b0:e2:54:31:7f:6f:9f:ad:
74:e4:e1:f7:8b:53:09:68:18:3e:57:4c:9b:53:e3:
ea:8d:42:af:1c:19:5c:e8:07:b5:1e:e3:0f:2d:9c:
71:93:ad:22:56:7c:74:e1:87:aa:2c:53:54:6c:28:
c6:31:aa:9c:dd:e7:93:dc:d6:7a:0a:18:42:35:35:
47:27:45:74:85:27:c7:3a:27:05:78:95:4d:6b:9a:
77:09:2b:49:a1:aa:fa:21:cc:77:80:d2:e7:8f:5f:
6c:17:5f:cc:98:d8:5e:ad:d7:40:bb:cb:7e:27:fd:
66:bf:9e:eb:1e:c8:d1:29:19:cb:6e:64:b3:92:14:
70:82:8d:7b:1b:44:29:e5:cb:6c:35:81:65:36:90:
9f:74:29:d0:82:26:e6:2c:6f:31:47:66:06:b4:7e:
be:8d:96:e0:03:d1:68:0e:5c:06:35:d8:a0:2a:fa:
8d:ed:e3:d2:53:f1:71:ed:aa:89:c6:2a:6d:3e:40:
da:9d:8a:d7:cb:05:9f:f9:04:5b:67:9e:1a:7d:e6:
18:51:82:28:03:e7:79:fe:e4:af:57:25:09:97:c6:
a3:c3:99:70:60:24:f1:c6:e4:b9:66:bd:14:a0:73:
e7:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:28:C9:E4:01:2A:A6:B1:8D:D2:E2:3E:CF:42:EB:BF:16:3D:C0:F9
X509v3 Authority Key Identifier:
keyid:12:69:4F:69:45:A2:1D:08:D3:01:92:CF:C1:A6:B7:80:DE:72:8E:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EmlPaUWiHQjTAZLPwaa3gN5yjjs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d7300f-de06-4f7b-a909-6598b4ceb069/1/1-yjJ5AEqprGN0uI-z0LrvxY9wPk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d7300f-de06-4f7b-a909-6598b4ceb069/1/EmlPaUWiHQjTAZLPwaa3gN5yjjs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.38.0/24
193.219.119.0/24
Signature Algorithm: sha256WithRSAEncryption
04:3e:87:38:6b:0a:9d:7b:47:ad:63:cf:26:b9:bf:8e:7f:2e:
fc:98:1e:e5:79:32:4d:61:55:08:e8:0f:5b:bb:ef:ad:fe:91:
e9:79:ff:6a:a2:43:65:56:4a:e4:c3:e9:37:52:fe:ec:99:bb:
36:10:89:58:d7:d0:f7:b5:40:19:17:bb:c4:a1:92:92:58:cf:
05:7c:0b:cd:07:37:4e:5f:ea:b7:f0:f8:30:dd:ba:0d:ed:66:
e3:2d:f1:d4:9c:55:78:cc:0e:87:44:e7:51:8d:33:a4:c9:41:
a7:fe:48:23:31:4d:db:cc:f5:a4:46:ed:0f:2e:47:ea:59:4b:
bd:5b:26:c9:82:53:b0:b6:b3:30:e4:b0:38:7d:f2:62:a0:5c:
82:f3:e9:a5:2b:a1:55:bd:a9:bf:dc:95:f6:71:82:17:5d:6c:
d7:9b:a9:6d:b4:0b:3a:bd:23:83:a3:08:ed:c6:60:56:6d:c6:
66:d2:b0:e6:e1:50:74:6f:b5:eb:63:f4:b3:12:9f:69:82:04:
54:f9:be:8e:91:1f:06:05:ad:02:85:28:77:44:51:4b:f9:9d:
ce:10:d5:db:75:ed:94:c2:d8:34:c1:c4:35:e8:99:ff:71:6d:
88:39:0e:83:59:8b:ee:95:da:27:ff:22:68:cc:49:de:f9:a0:
f4:93:c9:07
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYQPUAD2EuLKAYOzfufpOBq5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyNjk0ZjY5NDVhMjFkMDhkMzAxOTJjZmMxYTZiNzgwZGU3
MjhlM2IwHhcNMjIxMDI1MTMyMzMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjI4YzllNDAxMmFhNmIxOGRkMmUyM2VjZjQyZWJiZjE2M2RjMGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh6hn8FDcX6o4WPdI8lchsIYBdc4n
sOJUMX9vn6105OH3i1MJaBg+V0ybU+PqjUKvHBlc6Ae1HuMPLZxxk60iVnx04Yeq
LFNUbCjGMaqc3eeT3NZ6ChhCNTVHJ0V0hSfHOicFeJVNa5p3CStJoar6Icx3gNLn
j19sF1/MmNherddAu8t+J/1mv57rHsjRKRnLbmSzkhRwgo17G0Qp5ctsNYFlNpCf
dCnQgibmLG8xR2YGtH6+jZbgA9FoDlwGNdigKvqN7ePSU/Fx7aqJxiptPkDanYrX
ywWf+QRbZ54afeYYUYIoA+d5/uSvVyUJl8ajw5lwYCTxxuS5Zr0UoHPnLQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPsoyeQBKqaxjdLiPs9C678WPcD5MB8GA1UdIwQY
MBaAFBJpT2lFoh0I0wGSz8Gmt4Deco47MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRW1sUGFVV2lIUWpUQVpMUHdhYTNnTjV5ampzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9kNzMwMGYtZGUwNi00ZjdiLWE5MDkt
NjU5OGI0Y2ViMDY5LzEvMS15ako1QUVxcHJHTjB1SS16MExydnhZOXdQay5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDAvZDczMDBmLWRlMDYtNGY3Yi1hOTA5LTY1OThiNGNlYjA2
OS8xL0VtbFBhVVdpSFFqVEFaTFB3YWEzZ041eWpqcy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAAVTJgME
AMHbdzANBgkqhkiG9w0BAQsFAAOCAQEABD6HOGsKnXtHrWPPJrm/jn8u/Jge5Xky
TWFVCOgPW7vvrf6R6Xn/aqJDZVZK5MPpN1L+7Jm7NhCJWNfQ97VAGRe7xKGSkljP
BXwLzQc3Tl/qt/D4MN26De1m4y3x1JxVeMwOh0TnUY0zpMlBp/5IIzFN28z1pEbt
Dy5H6llLvVsmyYJTsLazMOSwOH3yYqBcgvPppSuhVb2pv9yV9nGCF11s15upbbQL
Or0jg6MI7cZgVm3GZtKw5uFQdG+162P0sxKfaYIEVPm+jpEfBgWtAoUod0RRS/md
zhDV23XtlMLYNMHENeiZ/3FtiDkOg1mL7pXaJ/8iaMxJ3vmg9JPJBw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:11 2023 by rpki-client on console-ams.rpki-client.org