Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/d7300f-de06-4f7b-a909-6598b4ceb069/1/3JDHCD8RLXaXB1qriDozLWA3S4c.roa
File: 3JDHCD8RLXaXB1qriDozLWA3S4c.roa (raw, json)
Hash identifier: FMlfyGCEXHbESUmiiyLL9MCybx5TlrIYki/tyhsqUGk=
Subject key identifier: DC:90:C7:08:3F:11:2D:76:97:07:5A:AB:88:3A:33:2D:60:37:4B:87
Certificate issuer: /CN=12694f6945a21d08d30192cfc1a6b780de728e3b
Certificate serial: 01840A1AC41E94FA34D6F082E7C99A75A7CB
Authority key identifier: 12:69:4F:69:45:A2:1D:08:D3:01:92:CF:C1:A6:B7:80:DE:72:8E:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EmlPaUWiHQjTAZLPwaa3gN5yjjs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/d7300f-de06-4f7b-a909-6598b4ceb069/1/3JDHCD8RLXaXB1qriDozLWA3S4c.roa
Signing time: Mon 24 Oct 2022 13:07:17 +0000
ROA not before: Mon 24 Oct 2022 13:07:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56553
IP address blocks: 193.219.119.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0a:1a:c4:1e:94:fa:34:d6:f0:82:e7:c9:9a:75:a7:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12694f6945a21d08d30192cfc1a6b780de728e3b
Validity
Not Before: Oct 24 13:07:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dc90c7083f112d7697075aab883a332d60374b87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:0f:63:74:07:1d:80:71:9c:ea:4e:28:a3:d7:
64:24:6d:f2:4a:8c:3c:3b:79:c1:e1:a1:1d:29:05:
73:4d:19:8e:02:be:51:99:7b:bc:2a:82:44:70:3b:
bc:8e:74:a2:fc:43:a5:d3:2e:b7:df:cc:43:c3:8c:
ee:3d:47:bf:b7:4d:4a:20:75:cf:a0:36:e6:96:e0:
c1:33:3b:ef:30:19:29:b9:3f:d1:58:db:ce:9a:92:
df:06:7e:a2:a7:bb:07:5b:bd:7d:dc:73:c4:7f:bc:
56:3c:82:5e:92:17:7e:bf:94:66:69:1b:58:3c:0d:
7e:4a:da:aa:7e:6c:a3:ab:07:11:6a:73:7b:03:1d:
26:8f:cd:e6:19:5d:be:4f:ba:fd:80:aa:ae:72:f6:
cd:74:2c:9a:37:5d:28:fa:c2:8e:43:98:95:0b:49:
cc:be:4a:78:b9:7c:ea:5f:af:6d:45:bf:16:5b:4c:
05:1c:69:98:8e:22:a5:ff:8e:c6:a4:2b:58:29:f6:
74:d2:70:e7:9c:4c:e8:5e:61:f7:88:8e:9d:8c:37:
02:66:27:25:21:aa:68:00:9e:36:f4:8b:c4:ce:91:
28:2c:47:28:9b:1c:96:cc:79:b9:47:2c:4b:96:c3:
1b:8a:19:d5:28:6c:de:56:e6:3c:20:6e:b3:b9:b8:
e6:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:90:C7:08:3F:11:2D:76:97:07:5A:AB:88:3A:33:2D:60:37:4B:87
X509v3 Authority Key Identifier:
keyid:12:69:4F:69:45:A2:1D:08:D3:01:92:CF:C1:A6:B7:80:DE:72:8E:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EmlPaUWiHQjTAZLPwaa3gN5yjjs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d7300f-de06-4f7b-a909-6598b4ceb069/1/3JDHCD8RLXaXB1qriDozLWA3S4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d7300f-de06-4f7b-a909-6598b4ceb069/1/EmlPaUWiHQjTAZLPwaa3gN5yjjs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.219.119.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:1e:7f:6e:37:f0:b1:97:89:42:6a:20:1f:d2:63:57:03:0b:
90:72:e7:2c:db:5d:fc:e4:7e:66:a7:f6:c5:e8:ee:ee:c9:14:
97:de:79:b5:f7:30:5b:95:2a:5c:4b:0c:5d:1a:b3:26:ac:b5:
2c:6f:2b:f7:1b:52:18:fd:bb:3c:46:bf:57:48:fb:e7:be:35:
57:bb:4b:7e:6f:da:09:dd:b8:d2:be:da:d0:97:db:68:45:39:
02:f4:00:08:f7:bb:ae:fa:34:1c:a3:b3:5b:c5:97:6f:5a:14:
16:51:cc:f1:e0:33:42:00:5a:b7:a8:2a:31:0d:89:4f:dd:2b:
93:61:8f:eb:85:92:a5:ab:a7:53:ce:5f:ee:ae:f3:da:5c:13:
52:30:56:e3:75:9a:1a:3c:92:e3:d1:0b:80:fb:94:17:9f:9a:
8d:1c:a9:85:a5:68:c6:4b:eb:2a:7c:c7:0d:3d:d3:2b:a8:97:
45:a8:a1:17:57:b3:79:c0:9b:32:26:16:0c:42:e1:c0:83:da:
81:8a:19:61:2f:7e:df:f0:0d:40:c7:88:37:cb:06:39:45:35:
1a:f9:c6:48:1c:80:45:ab:f5:cb:a5:16:c8:61:71:07:19:c6:
5d:bc:24:ab:fc:2e:47:c5:59:c9:b4:54:6b:8d:34:a5:6b:3e:
52:e2:92:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQKGsQelPo01vCC58madafLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyNjk0ZjY5NDVhMjFkMDhkMzAxOTJjZmMxYTZiNzgwZGU3
MjhlM2IwHhcNMjIxMDI0MTMwNzE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzkwYzcwODNmMTEyZDc2OTcwNzVhYWI4ODNhMzMyZDYwMzc0Yjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArA9jdAcdgHGc6k4oo9dkJG3ySow8
O3nB4aEdKQVzTRmOAr5RmXu8KoJEcDu8jnSi/EOl0y6338xDw4zuPUe/t01KIHXP
oDbmluDBMzvvMBkpuT/RWNvOmpLfBn6ip7sHW7193HPEf7xWPIJekhd+v5RmaRtY
PA1+StqqfmyjqwcRanN7Ax0mj83mGV2+T7r9gKqucvbNdCyaN10o+sKOQ5iVC0nM
vkp4uXzqX69tRb8WW0wFHGmYjiKl/47GpCtYKfZ00nDnnEzoXmH3iI6djDcCZicl
IapoAJ429IvEzpEoLEcomxyWzHm5RyxLlsMbihnVKGzeVuY8IG6zubjmiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNyQxwg/ES12lwdaq4g6My1gN0uHMB8GA1UdIwQY
MBaAFBJpT2lFoh0I0wGSz8Gmt4Deco47MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRW1sUGFVV2lIUWpUQVpMUHdhYTNnTjV5ampzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9kNzMwMGYtZGUwNi00ZjdiLWE5MDkt
NjU5OGI0Y2ViMDY5LzEvM0pESENEOFJMWGFYQjFxcmlEb3pMV0EzUzRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9kNzMwMGYtZGUwNi00ZjdiLWE5MDktNjU5OGI0Y2ViMDY5
LzEvRW1sUGFVV2lIUWpUQVpMUHdhYTNnTjV5ampzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwdt3MA0G
CSqGSIb3DQEBCwUAA4IBAQArHn9uN/Cxl4lCaiAf0mNXAwuQcucs21385H5mp/bF
6O7uyRSX3nm19zBblSpcSwxdGrMmrLUsbyv3G1IY/bs8Rr9XSPvnvjVXu0t+b9oJ
3bjSvtrQl9toRTkC9AAI97uu+jQco7NbxZdvWhQWUczx4DNCAFq3qCoxDYlP3SuT
YY/rhZKlq6dTzl/urvPaXBNSMFbjdZoaPJLj0QuA+5QXn5qNHKmFpWjGS+sqfMcN
PdMrqJdFqKEXV7N5wJsyJhYMQuHAg9qBihlhL37f8A1Ax4g3ywY5RTUa+cZIHIBF
q/XLpRbIYXEHGcZdvCSr/C5HxVnJtFRrjTSlaz5S4pJw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:50 2024 by rpki-client on console-fra.rpki-client.org