Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/d7300f-de06-4f7b-a909-6598b4ceb069/1/rP2s9q5aMayA-66NtoalR2cOol8.roa
File: rP2s9q5aMayA-66NtoalR2cOol8.roa (raw, json)
Hash identifier: qSZJ/vJtO1ZP5G54K/CS7C1ZN0lcozZrKmRVhmIqlnY=
Subject key identifier: AC:FD:AC:F6:AE:5A:31:AC:80:FB:AE:8D:B6:86:A5:47:67:0E:A2:5F
Certificate issuer: /CN=12694f6945a21d08d30192cfc1a6b780de728e3b
Certificate serial: 01856D53FEC59F0D49E885C1304CA8B2D972
Authority key identifier: 12:69:4F:69:45:A2:1D:08:D3:01:92:CF:C1:A6:B7:80:DE:72:8E:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EmlPaUWiHQjTAZLPwaa3gN5yjjs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/d7300f-de06-4f7b-a909-6598b4ceb069/1/rP2s9q5aMayA-66NtoalR2cOol8.roa
Signing time: Sun 01 Jan 2023 12:34:59 +0000
ROA not before: Sun 01 Jan 2023 12:34:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56553
IP address blocks: 193.219.119.0/24 maxlen: 24
5.83.38.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:fe:c5:9f:0d:49:e8:85:c1:30:4c:a8:b2:d9:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12694f6945a21d08d30192cfc1a6b780de728e3b
Validity
Not Before: Jan 1 12:34:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=acfdacf6ae5a31ac80fbae8db686a547670ea25f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e7:ba:66:5e:f1:85:38:00:7b:e3:61:17:43:
52:1e:83:ac:c7:cd:ee:38:27:d9:d1:75:1f:91:38:
66:71:7d:f6:f5:07:36:eb:21:10:3f:3b:dd:ed:20:
c1:40:fe:15:9b:a6:e5:3e:b2:0b:75:21:fa:07:20:
eb:3c:e4:34:45:97:57:ec:0d:df:6d:77:f4:82:b6:
e8:c2:fb:c1:e2:1f:89:48:7a:7e:70:db:d3:a2:df:
a6:32:13:0a:b4:1f:c4:72:89:c5:e1:31:b6:a0:93:
c6:d3:70:a8:79:cb:c1:d4:19:c2:51:16:b0:54:af:
47:18:49:aa:5d:4e:5d:ca:ab:10:55:38:30:68:0b:
9e:e0:0d:98:c0:a2:43:96:a0:de:54:7a:a1:72:38:
94:07:1f:14:5e:a8:03:d8:7e:b4:d8:fd:f3:02:72:
5f:0e:a6:e7:33:b6:27:7e:6d:1f:82:67:2a:70:2a:
5e:46:b4:79:7f:74:b3:bb:f9:8c:72:78:f4:7c:09:
4a:0e:e6:05:39:78:7c:5f:b2:b9:39:ee:dc:9b:bb:
58:2e:c5:6d:91:94:17:d7:dc:37:58:2a:c0:52:c1:
70:58:24:aa:4d:19:32:e9:89:13:c8:13:d8:0e:72:
4d:71:83:3d:e5:ca:57:81:28:79:e8:b9:23:eb:28:
ba:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:FD:AC:F6:AE:5A:31:AC:80:FB:AE:8D:B6:86:A5:47:67:0E:A2:5F
X509v3 Authority Key Identifier:
keyid:12:69:4F:69:45:A2:1D:08:D3:01:92:CF:C1:A6:B7:80:DE:72:8E:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EmlPaUWiHQjTAZLPwaa3gN5yjjs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d7300f-de06-4f7b-a909-6598b4ceb069/1/rP2s9q5aMayA-66NtoalR2cOol8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d7300f-de06-4f7b-a909-6598b4ceb069/1/EmlPaUWiHQjTAZLPwaa3gN5yjjs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.38.0/24
193.219.119.0/24
Signature Algorithm: sha256WithRSAEncryption
29:0d:b9:e7:76:1c:4a:27:1f:80:2d:70:47:c9:aa:56:99:9a:
83:15:af:ec:10:2c:34:d1:a7:a8:45:2a:d0:89:9e:2e:67:18:
b6:7b:93:51:37:8e:d5:3b:82:d9:96:8c:42:c0:54:bb:30:57:
7a:e7:f8:2f:37:d0:df:5a:49:d9:1c:e8:95:e9:dd:89:ef:7a:
cc:05:af:2d:61:6d:b8:2c:3b:c2:b3:84:89:3d:fa:b6:fe:24:
14:8d:f2:20:b3:6c:71:50:35:b4:df:10:0e:fa:91:ea:98:96:
14:a6:82:3f:66:c9:68:6b:af:2c:36:e2:ce:74:de:3e:4a:06:
20:27:b3:3e:b0:69:d8:41:3b:d6:07:d3:24:9d:af:bb:c4:1e:
b2:02:54:1c:95:05:91:94:8f:53:f0:7b:d6:e8:48:f2:b0:d2:
1c:9b:f2:d7:b0:0e:1f:67:02:90:db:b1:2b:d4:74:02:b2:88:
d7:96:3a:fd:43:59:3d:2f:58:ed:c1:eb:88:de:02:14:cc:d0:
1b:4f:78:ae:5f:6b:b4:d1:a8:17:35:64:12:86:ae:1c:15:99:
ba:59:3d:f6:98:4a:e4:0a:b4:86:c1:2e:6a:00:2b:00:76:bf:
ad:d6:af:84:f8:82:80:3e:db:2f:0a:e1:21:94:27:f5:f6:85:
96:08:b9:d5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtU/7Fnw1J6IXBMEyostlyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyNjk0ZjY5NDVhMjFkMDhkMzAxOTJjZmMxYTZiNzgwZGU3
MjhlM2IwHhcNMjMwMTAxMTIzNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2ZkYWNmNmFlNWEzMWFjODBmYmFlOGRiNjg2YTU0NzY3MGVhMjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnue6Zl7xhTgAe+NhF0NSHoOsx83u
OCfZ0XUfkThmcX329Qc26yEQPzvd7SDBQP4Vm6blPrILdSH6ByDrPOQ0RZdX7A3f
bXf0grbowvvB4h+JSHp+cNvTot+mMhMKtB/EconF4TG2oJPG03CoecvB1BnCURaw
VK9HGEmqXU5dyqsQVTgwaAue4A2YwKJDlqDeVHqhcjiUBx8UXqgD2H602P3zAnJf
DqbnM7Ynfm0fgmcqcCpeRrR5f3Szu/mMcnj0fAlKDuYFOXh8X7K5Oe7cm7tYLsVt
kZQX19w3WCrAUsFwWCSqTRky6YkTyBPYDnJNcYM95cpXgSh56Lkj6yi6bQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKz9rPauWjGsgPuujbaGpUdnDqJfMB8GA1UdIwQY
MBaAFBJpT2lFoh0I0wGSz8Gmt4Deco47MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRW1sUGFVV2lIUWpUQVpMUHdhYTNnTjV5ampzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9kNzMwMGYtZGUwNi00ZjdiLWE5MDkt
NjU5OGI0Y2ViMDY5LzEvclAyczlxNWFNYXlBLTY2TnRvYWxSMmNPb2w4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9kNzMwMGYtZGUwNi00ZjdiLWE5MDktNjU5OGI0Y2ViMDY5
LzEvRW1sUGFVV2lIUWpUQVpMUHdhYTNnTjV5ampzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABVMmAwQA
wdt3MA0GCSqGSIb3DQEBCwUAA4IBAQApDbnndhxKJx+ALXBHyapWmZqDFa/sECw0
0aeoRSrQiZ4uZxi2e5NRN47VO4LZloxCwFS7MFd65/gvN9DfWknZHOiV6d2J73rM
Ba8tYW24LDvCs4SJPfq2/iQUjfIgs2xxUDW03xAO+pHqmJYUpoI/Zsloa68sNuLO
dN4+SgYgJ7M+sGnYQTvWB9Mkna+7xB6yAlQclQWRlI9T8HvW6EjysNIcm/LXsA4f
ZwKQ27Er1HQCsojXljr9Q1k9L1jtweuI3gIUzNAbT3iuX2u00agXNWQShq4cFZm6
WT32mErkCrSGwS5qACsAdr+t1q+E+IKAPtsvCuEhlCf19oWWCLnV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:50 2024 by rpki-client on console-fra.rpki-client.org