Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/I6JhSyqgFJSKeVNRaUVNQdTvswA.roa
File: I6JhSyqgFJSKeVNRaUVNQdTvswA.roa (raw, json)
Hash identifier: 77i56pIztKzrHBTIgidQMaEuSzHs0tR22CSwFbhXGvg=
Subject key identifier: 23:A2:61:4B:2A:A0:14:94:8A:79:53:51:69:45:4D:41:D4:EF:B3:00
Certificate issuer: /CN=dbe6ab8e0c46e841b44d2b9c6b03bb65f5621db1
Certificate serial: 018CC94DA42060EB120AF86E06E7FFDF99DF
Authority key identifier: DB:E6:AB:8E:0C:46:E8:41:B4:4D:2B:9C:6B:03:BB:65:F5:62:1D:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2-arjgxG6EG0TSucawO7ZfViHbE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/I6JhSyqgFJSKeVNRaUVNQdTvswA.roa
Signing time: Tue 02 Jan 2024 08:32:37 +0000
ROA not before: Tue 02 Jan 2024 08:32:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207083
IP address blocks: 193.142.146.0/24 maxlen: 24
193.142.59.0/24 maxlen: 24
2a0f:ca80::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:a4:20:60:eb:12:0a:f8:6e:06:e7:ff:df:99:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbe6ab8e0c46e841b44d2b9c6b03bb65f5621db1
Validity
Not Before: Jan 2 08:32:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23a2614b2aa014948a79535169454d41d4efb300
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:ba:cd:8d:3d:51:3d:e7:96:7e:d3:83:5a:78:
9d:1b:2e:f2:ca:bf:f0:08:29:ce:71:a1:4b:8f:8a:
3a:6f:89:1f:e9:5d:4f:ce:ba:dd:b8:df:96:a4:47:
c2:3f:0d:26:29:c4:62:fb:68:da:31:68:82:bc:eb:
1c:06:fa:68:af:3f:23:44:b9:79:a9:24:a9:de:3f:
56:7a:64:c2:04:0e:88:85:b0:af:99:f9:d2:13:14:
94:96:aa:ed:68:95:3c:ad:d4:c9:da:09:c1:ad:d7:
1e:52:1f:5d:35:9d:c1:27:64:72:bc:08:75:b2:92:
25:55:c7:a1:35:92:78:26:7a:51:00:c3:04:23:1c:
08:48:60:fa:ad:60:76:44:aa:da:94:ab:4f:f1:6b:
22:d2:d3:b1:ba:8c:d6:05:41:6e:f3:c1:33:69:9a:
eb:fc:80:b8:f5:9e:19:9e:75:bc:48:a0:43:e2:f6:
8a:0b:e7:ce:ba:6b:f1:d6:29:33:e1:5d:6d:37:c4:
80:2e:6f:36:28:46:71:47:c4:f2:72:46:e3:92:7e:
d4:2d:4a:48:98:7e:ac:c9:9a:82:43:fa:ec:a6:3e:
be:12:50:30:25:8c:74:ae:6d:63:e6:49:5b:92:92:
a8:83:3a:21:95:ca:07:dc:fc:df:a1:a1:24:75:3e:
5c:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:A2:61:4B:2A:A0:14:94:8A:79:53:51:69:45:4D:41:D4:EF:B3:00
X509v3 Authority Key Identifier:
keyid:DB:E6:AB:8E:0C:46:E8:41:B4:4D:2B:9C:6B:03:BB:65:F5:62:1D:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-arjgxG6EG0TSucawO7ZfViHbE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/I6JhSyqgFJSKeVNRaUVNQdTvswA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/2-arjgxG6EG0TSucawO7ZfViHbE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.142.59.0/24
193.142.146.0/24
IPv6:
2a0f:ca80::/48
Signature Algorithm: sha256WithRSAEncryption
8c:eb:2d:8d:9d:6c:6a:e0:ed:93:51:d4:d0:05:4f:27:96:70:
b7:be:1f:f3:60:e5:09:9a:5b:6c:92:f0:32:53:a6:11:7f:51:
28:ed:2b:f4:15:c7:38:7f:f8:dd:71:59:f5:c2:b7:3a:a1:84:
d6:3a:5f:7c:ad:9d:bd:f5:53:dc:46:72:35:21:cf:2f:cf:f2:
22:b2:e1:7b:95:83:a1:aa:d4:8e:ae:0f:76:66:9b:4a:74:48:
f8:bf:1f:96:a0:0c:66:d8:97:37:84:38:dd:05:6d:7b:14:06:
de:46:54:b3:fe:44:ef:4e:ba:8b:9f:f8:19:77:bc:50:ea:8c:
82:3c:2e:01:4c:a1:b0:5c:e0:43:4b:2e:ee:e3:19:16:1b:46:
c0:22:a2:d4:7f:48:04:06:1d:a9:52:1c:2e:b7:49:fc:6e:4c:
1c:e3:0e:bd:2d:16:2a:7b:7f:d4:1b:da:3c:e3:57:df:72:d3:
ba:39:75:0c:6d:46:e2:88:80:95:27:5c:3b:8a:4c:6f:41:40:
66:36:30:b8:a7:63:36:a3:80:1c:07:78:97:0f:3b:ed:42:5e:
c1:41:16:5d:48:5c:6b:fe:be:14:8c:cb:08:13:e4:a1:fb:89:
d7:5b:99:fe:46:11:78:da:4d:a1:d8:07:23:8c:59:67:3e:2c:
81:87:25:f1
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzJTaQgYOsSCvhuBuf/35nfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZTZhYjhlMGM0NmU4NDFiNDRkMmI5YzZiMDNiYjY1ZjU2
MjFkYjEwHhcNMjQwMTAyMDgzMjM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2EyNjE0YjJhYTAxNDk0OGE3OTUzNTE2OTQ1NGQ0MWQ0ZWZiMzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7rNjT1RPeeWftODWnidGy7yyr/w
CCnOcaFLj4o6b4kf6V1PzrrduN+WpEfCPw0mKcRi+2jaMWiCvOscBvporz8jRLl5
qSSp3j9WemTCBA6IhbCvmfnSExSUlqrtaJU8rdTJ2gnBrdceUh9dNZ3BJ2RyvAh1
spIlVcehNZJ4JnpRAMMEIxwISGD6rWB2RKralKtP8Wsi0tOxuozWBUFu88EzaZrr
/IC49Z4ZnnW8SKBD4vaKC+fOumvx1ikz4V1tN8SALm82KEZxR8Tyckbjkn7ULUpI
mH6syZqCQ/rspj6+ElAwJYx0rm1j5klbkpKogzohlcoH3PzfoaEkdT5cVwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFCOiYUsqoBSUinlTUWlFTUHU77MAMB8GA1UdIwQY
MBaAFNvmq44MRuhBtE0rnGsDu2X1Yh2xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1hcmpneEc2RUcwVFN1Y2F3TzdaZlZpSGJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS85NjQzNmMtZjZmYS00MGJhLWEyN2Mt
ZmIxMDMwNjUxMDY3LzEvSTZKaFN5cWdGSlNLZVZOUmFVVk5RZFR2c3dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS85NjQzNmMtZjZmYS00MGJhLWEyN2MtZmIxMDMwNjUxMDY3
LzEvMi1hcmpneEc2RUcwVFN1Y2F3TzdaZlZpSGJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAwY47AwQA
wY6SMA8EAgACMAkDBwAqD8qAAAAwDQYJKoZIhvcNAQELBQADggEBAIzrLY2dbGrg
7ZNR1NAFTyeWcLe+H/Ng5QmaW2yS8DJTphF/USjtK/QVxzh/+N1xWfXCtzqhhNY6
X3ytnb31U9xGcjUhzy/P8iKy4XuVg6Gq1I6uD3Zmm0p0SPi/H5agDGbYlzeEON0F
bXsUBt5GVLP+RO9Ououf+Bl3vFDqjII8LgFMobBc4ENLLu7jGRYbRsAiotR/SAQG
HalSHC63SfxuTBzjDr0tFip7f9Qb2jzjV99y07o5dQxtRuKIgJUnXDuKTG9BQGY2
MLinYzajgBwHeJcPO+1CXsFBFl1IXGv+vhSMywgT5KH7iddbmf5GEXjaTaHYByOM
WWc+LIGHJfE=
-----END CERTIFICATE-----
Generated at Wed Sep 11 10:41:59 2024 by rpki-client on console-ams.rpki-client.org