Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/a8941a-7250-48ec-aaf8-6d8ea9d1cd73/1/EB23GKGG7_gjCyJ9Z9GD_aVpMzU.roa
File: EB23GKGG7_gjCyJ9Z9GD_aVpMzU.roa (raw, json)
Hash identifier: PQhokpJB+v+Kmg6nRn1kyUB6zECsYiXf7LwYhfQqgaU=
Subject key identifier: 10:1D:B7:18:A1:86:EF:F8:23:0B:22:7D:67:D1:83:FD:A5:69:33:35
Certificate issuer: /CN=306134bcf59f581d6b76630cfa87867876a29215
Certificate serial: 02A71255
Authority key identifier: 30:61:34:BC:F5:9F:58:1D:6B:76:63:0C:FA:87:86:78:76:A2:92:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MGE0vPWfWB1rdmMM-oeGeHaikhU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/a8941a-7250-48ec-aaf8-6d8ea9d1cd73/1/EB23GKGG7_gjCyJ9Z9GD_aVpMzU.roa
Signing time: Sat 01 Jan 2022 06:03:17 +0000
ROA not before: Sat 01 Jan 2022 06:03:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5500
IP address blocks: 193.93.200.0/22 maxlen: 22
188.64.32.0/21 maxlen: 21
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44503637 (0x2a71255)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=306134bcf59f581d6b76630cfa87867876a29215
Validity
Not Before: Jan 1 06:03:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=101db718a186eff8230b227d67d183fda5693335
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:1d:b7:80:04:38:1d:a4:de:04:78:88:5d:83:
0d:a6:06:b8:b9:97:d6:83:6d:09:43:11:7b:7e:1a:
4d:56:9b:27:10:82:08:e9:18:00:57:a9:77:ae:d8:
c7:b8:2a:fb:4b:2f:f9:58:bf:d3:6f:b8:fe:ba:52:
e9:cb:79:92:aa:f1:ad:8f:ff:61:b0:2b:d8:c6:bd:
c5:64:2a:44:35:71:8d:53:69:e3:c1:bc:48:76:92:
d1:84:73:65:25:57:ac:17:2f:63:5c:25:85:bf:74:
9e:32:c6:bc:fb:04:32:86:48:20:3f:ae:b9:47:ff:
51:72:8b:b1:09:f7:68:0b:cf:ca:ae:cd:5b:c7:33:
13:2e:c6:ec:81:9a:31:c6:5c:a5:17:55:86:1c:5c:
4b:b5:30:c0:fe:39:ec:37:3e:0f:9c:8b:bc:f2:06:
a2:c8:d7:82:8a:63:0a:69:41:76:70:94:20:bc:eb:
66:97:3e:44:c2:02:9a:0f:6d:41:96:9a:77:e5:1e:
cd:cf:bc:f8:38:76:f0:ff:46:80:20:c8:06:23:99:
ea:54:21:90:8f:6b:07:c7:8c:3f:0c:b6:82:b4:ab:
0a:8f:12:98:2c:c5:cf:85:75:67:0c:d1:fd:7b:a8:
dd:7f:fc:96:a4:9e:fd:3f:51:91:5b:7a:14:09:f6:
6a:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:1D:B7:18:A1:86:EF:F8:23:0B:22:7D:67:D1:83:FD:A5:69:33:35
X509v3 Authority Key Identifier:
keyid:30:61:34:BC:F5:9F:58:1D:6B:76:63:0C:FA:87:86:78:76:A2:92:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MGE0vPWfWB1rdmMM-oeGeHaikhU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a8941a-7250-48ec-aaf8-6d8ea9d1cd73/1/EB23GKGG7_gjCyJ9Z9GD_aVpMzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a8941a-7250-48ec-aaf8-6d8ea9d1cd73/1/MGE0vPWfWB1rdmMM-oeGeHaikhU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.64.32.0/21
193.93.200.0/22
Signature Algorithm: sha256WithRSAEncryption
c4:de:b0:08:fc:0b:e1:14:59:df:cd:f7:79:1e:65:11:f0:49:
b1:7a:3e:d9:65:dc:4d:e4:93:72:f1:e5:fa:aa:e0:48:10:48:
ce:ce:b7:f5:e8:88:54:e9:7d:28:d2:26:5e:a6:0d:7e:20:18:
c7:64:01:5b:16:0d:ba:98:6d:01:72:3c:b3:8a:3c:80:7d:0e:
59:e5:11:12:ca:9f:ee:37:2a:fd:17:bc:ad:b6:fe:c5:d8:a9:
1f:12:93:70:be:31:44:c8:4f:76:13:22:09:fd:6b:e5:ef:d6:
1b:76:69:eb:80:d9:54:00:43:f5:39:39:bb:a9:9f:6f:4c:5d:
f5:fe:6b:91:1b:62:4f:77:20:83:93:82:b4:b1:f6:83:ba:ec:
ab:f5:aa:f7:f6:21:86:13:f6:9c:59:cc:49:e5:66:a5:b9:e2:
70:03:bf:37:e7:7f:fc:c6:59:3e:ef:7b:e7:20:7c:c9:20:fc:
af:27:18:2e:2e:95:e1:08:7b:c5:88:a6:dd:71:b3:0b:92:a1:
cc:8d:18:2c:05:23:19:77:f5:85:9a:ab:9f:6a:b2:a4:71:48:
84:88:f8:7b:03:a0:53:2f:dd:f6:2c:f0:ab:0d:24:21:eb:6d:
f1:db:21:a8:64:0c:28:5e:f2:6e:ad:34:5f:00:b2:f4:4a:8a:
ad:31:c4:c5
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAqcSVTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MDYxMzRiY2Y1OWY1ODFkNmI3NjYzMGNmYTg3ODY3ODc2YTI5MjE1MB4XDTIyMDEw
MTA2MDMxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTAxZGI3MThhMTg2
ZWZmODIzMGIyMjdkNjdkMTgzZmRhNTY5MzMzNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALcdt4AEOB2k3gR4iF2DDaYGuLmX1oNtCUMRe34aTVabJxCC
COkYAFepd67Yx7gq+0sv+Vi/02+4/rpS6ct5kqrxrY//YbAr2Ma9xWQqRDVxjVNp
48G8SHaS0YRzZSVXrBcvY1wlhb90njLGvPsEMoZIID+uuUf/UXKLsQn3aAvPyq7N
W8czEy7G7IGaMcZcpRdVhhxcS7UwwP457Dc+D5yLvPIGosjXgopjCmlBdnCUILzr
Zpc+RMICmg9tQZaad+Uezc+8+Dh28P9GgCDIBiOZ6lQhkI9rB8eMPwy2grSrCo8S
mCzFz4V1ZwzR/Xuo3X/8lqSe/T9RkVt6FAn2arMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQQHbcYoYbv+CMLIn1n0YP9pWkzNTAfBgNVHSMEGDAWgBQwYTS89Z9YHWt2
Ywz6h4Z4dqKSFTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01HRTB2UFdmV0IxcmRtTU0tb2VHZUhhaWtoVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDMvYTg5NDFhLTcyNTAtNDhlYy1hYWY4LTZkOGVhOWQxY2Q3My8x
L0VCMjNHS0dHN19nakN5SjlaOUdEX2FWcE16VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDMv
YTg5NDFhLTcyNTAtNDhlYy1hYWY4LTZkOGVhOWQxY2Q3My8xL01HRTB2UFdmV0Ix
cmRtTU0tb2VHZUhhaWtoVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA7xAIAMEAsFdyDANBgkqhkiG9w0B
AQsFAAOCAQEAxN6wCPwL4RRZ3833eR5lEfBJsXo+2WXcTeSTcvHl+qrgSBBIzs63
9eiIVOl9KNImXqYNfiAYx2QBWxYNuphtAXI8s4o8gH0OWeUREsqf7jcq/Re8rbb+
xdipHxKTcL4xRMhPdhMiCf1r5e/WG3Zp64DZVABD9Tk5u6mfb0xd9f5rkRtiT3cg
g5OCtLH2g7rsq/Wq9/YhhhP2nFnMSeVmpbnicAO/N+d//MZZPu975yB8ySD8rycY
Li6V4Qh7xYim3XGzC5KhzI0YLAUjGXf1hZqrn2qypHFIhIj4ewOgUy/d9izwqw0k
Iett8dshqGQMKF7ybq00XwCy9EqKrTHExQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:09 2024 by rpki-client on console-fra.rpki-client.org