Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/a8941a-7250-48ec-aaf8-6d8ea9d1cd73/1/S7I626ksqZVEsfVSmlVaKkIadJo.roa
File: S7I626ksqZVEsfVSmlVaKkIadJo.roa (raw, json)
Hash identifier: DDrdMPuzxYD0M7Ng70ECZBA885bQamvZEXG9vnzl3RQ=
Subject key identifier: 4B:B2:3A:DB:A9:2C:A9:95:44:B1:F5:52:9A:55:5A:2A:42:1A:74:9A
Certificate issuer: /CN=306134bcf59f581d6b76630cfa87867876a29215
Certificate serial: 018BCD86112083C5531D9F1F52D8BBC7EF6E
Authority key identifier: 30:61:34:BC:F5:9F:58:1D:6B:76:63:0C:FA:87:86:78:76:A2:92:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MGE0vPWfWB1rdmMM-oeGeHaikhU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/a8941a-7250-48ec-aaf8-6d8ea9d1cd73/1/S7I626ksqZVEsfVSmlVaKkIadJo.roa
Signing time: Tue 14 Nov 2023 11:09:57 +0000
ROA not before: Tue 14 Nov 2023 11:09:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5500
IP address blocks: 193.93.200.0/22 maxlen: 22
188.64.34.0/23 maxlen: 23
188.64.32.0/24 maxlen: 24
188.64.36.0/22 maxlen: 22
2a02:56c0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:cd:86:11:20:83:c5:53:1d:9f:1f:52:d8:bb:c7:ef:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=306134bcf59f581d6b76630cfa87867876a29215
Validity
Not Before: Nov 14 11:09:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4bb23adba92ca99544b1f5529a555a2a421a749a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:bf:52:0d:9d:a4:59:ef:3d:66:4d:f7:4f:f7:
df:8e:ff:b8:c8:c5:1d:30:d3:83:5c:6e:70:9e:9d:
c6:0a:e2:98:0b:fc:36:3f:d9:fb:ed:75:50:36:8f:
8b:56:1f:cb:31:f9:4d:9a:e3:71:4c:e2:61:74:64:
5b:c9:15:98:2d:0c:98:3d:bb:4c:a0:d7:20:c7:48:
6f:ce:27:b0:c1:bc:07:fc:4c:8f:6f:5e:64:f0:15:
d6:09:91:bb:16:8d:8d:f8:2d:63:a9:77:87:19:83:
7a:56:59:d6:f8:68:fa:d1:02:f4:d4:ed:eb:6f:7b:
7d:30:5f:40:c3:e0:70:4d:f1:3a:3c:f4:d5:d0:ee:
2d:c3:d3:96:75:0d:95:12:bb:17:26:4f:3c:d0:af:
a4:f9:ce:49:92:ba:21:2a:f2:fc:d8:84:0f:73:2e:
c0:19:ac:af:5d:a9:d2:3e:a9:9e:f8:c4:e1:e8:c4:
57:c2:88:e2:f2:f8:de:ee:eb:2c:92:d5:82:eb:27:
20:6d:b7:bd:cc:8b:cc:87:9c:f6:f3:02:d6:98:c6:
ef:ee:8a:af:ca:29:4b:f9:65:b4:d2:4f:c3:2f:d5:
f6:52:7e:a1:7d:ce:f4:9a:df:92:b5:34:6d:2d:fe:
14:97:e0:7f:9e:b4:d1:b2:a8:f0:96:e2:b1:ef:e5:
d5:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:B2:3A:DB:A9:2C:A9:95:44:B1:F5:52:9A:55:5A:2A:42:1A:74:9A
X509v3 Authority Key Identifier:
keyid:30:61:34:BC:F5:9F:58:1D:6B:76:63:0C:FA:87:86:78:76:A2:92:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MGE0vPWfWB1rdmMM-oeGeHaikhU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a8941a-7250-48ec-aaf8-6d8ea9d1cd73/1/S7I626ksqZVEsfVSmlVaKkIadJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a8941a-7250-48ec-aaf8-6d8ea9d1cd73/1/MGE0vPWfWB1rdmMM-oeGeHaikhU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.64.32.0/24
188.64.34.0-188.64.39.255
193.93.200.0/22
IPv6:
2a02:56c0::/32
Signature Algorithm: sha256WithRSAEncryption
77:46:ff:94:cc:a9:75:19:b8:bb:c9:74:6d:eb:40:44:b6:1f:
6f:d4:0b:02:01:17:b0:5f:c7:57:1e:53:bc:a3:8f:e6:3e:27:
27:86:55:10:95:36:28:c3:4f:0b:94:3d:2c:2a:a5:6c:45:f1:
9a:cf:32:7e:ec:04:68:44:19:ba:1d:81:14:c6:f8:1c:a1:e2:
b7:fd:39:3b:87:a0:ff:3a:56:58:20:39:d5:bb:a8:0a:3d:36:
af:97:63:6c:68:66:96:52:01:d6:d9:cd:0c:2f:53:68:ee:8f:
95:52:97:eb:80:27:4a:70:0a:1f:70:17:0d:cc:c2:56:e6:77:
1d:3b:84:12:de:a3:b4:f8:eb:93:db:68:3c:c8:b5:bd:49:3a:
fa:75:19:98:23:1e:81:4f:06:57:45:20:a5:4c:1e:1d:85:3b:
24:8c:ff:6b:2b:31:47:bb:cd:39:52:88:6e:db:18:50:49:47:
f6:0c:db:0f:f2:ca:e5:59:89:92:c9:24:93:2f:e4:72:62:bc:
3d:a1:0b:83:a5:d6:15:86:58:82:b5:17:86:6a:a2:59:ae:9c:
90:48:d0:d5:94:15:d0:c6:44:c1:c2:76:6e:77:7c:ea:5f:2b:
49:30:e9:72:03:b4:c5:17:94:8f:19:27:e8:7a:2f:24:40:34:
b4:ef:20:64
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYvNhhEgg8VTHZ8fUti7x+9uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNjEzNGJjZjU5ZjU4MWQ2Yjc2NjMwY2ZhODc4Njc4NzZh
MjkyMTUwHhcNMjMxMTE0MTEwOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmIyM2FkYmE5MmNhOTk1NDRiMWY1NTI5YTU1NWEyYTQyMWE3NDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp79SDZ2kWe89Zk33T/ffjv+4yMUd
MNODXG5wnp3GCuKYC/w2P9n77XVQNo+LVh/LMflNmuNxTOJhdGRbyRWYLQyYPbtM
oNcgx0hvziewwbwH/EyPb15k8BXWCZG7Fo2N+C1jqXeHGYN6VlnW+Gj60QL01O3r
b3t9MF9Aw+BwTfE6PPTV0O4tw9OWdQ2VErsXJk880K+k+c5JkrohKvL82IQPcy7A
GayvXanSPqme+MTh6MRXwoji8vje7ussktWC6ycgbbe9zIvMh5z28wLWmMbv7oqv
yilL+WW00k/DL9X2Un6hfc70mt+StTRtLf4Ul+B/nrTRsqjwluKx7+XV1wIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFEuyOtupLKmVRLH1UppVWipCGnSaMB8GA1UdIwQY
MBaAFDBhNLz1n1gda3ZjDPqHhnh2opIVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUdFMHZQV2ZXQjFyZG1NTS1vZUdlSGFpa2hVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9hODk0MWEtNzI1MC00OGVjLWFhZjgt
NmQ4ZWE5ZDFjZDczLzEvUzdJNjI2a3NxWlZFc2ZWU21sVmFLa0lhZEpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9hODk0MWEtNzI1MC00OGVjLWFhZjgtNmQ4ZWE5ZDFjZDcz
LzEvTUdFMHZQV2ZXQjFyZG1NTS1vZUdlSGFpa2hVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQAvEAgMAwD
BAG8QCIDBAO8QCADBALBXcgwDQQCAAIwBwMFACoCVsAwDQYJKoZIhvcNAQELBQAD
ggEBAHdG/5TMqXUZuLvJdG3rQES2H2/UCwIBF7Bfx1ceU7yjj+Y+JyeGVRCVNijD
TwuUPSwqpWxF8ZrPMn7sBGhEGbodgRTG+Byh4rf9OTuHoP86VlggOdW7qAo9Nq+X
Y2xoZpZSAdbZzQwvU2juj5VSl+uAJ0pwCh9wFw3Mwlbmdx07hBLeo7T465PbaDzI
tb1JOvp1GZgjHoFPBldFIKVMHh2FOySM/2srMUe7zTlSiG7bGFBJR/YM2w/yyuVZ
iZLJJJMv5HJivD2hC4Ol1hWGWIK1F4ZqolmunJBI0NWUFdDGRMHCdm53fOpfK0kw
6XIDtMUXlI8ZJ+h6LyRANLTvIGQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:09 2024 by rpki-client on console-fra.rpki-client.org