Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/9cb6b5-7a53-406f-af7a-17c38d9c3768/1/SkyggQWEdaidb0GFp3znB7FVSA4.roa
File: SkyggQWEdaidb0GFp3znB7FVSA4.roa (raw, json)
Hash identifier: WMsaV3/x5FMgIdcPw9ZJjIZw7bmmNwfu3Uq6Xg31POI=
Subject key identifier: 4A:4C:A0:81:05:84:75:A8:9D:6F:41:85:A7:7C:E7:07:B1:55:48:0E
Certificate issuer: /CN=ffff0fa51e6939d01dcaa2bb3d5dcaa6d0043da2
Certificate serial: 0191C8B3A7A60F46D8099631CEDCBBD8D0AD
Authority key identifier: FF:FF:0F:A5:1E:69:39:D0:1D:CA:A2:BB:3D:5D:CA:A6:D0:04:3D:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/__8PpR5pOdAdyqK7PV3KptAEPaI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/9cb6b5-7a53-406f-af7a-17c38d9c3768/1/SkyggQWEdaidb0GFp3znB7FVSA4.roa
Signing time: Fri 06 Sep 2024 18:58:22 +0000
ROA not before: Fri 06 Sep 2024 18:58:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56595
IP address blocks: 185.8.93.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c8:b3:a7:a6:0f:46:d8:09:96:31:ce:dc:bb:d8:d0:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffff0fa51e6939d01dcaa2bb3d5dcaa6d0043da2
Validity
Not Before: Sep 6 18:58:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4a4ca081058475a89d6f4185a77ce707b155480e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:3c:01:ff:7a:85:90:20:88:cd:14:4e:15:27:
69:0a:ad:59:ce:d3:e5:bf:b0:a9:03:1c:01:37:60:
62:92:de:12:c3:f7:48:0a:b1:d3:06:b6:ff:a0:91:
44:c1:be:f6:13:a8:c3:fc:29:65:6d:72:70:ad:8e:
8d:e8:94:50:89:3d:d0:7e:8c:a0:be:fe:81:5f:4d:
0d:39:73:ee:2e:39:40:b8:7e:72:1c:65:56:bc:95:
74:1a:10:95:62:d3:78:a9:62:e3:ae:96:f6:01:b2:
f7:28:d0:90:9e:c1:eb:bb:dd:6c:c5:e8:32:d9:0d:
40:f9:a3:d5:79:d5:29:82:33:38:3a:15:07:33:7a:
bd:04:94:f2:1b:e4:62:42:d8:88:b8:09:20:ec:87:
0c:62:1f:57:82:16:01:8c:23:4a:25:cc:ae:10:ba:
0a:b5:4a:c7:db:cd:47:5f:97:0d:5f:a8:64:0a:06:
67:f4:6d:c0:54:ad:54:ef:b2:e3:7c:8d:09:ef:b4:
55:9b:46:c1:ca:a1:41:51:bd:6d:2c:a2:1d:86:68:
23:36:e1:2b:32:04:89:39:ef:4b:03:7d:de:a8:33:
2e:d8:d4:a2:6f:cb:80:80:42:3e:80:f3:52:c5:ba:
84:e7:f8:b8:8c:eb:1b:4e:31:e5:c2:5e:f2:b2:de:
1f:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:4C:A0:81:05:84:75:A8:9D:6F:41:85:A7:7C:E7:07:B1:55:48:0E
X509v3 Authority Key Identifier:
keyid:FF:FF:0F:A5:1E:69:39:D0:1D:CA:A2:BB:3D:5D:CA:A6:D0:04:3D:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/__8PpR5pOdAdyqK7PV3KptAEPaI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/9cb6b5-7a53-406f-af7a-17c38d9c3768/1/SkyggQWEdaidb0GFp3znB7FVSA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/9cb6b5-7a53-406f-af7a-17c38d9c3768/1/__8PpR5pOdAdyqK7PV3KptAEPaI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.8.93.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:1e:34:70:41:b0:03:37:54:45:b5:74:38:5b:20:0b:76:a4:
28:1e:1f:7b:5f:aa:2b:f4:5d:12:3a:06:cf:ff:7e:52:0c:65:
75:ca:3d:0c:bd:f5:29:d5:c7:46:8e:56:0a:e5:1d:ac:48:c8:
d3:be:6a:41:8f:ab:6d:e2:86:40:2b:13:23:5e:5b:0f:ef:4b:
6e:78:47:c9:bf:93:2f:55:58:37:78:9a:8c:56:60:78:b5:41:
d0:7b:69:18:f4:f3:cc:fc:d8:91:26:df:e8:92:b3:57:98:e8:
82:46:a0:ce:62:80:fd:57:d0:27:47:e6:d3:94:f9:64:e8:d7:
a3:ea:f5:0a:a7:c4:6a:44:5c:b1:f6:87:75:b6:cc:99:65:bc:
b1:76:de:67:c2:c0:b0:ff:48:fb:bc:f3:b3:b4:e3:16:93:08:
9a:1c:7f:d9:19:50:d6:ad:f2:e1:c1:fc:9a:e6:e1:66:6f:ef:
bf:9e:f6:14:82:cc:68:14:d6:9c:71:9b:ba:f5:f5:9a:52:77:
e5:ea:bd:09:20:8d:af:e7:33:f2:1d:e8:7f:b9:94:3d:a2:86:
02:0d:e7:0b:72:4f:0c:c6:2a:79:01:4a:ad:76:ed:8d:61:28:
12:98:64:bd:f4:88:7b:15:1a:11:82:76:31:b9:64:a0:e3:2d:
34:18:58:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZHIs6emD0bYCZYxzty72NCtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmZmYwZmE1MWU2OTM5ZDAxZGNhYTJiYjNkNWRjYWE2ZDAw
NDNkYTIwHhcNMjQwOTA2MTg1ODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTRjYTA4MTA1ODQ3NWE4OWQ2ZjQxODVhNzdjZTcwN2IxNTU0ODBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmDwB/3qFkCCIzRROFSdpCq1ZztPl
v7CpAxwBN2Bikt4Sw/dICrHTBrb/oJFEwb72E6jD/CllbXJwrY6N6JRQiT3Qfoyg
vv6BX00NOXPuLjlAuH5yHGVWvJV0GhCVYtN4qWLjrpb2AbL3KNCQnsHru91sxegy
2Q1A+aPVedUpgjM4OhUHM3q9BJTyG+RiQtiIuAkg7IcMYh9XghYBjCNKJcyuELoK
tUrH281HX5cNX6hkCgZn9G3AVK1U77LjfI0J77RVm0bByqFBUb1tLKIdhmgjNuEr
MgSJOe9LA33eqDMu2NSib8uAgEI+gPNSxbqE5/i4jOsbTjHlwl7yst4fjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEpMoIEFhHWonW9Bhad85wexVUgOMB8GA1UdIwQY
MBaAFP//D6UeaTnQHcqiuz1dyqbQBD2iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX184UHBSNXBPZEFkeXFLN1BWM0twdEFFUGFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS85Y2I2YjUtN2E1My00MDZmLWFmN2Et
MTdjMzhkOWMzNzY4LzEvU2t5Z2dRV0VkYWlkYjBHRnAzem5CN0ZWU0E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS85Y2I2YjUtN2E1My00MDZmLWFmN2EtMTdjMzhkOWMzNzY4
LzEvX184UHBSNXBPZEFkeXFLN1BWM0twdEFFUGFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQhdMA0G
CSqGSIb3DQEBCwUAA4IBAQA6HjRwQbADN1RFtXQ4WyALdqQoHh97X6or9F0SOgbP
/35SDGV1yj0MvfUp1cdGjlYK5R2sSMjTvmpBj6tt4oZAKxMjXlsP70tueEfJv5Mv
VVg3eJqMVmB4tUHQe2kY9PPM/NiRJt/okrNXmOiCRqDOYoD9V9AnR+bTlPlk6Nej
6vUKp8RqRFyx9od1tsyZZbyxdt5nwsCw/0j7vPOztOMWkwiaHH/ZGVDWrfLhwfya
5uFmb++/nvYUgsxoFNaccZu69fWaUnfl6r0JII2v5zPyHeh/uZQ9ooYCDecLck8M
xip5AUqtdu2NYSgSmGS99Ih7FRoRgnYxuWSg4y00GFhY
-----END CERTIFICATE-----
Generated at Mon Sep 9 10:15:52 2024 by rpki-client on console-ams.rpki-client.org