Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/b9ed6c-e8c5-431e-b188-f5200f549377/1/9xy8uPJzl-JpVvrXCxizMAAB6z8.roa
File: 9xy8uPJzl-JpVvrXCxizMAAB6z8.roa (raw, json)
Hash identifier: eMB1rvfUbtYtIpBeGkrUfb3K99NxIkddUZQhifzTCCY=
Subject key identifier: F7:1C:BC:B8:F2:73:97:E2:69:56:FA:D7:0B:18:B3:30:00:01:EB:3F
Certificate issuer: /CN=fe0c9f30e3b46d50b8d1bf79b9d1db84f25134ba
Certificate serial: 018452CE1B98E5485474B07ECF35823146AA
Authority key identifier: FE:0C:9F:30:E3:B4:6D:50:B8:D1:BF:79:B9:D1:DB:84:F2:51:34:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_gyfMOO0bVC40b95udHbhPJRNLo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/b9ed6c-e8c5-431e-b188-f5200f549377/1/9xy8uPJzl-JpVvrXCxizMAAB6z8.roa
Signing time: Mon 07 Nov 2022 15:55:50 +0000
ROA not before: Mon 07 Nov 2022 15:55:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210030
IP address blocks: 193.26.121.0/24 maxlen: 24
193.26.14.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:52:ce:1b:98:e5:48:54:74:b0:7e:cf:35:82:31:46:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe0c9f30e3b46d50b8d1bf79b9d1db84f25134ba
Validity
Not Before: Nov 7 15:55:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f71cbcb8f27397e26956fad70b18b3300001eb3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:db:6c:ac:58:18:0d:d9:81:ae:f0:d2:7b:18:
a5:b4:b8:c0:ac:70:01:c1:c6:35:e5:a4:5f:fe:51:
e0:b9:1f:b8:92:b9:3f:42:9e:63:ed:7f:24:77:ef:
af:60:db:5e:e8:0f:93:53:6a:94:28:1e:53:e0:99:
e5:53:3a:80:86:44:be:40:9c:20:bf:66:ed:4a:23:
17:1b:77:c0:73:77:0a:ca:d8:e4:6d:be:a0:34:60:
5f:05:8c:d2:76:89:ed:9c:f3:a7:e1:6b:ae:ee:a3:
e6:30:cb:21:ad:1b:f0:bf:3e:ef:8b:14:f4:af:d4:
9c:d5:7a:60:70:8b:56:71:f4:ef:d7:91:04:d7:7f:
23:a7:b0:06:ae:c2:6a:1e:43:bf:69:1f:f3:9e:ce:
bd:66:62:00:73:da:33:1d:34:9d:9c:4b:6d:fc:3e:
e5:6f:d6:42:a6:9f:30:3e:e2:9d:5d:9f:ce:12:45:
5c:a0:2f:a1:31:26:b4:76:90:ae:16:35:1a:6d:25:
1d:ea:f2:b8:96:5e:02:ee:71:30:ec:e4:34:51:a1:
ab:51:2b:b2:46:86:f7:f1:f3:e7:69:d2:64:50:40:
47:dd:59:af:d6:f2:49:26:30:78:63:28:b0:41:1e:
81:8d:7c:f6:ff:d0:f1:af:6d:10:62:d3:ab:3e:93:
f5:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:1C:BC:B8:F2:73:97:E2:69:56:FA:D7:0B:18:B3:30:00:01:EB:3F
X509v3 Authority Key Identifier:
keyid:FE:0C:9F:30:E3:B4:6D:50:B8:D1:BF:79:B9:D1:DB:84:F2:51:34:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_gyfMOO0bVC40b95udHbhPJRNLo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/b9ed6c-e8c5-431e-b188-f5200f549377/1/9xy8uPJzl-JpVvrXCxizMAAB6z8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/b9ed6c-e8c5-431e-b188-f5200f549377/1/_gyfMOO0bVC40b95udHbhPJRNLo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.26.14.0/24
193.26.121.0/24
Signature Algorithm: sha256WithRSAEncryption
04:0c:fd:37:ac:9d:dc:2f:7e:c1:ea:91:e4:9e:7f:69:ff:24:
12:d7:99:03:2d:99:00:be:6b:53:9b:4b:00:4c:e0:b0:e7:86:
16:a9:f5:59:32:0a:de:9c:92:15:af:da:45:77:03:b5:a1:fa:
41:a0:19:2a:e6:58:72:33:5b:a7:07:31:25:dc:1e:fe:78:a9:
19:d4:2a:58:74:18:c4:e0:f9:bb:b5:45:fc:70:b0:37:c5:35:
59:43:c6:c6:ae:4e:83:ea:8f:c2:ee:21:17:c8:b1:a6:8d:39:
da:6c:94:a1:f8:53:3e:89:86:b2:4f:49:b7:7c:d6:04:75:53:
11:ce:1b:71:97:7c:bd:3b:35:d5:93:0f:0b:dd:4c:ac:66:7b:
8b:d6:89:bd:d1:f8:0b:19:9b:85:c4:fb:11:ee:b5:a8:6a:2a:
2c:e9:db:65:74:40:3f:30:a9:41:eb:f9:94:11:92:3e:69:e0:
e1:b8:7a:2e:ef:64:f5:d4:8e:d7:db:71:d6:b7:42:3f:bf:cb:
0d:8c:49:90:73:4d:c5:1b:70:73:8f:e6:07:8a:b3:25:57:9a:
c3:a4:ab:db:dc:99:98:ea:1c:28:93:83:07:5c:75:bb:41:1d:
72:fd:4b:7b:c5:0a:7b:58:da:1b:15:51:fe:d1:2c:92:5f:ce:
b3:b8:c8:92
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYRSzhuY5UhUdLB+zzWCMUaqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlMGM5ZjMwZTNiNDZkNTBiOGQxYmY3OWI5ZDFkYjg0ZjI1
MTM0YmEwHhcNMjIxMTA3MTU1NTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzFjYmNiOGYyNzM5N2UyNjk1NmZhZDcwYjE4YjMzMDAwMDFlYjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzdtsrFgYDdmBrvDSexiltLjArHAB
wcY15aRf/lHguR+4krk/Qp5j7X8kd++vYNte6A+TU2qUKB5T4JnlUzqAhkS+QJwg
v2btSiMXG3fAc3cKytjkbb6gNGBfBYzSdontnPOn4Wuu7qPmMMshrRvwvz7vixT0
r9Sc1XpgcItWcfTv15EE138jp7AGrsJqHkO/aR/zns69ZmIAc9ozHTSdnEtt/D7l
b9ZCpp8wPuKdXZ/OEkVcoC+hMSa0dpCuFjUabSUd6vK4ll4C7nEw7OQ0UaGrUSuy
Rob38fPnadJkUEBH3Vmv1vJJJjB4YyiwQR6BjXz2/9Dxr20QYtOrPpP1xwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPccvLjyc5fiaVb61wsYszAAAes/MB8GA1UdIwQY
MBaAFP4MnzDjtG1QuNG/ebnR24TyUTS6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2d5Zk1PTzBiVkM0MGI5NXVkSGJoUEpSTkxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9iOWVkNmMtZThjNS00MzFlLWIxODgt
ZjUyMDBmNTQ5Mzc3LzEvOXh5OHVQSnpsLUpwVnZyWEN4aXpNQUFCNno4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9iOWVkNmMtZThjNS00MzFlLWIxODgtZjUyMDBmNTQ5Mzc3
LzEvX2d5Zk1PTzBiVkM0MGI5NXVkSGJoUEpSTkxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwRoOAwQA
wRp5MA0GCSqGSIb3DQEBCwUAA4IBAQAEDP03rJ3cL37B6pHknn9p/yQS15kDLZkA
vmtTm0sATOCw54YWqfVZMgrenJIVr9pFdwO1ofpBoBkq5lhyM1unBzEl3B7+eKkZ
1CpYdBjE4Pm7tUX8cLA3xTVZQ8bGrk6D6o/C7iEXyLGmjTnabJSh+FM+iYayT0m3
fNYEdVMRzhtxl3y9OzXVkw8L3UysZnuL1om90fgLGZuFxPsR7rWoaios6dtldEA/
MKlB6/mUEZI+aeDhuHou72T11I7X23HWt0I/v8sNjEmQc03FG3Bzj+YHirMlV5rD
pKvb3JmY6hwok4MHXHW7QR1y/Ut7xQp7WNobFVH+0SySX86zuMiS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:55 2024 by rpki-client on console-fra.rpki-client.org