Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/b9ed6c-e8c5-431e-b188-f5200f549377/1/b2GSFYQJWRiqLV02tZcRJ1E4zWY.roa
File: b2GSFYQJWRiqLV02tZcRJ1E4zWY.roa (raw, json)
Hash identifier: /EQ/V7RxJvuQd3eN75x9lubZ0GKgDVm2WQMsnWLWj1s=
Subject key identifier: 6F:61:92:15:84:09:59:18:AA:2D:5D:36:B5:97:11:27:51:38:CD:66
Certificate issuer: /CN=fe0c9f30e3b46d50b8d1bf79b9d1db84f25134ba
Certificate serial: 329B00
Authority key identifier: FE:0C:9F:30:E3:B4:6D:50:B8:D1:BF:79:B9:D1:DB:84:F2:51:34:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_gyfMOO0bVC40b95udHbhPJRNLo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/b9ed6c-e8c5-431e-b188-f5200f549377/1/b2GSFYQJWRiqLV02tZcRJ1E4zWY.roa
Signing time: Wed 20 Apr 2022 21:48:18 +0000
ROA not before: Wed 20 Apr 2022 21:48:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209730
IP address blocks: 193.26.121.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3316480 (0x329b00)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe0c9f30e3b46d50b8d1bf79b9d1db84f25134ba
Validity
Not Before: Apr 20 21:48:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6f61921584095918aa2d5d36b59711275138cd66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:f1:bb:5e:70:51:9c:1d:7c:b6:ec:3d:e7:67:
c0:59:6e:b8:7b:d5:69:f3:30:12:51:9e:b2:59:52:
0c:0f:33:cf:f8:15:b3:ee:a3:ff:5d:4b:59:5a:ef:
be:0b:c8:6a:97:48:71:da:cf:f1:f1:21:5b:3c:0a:
97:c1:ac:db:1d:f1:ca:f2:35:05:d0:07:18:64:ce:
c3:6d:45:5d:07:1d:6e:e4:bd:cf:25:76:0d:77:c8:
f8:83:f0:52:52:2e:6a:42:cd:3d:de:85:e2:8a:41:
6e:f7:8c:6b:ca:3b:e3:56:ba:fa:c2:3b:c5:88:82:
e8:e6:d3:11:71:39:ec:7a:fa:d4:31:dc:e4:81:ef:
d9:93:0b:69:af:83:42:bd:ec:d7:ae:db:45:bc:77:
e2:8f:b7:cf:4f:80:25:dd:b3:55:a7:69:99:a0:f7:
7e:81:69:30:47:8e:ef:7a:ae:28:40:a9:f9:1c:02:
92:0f:ce:4f:6f:a3:92:83:41:4e:85:ed:e5:4e:53:
65:d6:be:d6:49:fe:ab:b6:d0:75:99:bb:e7:58:07:
f0:02:fe:70:ad:93:9c:eb:3f:35:41:8f:82:24:d0:
1d:ef:18:db:9f:4d:14:4b:29:54:07:ce:fa:99:90:
19:c5:01:a5:21:23:f6:42:19:7d:84:f4:67:46:28:
63:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:61:92:15:84:09:59:18:AA:2D:5D:36:B5:97:11:27:51:38:CD:66
X509v3 Authority Key Identifier:
keyid:FE:0C:9F:30:E3:B4:6D:50:B8:D1:BF:79:B9:D1:DB:84:F2:51:34:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_gyfMOO0bVC40b95udHbhPJRNLo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/b9ed6c-e8c5-431e-b188-f5200f549377/1/b2GSFYQJWRiqLV02tZcRJ1E4zWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/b9ed6c-e8c5-431e-b188-f5200f549377/1/_gyfMOO0bVC40b95udHbhPJRNLo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.26.121.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:35:bd:10:12:85:ec:cc:3b:00:2a:97:4d:84:bc:3b:16:c5:
d6:95:60:06:36:7f:0a:29:7c:f5:27:44:cd:3e:fe:62:af:c5:
53:db:b6:8b:b5:48:03:0d:38:48:67:90:e1:83:06:c4:42:18:
25:62:b8:fa:96:b1:44:68:18:02:cd:a8:e6:da:ea:06:fd:57:
1b:3a:82:cd:4e:29:c3:ea:65:36:75:91:cf:4b:68:0f:88:f1:
93:30:46:94:d9:71:30:95:5d:93:7c:1e:90:be:00:0e:c2:b5:
4f:5b:63:56:2a:ed:ce:d8:da:50:db:79:b1:3a:72:a2:93:8f:
eb:1f:06:1c:f3:cd:17:01:ac:b9:ff:d8:05:2d:cc:55:3e:17:
23:66:e3:d8:0a:33:87:d0:bb:eb:29:5c:1f:4e:41:dd:93:87:
78:94:e3:06:7a:ca:54:66:48:c4:05:81:f6:dd:3d:9e:8e:47:
f2:47:49:ab:9c:76:72:6e:c5:62:8e:c8:ca:64:aa:c0:fb:00:
67:7d:32:6f:13:92:b5:40:74:bc:2e:1a:90:6b:f7:f6:c9:93:
8a:f0:99:24:7a:b0:df:15:2f:4c:38:8e:91:1b:a2:e0:d5:9a:
bb:f7:75:26:ef:28:f0:53:a1:2a:a0:ea:36:13:dd:7d:41:23:
65:a7:0e:f1
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDMpsAMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGZl
MGM5ZjMwZTNiNDZkNTBiOGQxYmY3OWI5ZDFkYjg0ZjI1MTM0YmEwHhcNMjIwNDIw
MjE0ODE4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2ZjYxOTIxNTg0MDk1
OTE4YWEyZDVkMzZiNTk3MTEyNzUxMzhjZDY2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAnfG7XnBRnB18tuw952fAWW64e9Vp8zASUZ6yWVIMDzPP+BWz
7qP/XUtZWu++C8hql0hx2s/x8SFbPAqXwazbHfHK8jUF0AcYZM7DbUVdBx1u5L3P
JXYNd8j4g/BSUi5qQs093oXiikFu94xryjvjVrr6wjvFiILo5tMRcTnsevrUMdzk
ge/Zkwtpr4NCvezXrttFvHfij7fPT4Al3bNVp2mZoPd+gWkwR47veq4oQKn5HAKS
D85Pb6OSg0FOhe3lTlNl1r7WSf6rttB1mbvnWAfwAv5wrZOc6z81QY+CJNAd7xjb
n00USylUB876mZAZxQGlISP2Qhl9hPRnRihj/QIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFG9hkhWECVkYqi1dNrWXESdROM1mMB8GA1UdIwQYMBaAFP4MnzDjtG1QuNG/
ebnR24TyUTS6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
X2d5Zk1PTzBiVkM0MGI5NXVkSGJoUEpSTkxvLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9kOS9iOWVkNmMtZThjNS00MzFlLWIxODgtZjUyMDBmNTQ5Mzc3LzEv
YjJHU0ZZUUpXUmlxTFYwMnRaY1JKMUU0eldZLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9i
OWVkNmMtZThjNS00MzFlLWIxODgtZjUyMDBmNTQ5Mzc3LzEvX2d5Zk1PTzBiVkM0
MGI5NXVkSGJoUEpSTkxvLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRp5MA0GCSqGSIb3DQEBCwUAA4IB
AQCPNb0QEoXszDsAKpdNhLw7FsXWlWAGNn8KKXz1J0TNPv5ir8VT27aLtUgDDThI
Z5DhgwbEQhglYrj6lrFEaBgCzajm2uoG/VcbOoLNTinD6mU2dZHPS2gPiPGTMEaU
2XEwlV2TfB6QvgAOwrVPW2NWKu3O2NpQ23mxOnKik4/rHwYc880XAay5/9gFLcxV
PhcjZuPYCjOH0LvrKVwfTkHdk4d4lOMGespUZkjEBYH23T2ejkfyR0mrnHZybsVi
jsjKZKrA+wBnfTJvE5K1QHS8LhqQa/f2yZOK8JkkerDfFS9MOI6RG6Lg1Zq793Um
7yjwU6EqoOo2E919QSNlpw7x
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:55 2024 by rpki-client on console-fra.rpki-client.org