Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/b9ed6c-e8c5-431e-b188-f5200f549377/1/vn9Oy6BgGcRBusR3t-xitlKYMtg.roa
File: vn9Oy6BgGcRBusR3t-xitlKYMtg.roa (raw, json)
Hash identifier: IHnmYodlD6stclA4z9mwWHq+bMNE0CYXznt980pKUhs=
Subject key identifier: BE:7F:4E:CB:A0:60:19:C4:41:BA:C4:77:B7:EC:62:B6:52:98:32:D8
Certificate issuer: /CN=fe0c9f30e3b46d50b8d1bf79b9d1db84f25134ba
Certificate serial: 018443389332F294DA99BBAC5233B994F1EF
Authority key identifier: FE:0C:9F:30:E3:B4:6D:50:B8:D1:BF:79:B9:D1:DB:84:F2:51:34:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_gyfMOO0bVC40b95udHbhPJRNLo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/b9ed6c-e8c5-431e-b188-f5200f549377/1/vn9Oy6BgGcRBusR3t-xitlKYMtg.roa
Signing time: Fri 04 Nov 2022 15:18:11 +0000
ROA not before: Fri 04 Nov 2022 15:18:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209730
IP address blocks: 193.26.121.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:43:38:93:32:f2:94:da:99:bb:ac:52:33:b9:94:f1:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe0c9f30e3b46d50b8d1bf79b9d1db84f25134ba
Validity
Not Before: Nov 4 15:18:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=be7f4ecba06019c441bac477b7ec62b6529832d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:96:12:2f:6e:90:af:13:c0:d2:9e:e2:2a:8c:
fa:4d:9d:fd:bc:fe:25:6f:83:29:44:7e:aa:7e:ba:
33:0d:f8:12:fd:3b:e8:28:7c:74:70:7c:08:f3:f7:
18:b8:36:b3:94:3c:c6:7f:7c:20:dc:3f:5b:c4:1a:
93:43:98:f8:9c:1b:de:5d:50:79:1e:b9:6f:c8:ec:
9f:c8:17:d6:51:ea:88:86:91:b7:49:e6:c2:e5:77:
01:f4:19:37:a2:52:6a:cf:7c:04:a4:17:6c:b6:1f:
69:54:1e:c5:57:b5:13:55:19:ea:eb:54:1e:fe:d9:
b9:9c:e8:61:69:84:a6:c4:ae:cd:47:2f:b3:03:d3:
ca:7c:d2:76:9f:b6:36:05:61:ac:1a:d4:4e:25:1c:
68:e9:32:22:83:e0:4b:99:e2:57:7e:78:61:b9:01:
d6:8b:3c:ec:29:9e:bc:2c:3e:9a:c7:7c:22:e4:91:
d1:01:84:38:0e:26:52:01:91:c7:56:e1:3c:7e:b3:
d8:86:39:ec:6f:be:21:58:70:f5:ba:2b:7d:8b:58:
af:c9:ed:4b:24:2c:75:c0:f4:72:e9:ff:39:a7:75:
04:f5:55:a5:c4:ec:ec:04:f8:18:5b:f3:f2:47:0e:
7a:8b:f3:a9:84:96:56:54:86:56:cd:82:ff:99:82:
c1:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:7F:4E:CB:A0:60:19:C4:41:BA:C4:77:B7:EC:62:B6:52:98:32:D8
X509v3 Authority Key Identifier:
keyid:FE:0C:9F:30:E3:B4:6D:50:B8:D1:BF:79:B9:D1:DB:84:F2:51:34:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_gyfMOO0bVC40b95udHbhPJRNLo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/b9ed6c-e8c5-431e-b188-f5200f549377/1/vn9Oy6BgGcRBusR3t-xitlKYMtg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/b9ed6c-e8c5-431e-b188-f5200f549377/1/_gyfMOO0bVC40b95udHbhPJRNLo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.26.121.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:6f:7b:37:0e:b2:a6:1d:23:45:54:4e:56:80:8d:52:3e:25:
1c:08:33:05:a6:10:05:79:a2:80:0e:07:01:bf:c1:67:44:19:
aa:b3:01:ba:e9:6e:88:09:bc:61:ed:b3:c4:a6:27:f4:ee:e5:
1a:2d:6d:81:2e:f3:86:47:ad:b5:db:c3:48:4d:48:e5:be:4f:
66:72:70:5d:17:da:ce:ee:b9:41:d5:f4:ec:82:81:97:0e:f6:
ad:25:5f:12:eb:77:51:7d:45:1d:20:18:90:3e:98:a6:b0:cb:
46:92:2f:7a:67:df:af:45:42:91:48:92:be:8f:9c:da:95:07:
dd:28:9c:34:1a:1e:f9:68:aa:22:95:48:00:44:fe:a5:3b:a5:
16:9a:aa:85:93:52:b4:e4:00:36:da:cd:1e:f2:28:70:c0:13:
2e:2c:53:ee:aa:d7:f1:f5:2e:79:15:9f:8b:e2:3c:7d:50:c6:
83:ba:5a:3e:12:f5:52:7e:65:90:9f:bb:73:0a:ae:24:81:48:
81:a9:0b:96:c4:ca:d5:0c:61:ef:3e:ba:5f:fe:91:cb:de:14:
6d:f5:d6:97:7c:10:c1:08:57:4c:51:4c:00:b7:41:ac:84:c6:
9b:59:e0:eb:bb:03:95:42:12:72:04:dc:36:33:3c:e6:3b:ae:
cc:e1:2d:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYRDOJMy8pTambusUjO5lPHvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlMGM5ZjMwZTNiNDZkNTBiOGQxYmY3OWI5ZDFkYjg0ZjI1
MTM0YmEwHhcNMjIxMTA0MTUxODExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTdmNGVjYmEwNjAxOWM0NDFiYWM0NzdiN2VjNjJiNjUyOTgzMmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkpYSL26QrxPA0p7iKoz6TZ39vP4l
b4MpRH6qfrozDfgS/TvoKHx0cHwI8/cYuDazlDzGf3wg3D9bxBqTQ5j4nBveXVB5
HrlvyOyfyBfWUeqIhpG3SebC5XcB9Bk3olJqz3wEpBdsth9pVB7FV7UTVRnq61Qe
/tm5nOhhaYSmxK7NRy+zA9PKfNJ2n7Y2BWGsGtROJRxo6TIig+BLmeJXfnhhuQHW
izzsKZ68LD6ax3wi5JHRAYQ4DiZSAZHHVuE8frPYhjnsb74hWHD1uit9i1ivye1L
JCx1wPRy6f85p3UE9VWlxOzsBPgYW/PyRw56i/OphJZWVIZWzYL/mYLBrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL5/TsugYBnEQbrEd7fsYrZSmDLYMB8GA1UdIwQY
MBaAFP4MnzDjtG1QuNG/ebnR24TyUTS6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2d5Zk1PTzBiVkM0MGI5NXVkSGJoUEpSTkxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9iOWVkNmMtZThjNS00MzFlLWIxODgt
ZjUyMDBmNTQ5Mzc3LzEvdm45T3k2QmdHY1JCdXNSM3QteGl0bEtZTXRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9iOWVkNmMtZThjNS00MzFlLWIxODgtZjUyMDBmNTQ5Mzc3
LzEvX2d5Zk1PTzBiVkM0MGI5NXVkSGJoUEpSTkxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRp5MA0G
CSqGSIb3DQEBCwUAA4IBAQBMb3s3DrKmHSNFVE5WgI1SPiUcCDMFphAFeaKADgcB
v8FnRBmqswG66W6ICbxh7bPEpif07uUaLW2BLvOGR62128NITUjlvk9mcnBdF9rO
7rlB1fTsgoGXDvatJV8S63dRfUUdIBiQPpimsMtGki96Z9+vRUKRSJK+j5zalQfd
KJw0Gh75aKoilUgARP6lO6UWmqqFk1K05AA22s0e8ihwwBMuLFPuqtfx9S55FZ+L
4jx9UMaDulo+EvVSfmWQn7tzCq4kgUiBqQuWxMrVDGHvPrpf/pHL3hRt9daXfBDB
CFdMUUwAt0GshMabWeDruwOVQhJyBNw2MzzmO67M4S3i
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:12 2024 by rpki-client on console-ams.rpki-client.org