Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/orsRoRHTlBGMis5TlxUXoVbn9IU.roa
File: orsRoRHTlBGMis5TlxUXoVbn9IU.roa (raw, json)
Hash identifier: 83ytT5hrqnztsC9yN4RV+cs7xyoVyXnnKhC3/ZdH7l4=
Subject key identifier: A2:BB:11:A1:11:D3:94:11:8C:8A:CE:53:97:15:17:A1:56:E7:F4:85
Certificate issuer: /CN=dbb396dfa951ec4157f211e5ed740ed97e1b0f3f
Certificate serial: 01862B928B23CEDFEC708600F22B356D9137
Authority key identifier: DB:B3:96:DF:A9:51:EC:41:57:F2:11:E5:ED:74:0E:D9:7E:1B:0F:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/27OW36lR7EFX8hHl7XQO2X4bDz8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/orsRoRHTlBGMis5TlxUXoVbn9IU.roa
Signing time: Tue 07 Feb 2023 11:11:09 +0000
ROA not before: Tue 07 Feb 2023 11:11:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34907
IP address blocks: 193.3.162.0/24 maxlen: 24
2001:67c:178c::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:2b:92:8b:23:ce:df:ec:70:86:00:f2:2b:35:6d:91:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbb396dfa951ec4157f211e5ed740ed97e1b0f3f
Validity
Not Before: Feb 7 11:11:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2bb11a111d394118c8ace53971517a156e7f485
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:67:80:d4:24:52:a6:ce:27:64:97:d5:92:d6:
c3:bc:5f:01:5d:e4:63:b0:1a:3b:8a:77:13:0e:ad:
bf:f8:bf:36:8d:cd:d2:5d:5d:8d:93:10:3a:15:06:
9c:3b:2d:1e:91:cc:74:53:c2:28:de:a1:f7:e1:10:
ae:4f:0e:ac:8d:56:93:28:7d:a0:10:25:91:de:83:
ad:98:9d:06:7f:b7:d6:dc:2b:96:66:77:32:0d:2a:
f4:a5:de:48:44:83:4b:9f:48:f9:54:e3:cc:b9:24:
0d:51:a6:7a:09:c1:7a:55:f1:ec:7f:7c:82:6f:2e:
e3:2b:a6:91:08:70:6e:0f:e2:a6:9c:72:9c:9e:22:
44:52:c5:90:eb:1d:5c:32:f8:78:3b:a0:9f:5d:0b:
14:f2:c8:50:1a:d1:39:a4:0a:de:cc:95:01:e6:f8:
4b:59:53:85:44:64:e6:44:19:de:ab:fb:94:a8:63:
dc:11:e8:44:1c:3c:ab:1d:36:12:d3:e7:25:a0:4c:
19:f5:ff:8b:5e:7f:59:d1:8c:b8:93:84:aa:ee:25:
5a:89:5a:f1:61:9d:28:b4:f0:7e:4c:99:a5:8f:89:
b2:0a:5e:6a:00:fe:4b:0b:cb:a3:79:30:9c:90:86:
9f:34:a8:4a:e7:2a:39:21:6f:a7:e2:e9:2b:f4:c7:
d3:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:BB:11:A1:11:D3:94:11:8C:8A:CE:53:97:15:17:A1:56:E7:F4:85
X509v3 Authority Key Identifier:
keyid:DB:B3:96:DF:A9:51:EC:41:57:F2:11:E5:ED:74:0E:D9:7E:1B:0F:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/27OW36lR7EFX8hHl7XQO2X4bDz8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/orsRoRHTlBGMis5TlxUXoVbn9IU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/27OW36lR7EFX8hHl7XQO2X4bDz8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.3.162.0/24
IPv6:
2001:67c:178c::/48
Signature Algorithm: sha256WithRSAEncryption
65:5c:33:84:e9:3e:b1:69:03:6b:67:9c:52:49:e1:a5:b7:e1:
ad:07:58:b4:b4:8f:49:31:d9:8e:f1:b0:da:2a:df:8b:b8:1a:
47:77:6a:42:77:11:7d:de:51:6b:d5:77:bd:87:db:c9:86:9a:
e1:85:7a:2c:c4:0c:0d:db:d1:9b:0e:db:47:60:74:3d:3e:d3:
73:fc:f8:8b:2a:ff:66:4a:9d:89:a9:b2:15:b8:e9:c9:c7:f2:
df:c3:bd:ce:09:11:3e:52:45:e8:14:4c:0c:28:94:18:4c:37:
f3:af:77:e5:29:de:b5:12:77:71:11:81:e2:70:9c:12:52:96:
34:c4:cf:1c:87:3e:77:83:4f:25:9f:02:7b:cf:b3:7f:e3:cd:
86:6c:5f:91:67:40:64:3d:3f:de:a1:17:01:bd:1d:05:2c:66:
9a:46:81:15:bb:dc:2f:e9:2c:28:b6:2c:7b:43:10:d0:d0:79:
d5:c9:7f:fc:5f:27:d9:f1:6e:35:05:0b:42:1a:17:b6:18:53:
1f:b0:1a:88:5a:6d:26:ef:0d:2b:e2:13:bc:dc:12:1f:96:a6:
27:89:bc:5a:8e:05:fe:f8:ef:88:c0:2b:a3:6d:01:5d:ac:f9:
fc:a4:2c:e7:58:9d:97:ec:40:8a:a9:a4:e1:d3:d4:10:29:62:
a1:f4:bc:ea
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYYrkosjzt/scIYA8is1bZE3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYjM5NmRmYTk1MWVjNDE1N2YyMTFlNWVkNzQwZWQ5N2Ux
YjBmM2YwHhcNMjMwMjA3MTExMTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmJiMTFhMTExZDM5NDExOGM4YWNlNTM5NzE1MTdhMTU2ZTdmNDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgmeA1CRSps4nZJfVktbDvF8BXeRj
sBo7incTDq2/+L82jc3SXV2NkxA6FQacOy0ekcx0U8Io3qH34RCuTw6sjVaTKH2g
ECWR3oOtmJ0Gf7fW3CuWZncyDSr0pd5IRINLn0j5VOPMuSQNUaZ6CcF6VfHsf3yC
by7jK6aRCHBuD+KmnHKcniJEUsWQ6x1cMvh4O6CfXQsU8shQGtE5pArezJUB5vhL
WVOFRGTmRBneq/uUqGPcEehEHDyrHTYS0+cloEwZ9f+LXn9Z0Yy4k4Sq7iVaiVrx
YZ0otPB+TJmlj4myCl5qAP5LC8ujeTCckIafNKhK5yo5IW+n4ukr9MfT4QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKK7EaER05QRjIrOU5cVF6FW5/SFMB8GA1UdIwQY
MBaAFNuzlt+pUexBV/IR5e10Dtl+Gw8/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjdPVzM2bFI3RUZYOGhIbDdYUU8yWDRiRHo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9iMzk4N2EtNDUwNC00NzQ5LTlkNzMt
ZGY1NzJmZTk2NzJhLzEvb3JzUm9SSFRsQkdNaXM1VGx4VVhvVmJuOUlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9iMzk4N2EtNDUwNC00NzQ5LTlkNzMtZGY1NzJmZTk2NzJh
LzEvMjdPVzM2bFI3RUZYOGhIbDdYUU8yWDRiRHo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwQOiMA8E
AgACMAkDBwAgAQZ8F4wwDQYJKoZIhvcNAQELBQADggEBAGVcM4TpPrFpA2tnnFJJ
4aW34a0HWLS0j0kx2Y7xsNoq34u4Gkd3akJ3EX3eUWvVd72H28mGmuGFeizEDA3b
0ZsO20dgdD0+03P8+Isq/2ZKnYmpshW46cnH8t/Dvc4JET5SRegUTAwolBhMN/Ov
d+Up3rUSd3ERgeJwnBJSljTEzxyHPneDTyWfAnvPs3/jzYZsX5FnQGQ9P96hFwG9
HQUsZppGgRW73C/pLCi2LHtDENDQedXJf/xfJ9nxbjUFC0IaF7YYUx+wGohabSbv
DSviE7zcEh+WpieJvFqOBf7474jAK6NtAV2s+fykLOdYnZfsQIqppOHT1BApYqH0
vOo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:10 2024 by rpki-client on console-fra.rpki-client.org