Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/1-isesb6GX151a7L6aRd3PeiEi5A.roa
File: 1-isesb6GX151a7L6aRd3PeiEi5A.roa (raw, json)
Hash identifier: iHzYDDHFbUapOEAUDS5xwRh3ykQZu7JRSU7KviKpk14=
Subject key identifier: FA:2B:1E:B1:BE:86:5F:5E:75:6B:B2:FA:69:17:77:3D:E8:84:8B:90
Certificate issuer: /CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Certificate serial: 01838D59FCDA7AE3146C43FC8B1980D8583A
Authority key identifier: 67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/1-isesb6GX151a7L6aRd3PeiEi5A.roa
Signing time: Fri 30 Sep 2022 07:43:48 +0000
ROA not before: Fri 30 Sep 2022 07:43:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35608
IP address blocks: 213.108.132.0/24 maxlen: 24
193.19.111.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:8d:59:fc:da:7a:e3:14:6c:43:fc:8b:19:80:d8:58:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Validity
Not Before: Sep 30 07:43:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fa2b1eb1be865f5e756bb2fa6917773de8848b90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d6:d3:5d:f7:23:9c:66:b4:2e:e7:fe:cd:51:
dd:6e:3a:c2:bc:09:58:d7:73:8c:c7:75:dc:f2:fd:
56:f1:ab:af:7b:03:e0:21:24:6a:c8:b3:8d:07:bd:
62:d7:a8:1e:f0:9d:77:46:72:c0:c0:98:87:16:74:
7b:99:00:8f:d8:11:3f:35:ff:1d:69:fb:1f:bd:5a:
3d:25:ba:e5:c0:5f:5b:9f:13:64:fc:15:5a:35:13:
9c:09:31:b7:4f:d9:9e:7f:83:c3:a9:58:0f:0e:ac:
a7:c0:49:9d:37:52:07:55:5b:ab:70:b5:d8:1b:1b:
c6:04:0f:48:66:bf:ed:8a:e2:da:75:f5:90:4b:1c:
26:33:f0:73:4b:33:c3:88:0f:86:9d:65:07:76:6c:
65:72:72:a5:22:a7:0a:83:75:9e:d2:cc:6a:35:89:
a3:de:74:8a:0b:42:ed:6a:ee:51:01:3b:be:18:54:
df:84:c8:63:aa:d3:4a:18:1a:f6:c7:2b:72:94:7b:
24:94:88:70:7e:f8:09:1a:e1:7a:6b:b1:1c:dc:ce:
b5:b8:e9:cd:27:16:42:8b:37:1d:c5:20:c2:96:b2:
ba:51:44:37:e4:c6:65:96:f4:8b:95:92:bb:36:28:
36:72:cd:23:f3:3b:29:d9:39:f6:c3:0a:87:b3:0f:
ab:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:2B:1E:B1:BE:86:5F:5E:75:6B:B2:FA:69:17:77:3D:E8:84:8B:90
X509v3 Authority Key Identifier:
keyid:67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/1-isesb6GX151a7L6aRd3PeiEi5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.19.111.0/24
213.108.132.0/24
Signature Algorithm: sha256WithRSAEncryption
27:ae:84:73:9e:1d:ef:49:97:5c:24:d5:46:74:16:ae:91:6f:
ba:8a:1b:94:26:60:6c:08:cc:1b:13:70:8d:21:e2:3c:3f:6a:
e3:e9:37:4d:fb:2c:87:f2:89:5b:7d:03:c8:a0:05:55:85:fa:
7c:fe:48:fd:02:92:20:cf:f6:85:25:fb:83:7b:29:72:04:91:
53:ae:d7:9d:6d:68:27:80:94:61:29:44:aa:2e:b8:b9:64:8c:
01:6d:1b:2f:ea:f0:5a:d7:b4:5c:a9:69:83:65:74:2e:c2:48:
1d:88:bb:b5:c2:d1:66:be:9c:bf:9f:81:98:dc:34:a7:47:d3:
b0:a5:7c:79:e9:b7:42:f6:20:77:68:a6:a4:69:7b:82:46:d5:
1e:97:67:c3:2e:ee:43:fa:89:a7:3c:0c:4f:9f:57:14:65:df:
c2:67:ff:d4:1b:d6:2a:21:a4:03:7c:3a:8c:5a:20:f2:4d:32:
a9:91:9c:42:5b:24:e3:f5:fc:11:ca:88:31:5c:d7:92:a4:a4:
6f:e8:1d:56:d0:ca:e5:72:5a:fe:ec:9f:5c:5a:89:ae:80:b0:
83:cc:d9:e6:0a:b9:5f:d3:6f:9d:b3:35:e6:dc:f4:e2:cd:1a:
8e:2f:bf:bb:1e:2d:8b:97:23:8f:d8:99:26:8b:f9:02:bf:e7:
22:c4:b1:6c
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYONWfzaeuMUbEP8ixmA2Fg6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3OTU1YjFhYTFjMDI4NGQyODQzYjk2ZjI2YzVmZTc1MWU2
Njk0NmYwHhcNMjIwOTMwMDc0MzQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTJiMWViMWJlODY1ZjVlNzU2YmIyZmE2OTE3NzczZGU4ODQ4YjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNbTXfcjnGa0Luf+zVHdbjrCvAlY
13OMx3Xc8v1W8auvewPgISRqyLONB71i16ge8J13RnLAwJiHFnR7mQCP2BE/Nf8d
afsfvVo9JbrlwF9bnxNk/BVaNROcCTG3T9mef4PDqVgPDqynwEmdN1IHVVurcLXY
GxvGBA9IZr/tiuLadfWQSxwmM/BzSzPDiA+GnWUHdmxlcnKlIqcKg3We0sxqNYmj
3nSKC0Ltau5RATu+GFTfhMhjqtNKGBr2xytylHsklIhwfvgJGuF6a7Ec3M61uOnN
JxZCizcdxSDClrK6UUQ35MZllvSLlZK7Nig2cs0j8zsp2Tn2wwqHsw+rSwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPorHrG+hl9edWuy+mkXdz3ohIuQMB8GA1UdIwQY
MBaAFGeVWxqhwChNKEO5bybF/nUeZpRvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDct
MDhhZDk0MTAxZDdlLzEvMS1pc2VzYjZHWDE1MWE3TDZhUmQzUGVpRWk1QS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZWIvNjMxOTI1LTZiMGUtNGVhNS05MWQ3LTA4YWQ5NDEwMWQ3
ZS8xL1o1VmJHcUhBS0Uwb1E3bHZKc1gtZFI1bWxHOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAMETbwME
ANVshDANBgkqhkiG9w0BAQsFAAOCAQEAJ66Ec54d70mXXCTVRnQWrpFvuooblCZg
bAjMGxNwjSHiPD9q4+k3Tfssh/KJW30DyKAFVYX6fP5I/QKSIM/2hSX7g3spcgSR
U67XnW1oJ4CUYSlEqi64uWSMAW0bL+rwWte0XKlpg2V0LsJIHYi7tcLRZr6cv5+B
mNw0p0fTsKV8eem3QvYgd2impGl7gkbVHpdnwy7uQ/qJpzwMT59XFGXfwmf/1BvW
KiGkA3w6jFog8k0yqZGcQlsk4/X8EcqIMVzXkqSkb+gdVtDK5XJa/uyfXFqJroCw
g8zZ5gq5X9NvnbM15tz04s0aji+/ux4ti5cjj9iZJov5Ar/nIsSxbA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:52 2024 by rpki-client on console-ams.rpki-client.org