Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/AIrHStDMT-Zdm1-IWg6sP41SnsY.roa
File: AIrHStDMT-Zdm1-IWg6sP41SnsY.roa (raw, json)
Hash identifier: smEsLWGrk+3jCJbUIkZJXwepAtE/WB/lXHOt/ToncE0=
Subject key identifier: 00:8A:C7:4A:D0:CC:4F:E6:5D:9B:5F:88:5A:0E:AC:3F:8D:52:9E:C6
Certificate issuer: /CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Certificate serial: 01902A35C3E15BE7F824C40962EC88BE90FB
Authority key identifier: 67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/AIrHStDMT-Zdm1-IWg6sP41SnsY.roa
Signing time: Tue 18 Jun 2024 07:18:04 +0000
ROA not before: Tue 18 Jun 2024 07:18:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48030
IP address blocks: 193.93.61.0/24 maxlen: 24
195.128.246.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:2a:35:c3:e1:5b:e7:f8:24:c4:09:62:ec:88:be:90:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Validity
Not Before: Jun 18 07:18:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=008ac74ad0cc4fe65d9b5f885a0eac3f8d529ec6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:6f:8a:33:3b:d5:41:2c:34:29:6c:01:4f:4f:
52:8f:2d:e7:3e:27:f0:78:46:5b:d2:1e:ee:70:5d:
5c:f4:23:f7:64:e0:9a:03:6c:07:68:48:a2:ba:6f:
5d:4f:0b:4c:17:2b:2c:a7:25:3a:c2:b1:9b:2d:9f:
e6:8f:b6:83:71:1e:e9:db:e0:67:29:d8:57:ee:af:
e4:a7:af:2c:77:f8:fc:7a:1c:7f:77:71:7e:8d:d9:
48:00:be:fb:59:7d:64:f3:63:11:33:1a:d6:3d:ee:
da:4f:4b:26:29:18:9d:4b:41:97:e4:88:47:e7:28:
03:64:12:09:87:59:e5:51:4d:0f:a6:c0:11:b5:d4:
5c:04:9c:47:dd:cc:f0:77:b9:be:23:38:1e:5b:0a:
28:44:46:65:4a:9a:91:33:ca:d4:15:62:b8:ee:d0:
ca:e9:a8:76:c2:8d:d9:4c:0e:fd:d5:ce:08:fc:c8:
69:74:7b:bd:5f:bd:4d:ec:7b:83:6d:ef:ad:6b:69:
16:4a:f6:08:f8:3b:5e:a6:67:61:dc:a0:c2:a0:d1:
50:85:f0:bb:7b:09:ab:e1:44:83:53:ee:f1:82:83:
f7:9d:01:01:05:65:31:fd:1b:7b:58:ed:11:77:43:
68:5c:bd:37:06:18:5c:b5:72:60:bb:c5:7d:c3:8f:
4f:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:8A:C7:4A:D0:CC:4F:E6:5D:9B:5F:88:5A:0E:AC:3F:8D:52:9E:C6
X509v3 Authority Key Identifier:
keyid:67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/AIrHStDMT-Zdm1-IWg6sP41SnsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.93.61.0/24
195.128.246.0/23
Signature Algorithm: sha256WithRSAEncryption
40:3d:2c:59:3c:f2:a3:10:c8:1e:ba:3b:5f:c6:05:74:11:96:
33:e0:68:6d:f8:31:05:6d:61:fc:15:6a:ef:2b:af:e3:3a:68:
79:46:1b:9b:e0:8e:e9:4a:48:10:c0:17:2f:1d:5e:7d:03:63:
0a:b5:06:e9:05:be:34:2c:e2:a5:c6:c1:e3:eb:77:3a:b3:ba:
58:dd:e6:ee:4b:39:d4:57:77:30:06:c7:18:89:5b:5d:16:d6:
27:6e:86:d1:82:77:d0:f8:6e:d5:31:6e:3e:b8:5d:fd:38:d3:
be:23:04:35:76:e2:85:b9:83:62:eb:87:1b:9f:02:cb:b3:56:
80:be:20:09:63:26:85:8c:6c:7b:c6:4d:a6:5b:f7:ef:98:fd:
c2:7f:55:d0:57:68:1b:d0:29:a8:06:eb:3d:7c:9d:46:67:17:
c1:1a:22:77:93:b0:78:9c:8f:5a:24:78:87:3c:f2:f9:3a:c2:
38:15:77:9c:45:2c:6e:19:87:2b:70:54:0d:3c:85:93:b2:8a:
d5:ec:11:9b:42:e7:25:6e:a8:5a:11:c1:86:60:ee:48:96:47:
8e:65:48:6e:ab:3e:94:51:50:d1:e9:81:a0:c9:b0:c4:24:57:
57:50:4b:74:20:19:f2:cc:3a:e6:c8:2d:63:74:0d:e3:08:f2:
a3:33:86:dc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZAqNcPhW+f4JMQJYuyIvpD7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3OTU1YjFhYTFjMDI4NGQyODQzYjk2ZjI2YzVmZTc1MWU2
Njk0NmYwHhcNMjQwNjE4MDcxODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDhhYzc0YWQwY2M0ZmU2NWQ5YjVmODg1YTBlYWMzZjhkNTI5ZWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1G+KMzvVQSw0KWwBT09Sjy3nPifw
eEZb0h7ucF1c9CP3ZOCaA2wHaEiium9dTwtMFysspyU6wrGbLZ/mj7aDcR7p2+Bn
KdhX7q/kp68sd/j8ehx/d3F+jdlIAL77WX1k82MRMxrWPe7aT0smKRidS0GX5IhH
5ygDZBIJh1nlUU0PpsARtdRcBJxH3czwd7m+IzgeWwooREZlSpqRM8rUFWK47tDK
6ah2wo3ZTA791c4I/MhpdHu9X71N7HuDbe+ta2kWSvYI+Dtepmdh3KDCoNFQhfC7
ewmr4USDU+7xgoP3nQEBBWUx/Rt7WO0Rd0NoXL03BhhctXJgu8V9w49PGwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFACKx0rQzE/mXZtfiFoOrD+NUp7GMB8GA1UdIwQY
MBaAFGeVWxqhwChNKEO5bybF/nUeZpRvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDct
MDhhZDk0MTAxZDdlLzEvQUlySFN0RE1ULVpkbTEtSVdnNnNQNDFTbnNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDctMDhhZDk0MTAxZDdl
LzEvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwV09AwQB
w4D2MA0GCSqGSIb3DQEBCwUAA4IBAQBAPSxZPPKjEMgeujtfxgV0EZYz4Ght+DEF
bWH8FWrvK6/jOmh5Rhub4I7pSkgQwBcvHV59A2MKtQbpBb40LOKlxsHj63c6s7pY
3ebuSznUV3cwBscYiVtdFtYnbobRgnfQ+G7VMW4+uF39ONO+IwQ1duKFuYNi64cb
nwLLs1aAviAJYyaFjGx7xk2mW/fvmP3Cf1XQV2gb0CmoBus9fJ1GZxfBGiJ3k7B4
nI9aJHiHPPL5OsI4FXecRSxuGYcrcFQNPIWTsorV7BGbQuclbqhaEcGGYO5IlkeO
ZUhuqz6UUVDR6YGgybDEJFdXUEt0IBnyzDrmyC1jdA3jCPKjM4bc
Generated at Thu Jun 20 12:35:50 2024 by rpki-client on console-fra.rpki-client.org