Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/SsKX-4m7k-Tm0uu6502lgiEEigA.roa
File: SsKX-4m7k-Tm0uu6502lgiEEigA.roa (raw, json)
Hash identifier: jIDm+42UuFkYLzJEZRInniuVCXBMPszgRgp4sbMyvpw=
Subject key identifier: 4A:C2:97:FB:89:BB:93:E4:E6:D2:EB:BA:E7:4D:A5:82:21:04:8A:00
Certificate issuer: /CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Certificate serial: 018340DAF90BC2860069D4874A9A4A006324
Authority key identifier: 67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/SsKX-4m7k-Tm0uu6502lgiEEigA.roa
Signing time: Thu 15 Sep 2022 11:13:55 +0000
ROA not before: Thu 15 Sep 2022 11:13:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35608
IP address blocks: 213.108.132.0/24 maxlen: 24
193.19.111.0/24 maxlen: 24
193.19.110.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:40:da:f9:0b:c2:86:00:69:d4:87:4a:9a:4a:00:63:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Validity
Not Before: Sep 15 11:13:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4ac297fb89bb93e4e6d2ebbae74da58221048a00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b5:fd:d3:c6:b2:9b:bc:d9:0d:97:2d:4a:64:
30:05:5c:ad:4a:3d:a2:d4:c5:20:2a:f4:fe:a7:e0:
37:b7:21:93:56:6d:d6:16:f4:4b:25:ad:0b:40:de:
65:a2:5a:50:49:7d:1f:09:d2:f2:b6:3f:0d:3e:c9:
1d:ea:d1:19:6e:5b:73:3b:f7:e1:53:12:7b:2d:34:
cf:af:88:ff:f2:22:e9:4a:dd:33:90:1f:df:d6:61:
73:5e:c4:0b:58:e6:e0:50:3e:e1:51:53:46:b5:22:
90:29:ce:9c:47:7c:68:30:84:fe:31:48:cf:81:6c:
04:70:9f:c7:c1:06:12:d6:e8:6f:cc:ec:ff:96:f0:
89:8f:7d:a6:37:00:dd:91:fb:85:23:a0:1c:d2:0e:
c2:4d:27:35:1d:b0:6a:1c:8f:bf:c6:c7:af:85:0e:
f1:fe:8b:bb:ff:14:4a:ef:39:77:90:3c:7e:dd:dc:
cf:90:5d:3b:53:7a:94:98:66:22:f2:bd:fc:ef:7e:
aa:de:01:23:d1:2e:34:8b:9e:c6:d8:14:37:bb:be:
ad:dc:51:2b:38:bf:19:a8:48:da:7b:09:b3:c4:63:
94:e9:fd:ee:c7:e8:70:46:a5:15:53:37:e9:94:da:
d6:d1:13:1f:82:6a:90:51:83:78:08:27:0a:d2:d0:
64:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:C2:97:FB:89:BB:93:E4:E6:D2:EB:BA:E7:4D:A5:82:21:04:8A:00
X509v3 Authority Key Identifier:
keyid:67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/SsKX-4m7k-Tm0uu6502lgiEEigA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.19.110.0/23
213.108.132.0/24
Signature Algorithm: sha256WithRSAEncryption
93:1a:09:47:7c:b0:ad:f3:8c:3b:e8:12:b8:f0:39:df:15:64:
5a:c1:64:f3:60:f6:87:37:14:b3:34:c4:df:7b:99:0a:5b:bf:
27:40:fd:b9:25:34:7a:23:b2:30:14:5c:ea:fa:82:e3:a7:e5:
d8:8c:80:72:af:6a:5c:e6:95:79:06:09:4a:c9:93:fa:e3:b6:
a8:65:45:36:b7:29:80:d6:d8:5b:b8:bf:21:9c:e3:d6:0d:ef:
72:11:41:9e:94:c9:f4:19:94:3b:b7:1f:71:6b:f6:00:23:57:
be:82:3b:79:44:10:7c:18:28:d7:bc:3e:27:d7:81:45:d0:65:
1f:9d:e3:c4:1e:4e:a6:72:80:e2:73:12:e1:35:e9:51:37:5a:
75:5f:6c:b3:48:99:62:a6:51:e6:9e:04:8b:5d:c7:ce:60:3c:
77:f4:c3:dc:89:0b:9b:03:8e:39:bd:6a:1d:4b:58:3b:42:4a:
8b:aa:98:05:65:bf:88:27:ab:0c:69:7a:a6:af:df:6d:e8:4c:
ad:3d:22:36:cb:71:fd:ca:52:60:86:55:c9:14:d4:37:eb:d0:
af:d5:2a:f9:9d:f2:fa:54:64:fd:d3:a6:38:ad:96:f0:2d:71:
35:8b:bf:5d:ae:28:be:51:9a:85:6b:2b:18:f9:44:43:03:1c:
10:ad:fb:ea
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYNA2vkLwoYAadSHSppKAGMkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3OTU1YjFhYTFjMDI4NGQyODQzYjk2ZjI2YzVmZTc1MWU2
Njk0NmYwHhcNMjIwOTE1MTExMzU1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWMyOTdmYjg5YmI5M2U0ZTZkMmViYmFlNzRkYTU4MjIxMDQ4YTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLX908aym7zZDZctSmQwBVytSj2i
1MUgKvT+p+A3tyGTVm3WFvRLJa0LQN5lolpQSX0fCdLytj8NPskd6tEZbltzO/fh
UxJ7LTTPr4j/8iLpSt0zkB/f1mFzXsQLWObgUD7hUVNGtSKQKc6cR3xoMIT+MUjP
gWwEcJ/HwQYS1uhvzOz/lvCJj32mNwDdkfuFI6Ac0g7CTSc1HbBqHI+/xsevhQ7x
/ou7/xRK7zl3kDx+3dzPkF07U3qUmGYi8r38736q3gEj0S40i57G2BQ3u76t3FEr
OL8ZqEjaewmzxGOU6f3ux+hwRqUVUzfplNrW0RMfgmqQUYN4CCcK0tBkdQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFErCl/uJu5Pk5tLruudNpYIhBIoAMB8GA1UdIwQY
MBaAFGeVWxqhwChNKEO5bybF/nUeZpRvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDct
MDhhZDk0MTAxZDdlLzEvU3NLWC00bTdrLVRtMHV1NjUwMmxnaUVFaWdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDctMDhhZDk0MTAxZDdl
LzEvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwRNuAwQA
1WyEMA0GCSqGSIb3DQEBCwUAA4IBAQCTGglHfLCt84w76BK48DnfFWRawWTzYPaH
NxSzNMTfe5kKW78nQP25JTR6I7IwFFzq+oLjp+XYjIByr2pc5pV5BglKyZP647ao
ZUU2tymA1thbuL8hnOPWDe9yEUGelMn0GZQ7tx9xa/YAI1e+gjt5RBB8GCjXvD4n
14FF0GUfnePEHk6mcoDicxLhNelRN1p1X2yzSJliplHmngSLXcfOYDx39MPciQub
A445vWodS1g7QkqLqpgFZb+IJ6sMaXqmr99t6EytPSI2y3H9ylJghlXJFNQ369Cv
1Sr5nfL6VGT906Y4rZbwLXE1i79drii+UZqFaysY+URDAxwQrfvq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:52 2024 by rpki-client on console-ams.rpki-client.org