Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/T48EfzRbd0XM4m8zxYzZRugw9XQ.roa
File: T48EfzRbd0XM4m8zxYzZRugw9XQ.roa (raw, json)
Hash identifier: HRdo694B3bAOXLdjbBiYTSRVnEM6kROVieN28+Uq8gg=
Subject key identifier: 4F:8F:04:7F:34:5B:77:45:CC:E2:6F:33:C5:8C:D9:46:E8:30:F5:74
Certificate issuer: /CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Certificate serial: 01889AA655C83D0F1D755F3CABDFF530F2EC
Authority key identifier: 67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/T48EfzRbd0XM4m8zxYzZRugw9XQ.roa
Signing time: Thu 08 Jun 2023 10:56:12 +0000
ROA not before: Thu 08 Jun 2023 10:56:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52000
IP address blocks: 193.200.161.0/24 maxlen: 24
195.210.9.0/24 maxlen: 24
193.93.61.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9a:a6:55:c8:3d:0f:1d:75:5f:3c:ab:df:f5:30:f2:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Validity
Not Before: Jun 8 10:56:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4f8f047f345b7745cce26f33c58cd946e830f574
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:17:c5:a5:08:fa:7b:c4:3c:7f:00:37:e4:21:
f6:8b:71:40:0f:f1:02:f9:8a:6e:53:4f:3c:42:2d:
81:f7:97:ac:f7:0b:94:d0:62:c3:1b:0a:21:ea:ff:
85:3d:97:11:06:f1:56:3a:a6:e4:17:a0:44:b0:fb:
5e:15:52:02:24:90:ab:5b:f0:0a:f6:b2:0b:5b:7e:
a6:55:a9:da:e6:0f:c7:7b:10:9a:04:f5:0d:ab:41:
74:37:46:35:2c:5f:af:a5:72:5d:3a:73:51:5a:bb:
52:f3:c9:b3:83:1a:2a:40:30:65:cb:99:2a:2b:b4:
69:90:98:11:1a:f1:03:9c:cf:a5:63:c5:b6:4f:89:
21:9a:03:e1:f3:09:c7:bb:c2:7f:6a:29:b7:13:76:
7e:f1:00:9d:67:09:31:89:36:cf:52:a4:bf:fb:10:
11:13:71:91:04:d8:97:1c:bc:3e:eb:db:ee:c0:ec:
06:80:f6:33:70:59:37:86:dc:25:5a:bf:e0:dd:35:
11:8d:62:37:18:22:5c:13:2a:1e:63:db:c8:70:52:
5f:81:07:3d:e3:08:f7:9a:29:b3:ca:ba:9f:a1:f4:
b0:ad:1c:ed:14:ef:84:e3:84:bc:71:55:78:32:a3:
99:6e:60:4f:c9:f6:48:f4:0e:7a:b9:88:7a:91:2e:
b6:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:8F:04:7F:34:5B:77:45:CC:E2:6F:33:C5:8C:D9:46:E8:30:F5:74
X509v3 Authority Key Identifier:
keyid:67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/T48EfzRbd0XM4m8zxYzZRugw9XQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.93.61.0/24
193.200.161.0/24
195.210.9.0/24
Signature Algorithm: sha256WithRSAEncryption
28:28:60:52:70:87:32:89:3a:09:ac:2c:65:ca:33:5a:7e:54:
3f:f7:a0:c9:9e:ec:80:38:1a:74:d4:77:e0:7d:6e:f2:6e:19:
13:e1:f2:ca:f1:98:95:ba:18:1a:fa:ab:8b:bd:3d:e7:54:44:
22:a0:6d:b3:e0:f0:c8:6f:17:30:da:a4:91:9e:f4:2e:c5:4e:
e3:3c:6e:eb:5f:0a:32:3d:02:09:0f:25:0e:88:39:4b:af:fe:
be:17:9c:fb:f7:67:7f:9e:a0:ef:e1:85:1f:21:03:2e:c9:f6:
53:5c:d4:56:11:56:9c:b9:30:48:e3:2c:1b:b6:31:d9:00:f0:
94:a0:d2:7a:82:14:06:96:e9:16:ee:1c:0d:15:62:88:54:ca:
69:ef:17:81:e9:38:f2:3b:3c:cc:7a:6a:7a:ec:5c:a1:b7:c7:
6c:1e:bd:9a:da:3d:82:9a:a7:14:92:31:67:e4:5f:b3:3f:5b:
e9:43:4d:b1:de:04:a4:08:5c:a1:a6:4a:49:cd:87:cb:fc:1c:
aa:4d:56:63:85:6a:4b:4c:5c:ad:8a:1c:6a:21:56:12:a4:05:
70:27:ef:cc:39:6f:f0:78:05:d7:df:8d:5e:2e:02:45:24:e8:
35:2e:5a:d5:e6:fb:18:7a:4e:fb:9c:28:70:34:6a:1c:91:5e:
d8:82:f4:3e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYiaplXIPQ8ddV88q9/1MPLsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3OTU1YjFhYTFjMDI4NGQyODQzYjk2ZjI2YzVmZTc1MWU2
Njk0NmYwHhcNMjMwNjA4MTA1NjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjhmMDQ3ZjM0NWI3NzQ1Y2NlMjZmMzNjNThjZDk0NmU4MzBmNTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRfFpQj6e8Q8fwA35CH2i3FAD/EC
+YpuU088Qi2B95es9wuU0GLDGwoh6v+FPZcRBvFWOqbkF6BEsPteFVICJJCrW/AK
9rILW36mVana5g/HexCaBPUNq0F0N0Y1LF+vpXJdOnNRWrtS88mzgxoqQDBly5kq
K7RpkJgRGvEDnM+lY8W2T4khmgPh8wnHu8J/aim3E3Z+8QCdZwkxiTbPUqS/+xAR
E3GRBNiXHLw+69vuwOwGgPYzcFk3htwlWr/g3TURjWI3GCJcEyoeY9vIcFJfgQc9
4wj3mimzyrqfofSwrRztFO+E44S8cVV4MqOZbmBPyfZI9A56uYh6kS625wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE+PBH80W3dFzOJvM8WM2UboMPV0MB8GA1UdIwQY
MBaAFGeVWxqhwChNKEO5bybF/nUeZpRvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDct
MDhhZDk0MTAxZDdlLzEvVDQ4RWZ6UmJkMFhNNG04enhZelpSdWd3OVhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDctMDhhZDk0MTAxZDdl
LzEvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwV09AwQA
wcihAwQAw9IJMA0GCSqGSIb3DQEBCwUAA4IBAQAoKGBScIcyiToJrCxlyjNaflQ/
96DJnuyAOBp01HfgfW7ybhkT4fLK8ZiVuhga+quLvT3nVEQioG2z4PDIbxcw2qSR
nvQuxU7jPG7rXwoyPQIJDyUOiDlLr/6+F5z792d/nqDv4YUfIQMuyfZTXNRWEVac
uTBI4ywbtjHZAPCUoNJ6ghQGlukW7hwNFWKIVMpp7xeB6TjyOzzMemp67Fyht8ds
Hr2a2j2CmqcUkjFn5F+zP1vpQ02x3gSkCFyhpkpJzYfL/ByqTVZjhWpLTFytihxq
IVYSpAVwJ+/MOW/weAXX341eLgJFJOg1LlrV5vsYek77nChwNGockV7YgvQ+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:27 2024 by rpki-client on console-fra.rpki-client.org