Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/knqAwDpIitOkyCL49BTGS1UejLU.roa
File: knqAwDpIitOkyCL49BTGS1UejLU.roa (raw, json)
Hash identifier: 81OFe4MCPK5EkoRgTxj4aqNMgL924xdf1ejj7HRG09I=
Subject key identifier: 92:7A:80:C0:3A:48:8A:D3:A4:C8:22:F8:F4:14:C6:4B:55:1E:8C:B5
Certificate issuer: /CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Certificate serial: 01856DC19E9E816B5084537C9AA29266E706
Authority key identifier: 67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/knqAwDpIitOkyCL49BTGS1UejLU.roa
Signing time: Sun 01 Jan 2023 14:34:43 +0000
ROA not before: Sun 01 Jan 2023 14:34:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213194
IP address blocks: 193.200.161.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:9e:9e:81:6b:50:84:53:7c:9a:a2:92:66:e7:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Validity
Not Before: Jan 1 14:34:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=927a80c03a488ad3a4c822f8f414c64b551e8cb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:79:81:a7:9f:bd:12:d8:ae:a4:16:df:a6:6d:
f7:f8:3b:28:e6:13:da:3f:a2:f0:ea:a1:c4:14:49:
ff:38:0b:a9:c5:32:12:59:57:9e:b8:d8:59:4d:3d:
49:f1:d6:06:ff:aa:05:11:ac:76:ab:70:ef:74:fa:
1c:76:c4:d8:01:5f:17:12:4d:c3:a7:a3:3f:0b:6e:
6f:18:42:f8:2a:10:76:ef:89:16:e7:8e:df:5e:86:
62:48:ed:eb:51:41:17:f1:17:32:8c:1d:48:2d:fd:
0d:ad:66:2b:97:0e:e3:0c:43:5d:7e:5f:62:9d:c3:
ee:3b:c7:4b:18:e1:69:a8:71:86:47:cd:e7:b3:ed:
6b:f4:95:db:53:bf:49:d3:ff:18:60:d8:6a:f8:4c:
9c:67:17:dd:30:fa:cb:d4:78:58:1f:3f:6f:33:fd:
82:d2:37:8c:d4:3e:2d:30:a5:1b:13:05:02:56:c3:
3d:52:c8:24:54:68:71:fe:3f:01:12:7b:74:13:ac:
a1:a9:b6:68:7a:44:a8:23:71:21:d0:df:9b:14:fa:
15:70:ce:96:0d:94:d3:7f:7d:5e:5d:6b:14:51:9f:
fa:2a:1c:8c:f2:cd:1d:6e:4e:cc:61:78:3f:c1:99:
3b:fd:29:72:aa:0b:fe:15:d9:5e:12:51:9c:cf:47:
e2:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:7A:80:C0:3A:48:8A:D3:A4:C8:22:F8:F4:14:C6:4B:55:1E:8C:B5
X509v3 Authority Key Identifier:
keyid:67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/knqAwDpIitOkyCL49BTGS1UejLU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.200.161.0/24
Signature Algorithm: sha256WithRSAEncryption
92:64:72:0d:e5:7c:6c:24:0a:3f:20:2b:7b:45:16:13:9a:89:
5a:79:33:f5:2b:f3:9f:82:52:5d:5e:64:63:39:82:15:07:b0:
7e:57:67:34:9e:a8:a3:fe:90:fe:5f:f9:9d:cd:82:af:ef:b6:
73:02:43:df:5a:39:8b:10:9a:f8:ae:5f:46:fe:50:f0:62:da:
6d:dd:a7:6c:0b:a4:43:c0:84:60:c6:c7:bb:f9:5e:ab:29:4e:
39:ab:42:46:34:87:61:6f:25:5e:5e:25:30:8e:15:b6:23:8c:
f1:d0:a2:67:7c:1f:df:54:87:6a:05:1d:80:3a:8f:2e:d3:21:
7e:9d:be:0f:74:40:ce:dc:53:37:ba:01:56:db:b2:62:9b:10:
de:cf:e3:85:17:e9:90:4f:95:d3:cb:86:03:2b:a8:dd:66:6d:
cf:c1:f2:4a:35:ec:e4:24:c0:ef:b8:0a:55:f8:09:cc:85:23:
50:43:b2:ba:f1:6b:63:16:e2:50:c0:c4:6e:f6:4d:d8:de:1a:
df:27:cb:b2:c6:45:f6:60:c0:57:fd:5c:c8:38:5f:be:ed:c7:
40:c3:da:d0:0d:36:db:4e:81:d0:df:13:f5:73:a2:2a:c4:d1:
1f:dd:37:4b:11:b0:44:50:2f:0b:34:08:f3:65:87:76:8f:06:
b7:37:55:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtwZ6egWtQhFN8mqKSZucGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3OTU1YjFhYTFjMDI4NGQyODQzYjk2ZjI2YzVmZTc1MWU2
Njk0NmYwHhcNMjMwMTAxMTQzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjdhODBjMDNhNDg4YWQzYTRjODIyZjhmNDE0YzY0YjU1MWU4Y2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXmBp5+9EtiupBbfpm33+Dso5hPa
P6Lw6qHEFEn/OAupxTISWVeeuNhZTT1J8dYG/6oFEax2q3DvdPocdsTYAV8XEk3D
p6M/C25vGEL4KhB274kW547fXoZiSO3rUUEX8RcyjB1ILf0NrWYrlw7jDENdfl9i
ncPuO8dLGOFpqHGGR83ns+1r9JXbU79J0/8YYNhq+EycZxfdMPrL1HhYHz9vM/2C
0jeM1D4tMKUbEwUCVsM9UsgkVGhx/j8BEnt0E6yhqbZoekSoI3Eh0N+bFPoVcM6W
DZTTf31eXWsUUZ/6KhyM8s0dbk7MYXg/wZk7/Slyqgv+FdleElGcz0fiZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJJ6gMA6SIrTpMgi+PQUxktVHoy1MB8GA1UdIwQY
MBaAFGeVWxqhwChNKEO5bybF/nUeZpRvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDct
MDhhZDk0MTAxZDdlLzEva25xQXdEcElpdE9reUNMNDlCVEdTMVVlakxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDctMDhhZDk0MTAxZDdl
LzEvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwcihMA0G
CSqGSIb3DQEBCwUAA4IBAQCSZHIN5XxsJAo/ICt7RRYTmolaeTP1K/OfglJdXmRj
OYIVB7B+V2c0nqij/pD+X/mdzYKv77ZzAkPfWjmLEJr4rl9G/lDwYtpt3adsC6RD
wIRgxse7+V6rKU45q0JGNIdhbyVeXiUwjhW2I4zx0KJnfB/fVIdqBR2AOo8u0yF+
nb4PdEDO3FM3ugFW27JimxDez+OFF+mQT5XTy4YDK6jdZm3PwfJKNezkJMDvuApV
+AnMhSNQQ7K68WtjFuJQwMRu9k3Y3hrfJ8uyxkX2YMBX/VzIOF++7cdAw9rQDTbb
ToHQ3xP1c6IqxNEf3TdLEbBEUC8LNAjzZYd2jwa3N1Vj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:27 2024 by rpki-client on console-fra.rpki-client.org