Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/r33MdTT7J_Pxn_FIfjDbs0U7a6I.roa
File: r33MdTT7J_Pxn_FIfjDbs0U7a6I.roa (raw, json)
Hash identifier: 809ACfrq+sMtzJLf1B1jb9qM8aIW/10dIC5XGRDphC0=
Subject key identifier: AF:7D:CC:75:34:FB:27:F3:F1:9F:F1:48:7E:30:DB:B3:45:3B:6B:A2
Certificate issuer: /CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Certificate serial: 069715A3
Authority key identifier: 67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/r33MdTT7J_Pxn_FIfjDbs0U7a6I.roa
Signing time: Sat 01 Jan 2022 08:57:14 +0000
ROA not before: Sat 01 Jan 2022 08:57:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213194
IP address blocks: 193.200.161.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 110564771 (0x69715a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Validity
Not Before: Jan 1 08:57:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=af7dcc7534fb27f3f19ff1487e30dbb3453b6ba2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:c5:99:22:a9:3e:e7:66:bf:6c:ba:47:75:da:
3b:b0:ad:52:45:2c:ea:c0:db:cb:62:98:0d:c3:dc:
58:3b:16:aa:71:bc:23:48:c4:15:21:d5:7d:48:52:
15:92:e1:fb:cb:49:13:00:35:d9:44:fb:e0:f3:e7:
20:40:af:17:1e:c7:eb:7d:10:23:f1:e8:1d:2a:69:
da:d3:a8:e9:29:bb:90:1b:d6:20:c1:74:80:75:21:
fe:0e:f8:09:c3:98:fa:df:48:5b:7d:10:aa:47:ad:
a3:58:58:d0:e0:71:fd:5f:4e:c2:3e:46:ce:84:0e:
ca:ae:61:41:42:ff:66:ce:8b:90:3e:89:a9:e6:26:
a7:c1:60:56:18:67:13:98:1a:4e:56:45:22:8f:95:
47:08:9f:68:7b:b2:02:3d:26:cf:00:71:4e:85:e1:
e1:36:fe:33:2e:43:02:c4:cd:7b:b0:23:75:fe:e9:
21:0c:5e:a2:e7:37:49:99:8b:7d:c5:5e:8d:22:32:
6c:2b:7e:66:aa:ce:80:a5:d2:4b:8d:cf:89:03:ff:
bb:97:b7:75:f3:ad:92:87:87:b3:8b:8d:52:6f:e5:
14:f1:21:fd:61:a3:60:c0:9d:b5:08:2f:80:f1:3e:
dc:6d:cf:53:a3:ce:0b:c9:f3:3f:57:85:20:56:1d:
18:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:7D:CC:75:34:FB:27:F3:F1:9F:F1:48:7E:30:DB:B3:45:3B:6B:A2
X509v3 Authority Key Identifier:
keyid:67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/r33MdTT7J_Pxn_FIfjDbs0U7a6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.200.161.0/24
Signature Algorithm: sha256WithRSAEncryption
17:9d:94:b0:94:2d:12:fa:3f:20:8a:fa:93:16:f9:70:e9:80:
3c:85:fc:50:77:52:dc:3b:f7:bd:2a:3e:ed:c4:a3:43:40:37:
2c:4d:6b:fb:31:d7:ad:d8:ef:0b:e6:1f:e4:5a:d7:68:60:2c:
ef:4b:53:bf:67:c5:f5:00:9d:59:41:11:26:99:d0:f0:5a:12:
69:49:82:91:be:61:86:48:95:f5:ca:39:e3:86:d4:a8:fd:82:
74:c6:92:7b:e1:9b:13:79:14:44:58:62:35:aa:39:af:68:45:
f5:5b:d6:76:92:89:18:56:a4:36:54:8f:ed:15:bc:12:65:ae:
20:91:bf:ae:af:94:26:05:37:51:b1:d1:17:39:17:4c:31:fc:
2b:3f:e9:04:33:98:54:e2:71:8a:4f:3e:4d:37:34:00:8e:68:
64:97:44:91:0a:d2:e3:b0:10:4f:c8:22:dd:67:cf:78:cb:d1:
61:54:ab:b5:03:1e:c6:bd:ec:bb:9b:73:e5:be:2d:8b:3f:e9:
14:5d:16:33:1c:83:d9:d0:71:57:c3:85:dd:91:cd:f2:41:ed:
da:37:2c:72:b3:89:95:84:20:dc:26:15:40:03:72:9e:3b:b6:
5a:5d:29:13:0b:36:2a:ee:c3:28:09:11:a3:66:83:9b:74:37:
0b:20:89:41
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBpcVozANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Nzk1NWIxYWExYzAyODRkMjg0M2I5NmYyNmM1ZmU3NTFlNjY5NDZmMB4XDTIyMDEw
MTA4NTcxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWY3ZGNjNzUzNGZi
MjdmM2YxOWZmMTQ4N2UzMGRiYjM0NTNiNmJhMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMrFmSKpPudmv2y6R3XaO7CtUkUs6sDby2KYDcPcWDsWqnG8
I0jEFSHVfUhSFZLh+8tJEwA12UT74PPnIECvFx7H630QI/HoHSpp2tOo6Sm7kBvW
IMF0gHUh/g74CcOY+t9IW30Qqketo1hY0OBx/V9Owj5GzoQOyq5hQUL/Zs6LkD6J
qeYmp8FgVhhnE5gaTlZFIo+VRwifaHuyAj0mzwBxToXh4Tb+My5DAsTNe7Ajdf7p
IQxeouc3SZmLfcVejSIybCt+ZqrOgKXSS43PiQP/u5e3dfOtkoeHs4uNUm/lFPEh
/WGjYMCdtQgvgPE+3G3PU6POC8nzP1eFIFYdGDMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSvfcx1NPsn8/Gf8Uh+MNuzRTtrojAfBgNVHSMEGDAWgBRnlVsaocAoTShD
uW8mxf51HmaUbzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1o1VmJHcUhBS0Uwb1E3bHZKc1gtZFI1bWxHOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWIvNjMxOTI1LTZiMGUtNGVhNS05MWQ3LTA4YWQ5NDEwMWQ3ZS8x
L3IzM01kVFQ3Sl9QeG5fRklmakRiczBVN2E2SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWIv
NjMxOTI1LTZiMGUtNGVhNS05MWQ3LTA4YWQ5NDEwMWQ3ZS8xL1o1VmJHcUhBS0Uw
b1E3bHZKc1gtZFI1bWxHOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMHIoTANBgkqhkiG9w0BAQsFAAOC
AQEAF52UsJQtEvo/IIr6kxb5cOmAPIX8UHdS3Dv3vSo+7cSjQ0A3LE1r+zHXrdjv
C+Yf5FrXaGAs70tTv2fF9QCdWUERJpnQ8FoSaUmCkb5hhkiV9co544bUqP2CdMaS
e+GbE3kURFhiNao5r2hF9VvWdpKJGFakNlSP7RW8EmWuIJG/rq+UJgU3UbHRFzkX
TDH8Kz/pBDOYVOJxik8+TTc0AI5oZJdEkQrS47AQT8gi3WfPeMvRYVSrtQMexr3s
u5tz5b4tiz/pFF0WMxyD2dBxV8OF3ZHN8kHt2jcscrOJlYQg3CYVQANynju2Wl0p
Ews2Ku7DKAkRo2aDm3Q3CyCJQQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:27 2024 by rpki-client on console-fra.rpki-client.org