Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/46d7af-02fb-45f9-a922-14b38b6e00a7/1/a-K7VGTYpNK0tz73naqDeJQ7feE.roa
File: a-K7VGTYpNK0tz73naqDeJQ7feE.roa (raw, json)
Hash identifier: BsABDVEHj07B7rCOj8bOu1WNfSnPj76IRW8f/RPnuYk=
Subject key identifier: 6B:E2:BB:54:64:D8:A4:D2:B4:B7:3E:F7:9D:AA:83:78:94:3B:7D:E1
Certificate issuer: /CN=f4db95f9d1b5c3ec934ff84d6ff7f01242da842a
Certificate serial: 0180DBED
Authority key identifier: F4:DB:95:F9:D1:B5:C3:EC:93:4F:F8:4D:6F:F7:F0:12:42:DA:84:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9NuV-dG1w-yTT_hNb_fwEkLahCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/46d7af-02fb-45f9-a922-14b38b6e00a7/1/a-K7VGTYpNK0tz73naqDeJQ7feE.roa
Signing time: Wed 12 Jan 2022 14:44:08 +0000
ROA not before: Wed 12 Jan 2022 14:44:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57271
IP address blocks: 194.59.5.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25222125 (0x180dbed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4db95f9d1b5c3ec934ff84d6ff7f01242da842a
Validity
Not Before: Jan 12 14:44:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6be2bb5464d8a4d2b4b73ef79daa8378943b7de1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:0c:4a:5a:01:d8:a1:d9:e7:be:50:fe:25:37:
fc:27:87:54:55:8b:5a:e8:0c:24:43:84:12:f3:34:
d1:33:fe:6b:2b:d0:82:6a:71:f1:f1:d0:1c:24:8b:
ef:81:54:c0:88:1e:71:97:4c:c5:63:72:b8:cb:04:
cd:44:36:66:07:03:c5:c3:14:80:f0:cc:37:9f:c6:
d3:6d:be:23:6c:3f:6f:ef:8a:df:15:3d:fc:bd:38:
7b:95:8c:92:e2:aa:8e:90:ea:bc:5a:69:76:03:d2:
ea:c8:6c:cf:49:5f:95:76:4d:c8:45:af:ee:6b:7d:
c8:30:c8:e5:ca:9b:ba:32:af:a5:25:fa:f7:03:38:
1d:05:db:23:68:52:8d:da:8c:a2:42:ec:6f:bc:cf:
db:48:4b:c3:74:74:f2:59:5a:66:9f:99:3c:2b:fa:
4a:e4:ff:9f:09:f7:0e:dc:8b:73:12:60:00:d0:5e:
82:0e:2b:72:4f:65:56:44:43:e9:bb:86:2f:91:03:
9b:9c:58:fb:d7:b9:b2:d7:0d:4e:7d:75:a7:0d:f7:
0d:7b:01:d9:71:8f:7e:37:bf:ce:e9:3c:1a:8e:ae:
29:de:db:65:ba:ea:0a:bc:f0:4e:e4:30:5d:1a:5f:
ab:ef:bb:b1:70:38:4b:a0:86:40:b1:0d:38:4d:a7:
18:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:E2:BB:54:64:D8:A4:D2:B4:B7:3E:F7:9D:AA:83:78:94:3B:7D:E1
X509v3 Authority Key Identifier:
keyid:F4:DB:95:F9:D1:B5:C3:EC:93:4F:F8:4D:6F:F7:F0:12:42:DA:84:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9NuV-dG1w-yTT_hNb_fwEkLahCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/46d7af-02fb-45f9-a922-14b38b6e00a7/1/a-K7VGTYpNK0tz73naqDeJQ7feE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/46d7af-02fb-45f9-a922-14b38b6e00a7/1/9NuV-dG1w-yTT_hNb_fwEkLahCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.59.5.0/24
Signature Algorithm: sha256WithRSAEncryption
00:c3:de:79:58:48:f9:67:aa:73:ac:68:f2:31:2e:68:8f:ce:
78:4c:82:5b:22:86:59:35:23:d0:4a:3f:69:c5:9d:1a:3a:9f:
1f:11:4f:2e:35:e5:72:0a:ff:ea:20:5c:41:e8:19:00:3f:b6:
d5:05:0e:47:66:d6:32:64:02:8c:0f:3b:02:3d:3d:73:cb:37:
09:d2:7d:cd:31:83:45:2c:d4:4a:c2:a0:e8:a3:37:79:08:32:
72:be:15:5c:f3:91:68:00:5d:e2:34:41:58:7e:46:5b:f7:cd:
1b:af:9c:d7:ec:db:a3:21:fe:ae:5d:08:dd:b8:bd:74:ae:7d:
f3:fa:8d:c0:68:b8:7d:33:86:2d:82:88:ef:a4:14:80:c4:8e:
64:b6:3a:90:7d:7a:bf:99:56:d4:2c:38:0e:d2:c1:e9:d2:c2:
42:62:52:05:e6:aa:1c:f3:f1:53:33:cc:3a:86:87:ba:62:3d:
09:dd:09:0b:80:73:dd:b7:e0:8c:3a:ed:5b:b8:1a:9a:ff:0c:
33:15:d7:1d:48:9b:ed:ca:45:89:45:b1:93:c1:e1:6f:73:4d:
40:f6:81:94:b0:b4:a4:0c:29:d5:e4:4c:09:3a:f5:bb:4e:3e:
87:1b:53:da:4f:c6:d4:9a:59:35:d4:c0:a3:93:1b:bf:6a:10:
0d:5d:14:1e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAYDb7TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NGRiOTVmOWQxYjVjM2VjOTM0ZmY4NGQ2ZmY3ZjAxMjQyZGE4NDJhMB4XDTIyMDEx
MjE0NDQwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmJlMmJiNTQ2NGQ4
YTRkMmI0YjczZWY3OWRhYTgzNzg5NDNiN2RlMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMgMSloB2KHZ575Q/iU3/CeHVFWLWugMJEOEEvM00TP+ayvQ
gmpx8fHQHCSL74FUwIgecZdMxWNyuMsEzUQ2ZgcDxcMUgPDMN5/G022+I2w/b++K
3xU9/L04e5WMkuKqjpDqvFppdgPS6shsz0lflXZNyEWv7mt9yDDI5cqbujKvpSX6
9wM4HQXbI2hSjdqMokLsb7zP20hLw3R08llaZp+ZPCv6SuT/nwn3DtyLcxJgANBe
gg4rck9lVkRD6buGL5EDm5xY+9e5stcNTn11pw33DXsB2XGPfje/zuk8Go6uKd7b
ZbrqCrzwTuQwXRpfq++7sXA4S6CGQLENOE2nGAUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRr4rtUZNik0rS3PvedqoN4lDt94TAfBgNVHSMEGDAWgBT025X50bXD7JNP
+E1v9/ASQtqEKjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlOdVYtZEcxdy15VFRfaE5iX2Z3RWtMYWhDby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjAvNDZkN2FmLTAyZmItNDVmOS1hOTIyLTE0YjM4YjZlMDBhNy8x
L2EtSzdWR1RZcE5LMHR6NzNuYXFEZUpRN2ZlRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjAv
NDZkN2FmLTAyZmItNDVmOS1hOTIyLTE0YjM4YjZlMDBhNy8xLzlOdVYtZEcxdy15
VFRfaE5iX2Z3RWtMYWhDby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMI7BTANBgkqhkiG9w0BAQsFAAOC
AQEAAMPeeVhI+Weqc6xo8jEuaI/OeEyCWyKGWTUj0Eo/acWdGjqfHxFPLjXlcgr/
6iBcQegZAD+21QUOR2bWMmQCjA87Aj09c8s3CdJ9zTGDRSzUSsKg6KM3eQgycr4V
XPORaABd4jRBWH5GW/fNG6+c1+zboyH+rl0I3bi9dK598/qNwGi4fTOGLYKI76QU
gMSOZLY6kH16v5lW1Cw4DtLB6dLCQmJSBeaqHPPxUzPMOoaHumI9Cd0JC4Bz3bfg
jDrtW7gamv8MMxXXHUib7cpFiUWxk8Hhb3NNQPaBlLC0pAwp1eRMCTr1u04+hxtT
2k/G1JpZNdTAo5Mbv2oQDV0UHg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:03 2023 by rpki-client on console-ams.rpki-client.org