Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/f4ca1c-35dd-4cb1-84fa-8115cafd38ce/1/aF0FYBN3_bjPW751ZBB4p771Kw8.roa
File: aF0FYBN3_bjPW751ZBB4p771Kw8.roa (raw, json)
Hash identifier: EM/FpEa1dWhWFwCr1SZe6PFfoEO8uUK9wYdIanypt/E=
Subject key identifier: 68:5D:05:60:13:77:FD:B8:CF:5B:BE:75:64:10:78:A7:BE:F5:2B:0F
Certificate issuer: /CN=b0bd68e370e7ec25bec8e01497b2138d95dc6ebc
Certificate serial: 018572CCAD57CE738970D4B657B18E40489E
Authority key identifier: B0:BD:68:E3:70:E7:EC:25:BE:C8:E0:14:97:B2:13:8D:95:DC:6E:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sL1o43Dn7CW-yOAUl7ITjZXcbrw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/f4ca1c-35dd-4cb1-84fa-8115cafd38ce/1/aF0FYBN3_bjPW751ZBB4p771Kw8.roa
Signing time: Mon 02 Jan 2023 14:04:54 +0000
ROA not before: Mon 02 Jan 2023 14:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8423
IP address blocks: 193.222.57.0/24 maxlen: 24
193.200.141.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:cc:ad:57:ce:73:89:70:d4:b6:57:b1:8e:40:48:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0bd68e370e7ec25bec8e01497b2138d95dc6ebc
Validity
Not Before: Jan 2 14:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=685d05601377fdb8cf5bbe75641078a7bef52b0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:8c:50:2b:c2:d2:41:91:33:b4:af:9d:96:d5:
3e:42:a5:bf:de:23:fa:35:fe:93:13:60:f8:b4:82:
f2:b3:13:5c:47:02:51:62:7e:d8:2b:91:49:23:33:
bd:9e:0b:47:39:0f:b0:e5:37:1f:3b:fc:9b:3d:45:
12:e2:45:36:83:da:39:fd:8d:e6:36:92:e1:92:ad:
27:92:2a:46:96:b5:52:4c:aa:3a:03:d2:5e:fd:11:
c2:e7:f7:9a:f3:7c:bc:a0:e9:a6:1d:eb:fd:50:19:
83:8c:2d:cf:c6:6a:a9:b3:b3:42:32:d4:23:0c:ab:
7b:ec:81:fd:b5:bb:39:61:83:c5:d8:93:87:3b:4c:
00:0a:da:33:b6:19:48:30:2e:31:12:50:a6:e8:1f:
f2:f6:a0:f2:fc:ed:2a:47:79:fc:fa:51:06:7f:b2:
f0:67:1e:81:26:e8:dc:4a:61:59:ec:b4:95:d1:82:
b0:8a:d7:98:38:e2:79:71:51:c4:cb:c1:7c:e6:32:
ea:a8:c3:a4:6d:af:07:61:fa:08:15:01:f4:e5:ef:
43:76:6a:82:21:e1:c2:f1:c5:04:92:ee:ca:e3:1c:
5e:56:ae:45:94:c5:e9:2f:32:39:c1:9d:f8:a1:47:
c6:d9:b1:ba:8a:94:72:95:ea:dc:8f:6f:25:74:3f:
8c:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:5D:05:60:13:77:FD:B8:CF:5B:BE:75:64:10:78:A7:BE:F5:2B:0F
X509v3 Authority Key Identifier:
keyid:B0:BD:68:E3:70:E7:EC:25:BE:C8:E0:14:97:B2:13:8D:95:DC:6E:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sL1o43Dn7CW-yOAUl7ITjZXcbrw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/f4ca1c-35dd-4cb1-84fa-8115cafd38ce/1/aF0FYBN3_bjPW751ZBB4p771Kw8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/f4ca1c-35dd-4cb1-84fa-8115cafd38ce/1/sL1o43Dn7CW-yOAUl7ITjZXcbrw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.200.141.0/24
193.222.57.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:5d:3e:4c:4d:02:99:b4:cf:8c:38:90:10:9d:4b:22:db:4c:
4f:91:75:80:db:82:ca:0b:f4:fc:d9:79:59:79:d9:b1:59:f0:
96:dd:48:90:99:68:28:05:2b:2e:6f:3d:92:da:cd:f1:62:b3:
8b:51:80:5f:ab:e6:e6:f0:68:7b:ea:d2:e8:41:79:3b:60:0b:
75:b9:f4:35:0c:91:aa:6c:01:e1:df:16:f1:cf:bd:dc:75:ec:
b1:40:8f:20:48:ce:28:fd:cd:46:59:71:44:8d:96:6b:48:8e:
46:4b:f6:ba:69:07:ce:62:0c:18:22:0a:5c:61:fd:90:84:e7:
5d:df:70:64:74:9a:12:fd:19:c3:23:9d:3d:c1:73:6e:75:f9:
84:e0:68:73:e5:2c:0f:b1:11:1e:e0:e4:36:f9:2c:2e:f6:73:
f0:c5:6b:0e:74:25:6c:06:1a:5c:f4:56:d2:65:d8:fe:40:ea:
b3:8d:be:de:88:e8:2b:c1:c2:30:03:96:9f:ef:a5:19:9b:22:
7d:28:03:d7:41:90:a4:4a:0c:6c:db:00:a9:f0:a9:1e:31:e0:
3d:2c:06:d6:ba:fd:8f:33:f6:86:f2:17:b9:35:e8:6a:da:12:
58:e3:c3:65:19:d7:3b:b2:01:e6:b6:ce:17:65:00:35:ec:2c:
30:23:08:c7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyzK1XznOJcNS2V7GOQEieMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYmQ2OGUzNzBlN2VjMjViZWM4ZTAxNDk3YjIxMzhkOTVk
YzZlYmMwHhcNMjMwMTAyMTQwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODVkMDU2MDEzNzdmZGI4Y2Y1YmJlNzU2NDEwNzhhN2JlZjUyYjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7oxQK8LSQZEztK+dltU+QqW/3iP6
Nf6TE2D4tILysxNcRwJRYn7YK5FJIzO9ngtHOQ+w5TcfO/ybPUUS4kU2g9o5/Y3m
NpLhkq0nkipGlrVSTKo6A9Je/RHC5/ea83y8oOmmHev9UBmDjC3Pxmqps7NCMtQj
DKt77IH9tbs5YYPF2JOHO0wACtozthlIMC4xElCm6B/y9qDy/O0qR3n8+lEGf7Lw
Zx6BJujcSmFZ7LSV0YKwiteYOOJ5cVHEy8F85jLqqMOkba8HYfoIFQH05e9DdmqC
IeHC8cUEku7K4xxeVq5FlMXpLzI5wZ34oUfG2bG6ipRylercj28ldD+MZQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGhdBWATd/24z1u+dWQQeKe+9SsPMB8GA1UdIwQY
MBaAFLC9aONw5+wlvsjgFJeyE42V3G68MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0wxbzQzRG43Q1cteU9BVWw3SVRqWlhjYnJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9mNGNhMWMtMzVkZC00Y2IxLTg0ZmEt
ODExNWNhZmQzOGNlLzEvYUYwRllCTjNfYmpQVzc1MVpCQjRwNzcxS3c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9mNGNhMWMtMzVkZC00Y2IxLTg0ZmEtODExNWNhZmQzOGNl
LzEvc0wxbzQzRG43Q1cteU9BVWw3SVRqWlhjYnJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwciNAwQA
wd45MA0GCSqGSIb3DQEBCwUAA4IBAQCKXT5MTQKZtM+MOJAQnUsi20xPkXWA24LK
C/T82XlZedmxWfCW3UiQmWgoBSsubz2S2s3xYrOLUYBfq+bm8Gh76tLoQXk7YAt1
ufQ1DJGqbAHh3xbxz73cdeyxQI8gSM4o/c1GWXFEjZZrSI5GS/a6aQfOYgwYIgpc
Yf2QhOdd33BkdJoS/RnDI509wXNudfmE4Ghz5SwPsREe4OQ2+Swu9nPwxWsOdCVs
Bhpc9FbSZdj+QOqzjb7eiOgrwcIwA5af76UZmyJ9KAPXQZCkSgxs2wCp8KkeMeA9
LAbWuv2PM/aG8he5Nehq2hJY48NlGdc7sgHmts4XZQA17CwwIwjH
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:07 2025 by rpki-client