Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/f73cdb-8273-4f43-9f61-8aa7c4cb719f/1/SiJICV8GCQ2-Xni0GM-Sbm5a9Z8.roa
File: SiJICV8GCQ2-Xni0GM-Sbm5a9Z8.roa (raw, json)
Hash identifier: OrGnyFuo3iS4PdQeunPDQxJ8SaEkzwST5DdpIAmkm8U=
Subject key identifier: 4A:22:48:09:5F:06:09:0D:BE:5E:78:B4:18:CF:92:6E:6E:5A:F5:9F
Certificate issuer: /CN=d709c9021e40af92a208de35024ca70663d734e4
Certificate serial: 018679D76D32303CBC3C0E784D7B8652319E
Authority key identifier: D7:09:C9:02:1E:40:AF:92:A2:08:DE:35:02:4C:A7:06:63:D7:34:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1wnJAh5Ar5KiCN41AkynBmPXNOQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/f73cdb-8273-4f43-9f61-8aa7c4cb719f/1/SiJICV8GCQ2-Xni0GM-Sbm5a9Z8.roa
Signing time: Wed 22 Feb 2023 15:56:46 +0000
ROA not before: Wed 22 Feb 2023 15:56:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207817
IP address blocks: 194.5.235.0/24 maxlen: 24
194.5.252.0/24 maxlen: 24
2a0d:9900::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:79:d7:6d:32:30:3c:bc:3c:0e:78:4d:7b:86:52:31:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d709c9021e40af92a208de35024ca70663d734e4
Validity
Not Before: Feb 22 15:56:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a2248095f06090dbe5e78b418cf926e6e5af59f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:65:1d:01:98:56:8b:be:ed:b7:5d:72:a9:bf:
7f:d2:9b:7b:53:94:e9:fe:f9:51:b2:24:3f:9d:69:
b6:ca:45:69:c4:aa:53:c5:4e:85:ce:94:ee:02:f8:
a0:6f:03:f6:ca:8a:97:4e:ce:d8:43:d2:0e:d1:75:
ee:3e:f0:11:18:b6:06:76:38:b7:2d:2c:32:7c:86:
e0:45:c1:ec:ae:86:42:86:67:73:84:f8:78:b6:78:
22:6e:48:e4:d4:7f:64:a0:e1:b4:dc:0a:67:9b:02:
9d:55:9e:6f:0c:e7:06:26:b5:bd:40:6c:79:ae:62:
1e:04:89:8d:5b:5b:76:df:fc:53:ac:46:49:60:35:
e4:f7:20:ad:c1:ca:82:59:fc:fb:8b:08:2c:f5:52:
9c:d0:b4:f2:86:7b:8e:6e:00:8d:b6:10:c2:5c:1a:
10:9f:16:d6:bf:b8:de:0c:8a:6c:77:cc:53:bb:50:
b3:32:02:08:2f:09:c7:b3:36:d2:62:89:47:b6:55:
30:34:6c:a1:04:a8:d1:13:30:c0:2a:fd:54:d0:6d:
b1:5a:e8:8c:b8:59:d2:e5:ac:20:5b:96:9b:bf:59:
b5:8f:4c:12:dc:98:12:15:18:1f:9b:5a:64:6e:8a:
20:c2:43:12:8c:ca:c0:24:ca:31:42:b9:90:00:9b:
e2:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:22:48:09:5F:06:09:0D:BE:5E:78:B4:18:CF:92:6E:6E:5A:F5:9F
X509v3 Authority Key Identifier:
keyid:D7:09:C9:02:1E:40:AF:92:A2:08:DE:35:02:4C:A7:06:63:D7:34:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1wnJAh5Ar5KiCN41AkynBmPXNOQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/f73cdb-8273-4f43-9f61-8aa7c4cb719f/1/SiJICV8GCQ2-Xni0GM-Sbm5a9Z8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/f73cdb-8273-4f43-9f61-8aa7c4cb719f/1/1wnJAh5Ar5KiCN41AkynBmPXNOQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.5.235.0/24
194.5.252.0/24
IPv6:
2a0d:9900::/29
Signature Algorithm: sha256WithRSAEncryption
42:b9:63:83:15:3f:e2:89:c5:42:d1:ca:b2:54:29:20:79:5e:
14:dd:39:36:70:30:8a:8e:4b:46:60:74:54:58:09:d2:17:f2:
fc:cd:77:33:de:38:0a:f5:98:d0:21:23:32:6b:2a:77:f6:22:
b0:be:79:ec:30:83:7a:65:59:51:6a:54:d9:f8:23:31:cb:a6:
74:10:6a:25:8f:4d:fa:7c:0e:a4:17:bd:bb:9c:68:44:5b:4b:
81:3a:d0:0e:16:d0:a2:50:da:cf:07:39:82:7c:42:48:96:ce:
35:83:cd:22:b2:b0:51:ea:b9:66:e5:16:9a:9e:21:7a:a8:b3:
c0:fd:f0:3b:12:47:10:71:9f:ab:7c:af:f3:8f:f2:7a:8e:8a:
8d:0e:f6:09:68:20:1f:89:9a:08:fa:38:f9:b7:75:21:dd:d8:
63:f5:91:24:30:f6:ce:ab:6d:f4:66:75:e4:8e:78:fa:d6:50:
e3:95:d5:1d:db:02:5f:31:ab:74:ea:56:17:3c:d2:ff:2f:24:
b4:8d:ac:67:dd:03:90:a2:90:cf:8b:1e:e1:a2:0b:56:69:d9:
c9:0d:81:ce:dd:ef:fb:7c:3c:1c:da:50:5a:08:14:e3:dc:5c:
97:3a:da:56:dd:fb:7d:f0:36:a8:a1:ba:9d:fa:3f:92:b5:c5:
75:d7:52:ce
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYZ5120yMDy8PA54TXuGUjGeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3MDljOTAyMWU0MGFmOTJhMjA4ZGUzNTAyNGNhNzA2NjNk
NzM0ZTQwHhcNMjMwMjIyMTU1NjQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTIyNDgwOTVmMDYwOTBkYmU1ZTc4YjQxOGNmOTI2ZTZlNWFmNTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2UdAZhWi77tt11yqb9/0pt7U5Tp
/vlRsiQ/nWm2ykVpxKpTxU6FzpTuAvigbwP2yoqXTs7YQ9IO0XXuPvARGLYGdji3
LSwyfIbgRcHsroZChmdzhPh4tngibkjk1H9koOG03ApnmwKdVZ5vDOcGJrW9QGx5
rmIeBImNW1t23/xTrEZJYDXk9yCtwcqCWfz7iwgs9VKc0LTyhnuObgCNthDCXBoQ
nxbWv7jeDIpsd8xTu1CzMgIILwnHszbSYolHtlUwNGyhBKjREzDAKv1U0G2xWuiM
uFnS5awgW5abv1m1j0wS3JgSFRgfm1pkboogwkMSjMrAJMoxQrmQAJviOwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEoiSAlfBgkNvl54tBjPkm5uWvWfMB8GA1UdIwQY
MBaAFNcJyQIeQK+SogjeNQJMpwZj1zTkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXduSkFoNUFyNUtpQ040MUFreW5CbVBYTk9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9mNzNjZGItODI3My00ZjQzLTlmNjEt
OGFhN2M0Y2I3MTlmLzEvU2lKSUNWOEdDUTItWG5pMEdNLVNibTVhOVo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9mNzNjZGItODI3My00ZjQzLTlmNjEtOGFhN2M0Y2I3MTlm
LzEvMXduSkFoNUFyNUtpQ040MUFreW5CbVBYTk9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAwgXrAwQA
wgX8MA0EAgACMAcDBQMqDZkAMA0GCSqGSIb3DQEBCwUAA4IBAQBCuWODFT/iicVC
0cqyVCkgeV4U3Tk2cDCKjktGYHRUWAnSF/L8zXcz3jgK9ZjQISMyayp39iKwvnns
MIN6ZVlRalTZ+CMxy6Z0EGolj036fA6kF727nGhEW0uBOtAOFtCiUNrPBzmCfEJI
ls41g80isrBR6rlm5RaaniF6qLPA/fA7EkcQcZ+rfK/zj/J6joqNDvYJaCAfiZoI
+jj5t3Uh3dhj9ZEkMPbOq230ZnXkjnj61lDjldUd2wJfMat06lYXPNL/LyS0jaxn
3QOQopDPix7hogtWadnJDYHO3e/7fDwc2lBaCBTj3FyXOtpW3ft98Daoobqd+j+S
tcV111LO
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:36 2023 by rpki-client on console-fra.rpki-client.org