Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/414ef4-4c1f-4256-88c9-f4d5e84ac1dd/1/VQz3eW_dBjkYxTKmAxp_pbegxBo.roa
File: VQz3eW_dBjkYxTKmAxp_pbegxBo.roa (raw, json)
Hash identifier: bq6u53uhZlAtEcWcq1oqpCNaSDkmxdZcAiFCl3OVZiw=
Subject key identifier: 55:0C:F7:79:6F:DD:06:39:18:C5:32:A6:03:1A:7F:A5:B7:A0:C4:1A
Certificate issuer: /CN=dbcc2bbaf3e0d4342a014f8b70f873cee9a8cac5
Certificate serial: 018CC870A5EA81E76FAC9D0A68F31255D36E
Authority key identifier: DB:CC:2B:BA:F3:E0:D4:34:2A:01:4F:8B:70:F8:73:CE:E9:A8:CA:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/28wruvPg1DQqAU-LcPhzzumoysU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/414ef4-4c1f-4256-88c9-f4d5e84ac1dd/1/VQz3eW_dBjkYxTKmAxp_pbegxBo.roa
Signing time: Tue 02 Jan 2024 04:31:14 +0000
ROA not before: Tue 02 Jan 2024 04:31:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41241
IP address blocks: 193.16.234.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:a5:ea:81:e7:6f:ac:9d:0a:68:f3:12:55:d3:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbcc2bbaf3e0d4342a014f8b70f873cee9a8cac5
Validity
Not Before: Jan 2 04:31:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=550cf7796fdd063918c532a6031a7fa5b7a0c41a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:83:4a:38:02:dd:a6:9e:fa:43:f5:05:56:e9:
a1:61:36:b3:8e:49:25:1f:7f:92:a6:c2:63:68:1b:
8a:b5:84:5f:7e:65:af:eb:d1:29:a2:c1:2b:8b:e6:
5f:1c:c3:41:27:82:cf:ad:2e:5d:b2:df:a3:38:21:
00:e0:c4:f4:61:4e:00:74:e6:06:5e:84:ca:ea:31:
1f:75:8e:aa:aa:8e:ba:7a:08:f7:91:55:b3:37:56:
b5:1f:a5:2e:64:09:81:2e:df:6a:f5:f4:41:7c:96:
c3:f3:a3:0e:75:a9:d0:95:07:16:e0:ed:36:57:18:
80:26:cb:e2:b0:ef:01:58:f8:69:76:76:7d:94:27:
eb:14:1e:b8:51:2a:2e:2d:57:9d:93:05:eb:ae:90:
d7:40:76:f0:66:0d:2f:f0:54:17:97:be:7a:7f:08:
67:93:95:a3:cc:1a:35:56:fd:96:3c:7f:ed:f9:6a:
db:a4:2a:e2:ab:99:06:32:3a:8d:0b:ef:ff:e6:97:
60:f0:1a:96:65:c9:fe:e6:f9:b6:d3:5f:c2:f1:c5:
31:e3:cf:16:ef:0f:6b:78:62:5d:a0:8b:33:66:a9:
98:c8:82:c1:b9:18:0c:ca:3e:cb:a9:6d:02:db:ff:
6b:48:27:16:88:14:79:eb:93:ea:8c:1e:4f:bd:ac:
43:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:0C:F7:79:6F:DD:06:39:18:C5:32:A6:03:1A:7F:A5:B7:A0:C4:1A
X509v3 Authority Key Identifier:
keyid:DB:CC:2B:BA:F3:E0:D4:34:2A:01:4F:8B:70:F8:73:CE:E9:A8:CA:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/28wruvPg1DQqAU-LcPhzzumoysU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/414ef4-4c1f-4256-88c9-f4d5e84ac1dd/1/VQz3eW_dBjkYxTKmAxp_pbegxBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/414ef4-4c1f-4256-88c9-f4d5e84ac1dd/1/28wruvPg1DQqAU-LcPhzzumoysU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.16.234.0/24
Signature Algorithm: sha256WithRSAEncryption
70:9d:0b:08:96:7d:e5:77:53:f5:f0:fc:c3:a9:b8:92:21:83:
f2:58:11:99:85:83:0e:62:79:66:83:4d:8b:c1:39:90:f4:79:
e1:1a:ec:10:bf:9a:8c:dd:1a:64:54:00:4d:5a:1d:74:77:13:
67:28:22:c3:ad:1f:b9:d2:94:47:d6:42:11:6c:34:d3:ba:79:
12:0f:4c:e6:81:e1:c8:0f:0c:de:cd:cb:02:3c:fb:be:85:99:
87:ba:da:d4:5b:72:65:f1:b1:95:c5:94:9f:76:52:40:a0:9f:
c5:2a:b9:cb:91:9b:7a:27:5e:06:22:20:df:86:20:22:a6:46:
ed:ca:88:fa:c2:f8:56:09:da:95:50:0f:1d:5c:e9:34:59:3f:
42:6f:fa:30:0a:91:b6:d6:43:f5:8e:98:95:b8:ea:07:e3:56:
dc:af:85:4a:4a:00:eb:ff:60:1a:37:a1:82:89:35:c7:d9:0d:
0c:7c:c3:e5:72:97:f1:eb:c6:78:1f:3f:d2:8f:d6:33:f1:86:
18:73:70:2f:a9:d3:92:a1:23:49:eb:f7:ba:b9:5e:4c:29:dd:
86:df:e8:e6:7b:82:83:01:12:b1:26:93:93:26:97:18:22:e7:
65:7f:d7:8f:ac:c6:27:54:5a:ac:89:df:8d:5d:bc:99:92:36:
fd:34:42:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIcKXqgedvrJ0KaPMSVdNuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiY2MyYmJhZjNlMGQ0MzQyYTAxNGY4YjcwZjg3M2NlZTlh
OGNhYzUwHhcNMjQwMTAyMDQzMTE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTBjZjc3OTZmZGQwNjM5MThjNTMyYTYwMzFhN2ZhNWI3YTBjNDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYNKOALdpp76Q/UFVumhYTazjkkl
H3+SpsJjaBuKtYRffmWv69EposEri+ZfHMNBJ4LPrS5dst+jOCEA4MT0YU4AdOYG
XoTK6jEfdY6qqo66egj3kVWzN1a1H6UuZAmBLt9q9fRBfJbD86MOdanQlQcW4O02
VxiAJsvisO8BWPhpdnZ9lCfrFB64USouLVedkwXrrpDXQHbwZg0v8FQXl756fwhn
k5WjzBo1Vv2WPH/t+WrbpCriq5kGMjqNC+//5pdg8BqWZcn+5vm201/C8cUx488W
7w9reGJdoIszZqmYyILBuRgMyj7LqW0C2/9rSCcWiBR565PqjB5PvaxDBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFUM93lv3QY5GMUypgMaf6W3oMQaMB8GA1UdIwQY
MBaAFNvMK7rz4NQ0KgFPi3D4c87pqMrFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjh3cnV2UGcxRFFxQVUtTGNQaHp6dW1veXNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC80MTRlZjQtNGMxZi00MjU2LTg4Yzkt
ZjRkNWU4NGFjMWRkLzEvVlF6M2VXX2RCamtZeFRLbUF4cF9wYmVneEJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC80MTRlZjQtNGMxZi00MjU2LTg4YzktZjRkNWU4NGFjMWRk
LzEvMjh3cnV2UGcxRFFxQVUtTGNQaHp6dW1veXNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRDqMA0G
CSqGSIb3DQEBCwUAA4IBAQBwnQsIln3ld1P18PzDqbiSIYPyWBGZhYMOYnlmg02L
wTmQ9HnhGuwQv5qM3RpkVABNWh10dxNnKCLDrR+50pRH1kIRbDTTunkSD0zmgeHI
DwzezcsCPPu+hZmHutrUW3Jl8bGVxZSfdlJAoJ/FKrnLkZt6J14GIiDfhiAipkbt
yoj6wvhWCdqVUA8dXOk0WT9Cb/owCpG21kP1jpiVuOoH41bcr4VKSgDr/2AaN6GC
iTXH2Q0MfMPlcpfx68Z4Hz/Sj9Yz8YYYc3AvqdOSoSNJ6/e6uV5MKd2G3+jme4KD
ARKxJpOTJpcYIudlf9ePrMYnVFqsid+NXbyZkjb9NEJ0
-----END CERTIFICATE-----
Generated at Tue Oct 8 17:14:56 2024 by rpki-client on console-fra.rpki-client.org