Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/a1740e-8404-42d2-af5c-10e24625a4d4/1/sV3FVlgCDmEp3BmyPPUIXsxtDU8.roa
File: sV3FVlgCDmEp3BmyPPUIXsxtDU8.roa (raw, json)
Hash identifier: QMvNXRO8u8Y18KNmbocYN8i4nogNO7HGsWte2ufC+jc=
Subject key identifier: B1:5D:C5:56:58:02:0E:61:29:DC:19:B2:3C:F5:08:5E:CC:6D:0D:4F
Certificate issuer: /CN=e93f3a41e6be524115c6c2b558bc280043a0224e
Certificate serial: 01856F30193B2E27CA87284AE87ADF7230C1
Authority key identifier: E9:3F:3A:41:E6:BE:52:41:15:C6:C2:B5:58:BC:28:00:43:A0:22:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6T86Qea-UkEVxsK1WLwoAEOgIk4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/a1740e-8404-42d2-af5c-10e24625a4d4/1/sV3FVlgCDmEp3BmyPPUIXsxtDU8.roa
Signing time: Sun 01 Jan 2023 21:15:01 +0000
ROA not before: Sun 01 Jan 2023 21:15:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35779
IP address blocks: 188.93.122.0/23 maxlen: 24
188.93.124.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:30:19:3b:2e:27:ca:87:28:4a:e8:7a:df:72:30:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e93f3a41e6be524115c6c2b558bc280043a0224e
Validity
Not Before: Jan 1 21:15:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b15dc55658020e6129dc19b23cf5085ecc6d0d4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:62:96:f1:53:0b:06:99:69:99:4a:71:42:33:
78:b3:47:d4:3b:fc:5e:a2:7d:1d:35:c3:1a:b4:cd:
38:d8:b1:5b:6e:7a:96:d4:65:20:dc:fa:b2:fb:d0:
d3:f8:7d:a6:90:de:29:bc:6b:86:78:96:a8:c7:d7:
10:08:5f:96:10:68:f1:d4:cc:eb:ec:5f:ca:20:29:
4b:9d:1b:87:b7:cb:b4:27:be:57:5f:25:df:b1:6f:
e4:97:e9:36:97:e2:14:4d:76:b0:53:b2:d3:64:d1:
ef:e9:a9:92:ba:8c:01:6b:cf:e2:0a:02:88:f9:6c:
32:a0:4c:48:4f:aa:13:1f:b8:99:19:cc:94:9f:2b:
81:45:31:7b:fd:cd:2e:b3:27:49:b8:ca:51:31:b8:
2f:85:8d:c5:81:82:4e:7f:42:9f:89:f3:74:80:44:
39:eb:e8:79:5f:b9:f5:d7:55:1f:23:88:96:47:8d:
91:8b:25:60:09:45:06:92:47:a0:97:d7:02:44:aa:
5e:2c:6c:c9:9b:04:5b:d3:f6:bf:ae:67:51:96:38:
15:31:1d:40:95:b4:5d:df:db:04:5c:62:bd:03:2a:
dd:34:4c:48:4a:6a:a1:b0:d7:5b:ee:e8:40:88:d4:
43:4b:20:21:20:39:7b:c1:e7:f3:2c:08:85:10:7f:
99:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:5D:C5:56:58:02:0E:61:29:DC:19:B2:3C:F5:08:5E:CC:6D:0D:4F
X509v3 Authority Key Identifier:
keyid:E9:3F:3A:41:E6:BE:52:41:15:C6:C2:B5:58:BC:28:00:43:A0:22:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6T86Qea-UkEVxsK1WLwoAEOgIk4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/a1740e-8404-42d2-af5c-10e24625a4d4/1/sV3FVlgCDmEp3BmyPPUIXsxtDU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/a1740e-8404-42d2-af5c-10e24625a4d4/1/6T86Qea-UkEVxsK1WLwoAEOgIk4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.93.122.0-188.93.127.255
Signature Algorithm: sha256WithRSAEncryption
7d:d2:fb:90:6d:ff:75:1f:d3:14:9c:13:ce:b1:cc:b8:32:d0:
d4:56:49:9b:03:1c:4b:36:f9:f3:04:35:ef:e4:b0:46:e3:4e:
d0:21:3d:b3:3e:fc:84:5a:95:00:08:37:76:f2:54:50:71:3e:
0b:0c:b0:68:2b:de:81:e0:8d:01:fb:cf:57:3d:cb:71:00:8d:
57:a1:cb:f8:81:ff:f4:f2:1f:c4:df:bb:52:ef:d2:ca:54:90:
4f:70:6e:ad:99:72:79:f4:4e:7e:cd:8b:45:62:af:50:9e:66:
85:8f:77:a3:e6:ac:7c:54:46:e7:5d:5a:f4:7f:5a:cb:e6:96:
28:61:2f:8a:34:1f:4a:77:59:cf:82:bf:61:5b:a6:1b:35:51:
6e:22:7b:10:91:56:fc:97:72:4d:cb:18:e2:9a:1d:ee:15:87:
4d:6d:fb:b9:53:ae:27:9b:5b:39:c7:ca:94:1a:b6:c1:91:0c:
68:ec:65:62:fb:11:b4:e2:31:78:93:f1:24:df:eb:b9:bc:6b:
b6:b2:6f:33:eb:37:24:02:0c:87:5d:d9:36:4a:db:e7:59:f7:
e9:2e:0b:d6:14:07:a2:9d:65:ce:fe:50:8d:75:31:b7:7a:23:
85:08:79:fc:a3:15:8a:a1:72:67:c2:10:04:12:1a:73:1b:19:
55:db:20:94
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVvMBk7LifKhyhK6HrfcjDBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5M2YzYTQxZTZiZTUyNDExNWM2YzJiNTU4YmMyODAwNDNh
MDIyNGUwHhcNMjMwMTAxMjExNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTVkYzU1NjU4MDIwZTYxMjlkYzE5YjIzY2Y1MDg1ZWNjNmQwZDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2KW8VMLBplpmUpxQjN4s0fUO/xe
on0dNcMatM042LFbbnqW1GUg3Pqy+9DT+H2mkN4pvGuGeJaox9cQCF+WEGjx1Mzr
7F/KIClLnRuHt8u0J75XXyXfsW/kl+k2l+IUTXawU7LTZNHv6amSuowBa8/iCgKI
+WwyoExIT6oTH7iZGcyUnyuBRTF7/c0usydJuMpRMbgvhY3FgYJOf0KfifN0gEQ5
6+h5X7n111UfI4iWR42RiyVgCUUGkkegl9cCRKpeLGzJmwRb0/a/rmdRljgVMR1A
lbRd39sEXGK9AyrdNExISmqhsNdb7uhAiNRDSyAhIDl7wefzLAiFEH+Z4QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLFdxVZYAg5hKdwZsjz1CF7MbQ1PMB8GA1UdIwQY
MBaAFOk/OkHmvlJBFcbCtVi8KABDoCJOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlQ4NlFlYS1Va0VWeHNLMVdMd29BRU9nSWs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9hMTc0MGUtODQwNC00MmQyLWFmNWMt
MTBlMjQ2MjVhNGQ0LzEvc1YzRlZsZ0NEbUVwM0JteVBQVUlYc3h0RFU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9hMTc0MGUtODQwNC00MmQyLWFmNWMtMTBlMjQ2MjVhNGQ0
LzEvNlQ4NlFlYS1Va0VWeHNLMVdMd29BRU9nSWs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAG8XXoD
BAe8XQAwDQYJKoZIhvcNAQELBQADggEBAH3S+5Bt/3Uf0xScE86xzLgy0NRWSZsD
HEs2+fMENe/ksEbjTtAhPbM+/IRalQAIN3byVFBxPgsMsGgr3oHgjQH7z1c9y3EA
jVehy/iB//TyH8Tfu1Lv0spUkE9wbq2Zcnn0Tn7Ni0Vir1CeZoWPd6PmrHxURudd
WvR/WsvmlihhL4o0H0p3Wc+Cv2Fbphs1UW4iexCRVvyXck3LGOKaHe4Vh01t+7lT
riebWznHypQatsGRDGjsZWL7EbTiMXiT8STf67m8a7aybzPrNyQCDIdd2TZK2+dZ
9+kuC9YUB6KdZc7+UI11Mbd6I4UIefyjFYqhcmfCEAQSGnMbGVXbIJQ=
-----END CERTIFICATE-----
Generated at Wed Dec 13 10:41:36 2023 by rpki-client on console-fra.rpki-client.org