Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/3139332e3139342e31362e302f32322d3234203d3e20343031303339.roa
File: 3139332e3139342e31362e302f32322d3234203d3e20343031303339.roa (raw, json)
Hash identifier: SjbzfyZNLZcFKPMgwDMDn6rEOf1zAjxUmot7LQ8xiXs=
Subject key identifier: 06:FC:4A:09:04:BF:1E:19:71:80:A1:08:9A:F1:0A:B9:C3:36:C5:FE
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 4E59B3619D0DB925CA3DDE20064063A829BF50D7
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/3139332e3139342e31362e302f32322d3234203d3e20343031303339.roa
Signing time: Tue 21 May 2024 11:25:47 +0000
ROA not before: Tue 21 May 2024 11:20:47 +0000
ROA not after: Tue 20 May 2025 11:25:47 +0000
asID: 401039
IP address blocks: 193.194.16.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:59:b3:61:9d:0d:b9:25:ca:3d:de:20:06:40:63:a8:29:bf:50:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: May 21 11:20:47 2024 GMT
Not After : May 20 11:25:47 2025 GMT
Subject: CN=06FC4A0904BF1E197180A1089AF10AB9C336C5FE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:39:8d:c0:25:39:27:31:3e:f2:29:a5:64:98:
48:d3:95:cd:fc:84:77:c4:6b:cb:24:28:4a:5e:69:
cb:89:cc:93:83:de:0f:4b:44:87:30:ff:37:f8:d4:
02:25:ae:18:2c:3c:8a:f2:22:56:84:bb:67:0b:94:
48:e0:f0:26:be:a3:e8:bb:89:c5:8c:77:f8:ff:19:
18:cf:31:10:f7:7e:1c:2b:cb:b8:4d:9c:d3:c1:d1:
6c:16:88:2c:ed:d6:c5:9b:61:2f:7e:b2:d0:60:31:
07:82:7a:75:b1:ec:65:38:58:cd:b2:37:a7:98:2c:
ba:83:1e:a5:b0:e4:2e:17:5f:dd:1d:37:8c:eb:41:
52:d2:7c:02:d2:dd:33:56:e8:84:e3:88:56:a1:75:
b3:c1:4f:4f:a0:22:76:bc:fe:e4:09:20:9a:2f:92:
01:d6:fb:20:f5:6a:27:8f:d5:92:46:eb:2f:6c:25:
e7:38:74:05:22:45:5e:29:d9:48:96:25:4b:4d:99:
30:b7:3f:70:9e:83:8f:77:f3:0b:01:cf:0a:ae:61:
5b:45:b9:86:3b:c1:cf:b1:d4:36:3f:ef:83:06:24:
6b:d6:44:ee:61:9b:e3:9c:d2:d1:d7:87:10:09:89:
a0:5b:54:a3:d8:61:8c:d5:33:86:59:02:27:ca:af:
a2:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:FC:4A:09:04:BF:1E:19:71:80:A1:08:9A:F1:0A:B9:C3:36:C5:FE
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/3139332e3139342e31362e302f32322d3234203d3e20343031303339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.194.16.0/22
Signature Algorithm: sha256WithRSAEncryption
85:52:93:7c:2a:b3:50:37:32:80:99:3e:a2:2e:76:5f:23:ae:
b1:21:a4:e8:d1:bc:cb:53:cd:5a:b7:7d:f3:64:e7:5e:56:16:
b6:f2:0d:f1:9d:de:55:60:d4:4d:0c:56:2b:cc:85:d7:4a:de:
fe:3e:9f:d1:ab:5c:2a:a5:e9:a4:38:e9:8e:cd:ca:03:7c:41:
52:24:f8:aa:6c:78:a2:a4:64:b4:1f:7f:6b:b5:14:2d:ea:2b:
4f:67:89:8c:58:29:fa:cf:cb:9f:08:7b:77:8d:91:a7:77:96:
bc:56:ec:8b:53:b6:e9:f6:81:b6:3d:df:79:fe:62:8f:3d:20:
ba:1e:d5:fe:bf:32:52:de:a4:12:64:8e:38:95:bd:fc:d3:ad:
df:c9:ca:15:25:f7:25:e4:cc:29:e9:27:91:24:8b:2a:15:37:
1f:86:91:d5:35:1c:a9:07:51:2b:18:7e:ff:e5:a0:aa:ca:b4:
b7:73:3c:35:df:50:92:7b:10:34:a5:ff:bc:02:85:56:bb:f2:
6a:d8:72:1d:2c:20:63:5d:9f:a9:e1:cd:54:6a:39:71:90:80:
8d:4d:c0:1c:c7:93:fb:30:d3:af:bd:32:5e:34:2c:fd:d6:5f:
1a:05:80:83:7f:8f:39:7a:df:98:80:5c:dd:21:3a:e4:fe:8d:
8c:69:c1:7c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUTlmzYZ0NuSXKPd4gBkBjqCm/UNcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yNDA1MjExMTIwNDdaFw0yNTA1MjAxMTI1NDdaMDMxMTAvBgNV
BAMTKDA2RkM0QTA5MDRCRjFFMTk3MTgwQTEwODlBRjEwQUI5QzMzNkM1RkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuOY3AJTknMT7yKaVkmEjTlc38
hHfEa8skKEpeacuJzJOD3g9LRIcw/zf41AIlrhgsPIryIlaEu2cLlEjg8Ca+o+i7
icWMd/j/GRjPMRD3fhwry7hNnNPB0WwWiCzt1sWbYS9+stBgMQeCenWx7GU4WM2y
N6eYLLqDHqWw5C4XX90dN4zrQVLSfALS3TNW6ITjiFahdbPBT0+gIna8/uQJIJov
kgHW+yD1aieP1ZJG6y9sJec4dAUiRV4p2UiWJUtNmTC3P3Ceg4938wsBzwquYVtF
uYY7wc+x1DY/74MGJGvWRO5hm+Oc0tHXhxAJiaBbVKPYYYzVM4ZZAifKr6JVAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUBvxKCQS/HhlxgKEImvEKucM2xf4wHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYt
MWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYxNjdkLzAvMzEzOTMzMmUzMTM5MzQyZTMx
MzYyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzNDMwMzEzMDMzMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BALBwhAwDQYJKoZIhvcNAQELBQADggEBAIVSk3wqs1A3MoCZPqIudl8jrrEhpOjR
vMtTzVq3ffNk515WFrbyDfGd3lVg1E0MVivMhddK3v4+n9GrXCql6aQ46Y7NygN8
QVIk+KpseKKkZLQff2u1FC3qK09niYxYKfrPy58Ie3eNkad3lrxW7ItTtun2gbY9
33n+Yo89ILoe1f6/MlLepBJkjjiVvfzTrd/JyhUl9yXkzCnpJ5EkiyoVNx+GkdU1
HKkHUSsYfv/loKrKtLdzPDXfUJJ7EDSl/7wChVa78mrYch0sIGNdn6nhzVRqOXGQ
gI1NwBzHk/sw06+9Ml40LP3WXxoFgIN/jzl635iAXN0hOuT+jYxpwXw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:08 2024 by rpki-client on console-fra.rpki-client.org