Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/2de158-b19a-49eb-a6ec-284ea425e405/1/57Mc6XsaRaxdoa5DIGZV021m3I8.roa
File: 57Mc6XsaRaxdoa5DIGZV021m3I8.roa (raw, json)
Hash identifier: 1zqe1pJNA0pgptl/0b+J+syQ6ImDm6ZlfwI+eb5AleQ=
Subject key identifier: E7:B3:1C:E9:7B:1A:45:AC:5D:A1:AE:43:20:66:55:D3:6D:66:DC:8F
Certificate issuer: /CN=9e18aee8fe70354f75ea6dabf89ed8f94b6a1e58
Certificate serial: 03F9838C
Authority key identifier: 9E:18:AE:E8:FE:70:35:4F:75:EA:6D:AB:F8:9E:D8:F9:4B:6A:1E:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nhiu6P5wNU916m2r-J7Y-UtqHlg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/2de158-b19a-49eb-a6ec-284ea425e405/1/57Mc6XsaRaxdoa5DIGZV021m3I8.roa
Signing time: Sat 01 Jan 2022 13:54:58 +0000
ROA not before: Sat 01 Jan 2022 13:54:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59950
IP address blocks: 212.6.48.0/23 maxlen: 23
185.65.60.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66683788 (0x3f9838c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e18aee8fe70354f75ea6dabf89ed8f94b6a1e58
Validity
Not Before: Jan 1 13:54:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e7b31ce97b1a45ac5da1ae43206655d36d66dc8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:3d:20:52:04:82:f8:52:1f:18:2c:4b:fb:0f:
85:44:84:15:10:6b:0e:89:3d:bf:58:22:5e:c4:1a:
c6:f9:98:7d:ab:68:91:6e:d5:71:9e:af:84:b1:dc:
9c:79:fb:3c:1c:c4:6c:52:9c:15:d6:d9:ab:72:be:
b2:a4:79:7c:72:c7:3c:ac:e7:fc:49:23:ea:19:c4:
78:ba:5e:77:57:5a:73:fd:d3:c1:75:02:9d:6b:dd:
36:64:ba:7b:86:17:44:24:37:57:42:e0:a7:df:72:
3c:2f:bd:cd:47:52:3a:d7:eb:7c:81:80:a7:9b:ee:
28:74:a1:94:a3:6f:a6:5d:22:e8:85:30:ee:42:24:
b5:f6:af:28:6a:4e:23:69:23:d6:53:e9:bb:62:5f:
b1:18:79:88:6b:05:08:bf:e3:cf:d3:a5:b3:86:5c:
15:87:18:94:be:5a:0d:7a:93:9f:69:13:49:4f:9f:
30:aa:96:f2:4d:f0:cc:d0:51:b7:04:c7:0a:47:cd:
fd:dd:18:21:52:14:b3:29:a0:69:bc:68:57:6b:1d:
73:d0:70:63:66:23:4b:10:2b:35:9d:b8:93:34:29:
c9:c5:68:2a:ef:79:aa:63:b7:b2:e3:58:8b:37:e9:
aa:21:1e:62:b9:4b:e9:1b:83:25:82:5f:7a:ac:1b:
75:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:B3:1C:E9:7B:1A:45:AC:5D:A1:AE:43:20:66:55:D3:6D:66:DC:8F
X509v3 Authority Key Identifier:
keyid:9E:18:AE:E8:FE:70:35:4F:75:EA:6D:AB:F8:9E:D8:F9:4B:6A:1E:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nhiu6P5wNU916m2r-J7Y-UtqHlg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/2de158-b19a-49eb-a6ec-284ea425e405/1/57Mc6XsaRaxdoa5DIGZV021m3I8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/2de158-b19a-49eb-a6ec-284ea425e405/1/nhiu6P5wNU916m2r-J7Y-UtqHlg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.65.60.0/23
212.6.48.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:79:41:23:d7:73:ca:af:d5:d2:b1:bf:c4:0b:33:03:fd:8a:
2f:03:95:6e:07:62:14:08:a9:09:ed:55:41:97:de:e2:bd:9d:
fd:1d:fb:22:b4:ee:7d:5b:7c:ab:32:6a:98:04:d7:7a:74:aa:
10:a9:f4:3f:b3:34:49:87:fc:bf:04:a5:d0:63:05:ca:10:30:
41:3c:01:94:65:21:29:52:80:d8:61:f9:5c:7a:71:23:4a:0d:
ab:cd:18:33:be:da:a7:ff:30:dc:bd:ba:e5:af:f2:64:77:ad:
ef:51:30:a0:84:9f:a0:4f:1f:a9:14:40:18:65:08:8e:83:56:
27:87:85:c0:4d:ab:1b:da:3f:0a:d9:aa:b1:cc:0c:f9:67:97:
ff:45:b4:a3:0c:e5:38:7f:04:44:f5:bf:44:16:a3:e9:10:3c:
b4:ab:6b:27:16:01:e9:51:bd:cb:af:bc:a5:47:b7:e7:99:95:
15:fd:64:09:b6:13:15:51:85:38:ed:63:ae:39:19:41:3d:cc:
f7:5b:cd:fa:3f:d9:2e:62:bd:6f:13:b0:24:f6:5a:01:ed:44:
87:34:b1:c3:f7:06:c6:e1:43:68:95:3e:89:6f:64:79:18:3c:
68:c8:26:72:51:64:d8:50:b7:d0:be:50:4f:c0:46:27:0b:66:
33:57:30:5d
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEA/mDjDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZTE4YWVlOGZlNzAzNTRmNzVlYTZkYWJmODllZDhmOTRiNmExZTU4MB4XDTIyMDEw
MTEzNTQ1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTdiMzFjZTk3YjFh
NDVhYzVkYTFhZTQzMjA2NjU1ZDM2ZDY2ZGM4ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMs9IFIEgvhSHxgsS/sPhUSEFRBrDok9v1giXsQaxvmYfato
kW7VcZ6vhLHcnHn7PBzEbFKcFdbZq3K+sqR5fHLHPKzn/Ekj6hnEeLped1dac/3T
wXUCnWvdNmS6e4YXRCQ3V0Lgp99yPC+9zUdSOtfrfIGAp5vuKHShlKNvpl0i6IUw
7kIktfavKGpOI2kj1lPpu2JfsRh5iGsFCL/jz9Ols4ZcFYcYlL5aDXqTn2kTSU+f
MKqW8k3wzNBRtwTHCkfN/d0YIVIUsymgabxoV2sdc9BwY2YjSxArNZ24kzQpycVo
Ku95qmO3suNYizfpqiEeYrlL6RuDJYJfeqwbdd8CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTnsxzpexpFrF2hrkMgZlXTbWbcjzAfBgNVHSMEGDAWgBSeGK7o/nA1T3Xq
bav4ntj5S2oeWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25oaXU2UDV3TlU5MTZtMnItSjdZLVV0cUhsZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTkvMmRlMTU4LWIxOWEtNDllYi1hNmVjLTI4NGVhNDI1ZTQwNS8x
LzU3TWM2WHNhUmF4ZG9hNURJR1pWMDIxbTNJOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTkv
MmRlMTU4LWIxOWEtNDllYi1hNmVjLTI4NGVhNDI1ZTQwNS8xL25oaXU2UDV3TlU5
MTZtMnItSjdZLVV0cUhsZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAblBPAMEAdQGMDANBgkqhkiG9w0B
AQsFAAOCAQEAXnlBI9dzyq/V0rG/xAszA/2KLwOVbgdiFAipCe1VQZfe4r2d/R37
IrTufVt8qzJqmATXenSqEKn0P7M0SYf8vwSl0GMFyhAwQTwBlGUhKVKA2GH5XHpx
I0oNq80YM77ap/8w3L265a/yZHet71EwoISfoE8fqRRAGGUIjoNWJ4eFwE2rG9o/
CtmqscwM+WeX/0W0owzlOH8ERPW/RBaj6RA8tKtrJxYB6VG9y6+8pUe355mVFf1k
CbYTFVGFOO1jrjkZQT3M91vN+j/ZLmK9bxOwJPZaAe1EhzSxw/cGxuFDaJU+iW9k
eRg8aMgmclFk2FC30L5QT8BGJwtmM1cwXQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:56 2024 by rpki-client on console-ams.rpki-client.org