Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/1-z0wmPTlacl8Ayej4NMvAOziP2Y.roa
File: 1-z0wmPTlacl8Ayej4NMvAOziP2Y.roa (raw, json)
Hash identifier: 2kZm8BQ3TM2a5/91gb1NvRcenZY0Wx0cwBGkEwdNwjQ=
Subject key identifier: FB:3D:30:98:F4:E5:69:C9:7C:03:27:A3:E0:D3:2F:00:EC:E2:3F:66
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018AA1E713A6BE1935931F130C93CF848602
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/1-z0wmPTlacl8Ayej4NMvAOziP2Y.roa
Signing time: Sun 17 Sep 2023 06:49:50 +0000
ROA not before: Sun 17 Sep 2023 06:49:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 82.115.0.0/21 maxlen: 24
89.251.8.0/22 maxlen: 24
185.129.108.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a1:e7:13:a6:be:19:35:93:1f:13:0c:93:cf:84:86:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Sep 17 06:49:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fb3d3098f4e569c97c0327a3e0d32f00ece23f66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:a2:e9:51:34:ba:61:85:3c:d8:88:07:1b:99:
57:6a:e1:19:12:4c:bf:86:8c:56:53:0c:51:99:e9:
ab:15:10:c7:63:8b:76:b2:d4:a8:2c:dc:24:44:d4:
4e:e9:b5:26:5f:ba:66:95:a2:1c:56:cd:76:8d:0d:
75:93:21:28:52:98:f5:5b:6d:07:89:9f:66:66:05:
c8:b7:83:4f:6a:48:67:dd:b7:65:a0:41:e0:8b:21:
7c:71:ea:00:af:b7:df:64:69:36:60:82:8d:8d:74:
7f:9a:93:56:1b:84:fa:b8:4e:f3:39:0b:f3:a1:1b:
36:78:28:d6:58:ed:7d:db:52:37:b2:48:3e:ca:0f:
03:a2:15:e7:85:5a:32:00:25:46:e4:c5:0a:00:99:
55:bc:02:1c:ad:05:e6:4a:c9:1d:18:2d:d2:a2:14:
57:70:be:9e:83:71:1c:87:63:2e:76:83:14:52:4a:
fd:b5:cb:43:e2:63:d0:a3:61:f8:6a:2c:a9:b6:39:
13:fb:8e:38:aa:05:5d:34:ac:b9:54:f3:a4:c8:77:
0e:12:36:9a:e8:34:5b:be:c0:a8:0c:a9:ed:fa:fa:
09:69:e8:33:f6:dc:f2:bb:3a:59:39:00:6c:a9:70:
3f:72:85:cd:70:6d:22:b3:66:13:63:8b:44:75:58:
f2:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:3D:30:98:F4:E5:69:C9:7C:03:27:A3:E0:D3:2F:00:EC:E2:3F:66
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/1-z0wmPTlacl8Ayej4NMvAOziP2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.115.0.0/21
89.251.8.0/22
185.129.108.0/23
Signature Algorithm: sha256WithRSAEncryption
01:9e:62:f6:5a:01:cf:22:59:54:8d:16:6d:08:09:7a:38:5a:
e0:13:0a:ac:a9:4d:6a:fa:0c:d4:9f:8e:ce:2a:2a:9d:e7:da:
05:16:1d:39:e6:68:c5:8a:4a:65:64:ea:21:6e:c6:1b:03:fb:
5e:b8:ed:75:31:a6:e5:7b:8a:03:2b:b8:e0:28:f1:e1:f2:57:
65:76:36:5a:49:fa:de:4a:a8:35:e9:4c:c2:d0:da:d4:36:3b:
41:1e:14:49:18:59:af:35:a4:0b:2e:3d:16:b7:81:2d:42:a0:
e2:78:47:31:6e:8d:8d:0d:13:e4:44:78:76:03:be:f0:fe:74:
49:fa:86:0c:0d:34:64:e6:e0:3a:a0:47:fb:1d:eb:09:d8:36:
f5:2e:cb:94:c6:14:2a:64:fa:97:de:6b:87:95:49:c4:80:0a:
bc:03:fd:c0:ad:bb:72:17:85:44:27:60:a0:13:c1:9c:bc:f8:
3e:ef:7b:ec:57:11:1d:64:eb:f3:48:b5:a2:4a:b0:83:b2:93:
66:ac:f3:70:24:31:1a:6d:15:6d:42:79:8f:a6:78:39:01:d0:
4c:78:09:73:be:00:72:43:34:99:a6:d2:1d:67:35:f0:cb:c7:
98:bf:a8:07:6f:82:86:45:c4:19:8d:ad:2e:07:7f:ea:1f:99:
93:ef:f1:a0
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYqh5xOmvhk1kx8TDJPPhIYCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMwOTE3MDY0OTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjNkMzA5OGY0ZTU2OWM5N2MwMzI3YTNlMGQzMmYwMGVjZTIzZjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqLpUTS6YYU82IgHG5lXauEZEky/
hoxWUwxRmemrFRDHY4t2stSoLNwkRNRO6bUmX7pmlaIcVs12jQ11kyEoUpj1W20H
iZ9mZgXIt4NPakhn3bdloEHgiyF8ceoAr7ffZGk2YIKNjXR/mpNWG4T6uE7zOQvz
oRs2eCjWWO1921I3skg+yg8DohXnhVoyACVG5MUKAJlVvAIcrQXmSskdGC3SohRX
cL6eg3Ech2MudoMUUkr9tctD4mPQo2H4aiyptjkT+444qgVdNKy5VPOkyHcOEjaa
6DRbvsCoDKnt+voJaegz9tzyuzpZOQBsqXA/coXNcG0is2YTY4tEdVjyfwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPs9MJj05WnJfAMno+DTLwDs4j9mMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvMS16MHdtUFRsYWNsOEF5ZWo0Tk12QU96aVAyWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzAvNDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1
Ni8xL0tzUGFvYkZJVVBMbUhGa3JJWkdSV2w1bHBIZy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEA1JzAAME
Aln7CAMEAbmBbDANBgkqhkiG9w0BAQsFAAOCAQEAAZ5i9loBzyJZVI0WbQgJejha
4BMKrKlNavoM1J+OzioqnefaBRYdOeZoxYpKZWTqIW7GGwP7XrjtdTGm5XuKAyu4
4Cjx4fJXZXY2Wkn63kqoNelMwtDa1DY7QR4USRhZrzWkCy49FreBLUKg4nhHMW6N
jQ0T5ER4dgO+8P50SfqGDA00ZObgOqBH+x3rCdg29S7LlMYUKmT6l95rh5VJxIAK
vAP9wK27cheFRCdgoBPBnLz4Pu977FcRHWTr80i1okqwg7KTZqzzcCQxGm0VbUJ5
j6Z4OQHQTHgJc74AckM0mabSHWc18MvHmL+oB2+ChkXEGY2tLgd/6h+Zk+/xoA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:34 2024 by rpki-client on console-fra.rpki-client.org