Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/34x3t3pxdd6CmcA_V7lL5zpvroo.roa
File: 34x3t3pxdd6CmcA_V7lL5zpvroo.roa (raw, json)
Hash identifier: DWofmn7rRuGJKg7nZmDIr36O74QBMoyxDvn0X0i6fHc=
Subject key identifier: DF:8C:77:B7:7A:71:75:DE:82:99:C0:3F:57:B9:4B:E7:3A:6F:AE:8A
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 157BA3BE
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/34x3t3pxdd6CmcA_V7lL5zpvroo.roa
Signing time: Fri 24 Jun 2022 13:45:32 +0000
ROA not before: Fri 24 Jun 2022 13:45:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 85.8.164.0/22 maxlen: 24
82.115.0.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 360424382 (0x157ba3be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jun 24 13:45:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=df8c77b77a7175de8299c03f57b94be73a6fae8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:69:5d:0f:a1:e5:72:fc:a2:f4:4b:45:1c:38:
4e:17:2b:24:7b:95:91:78:b3:db:1b:ef:00:df:e9:
7e:60:0c:a3:1e:f8:8d:86:6a:07:5b:8d:c5:b2:67:
fd:27:a8:b2:fa:cb:02:1c:c7:c6:ac:ea:6f:7c:e9:
c8:f3:21:59:5b:bc:ea:43:bb:b0:40:9e:82:e9:39:
6b:26:00:ad:6e:ea:8d:f2:6f:43:fd:e6:75:ec:d1:
ee:05:c1:94:54:6c:11:88:8f:59:89:67:67:37:55:
06:25:6e:ef:fa:0d:59:d3:de:84:1b:f5:8d:f1:77:
d5:66:e8:b7:6a:03:8e:48:ca:d8:4b:92:9b:ba:e4:
5c:45:05:32:98:7c:17:16:51:42:74:48:10:06:19:
04:ba:11:2f:47:1c:10:85:22:18:52:be:e8:c9:8d:
be:a0:22:d2:b2:1d:f7:40:01:00:fb:0f:0c:aa:c5:
9b:04:a1:6f:19:21:f2:f1:ab:4d:57:d5:ff:66:67:
82:19:5f:22:67:58:d8:a7:05:d1:26:a3:2e:45:58:
c7:92:c9:ad:6f:65:ea:27:41:f3:26:71:99:cd:a2:
6a:49:0b:25:9a:45:1b:f7:e3:00:1b:da:89:22:de:
cf:7d:23:13:bb:f3:c5:10:96:18:50:79:c5:7b:49:
e6:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:8C:77:B7:7A:71:75:DE:82:99:C0:3F:57:B9:4B:E7:3A:6F:AE:8A
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/34x3t3pxdd6CmcA_V7lL5zpvroo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.115.0.0/21
85.8.164.0/22
Signature Algorithm: sha256WithRSAEncryption
9b:1e:31:38:92:0c:dd:7f:14:8a:78:ac:55:57:b7:0b:f2:51:
e1:a9:21:c9:e8:5a:41:6c:b2:a6:22:86:82:58:18:46:8d:69:
10:01:ab:10:99:c7:23:e6:25:4b:95:96:19:c0:b6:7b:03:6d:
06:6a:21:b3:6f:47:98:e6:52:32:7b:7f:ea:aa:36:7c:0f:13:
60:27:56:29:5d:c3:d5:80:c3:ce:03:ed:e3:35:1c:d0:d2:a9:
1f:ee:6f:45:34:46:1a:1e:fb:01:28:dd:6c:a7:cb:eb:7b:c4:
91:53:8d:7a:83:6c:0a:38:cc:e1:5a:ce:a4:e7:d6:06:f2:64:
eb:43:1f:c2:6b:6c:6e:8d:f2:a9:f9:85:b5:6f:03:9e:e9:b5:
c2:29:39:25:35:69:83:96:f6:62:a5:08:66:27:12:a6:7e:5d:
82:ce:fd:71:a5:53:1a:c5:fb:4b:1f:63:cc:70:8e:06:13:7f:
a0:99:43:ee:ff:03:42:45:a2:aa:f0:22:06:1f:a1:1c:82:79:
97:0e:b4:c0:e2:03:51:f9:4a:f0:69:33:46:44:0c:2f:70:bf:
09:43:78:33:31:ea:11:29:0f:26:27:93:fc:39:59:c6:1e:55:
d3:2f:c3:38:f1:d2:9c:74:55:84:94:3c:80:3a:3b:49:34:57:
62:86:e8:d7
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEFXujvjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YWMzZGFhMWIxNDg1MGYyZTYxYzU5MmIyMTkxOTE1YTVlNjVhNDc4MB4XDTIyMDYy
NDEzNDUzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGY4Yzc3Yjc3YTcx
NzVkZTgyOTljMDNmNTdiOTRiZTczYTZmYWU4YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALtpXQ+h5XL8ovRLRRw4ThcrJHuVkXiz2xvvAN/pfmAMox74
jYZqB1uNxbJn/SeosvrLAhzHxqzqb3zpyPMhWVu86kO7sECeguk5ayYArW7qjfJv
Q/3mdezR7gXBlFRsEYiPWYlnZzdVBiVu7/oNWdPehBv1jfF31Wbot2oDjkjK2EuS
m7rkXEUFMph8FxZRQnRIEAYZBLoRL0ccEIUiGFK+6MmNvqAi0rId90ABAPsPDKrF
mwShbxkh8vGrTVfV/2ZnghlfImdY2KcF0SajLkVYx5LJrW9l6idB8yZxmc2iakkL
JZpFG/fjABvaiSLez30jE7vzxRCWGFB5xXtJ5ucCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTfjHe3enF13oKZwD9XuUvnOm+uijAfBgNVHSMEGDAWgBQqw9qhsUhQ8uYc
WSshkZFaXmWkeDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tzUGFvYkZJVVBMbUhGa3JJWkdSV2w1bHBIZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzAvNDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8x
LzM0eDN0M3B4ZGQ2Q21jQV9WN2xMNXpwdnJvby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAv
NDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8xL0tzUGFvYkZJVVBM
bUhGa3JJWkdSV2w1bHBIZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA1JzAAMEAlUIpDANBgkqhkiG9w0B
AQsFAAOCAQEAmx4xOJIM3X8UinisVVe3C/JR4akhyehaQWyypiKGglgYRo1pEAGr
EJnHI+YlS5WWGcC2ewNtBmohs29HmOZSMnt/6qo2fA8TYCdWKV3D1YDDzgPt4zUc
0NKpH+5vRTRGGh77ASjdbKfL63vEkVONeoNsCjjM4VrOpOfWBvJk60Mfwmtsbo3y
qfmFtW8Dnum1wik5JTVpg5b2YqUIZicSpn5dgs79caVTGsX7Sx9jzHCOBhN/oJlD
7v8DQkWiqvAiBh+hHIJ5lw60wOIDUflK8GkzRkQML3C/CUN4MzHqESkPJieT/DlZ
xh5V0y/DOPHSnHRVhJQ8gDo7STRXYobo1w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:15 2024 by rpki-client on console-ams.rpki-client.org