Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/IRgOiSvypllHN-fjmgVtseMJuEY.roa
File: IRgOiSvypllHN-fjmgVtseMJuEY.roa (raw, json)
Hash identifier: NEMCktLJFoZA4YKe1OeQAXmMj2+yZPbn+yiSdAY3in0=
Subject key identifier: 21:18:0E:89:2B:F2:A6:59:47:37:E7:E3:9A:05:6D:B1:E3:09:B8:46
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 1534DA43
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/IRgOiSvypllHN-fjmgVtseMJuEY.roa
Signing time: Thu 02 Jun 2022 11:54:20 +0000
ROA not before: Thu 02 Jun 2022 11:54:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 141376
IP address blocks: 185.129.111.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 355785283 (0x1534da43)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jun 2 11:54:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=21180e892bf2a6594737e7e39a056db1e309b846
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:6b:24:45:15:76:6e:8a:5f:5e:80:d3:42:fb:
4a:45:8e:ef:c2:4f:e5:3a:1f:da:2d:41:cc:b7:c7:
6b:1d:5b:d1:2c:99:ff:1a:30:ab:33:7d:62:58:3e:
a1:2c:26:5b:df:20:05:56:04:b1:98:4f:9e:30:e8:
1f:12:07:00:ec:d3:15:81:92:7c:3c:0d:ee:cf:fb:
1e:96:27:d8:bd:b8:78:f3:45:f6:50:8a:5e:3f:69:
87:45:88:4c:76:69:fe:65:76:e4:54:4b:fa:cb:c3:
a0:0f:f6:9b:0c:29:2d:d2:ce:b3:a5:3b:7b:07:4b:
d6:07:92:f4:97:63:a5:38:07:3b:c1:bb:71:97:29:
a8:e6:f7:c9:a7:fd:47:c9:d2:2e:e6:55:1b:63:d2:
08:3c:3d:79:aa:f4:48:03:c5:42:85:43:ca:5a:64:
5d:0f:4c:86:29:a3:39:cc:fe:ad:dc:0c:0b:94:7d:
d6:b9:18:af:dc:e9:dc:c3:f4:ec:e1:96:ac:1a:e4:
94:28:5a:63:6e:1d:b1:6b:49:5b:87:5a:07:71:2f:
73:76:63:d8:bd:2b:eb:9f:9d:1d:24:bd:77:71:6c:
49:59:7c:b4:e7:68:1c:7f:ca:29:6b:aa:85:db:62:
8c:e8:98:9e:09:b0:e8:a8:67:aa:3e:b6:ce:25:5f:
a3:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:18:0E:89:2B:F2:A6:59:47:37:E7:E3:9A:05:6D:B1:E3:09:B8:46
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/IRgOiSvypllHN-fjmgVtseMJuEY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.129.111.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:31:c4:01:5a:e0:3e:bb:62:ee:63:81:fa:4b:6b:3f:e1:af:
3e:eb:aa:13:a8:be:36:6c:03:40:74:3d:c4:bb:fe:c7:26:6c:
20:43:92:a3:e4:42:bd:5b:87:d5:b6:67:28:82:5d:6c:49:af:
e7:ca:2c:28:2a:71:c6:01:c2:8f:18:2a:cf:97:38:0b:bb:8c:
80:bc:4b:e4:57:f1:3f:9a:70:d5:1e:bc:68:71:71:64:93:f6:
04:cd:02:32:f9:ef:63:cc:05:e6:a8:1e:0f:22:6e:7c:2e:23:
3d:bd:72:37:05:3b:11:85:17:db:64:b0:49:81:7e:b1:1f:f6:
19:26:5b:ac:7c:1d:c8:99:72:56:79:53:68:f5:2f:08:5f:17:
fa:9f:03:dd:37:65:67:87:79:65:d6:63:a2:f3:bd:32:0c:6c:
08:e7:02:27:0a:f0:ca:23:62:24:00:5a:42:be:62:27:39:84:
eb:9b:47:a9:30:61:d3:65:96:f2:80:c4:bd:19:ca:21:31:85:
91:ee:4c:82:80:01:cb:2f:9a:1a:39:eb:39:6b:0a:05:ed:18:
94:4a:e5:92:18:77:e7:d9:25:2e:3d:b0:65:b5:13:5e:bc:de:
43:6c:ff:61:37:c1:31:c7:60:7e:b3:71:14:fd:17:c7:cf:4a:
83:f9:8f:d8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFTTaQzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YWMzZGFhMWIxNDg1MGYyZTYxYzU5MmIyMTkxOTE1YTVlNjVhNDc4MB4XDTIyMDYw
MjExNTQyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjExODBlODkyYmYy
YTY1OTQ3MzdlN2UzOWEwNTZkYjFlMzA5Yjg0NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMxrJEUVdm6KX16A00L7SkWO78JP5Tof2i1BzLfHax1b0SyZ
/xowqzN9Ylg+oSwmW98gBVYEsZhPnjDoHxIHAOzTFYGSfDwN7s/7HpYn2L24ePNF
9lCKXj9ph0WITHZp/mV25FRL+svDoA/2mwwpLdLOs6U7ewdL1geS9JdjpTgHO8G7
cZcpqOb3yaf9R8nSLuZVG2PSCDw9ear0SAPFQoVDylpkXQ9MhimjOcz+rdwMC5R9
1rkYr9zp3MP07OGWrBrklChaY24dsWtJW4daB3Evc3Zj2L0r65+dHSS9d3FsSVl8
tOdoHH/KKWuqhdtijOiYngmw6Khnqj62ziVfo20CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQhGA6JK/KmWUc35+OaBW2x4wm4RjAfBgNVHSMEGDAWgBQqw9qhsUhQ8uYc
WSshkZFaXmWkeDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tzUGFvYkZJVVBMbUhGa3JJWkdSV2w1bHBIZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzAvNDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8x
L0lSZ09pU3Z5cGxsSE4tZmptZ1Z0c2VNSnVFWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAv
NDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8xL0tzUGFvYkZJVVBM
bUhGa3JJWkdSV2w1bHBIZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmBbzANBgkqhkiG9w0BAQsFAAOC
AQEApjHEAVrgPrti7mOB+ktrP+GvPuuqE6i+NmwDQHQ9xLv+xyZsIEOSo+RCvVuH
1bZnKIJdbEmv58osKCpxxgHCjxgqz5c4C7uMgLxL5FfxP5pw1R68aHFxZJP2BM0C
MvnvY8wF5qgeDyJufC4jPb1yNwU7EYUX22SwSYF+sR/2GSZbrHwdyJlyVnlTaPUv
CF8X+p8D3TdlZ4d5ZdZjovO9MgxsCOcCJwrwyiNiJABaQr5iJzmE65tHqTBh02WW
8oDEvRnKITGFke5MgoAByy+aGjnrOWsKBe0YlErlkhh359klLj2wZbUTXrzeQ2z/
YTfBMcdgfrNxFP0Xx89Kg/mP2A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:15 2024 by rpki-client on console-ams.rpki-client.org