Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/XaE9vit364se7kdlX3dMQWWS-cY.roa
File: XaE9vit364se7kdlX3dMQWWS-cY.roa (raw, json)
Hash identifier: sC9l3VbIkiQfBklkcYvxBwrMWMaaNi7moB91GmcJqdQ=
Subject key identifier: 5D:A1:3D:BE:2B:77:EB:8B:1E:EE:47:65:5F:77:4C:41:65:92:F9:C6
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 142C924A
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/XaE9vit364se7kdlX3dMQWWS-cY.roa
Signing time: Tue 15 Mar 2022 22:31:36 +0000
ROA not before: Tue 15 Mar 2022 22:31:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 141376
IP address blocks: 212.90.100.0/23 maxlen: 24
185.129.111.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 338465354 (0x142c924a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Mar 15 22:31:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5da13dbe2b77eb8b1eee47655f774c416592f9c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:30:78:6a:5d:16:7f:12:64:1b:b8:fc:13:7d:
c6:62:24:ef:63:fc:b1:6d:4d:24:56:a9:aa:5e:dd:
33:e9:36:7d:db:05:03:af:aa:84:77:cb:dc:41:d1:
78:ee:f2:71:45:52:bd:c8:47:cf:6d:01:75:88:86:
a8:9e:a6:7f:a7:b4:16:36:88:e0:b2:67:33:69:87:
0c:db:7f:a4:89:bd:87:fb:08:25:f6:2f:b5:2f:2d:
75:36:11:97:2d:14:9e:60:8d:76:0c:25:c9:92:4c:
8b:98:c4:14:cf:f2:9c:a8:e0:f4:f2:bd:6a:84:73:
25:ae:3f:17:bb:8a:a8:89:4c:c2:94:1d:ea:8d:d6:
42:e2:16:46:87:e2:67:b1:51:c5:b0:63:46:09:e9:
d6:44:84:35:ea:5c:6f:34:77:b9:da:0f:f0:0d:45:
b1:d8:6a:27:78:33:3e:2a:21:b9:1b:c5:e1:95:bb:
60:4f:b4:b6:24:8e:83:7f:51:1b:8b:e0:7d:06:80:
04:d1:ab:18:db:1f:70:32:48:40:b1:f1:0c:10:0f:
5a:54:e8:a8:2d:ad:fd:1a:58:67:6e:fc:70:f8:84:
05:dd:56:90:fc:3d:3e:96:e9:62:7a:83:61:20:37:
98:78:66:d8:dc:c2:18:e5:86:64:59:41:c5:6d:0d:
f1:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:A1:3D:BE:2B:77:EB:8B:1E:EE:47:65:5F:77:4C:41:65:92:F9:C6
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/XaE9vit364se7kdlX3dMQWWS-cY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.129.111.0/24
212.90.100.0/23
Signature Algorithm: sha256WithRSAEncryption
28:cc:e6:dc:24:74:ec:7d:13:24:bc:02:1d:61:b4:dc:fc:23:
2c:af:e2:8e:d9:f6:52:6a:01:c3:85:90:45:c5:cb:c9:a1:f0:
76:71:af:d3:54:f8:9e:9b:e5:67:fd:86:ca:ec:00:76:0f:30:
b7:b3:14:52:55:b0:3a:3f:9d:a3:bf:71:d4:10:d8:9f:a2:d7:
ff:70:55:bd:1d:a1:23:0c:04:a6:bb:66:52:be:64:c7:5a:de:
9f:30:eb:09:35:00:7d:0c:84:ca:9e:13:75:86:2d:21:43:e0:
a4:08:06:12:a1:58:be:a8:1b:eb:aa:52:99:c8:e9:d3:97:83:
32:21:d4:e2:5c:8d:fc:bd:c5:d1:03:3d:8e:c1:5d:56:37:8c:
0a:d7:42:cc:c5:8b:28:dc:c6:d5:b0:ca:a5:4c:33:e5:0b:72:
88:0f:03:7c:38:06:d2:ec:17:c9:84:7a:dc:4c:8a:8b:1a:bb:
89:ae:da:ca:c9:d7:2d:4b:19:15:47:4f:03:7d:c7:b0:a3:30:
7a:82:41:c0:27:d3:ad:98:b3:aa:a7:40:39:f0:49:21:2c:e3:
ac:67:23:3a:88:e9:2b:b9:ee:02:fc:2a:fe:4e:75:0e:31:a0:
c8:b3:5b:f9:8e:82:53:6a:9f:f2:5e:34:26:7d:b0:6a:39:65:
ef:10:48:62
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEFCySSjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YWMzZGFhMWIxNDg1MGYyZTYxYzU5MmIyMTkxOTE1YTVlNjVhNDc4MB4XDTIyMDMx
NTIyMzEzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWRhMTNkYmUyYjc3
ZWI4YjFlZWU0NzY1NWY3NzRjNDE2NTkyZjljNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMAweGpdFn8SZBu4/BN9xmIk72P8sW1NJFapql7dM+k2fdsF
A6+qhHfL3EHReO7ycUVSvchHz20BdYiGqJ6mf6e0FjaI4LJnM2mHDNt/pIm9h/sI
JfYvtS8tdTYRly0UnmCNdgwlyZJMi5jEFM/ynKjg9PK9aoRzJa4/F7uKqIlMwpQd
6o3WQuIWRofiZ7FRxbBjRgnp1kSENepcbzR3udoP8A1FsdhqJ3gzPiohuRvF4ZW7
YE+0tiSOg39RG4vgfQaABNGrGNsfcDJIQLHxDBAPWlToqC2t/RpYZ278cPiEBd1W
kPw9PpbpYnqDYSA3mHhm2NzCGOWGZFlBxW0N8U0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRdoT2+K3frix7uR2Vfd0xBZZL5xjAfBgNVHSMEGDAWgBQqw9qhsUhQ8uYc
WSshkZFaXmWkeDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tzUGFvYkZJVVBMbUhGa3JJWkdSV2w1bHBIZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzAvNDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8x
L1hhRTl2aXQzNjRzZTdrZGxYM2RNUVdXUy1jWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAv
NDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8xL0tzUGFvYkZJVVBM
bUhGa3JJWkdSV2w1bHBIZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALmBbwMEAdRaZDANBgkqhkiG9w0B
AQsFAAOCAQEAKMzm3CR07H0TJLwCHWG03PwjLK/ijtn2UmoBw4WQRcXLyaHwdnGv
01T4npvlZ/2GyuwAdg8wt7MUUlWwOj+do79x1BDYn6LX/3BVvR2hIwwEprtmUr5k
x1renzDrCTUAfQyEyp4TdYYtIUPgpAgGEqFYvqgb66pSmcjp05eDMiHU4lyN/L3F
0QM9jsFdVjeMCtdCzMWLKNzG1bDKpUwz5QtyiA8DfDgG0uwXyYR63EyKixq7ia7a
ysnXLUsZFUdPA33HsKMweoJBwCfTrZizqqdAOfBJISzjrGcjOojpK7nuAvwq/k51
DjGgyLNb+Y6CU2qf8l40Jn2wajll7xBIYg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:16 2024 by rpki-client on console-ams.rpki-client.org