Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/diDlIO4y7hcEcHuuIQcYK3j5wPw.roa
File: diDlIO4y7hcEcHuuIQcYK3j5wPw.roa (raw, json)
Hash identifier: eJJ6k6P3q4nX8F9Iz/7DDzfCE6rNMaV9DYMUrsOW0ss=
Subject key identifier: 76:20:E5:20:EE:32:EE:17:04:70:7B:AE:21:07:18:2B:78:F9:C0:FC
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 138EF816
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/diDlIO4y7hcEcHuuIQcYK3j5wPw.roa
Signing time: Sat 29 Jan 2022 02:48:18 +0000
ROA not before: Sat 29 Jan 2022 02:48:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209642
IP address blocks: 185.129.111.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 328136726 (0x138ef816)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 29 02:48:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7620e520ee32ee1704707bae2107182b78f9c0fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:6d:8b:e2:d5:2c:00:75:f2:69:c7:d1:ea:30:
10:9c:b5:85:02:a1:36:7b:e9:88:6b:46:fb:de:ad:
0d:1f:b1:78:05:99:da:89:06:54:38:65:92:95:ea:
a6:36:f4:08:06:47:9a:c8:d2:d6:48:15:b3:c2:c3:
54:9d:9d:1e:49:44:f7:d8:77:ba:68:09:82:f0:fd:
4b:a3:d5:21:c8:47:6a:77:aa:1c:9f:a7:ad:6b:a9:
24:70:2b:11:bf:5d:df:c8:63:d4:4c:e9:e6:f6:54:
e1:ab:14:00:5d:39:1a:cf:6e:eb:f6:15:81:87:46:
56:ef:ab:91:27:b1:25:3e:4b:6c:f4:c1:b0:4e:32:
35:ff:4f:5f:18:4a:9a:8c:a4:18:4b:24:8a:c3:cb:
1d:a1:3a:85:66:83:d7:c7:ca:e8:79:2d:4f:74:24:
4c:4f:9e:04:a4:56:0d:58:0e:74:f6:f7:db:68:6c:
4a:0f:02:50:b1:ed:70:ab:a3:97:93:d8:ab:b4:eb:
9c:a7:66:55:8e:cd:ef:83:c3:34:74:40:c5:3b:4a:
19:1b:35:36:24:70:0c:fa:4d:be:cf:65:73:49:15:
eb:72:97:51:f5:89:8f:0e:cc:44:53:5c:48:38:44:
13:7f:04:ae:74:c9:43:68:67:dd:bf:4c:c0:66:7b:
e3:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:20:E5:20:EE:32:EE:17:04:70:7B:AE:21:07:18:2B:78:F9:C0:FC
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/diDlIO4y7hcEcHuuIQcYK3j5wPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.129.111.0/24
Signature Algorithm: sha256WithRSAEncryption
22:82:da:ce:2b:17:0a:dc:ec:ca:17:e7:36:92:90:ba:1c:42:
b5:9c:76:50:0d:49:2d:96:04:aa:52:d4:57:7b:a3:d2:95:e5:
a2:c4:5b:6c:be:d3:e2:1e:92:39:f1:63:fa:ee:23:e8:1e:b7:
c6:77:a7:f6:9d:99:86:b7:97:12:19:2f:c4:f7:3e:c8:70:69:
d3:1e:d4:a2:8a:70:05:0f:64:be:6b:a6:92:96:ce:71:b6:21:
ea:c6:ac:1a:a7:87:84:b3:04:a1:01:62:53:45:83:fd:87:6d:
0a:a0:98:31:a7:1d:77:de:cf:ae:15:8d:a7:85:ec:0c:c1:65:
99:50:56:5d:00:7f:63:4a:d3:c0:5b:93:d2:ba:7c:34:25:48:
8a:7c:bb:76:8b:e4:9a:f8:a0:77:81:3c:48:e5:dd:ad:6c:98:
b5:a1:5e:4f:f9:e7:ea:0a:67:5b:3c:47:40:9e:9b:cf:c3:07:
81:2c:e3:9c:ee:a9:05:02:4e:69:6c:65:38:f6:78:22:d8:ce:
d1:95:80:4b:d7:f0:1c:43:fb:49:41:e3:78:3a:46:ad:2a:e6:
b3:43:7a:04:e1:69:2c:e2:87:60:64:0e:c6:33:b0:fa:2a:12:
1b:52:f3:23:27:f4:52:38:8a:f8:71:21:31:43:5c:f8:69:88:
53:56:55:13
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEE474FjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YWMzZGFhMWIxNDg1MGYyZTYxYzU5MmIyMTkxOTE1YTVlNjVhNDc4MB4XDTIyMDEy
OTAyNDgxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzYyMGU1MjBlZTMy
ZWUxNzA0NzA3YmFlMjEwNzE4MmI3OGY5YzBmYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKRti+LVLAB18mnH0eowEJy1hQKhNnvpiGtG+96tDR+xeAWZ
2okGVDhlkpXqpjb0CAZHmsjS1kgVs8LDVJ2dHklE99h3umgJgvD9S6PVIchHaneq
HJ+nrWupJHArEb9d38hj1Ezp5vZU4asUAF05Gs9u6/YVgYdGVu+rkSexJT5LbPTB
sE4yNf9PXxhKmoykGEskisPLHaE6hWaD18fK6HktT3QkTE+eBKRWDVgOdPb322hs
Sg8CULHtcKujl5PYq7TrnKdmVY7N74PDNHRAxTtKGRs1NiRwDPpNvs9lc0kV63KX
UfWJjw7MRFNcSDhEE38ErnTJQ2hn3b9MwGZ74/0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR2IOUg7jLuFwRwe64hBxgrePnA/DAfBgNVHSMEGDAWgBQqw9qhsUhQ8uYc
WSshkZFaXmWkeDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tzUGFvYkZJVVBMbUhGa3JJWkdSV2w1bHBIZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzAvNDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8x
L2RpRGxJTzR5N2hjRWNIdXVJUWNZSzNqNXdQdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAv
NDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8xL0tzUGFvYkZJVVBM
bUhGa3JJWkdSV2w1bHBIZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmBbzANBgkqhkiG9w0BAQsFAAOC
AQEAIoLazisXCtzsyhfnNpKQuhxCtZx2UA1JLZYEqlLUV3uj0pXlosRbbL7T4h6S
OfFj+u4j6B63xnen9p2ZhreXEhkvxPc+yHBp0x7UoopwBQ9kvmumkpbOcbYh6sas
GqeHhLMEoQFiU0WD/YdtCqCYMacdd97PrhWNp4XsDMFlmVBWXQB/Y0rTwFuT0rp8
NCVIiny7dovkmvigd4E8SOXdrWyYtaFeT/nn6gpnWzxHQJ6bz8MHgSzjnO6pBQJO
aWxlOPZ4ItjO0ZWAS9fwHEP7SUHjeDpGrSrms0N6BOFpLOKHYGQOxjOw+ioSG1Lz
Iyf0UjiK+HEhMUNc+GmIU1ZVEw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:35 2024 by rpki-client on console-fra.rpki-client.org