Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/naeqNmW9L2UEdRv5JW_MT9oq268.roa
File: naeqNmW9L2UEdRv5JW_MT9oq268.roa (raw, json)
Hash identifier: sBQ29Eebo5rnPyraS5lRzyyHig6GnulNBn72Aydcx8k=
Subject key identifier: 9D:A7:AA:36:65:BD:2F:65:04:75:1B:F9:25:6F:CC:4F:DA:2A:DB:AF
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 01895885333C16E373F6B04EFE7D59A2E9FE
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/naeqNmW9L2UEdRv5JW_MT9oq268.roa
Signing time: Sat 15 Jul 2023 07:47:51 +0000
ROA not before: Sat 15 Jul 2023 07:47:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 82.115.0.0/21 maxlen: 24
185.129.108.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:58:85:33:3c:16:e3:73:f6:b0:4e:fe:7d:59:a2:e9:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jul 15 07:47:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9da7aa3665bd2f6504751bf9256fcc4fda2adbaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:63:ec:3c:8b:bc:18:73:aa:60:07:7b:d9:0a:
d2:94:5c:26:5a:99:54:b7:13:2f:99:b7:c8:f8:13:
59:a9:3e:f8:b6:3c:d1:48:09:3e:7d:60:c5:60:4f:
74:10:cd:dd:6e:2a:99:d2:51:81:a6:d1:3d:0c:6c:
09:d5:82:6f:cc:34:d9:21:6e:74:d7:c4:ee:17:b1:
72:52:4f:f2:c1:56:2a:43:84:b6:c2:46:73:dd:0e:
5a:c7:e2:7d:e0:08:09:4e:5a:42:32:ba:d5:22:78:
d4:79:34:c8:18:36:ba:e3:20:dd:b8:76:bc:9d:23:
11:88:48:89:68:00:96:f3:e0:2f:28:60:80:ff:26:
49:39:db:bb:17:c7:74:e1:82:47:5d:d3:e0:61:e9:
0a:e7:7a:b6:5f:c3:5f:12:a3:27:11:b0:1e:de:15:
88:2b:8c:de:9c:ba:88:6a:08:2d:f9:25:3c:00:af:
8b:38:93:04:0e:41:7e:f9:e9:01:53:52:6f:ca:93:
28:ed:ee:2d:e3:58:28:0b:a9:c8:51:34:b2:af:9a:
fa:42:a8:cf:9a:95:a4:2d:1d:db:6a:ea:33:a1:cc:
95:63:36:c1:62:e6:d8:a4:38:f0:d2:ba:a8:2f:ec:
1a:a6:e6:3b:4a:9f:98:c7:c7:74:06:9c:96:79:08:
07:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:A7:AA:36:65:BD:2F:65:04:75:1B:F9:25:6F:CC:4F:DA:2A:DB:AF
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/naeqNmW9L2UEdRv5JW_MT9oq268.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.115.0.0/21
185.129.108.0/23
Signature Algorithm: sha256WithRSAEncryption
35:43:6c:7c:a8:3e:4d:dc:94:bf:65:0c:47:e1:0e:f9:cb:52:
86:aa:6b:2c:ab:87:d4:a7:37:71:bd:c7:f9:c8:8e:52:17:59:
c7:25:b1:a4:77:01:52:68:7e:e8:28:b6:ec:5e:83:6f:f3:60:
03:d4:9b:6f:d7:cd:21:33:c8:7e:72:2d:27:05:0b:77:c5:45:
e8:3d:72:fe:b2:4a:b4:fd:8c:97:8e:0e:13:8c:63:b8:89:e2:
40:1f:8a:56:a4:ca:e4:2a:19:c4:5e:86:79:99:a5:cc:80:4f:
ff:e9:9e:06:d4:39:c0:df:ea:44:5f:5f:88:f8:4e:7a:3d:5d:
10:c5:74:1a:65:c8:5f:ee:ff:f5:a0:b8:33:19:57:7f:57:05:
27:44:c0:ea:7d:e4:65:da:1f:9e:eb:77:25:d7:b4:87:65:6c:
05:85:28:a5:bd:1a:f4:6a:67:78:1c:38:10:37:e6:9b:6d:46:
39:8b:0b:9c:42:22:31:5a:9c:11:4a:08:c2:51:7f:df:ac:0e:
74:ef:21:b6:ba:37:0b:0b:7f:c9:8a:41:f5:27:d0:a1:14:6d:
48:81:c5:e8:46:d7:e3:8d:f5:23:61:1e:78:bc:78:78:21:c5:
8f:e6:20:5a:a7:bd:9c:55:98:2e:da:61:46:8c:97:37:09:b5:
b1:03:00:c0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYlYhTM8FuNz9rBO/n1Zoun+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMwNzE1MDc0NzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGE3YWEzNjY1YmQyZjY1MDQ3NTFiZjkyNTZmY2M0ZmRhMmFkYmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGPsPIu8GHOqYAd72QrSlFwmWplU
txMvmbfI+BNZqT74tjzRSAk+fWDFYE90EM3dbiqZ0lGBptE9DGwJ1YJvzDTZIW50
18TuF7FyUk/ywVYqQ4S2wkZz3Q5ax+J94AgJTlpCMrrVInjUeTTIGDa64yDduHa8
nSMRiEiJaACW8+AvKGCA/yZJOdu7F8d04YJHXdPgYekK53q2X8NfEqMnEbAe3hWI
K4zenLqIaggt+SU8AK+LOJMEDkF++ekBU1JvypMo7e4t41goC6nIUTSyr5r6QqjP
mpWkLR3bauozocyVYzbBYubYpDjw0rqoL+wapuY7Sp+Yx8d0BpyWeQgHNQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJ2nqjZlvS9lBHUb+SVvzE/aKtuvMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvbmFlcU5tVzlMMlVFZFJ2NUpXX01UOW9xMjY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDUnMAAwQB
uYFsMA0GCSqGSIb3DQEBCwUAA4IBAQA1Q2x8qD5N3JS/ZQxH4Q75y1KGqmssq4fU
pzdxvcf5yI5SF1nHJbGkdwFSaH7oKLbsXoNv82AD1Jtv180hM8h+ci0nBQt3xUXo
PXL+skq0/YyXjg4TjGO4ieJAH4pWpMrkKhnEXoZ5maXMgE//6Z4G1DnA3+pEX1+I
+E56PV0QxXQaZchf7v/1oLgzGVd/VwUnRMDqfeRl2h+e63cl17SHZWwFhSilvRr0
amd4HDgQN+abbUY5iwucQiIxWpwRSgjCUX/frA507yG2ujcLC3/JikH1J9ChFG1I
gcXoRtfjjfUjYR54vHh4IcWP5iBap72cVZgu2mFGjJc3CbWxAwDA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:16 2024 by rpki-client on console-ams.rpki-client.org