Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/dClC_RpmC92i13oObEBApA47uR0.roa
File: dClC_RpmC92i13oObEBApA47uR0.roa (raw, json)
Hash identifier: bobM2pificykeMeCXmyQnyhsoeBEHe9JCvQt28owFnw=
Subject key identifier: 74:29:42:FD:1A:66:0B:DD:A2:D7:7A:0E:6C:40:40:A4:0E:3B:B9:1D
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 01826E0E8D4979B4BA0A4A3C02C95DCF3241
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/dClC_RpmC92i13oObEBApA47uR0.roa
Signing time: Fri 05 Aug 2022 12:50:23 +0000
ROA not before: Fri 05 Aug 2022 12:50:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35830
IP address blocks: 94.231.219.0/24 maxlen: 24
84.54.56.0/23 maxlen: 23
84.54.58.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:6e:0e:8d:49:79:b4:ba:0a:4a:3c:02:c9:5d:cf:32:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Aug 5 12:50:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=742942fd1a660bdda2d77a0e6c4040a40e3bb91d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:64:f8:64:18:ad:b0:3a:cf:0e:91:de:73:55:
af:f7:84:6b:d5:a0:12:62:b2:23:d8:50:e9:cd:ab:
24:ef:4a:48:77:5e:50:dc:5b:2e:9b:d0:e5:64:dc:
a1:e3:21:d1:39:64:6d:64:74:22:93:b7:5e:49:1c:
86:68:49:78:9f:0c:f9:a2:1c:63:b3:f9:c6:d9:de:
ed:4e:96:6d:b9:ef:fb:3d:a2:e7:05:da:4a:76:1b:
4c:15:f4:16:6d:f8:e3:e5:97:08:66:73:83:b3:34:
91:91:07:c5:f3:4f:53:58:f9:d9:c1:c3:32:26:b8:
e9:e6:be:08:7f:ae:06:72:26:60:41:e1:9f:b1:31:
c3:1b:48:3b:3c:42:60:dd:bd:da:86:c0:62:b2:18:
7b:07:c1:23:5b:5d:1b:56:53:05:54:4d:26:de:07:
8a:ac:20:2f:d0:fb:fb:fd:7f:8a:ec:31:14:8d:7f:
4f:20:3e:c0:85:a0:a7:61:85:a2:f5:c3:60:52:95:
4e:ed:8e:80:88:d9:ef:0a:88:ed:ac:0b:69:0d:63:
33:10:5a:b7:cc:29:c2:b4:c4:b0:86:e1:1a:ef:59:
c2:78:fd:1b:54:a8:c2:a3:da:d6:2d:ce:c8:40:77:
b5:c2:ca:4c:14:a0:ff:eb:51:3c:f0:8b:e1:0d:9d:
4e:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:29:42:FD:1A:66:0B:DD:A2:D7:7A:0E:6C:40:40:A4:0E:3B:B9:1D
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/dClC_RpmC92i13oObEBApA47uR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.54.56.0-84.54.58.255
94.231.219.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:35:9b:6c:71:e1:5c:9d:f8:a0:93:04:67:16:49:70:aa:d7:
ea:d8:79:83:fb:28:4d:34:90:97:92:a3:69:eb:26:76:97:47:
5a:7b:3e:2a:38:2c:f3:10:e1:c7:20:4a:ed:57:e1:dd:01:e9:
19:53:2c:2f:70:1f:9e:8a:3a:9c:7b:c0:df:43:e7:a1:31:a7:
51:10:d4:79:e8:0d:bf:2a:82:6e:81:64:06:f7:b8:a1:a0:d9:
1d:62:4b:ea:47:d9:a1:44:ff:d0:7f:80:d1:d4:1e:55:58:51:
33:ff:0c:03:e5:45:e4:ca:a1:c8:a5:46:ee:85:e2:5c:90:de:
8e:78:c0:db:64:14:f5:8e:c7:8b:b6:15:6d:ff:a4:62:e3:4d:
cb:17:16:f6:49:0f:75:26:15:8a:ff:bf:26:91:f1:6a:8d:e9:
78:63:43:f3:59:73:f7:a0:30:8d:ec:e9:06:da:0a:ec:70:99:
74:c4:ad:02:e5:6f:a2:f9:ff:37:7d:c4:ea:8e:13:7c:22:ae:
eb:da:2d:35:4e:88:1b:a3:0a:4f:c0:6f:e0:a8:01:43:40:89:
17:06:02:de:48:28:5b:62:c6:07:bf:5c:1e:b1:a2:b5:99:1a:
9b:d5:eb:a0:1e:67:07:83:62:b5:1b:10:cf:27:e1:0e:69:73:
17:16:51:48
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYJuDo1JebS6Cko8AsldzzJBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjIwODA1MTI1MDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDI5NDJmZDFhNjYwYmRkYTJkNzdhMGU2YzQwNDBhNDBlM2JiOTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2T4ZBitsDrPDpHec1Wv94Rr1aAS
YrIj2FDpzask70pId15Q3Fsum9DlZNyh4yHROWRtZHQik7deSRyGaEl4nwz5ohxj
s/nG2d7tTpZtue/7PaLnBdpKdhtMFfQWbfjj5ZcIZnODszSRkQfF809TWPnZwcMy
Jrjp5r4If64GciZgQeGfsTHDG0g7PEJg3b3ahsBishh7B8EjW10bVlMFVE0m3geK
rCAv0Pv7/X+K7DEUjX9PID7AhaCnYYWi9cNgUpVO7Y6AiNnvCojtrAtpDWMzEFq3
zCnCtMSwhuEa71nCeP0bVKjCo9rWLc7IQHe1wspMFKD/61E88IvhDZ1OOQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFHQpQv0aZgvdotd6DmxAQKQOO7kdMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvZENsQ19ScG1DOTJpMTNvT2JFQkFwQTQ3dVIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBANUNjgD
BABUNjoDBABe59swDQYJKoZIhvcNAQELBQADggEBAE81m2xx4Vyd+KCTBGcWSXCq
1+rYeYP7KE00kJeSo2nrJnaXR1p7Pio4LPMQ4ccgSu1X4d0B6RlTLC9wH56KOpx7
wN9D56Exp1EQ1HnoDb8qgm6BZAb3uKGg2R1iS+pH2aFE/9B/gNHUHlVYUTP/DAPl
ReTKocilRu6F4lyQ3o54wNtkFPWOx4u2FW3/pGLjTcsXFvZJD3UmFYr/vyaR8WqN
6XhjQ/NZc/egMI3s6QbaCuxwmXTErQLlb6L5/zd9xOqOE3wiruvaLTVOiBujCk/A
b+CoAUNAiRcGAt5IKFtixge/XB6xorWZGpvV66AeZweDYrUbEM8n4Q5pcxcWUUg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:47 2024 by rpki-client on console-fra.rpki-client.org