Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/NH3jT2PTUroi1W-nAwLRfHxzaUk.roa
File: NH3jT2PTUroi1W-nAwLRfHxzaUk.roa (raw, json)
Hash identifier: CWkfEaks3WZgPS0BmH3cX97G6YcK411MPNQXMMosmHY=
Subject key identifier: 34:7D:E3:4F:63:D3:52:BA:22:D5:6F:A7:03:02:D1:7C:7C:73:69:49
Certificate issuer: /CN=1045dacc837798c3e6cf31f4d27946a33b0de661
Certificate serial: 29ED714D
Authority key identifier: 10:45:DA:CC:83:77:98:C3:E6:CF:31:F4:D2:79:46:A3:3B:0D:E6:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EEXazIN3mMPmzzH00nlGozsN5mE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/NH3jT2PTUroi1W-nAwLRfHxzaUk.roa
Signing time: Sat 01 Jan 2022 13:54:23 +0000
ROA not before: Sat 01 Jan 2022 13:54:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61052
IP address blocks: 79.133.104.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 703426893 (0x29ed714d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1045dacc837798c3e6cf31f4d27946a33b0de661
Validity
Not Before: Jan 1 13:54:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=347de34f63d352ba22d56fa70302d17c7c736949
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:da:ac:61:6e:85:7e:da:b9:d2:5b:6f:4a:0f:
1a:1f:5e:34:e7:cc:ec:32:aa:ea:2e:2f:be:cc:39:
e2:9b:c8:30:3d:89:40:a9:c8:6f:8d:7a:b9:9d:4b:
98:d4:68:de:b2:6d:2c:6f:94:94:28:a4:a9:c0:da:
53:5f:20:09:8b:98:e0:12:b8:16:a3:d2:2e:2b:09:
fd:78:f6:df:77:12:7b:70:5c:35:c7:69:21:e2:77:
7f:ee:c8:75:29:df:d3:89:a3:44:57:39:91:35:45:
76:2b:b7:c3:5e:29:e0:95:85:7c:dc:6f:9c:87:23:
42:0e:d8:4b:c9:8b:67:c7:9f:51:b1:2e:c5:9c:c1:
b4:e7:15:90:a4:54:ba:56:7e:d4:39:76:45:28:41:
d7:80:a6:bb:78:c7:d3:24:8c:c6:93:23:28:8f:f9:
af:8a:8e:0c:c1:8f:3e:5b:91:1b:42:de:fd:bb:9e:
31:a0:fe:00:99:8f:2a:b7:5c:ce:c2:0b:ca:b1:35:
21:fa:23:ba:5c:8b:1c:99:a6:c0:a9:9a:de:74:6c:
a0:b8:23:a7:d6:6c:14:1f:f8:4c:6b:8c:d8:5a:40:
fa:d7:ef:35:78:f7:c3:f4:d3:36:74:a9:0f:42:43:
99:da:9b:d4:b1:de:2f:c8:fd:7f:11:4d:6c:09:ba:
3e:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:7D:E3:4F:63:D3:52:BA:22:D5:6F:A7:03:02:D1:7C:7C:73:69:49
X509v3 Authority Key Identifier:
keyid:10:45:DA:CC:83:77:98:C3:E6:CF:31:F4:D2:79:46:A3:3B:0D:E6:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EEXazIN3mMPmzzH00nlGozsN5mE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/NH3jT2PTUroi1W-nAwLRfHxzaUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/EEXazIN3mMPmzzH00nlGozsN5mE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.133.104.0/24
Signature Algorithm: sha256WithRSAEncryption
df:d7:06:ee:91:37:89:16:62:4e:81:2e:96:4b:45:d0:5d:6d:
59:ec:2b:7b:fb:6b:38:a0:49:fe:f6:ce:db:41:86:77:f1:2d:
9f:d3:15:34:6a:14:32:ed:c3:5a:74:70:ea:f9:a5:3e:e8:42:
85:29:cb:e5:13:4e:37:ed:d8:79:f9:e3:ec:60:d6:48:54:82:
37:bf:81:80:82:23:1f:0a:27:c9:51:87:eb:f7:9b:8b:c2:d0:
d6:16:c3:f8:f0:0d:b0:50:57:e2:db:3e:12:97:86:45:a9:c2:
a7:34:46:50:30:e7:b5:e3:8a:de:b8:3f:0d:c6:34:d4:d0:57:
15:65:da:ac:33:0f:95:9f:fd:d4:7a:fc:bc:4f:44:e4:dd:5f:
86:3c:4f:33:0a:6c:87:c0:a8:1d:a3:10:47:21:ea:34:c1:75:
dd:b6:cd:dd:1d:4f:2a:49:96:fa:7d:63:2c:d1:12:ed:e2:b1:
0c:3c:d5:04:ac:a3:fd:82:3d:b6:1f:3b:11:31:80:2d:b5:f3:
6b:72:87:65:b2:9f:b5:86:ea:2f:5a:9c:36:97:ea:53:16:78:
d1:b3:0c:6e:6d:47:1a:f0:7a:b4:f5:fd:fc:35:fd:04:d1:91:
5f:16:c0:c8:8e:2c:2b:27:06:5c:1d:b9:b8:4d:d2:15:37:9c:
72:dd:a3:ab
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEKe1xTTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MDQ1ZGFjYzgzNzc5OGMzZTZjZjMxZjRkMjc5NDZhMzNiMGRlNjYxMB4XDTIyMDEw
MTEzNTQyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzQ3ZGUzNGY2M2Qz
NTJiYTIyZDU2ZmE3MDMwMmQxN2M3YzczNjk0OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN7arGFuhX7audJbb0oPGh9eNOfM7DKq6i4vvsw54pvIMD2J
QKnIb416uZ1LmNRo3rJtLG+UlCikqcDaU18gCYuY4BK4FqPSLisJ/Xj233cSe3Bc
NcdpIeJ3f+7IdSnf04mjRFc5kTVFdiu3w14p4JWFfNxvnIcjQg7YS8mLZ8efUbEu
xZzBtOcVkKRUulZ+1Dl2RShB14Cmu3jH0ySMxpMjKI/5r4qODMGPPluRG0Le/bue
MaD+AJmPKrdczsILyrE1IfojulyLHJmmwKma3nRsoLgjp9ZsFB/4TGuM2FpA+tfv
NXj3w/TTNnSpD0JDmdqb1LHeL8j9fxFNbAm6Ph8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ0feNPY9NSuiLVb6cDAtF8fHNpSTAfBgNVHSMEGDAWgBQQRdrMg3eYw+bP
MfTSeUajOw3mYTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VFWGF6SU4zbU1QbXp6SDAwbmxHb3pzTjVtRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjIvMjY2Y2FmLTNiNDMtNDllMC1iNmUxLTljMTc0ZTUzZTRmZS8x
L05IM2pUMlBUVXJvaTFXLW5Bd0xSZkh4emFVay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjIv
MjY2Y2FmLTNiNDMtNDllMC1iNmUxLTljMTc0ZTUzZTRmZS8xL0VFWGF6SU4zbU1Q
bXp6SDAwbmxHb3pzTjVtRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAE+FaDANBgkqhkiG9w0BAQsFAAOC
AQEA39cG7pE3iRZiToEulktF0F1tWewre/trOKBJ/vbO20GGd/Etn9MVNGoUMu3D
WnRw6vmlPuhChSnL5RNON+3Yefnj7GDWSFSCN7+BgIIjHwonyVGH6/ebi8LQ1hbD
+PANsFBX4ts+EpeGRanCpzRGUDDnteOK3rg/DcY01NBXFWXarDMPlZ/91Hr8vE9E
5N1fhjxPMwpsh8CoHaMQRyHqNMF13bbN3R1PKkmW+n1jLNES7eKxDDzVBKyj/YI9
th87ETGALbXza3KHZbKftYbqL1qcNpfqUxZ40bMMbm1HGvB6tPX9/DX9BNGRXxbA
yI4sKycGXB25uE3SFTecct2jqw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:14 2024 by rpki-client on console-ams.rpki-client.org