Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/3138352e33342e3130312e302f32342d3234203d3e20323130393132.roa
File: 3138352e33342e3130312e302f32342d3234203d3e20323130393132.roa (raw, json)
Hash identifier: i2PtcdWQwZ/8zKsF5DRrGGzOC3x79AVgbO1i6p86abw=
Subject key identifier: 46:DA:34:58:29:FC:96:79:D3:5F:AB:45:9F:AE:9C:1C:5C:DF:76:5E
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 67AE4F3C4AB3D692CB9508E699FAF24E00C2269A
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/3138352e33342e3130312e302f32342d3234203d3e20323130393132.roa
Signing time: Wed 20 Dec 2023 14:14:02 +0000
ROA not before: Wed 20 Dec 2023 14:09:02 +0000
ROA not after: Wed 18 Dec 2024 14:14:02 +0000
asID: 210912
IP address blocks: 185.34.101.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:ae:4f:3c:4a:b3:d6:92:cb:95:08:e6:99:fa:f2:4e:00:c2:26:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Dec 20 14:09:02 2023 GMT
Not After : Dec 18 14:14:02 2024 GMT
Subject: CN=46DA345829FC9679D35FAB459FAE9C1C5CDF765E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:cc:ba:7b:82:86:f5:f7:ad:2a:97:7e:60:30:
5c:5a:d3:2b:2c:53:2b:97:22:89:f9:c3:2f:ae:38:
1f:8d:21:61:b9:ca:97:26:62:8a:1f:63:84:ef:a7:
ee:f7:f9:d5:70:fc:98:f9:62:8d:db:36:76:12:75:
7a:2e:0a:99:8a:71:46:05:4f:ab:66:c8:71:7a:b0:
3e:71:01:19:61:e2:71:59:ad:b0:33:86:10:4a:1a:
ef:fe:74:41:3c:62:f3:92:19:e1:75:85:4d:60:38:
35:07:10:a5:f1:02:b2:d8:de:60:67:a3:31:8d:3b:
a7:97:97:a1:05:b4:55:45:07:fd:94:57:52:69:b4:
28:cb:ae:b5:05:25:48:d7:2d:a5:c4:1f:27:02:36:
ad:b6:69:90:e1:6e:6c:fd:a7:37:84:da:65:6a:71:
3c:5e:7f:81:ca:32:aa:ad:90:48:c4:27:a3:af:78:
a2:d2:f8:0c:84:8d:64:7e:28:d4:dc:a6:d1:63:9b:
84:f2:66:3e:d6:49:f3:af:08:20:9a:71:63:39:1d:
54:c5:38:1a:38:c8:31:1d:20:36:95:af:e4:54:e5:
96:3f:1a:6c:87:3f:fa:73:3a:99:d7:31:1a:37:a5:
37:6e:78:46:20:bd:4a:d5:bb:33:ad:bd:be:9b:6c:
09:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:DA:34:58:29:FC:96:79:D3:5F:AB:45:9F:AE:9C:1C:5C:DF:76:5E
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/3138352e33342e3130312e302f32342d3234203d3e20323130393132.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.34.101.0/24
Signature Algorithm: sha256WithRSAEncryption
16:f7:df:06:55:cb:c6:27:9e:40:60:e0:da:35:9f:09:6e:c1:
67:54:b4:5e:ab:02:84:a9:ce:26:79:28:3e:c5:6c:d7:0d:2a:
a4:0a:b9:3b:3c:76:4d:c4:64:5e:90:23:38:07:7f:35:42:35:
8a:82:05:c4:45:d9:2f:23:7f:cb:31:1b:0b:eb:7a:b8:eb:5a:
8a:45:60:95:87:48:b4:fd:43:db:de:2b:55:1e:cc:1e:2a:5d:
ec:70:dc:13:9c:1b:4b:e5:d1:c6:b7:be:f5:40:b3:73:b2:7d:
1a:7f:6e:1b:53:2e:40:e4:b7:26:40:ce:89:6f:87:b9:c3:a8:
18:2d:36:ff:53:2c:c2:bb:e0:1c:33:0e:8c:03:db:f7:0a:46:
ed:b9:56:a5:22:21:16:53:23:05:b9:28:9b:fe:72:14:6e:03:
3c:39:85:93:3d:2a:bf:7f:cf:f9:06:24:8c:1a:39:3b:9c:5a:
b9:56:b5:bf:72:14:66:b6:41:20:c6:fa:6e:81:6c:37:3d:fd:
ad:9a:e6:7c:59:cb:10:a8:41:4b:97:58:9b:a6:a2:84:14:89:
b0:a2:31:75:9f:83:8b:57:b7:8c:bc:ae:ae:bc:06:6b:86:8f:
16:8f:a6:6d:fe:6a:ae:6e:cf:fb:0e:1f:8c:7c:f4:0c:40:f9:
68:7b:46:20
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUZ65PPEqz1pLLlQjmmfryTgDCJpowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yMzEyMjAxNDA5MDJaFw0yNDEyMTgxNDE0MDJaMDMxMTAvBgNV
BAMTKDQ2REEzNDU4MjlGQzk2NzlEMzVGQUI0NTlGQUU5QzFDNUNERjc2NUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzzLp7gob1960ql35gMFxa0yss
UyuXIon5wy+uOB+NIWG5ypcmYoofY4Tvp+73+dVw/Jj5Yo3bNnYSdXouCpmKcUYF
T6tmyHF6sD5xARlh4nFZrbAzhhBKGu/+dEE8YvOSGeF1hU1gODUHEKXxArLY3mBn
ozGNO6eXl6EFtFVFB/2UV1JptCjLrrUFJUjXLaXEHycCNq22aZDhbmz9pzeE2mVq
cTxef4HKMqqtkEjEJ6OveKLS+AyEjWR+KNTcptFjm4TyZj7WSfOvCCCacWM5HVTF
OBo4yDEdIDaVr+RU5ZY/GmyHP/pzOpnXMRo3pTdueEYgvUrVuzOtvb6bbAnTAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQURto0WCn8lnnTX6tFn66cHFzfdl4wHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYt
MWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYxNjdkLzAvMzEzODM1MmUzMzM0MmUzMTMw
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzAzOTMxMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5ImUwDQYJKoZIhvcNAQELBQADggEBABb33wZVy8YnnkBg4No1nwluwWdUtF6r
AoSpziZ5KD7FbNcNKqQKuTs8dk3EZF6QIzgHfzVCNYqCBcRF2S8jf8sxGwvrerjr
WopFYJWHSLT9Q9veK1UezB4qXexw3BOcG0vl0ca3vvVAs3OyfRp/bhtTLkDktyZA
zolvh7nDqBgtNv9TLMK74BwzDowD2/cKRu25VqUiIRZTIwW5KJv+chRuAzw5hZM9
Kr9/z/kGJIwaOTucWrlWtb9yFGa2QSDG+m6BbDc9/a2a5nxZyxCoQUuXWJumooQU
ibCiMXWfg4tXt4y8rq68BmuGjxaPpm3+aq5uz/sOH4x89AxA+Wh7RiA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:08 2024 by rpki-client on console-fra.rpki-client.org