Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3233322e31322e302f32332d3234203d3e2030.roa
File: 3138352e3233322e31322e302f32332d3234203d3e2030.roa (raw, json)
Hash identifier: EA7DpoMAjSphQo6B/AXSGxyh/MGitR3dC7ScUMTpFzk=
Subject key identifier: 1B:D3:83:13:F8:64:9C:C8:27:01:D7:C9:3A:6D:48:82:98:05:49:87
Certificate issuer: /CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Certificate serial: 519E76BA3CB107F94BFC6C60DE48FBADE3352DF4
Authority key identifier: B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3233322e31322e302f32332d3234203d3e2030.roa
Signing time: Mon 27 Mar 2023 08:27:39 +0000
ROA not before: Mon 27 Mar 2023 08:22:39 +0000
ROA not after: Mon 25 Mar 2024 08:27:39 +0000
asID: 0
IP address blocks: 185.232.12.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:9e:76:ba:3c:b1:07:f9:4b:fc:6c:60:de:48:fb:ad:e3:35:2d:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Validity
Not Before: Mar 27 08:22:39 2023 GMT
Not After : Mar 25 08:27:39 2024 GMT
Subject: CN=1BD38313F8649CC82701D7C93A6D488298054987
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:eb:4e:df:28:c4:8b:a4:4d:cf:b9:81:a1:66:
5e:5a:bc:bc:28:ad:50:37:77:5c:62:bc:4d:89:4b:
f8:7b:7f:98:f9:4e:5d:16:54:12:49:f6:e7:33:a7:
c3:f1:cc:d5:c0:48:e2:42:46:6d:22:f0:55:30:79:
a2:59:b5:1a:e2:1e:cf:d1:fe:86:e0:04:26:a3:3e:
6d:29:f4:bb:25:ad:28:74:4f:96:20:7f:eb:20:e9:
59:01:5e:31:46:cf:36:d7:3e:3f:f0:1b:a4:c9:d2:
79:f9:ad:c4:1b:41:e7:a8:e8:a0:d9:44:7a:64:e2:
91:c1:3b:9e:e7:60:26:64:3c:56:1b:7e:74:bb:51:
eb:e0:b7:69:e9:30:c6:4d:e6:7f:2e:26:49:02:31:
1f:b2:2c:e6:11:b9:cb:da:7b:a0:45:fb:d3:b9:6b:
fb:ea:54:d6:ab:cf:1f:e1:2a:1f:cd:c7:b4:2a:6c:
36:e5:32:96:21:e0:aa:fb:c0:e0:e3:7b:d2:83:f0:
82:d6:d9:51:7e:c6:d3:ae:db:d6:fe:bb:ee:6e:b3:
e5:d6:90:29:29:96:44:c7:e9:58:45:b0:be:43:14:
d8:e9:69:52:62:c4:e7:14:4b:2a:df:1b:54:df:67:
fa:de:04:95:41:8c:db:af:99:7d:8c:fd:fb:75:94:
6e:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:D3:83:13:F8:64:9C:C8:27:01:D7:C9:3A:6D:48:82:98:05:49:87
X509v3 Authority Key Identifier:
keyid:B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3233322e31322e302f32332d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.232.12.0/23
Signature Algorithm: sha256WithRSAEncryption
ae:87:38:f4:45:05:d1:fb:38:25:41:b6:24:86:6b:ea:04:d0:
3c:82:cf:c0:58:b5:46:c5:ac:b2:a4:c9:8d:e1:0a:f2:42:b0:
9a:11:7b:8b:a5:19:4d:a3:d2:d8:63:47:14:cb:ba:a9:f9:f3:
a6:96:50:38:43:8b:a4:b4:75:78:80:c1:a6:e2:84:f6:e2:eb:
30:c9:cc:0f:4e:02:09:bd:b4:d4:b5:10:0a:a7:66:ac:36:eb:
64:f2:f2:2a:f1:65:3f:95:70:c5:b9:34:ef:eb:db:a5:98:1f:
c4:82:7c:f1:66:50:53:b7:2d:21:19:9e:14:f7:83:1c:e4:1e:
da:5b:8d:94:85:bc:d8:f2:64:63:e2:1d:01:44:f8:37:90:68:
9d:52:a5:1b:b4:19:94:99:05:88:85:a3:ea:a7:23:43:37:b9:
3e:65:bc:fe:ba:c6:7e:7d:ad:ad:44:6b:f4:e6:84:25:f4:12:
25:52:a3:13:ed:20:9f:da:d2:3c:ef:fc:7a:da:67:11:dd:aa:
22:22:5b:0d:36:60:e4:3a:b6:18:65:11:e5:b8:ae:c0:30:ec:
8d:d9:a8:99:7b:6e:ad:4d:c8:2f:b3:6f:a0:3f:9e:41:c8:7c:
f2:d0:77:09:72:96:e0:15:3d:f8:bf:96:2b:b9:26:c8:67:dd:
37:6f:1c:3a
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUUZ52ujyxB/lL/Gxg3kj7reM1LfQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjk3YmNmYWMyN2JiYWYxOWRlMWQzMWU1MzYyOTcyNmMx
ZTRjYWFhMjAeFw0yMzAzMjcwODIyMzlaFw0yNDAzMjUwODI3MzlaMDMxMTAvBgNV
BAMTKDFCRDM4MzEzRjg2NDlDQzgyNzAxRDdDOTNBNkQ0ODgyOTgwNTQ5ODcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDC607fKMSLpE3PuYGhZl5avLwo
rVA3d1xivE2JS/h7f5j5Tl0WVBJJ9uczp8PxzNXASOJCRm0i8FUweaJZtRriHs/R
/obgBCajPm0p9LslrSh0T5Ygf+sg6VkBXjFGzzbXPj/wG6TJ0nn5rcQbQeeo6KDZ
RHpk4pHBO57nYCZkPFYbfnS7Uevgt2npMMZN5n8uJkkCMR+yLOYRucvae6BF+9O5
a/vqVNarzx/hKh/Nx7QqbDblMpYh4Kr7wODje9KD8ILW2VF+xtOu29b+u+5us+XW
kCkplkTH6VhFsL5DFNjpaVJixOcUSyrfG1TfZ/reBJVBjNuvmX2M/ft1lG75AgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUG9ODE/hknMgnAdfJOm1IgpgFSYcwHwYDVR0j
BBgwFoAUuXvPrCe7rxneHTHlNilybB5MqqIwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzMvQjk3QkNGQUMyN0JCQUYxOURFMUQzMUU1MzYyOTcyNkMxRTRDQUFBMi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3VYdlByQ2U3cnhuZUhUSGxOaWx5YkI1
TXFxSS5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzMvMzEzODM1MmUzMjMzMzIyZTMx
MzIyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbnoDDANBgkq
hkiG9w0BAQsFAAOCAQEAroc49EUF0fs4JUG2JIZr6gTQPILPwFi1RsWssqTJjeEK
8kKwmhF7i6UZTaPS2GNHFMu6qfnzppZQOEOLpLR1eIDBpuKE9uLrMMnMD04CCb20
1LUQCqdmrDbrZPLyKvFlP5Vwxbk07+vbpZgfxIJ88WZQU7ctIRmeFPeDHOQe2luN
lIW82PJkY+IdAUT4N5BonVKlG7QZlJkFiIWj6qcjQze5PmW8/rrGfn2trURr9OaE
JfQSJVKjE+0gn9rSPO/8etpnEd2qIiJbDTZg5Dq2GGUR5biuwDDsjdmomXturU3I
L7NvoD+eQch88tB3CXKW4BU9+L+WK7kmyGfdN28cOg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:11 2024 by rpki-client on console-ams.rpki-client.org