Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3235302e3232302e302f32322d3234203d3e203432333636.roa
File: 3138352e3235302e3232302e302f32322d3234203d3e203432333636.roa (raw, json)
Hash identifier: 3m6r5i2+z4wf7AIJNW0We2o0W44nAJLVFxxu4gL7we4=
Subject key identifier: 3B:DE:DE:DD:3E:F9:55:DF:F9:9A:28:00:14:68:FA:9E:30:78:B5:19
Certificate issuer: /CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Certificate serial: 20437AFF383EB7078765904A69F2FD8B399BD07C
Authority key identifier: B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3235302e3232302e302f32322d3234203d3e203432333636.roa
Signing time: Sun 07 Apr 2024 16:03:28 +0000
ROA not before: Sun 07 Apr 2024 15:58:28 +0000
ROA not after: Sun 06 Apr 2025 16:03:28 +0000
asID: 42366
IP address blocks: 185.250.220.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:43:7a:ff:38:3e:b7:07:87:65:90:4a:69:f2:fd:8b:39:9b:d0:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Validity
Not Before: Apr 7 15:58:28 2024 GMT
Not After : Apr 6 16:03:28 2025 GMT
Subject: CN=3BDEDEDD3EF955DFF99A28001468FA9E3078B519
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:cd:40:8b:4f:77:2c:d6:b7:19:89:a4:9a:10:
3b:c4:1b:8c:e5:b5:0f:6e:7e:4a:95:7f:95:e8:57:
21:95:0a:ae:7c:8e:14:60:c1:d7:8d:b8:94:cc:bd:
09:1d:7b:0a:62:d2:62:8a:72:9f:30:89:92:8b:ad:
36:7a:7f:15:67:09:52:ff:0f:2e:55:df:03:fd:c9:
d7:bd:a4:9f:3d:cf:27:a8:4c:50:fb:1e:fc:88:84:
e5:89:40:74:28:6d:d5:c1:74:4a:af:29:ca:5e:38:
a9:93:2c:c8:24:05:f4:0d:fd:40:f6:c7:a7:c6:8d:
40:ec:bd:5a:5b:b0:1e:27:4d:76:68:05:9e:76:50:
15:f3:31:1d:6d:9d:56:d2:fd:ac:05:5e:8e:4a:ef:
ea:13:b8:74:ca:a9:51:42:b5:ab:d9:44:f1:d8:53:
c5:f3:13:70:0c:12:b3:dd:75:d9:f5:79:cb:17:09:
d9:19:91:7e:e6:ed:e6:88:34:92:90:e7:f9:49:a3:
97:69:27:79:00:ab:b7:da:07:e3:c5:af:d9:69:7e:
86:08:67:c2:a2:39:e0:9e:55:4e:fc:08:cb:38:6c:
58:dd:f6:47:34:2e:57:55:86:32:63:98:86:a2:37:
98:8c:19:b3:06:25:e0:02:c9:ab:72:20:e4:0a:3d:
ed:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:DE:DE:DD:3E:F9:55:DF:F9:9A:28:00:14:68:FA:9E:30:78:B5:19
X509v3 Authority Key Identifier:
keyid:B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3235302e3232302e302f32322d3234203d3e203432333636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.250.220.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:78:34:43:5a:51:18:f7:3b:e7:fc:b5:7a:77:c3:9c:e6:7d:
fe:2f:6c:d8:56:5c:1b:84:ea:c6:c4:4d:d7:08:5f:17:96:75:
87:69:4e:f3:9d:66:76:08:9d:29:0c:d2:fe:a2:76:9c:1d:85:
c6:aa:86:cf:ae:41:4e:e4:dd:22:84:28:f7:42:5c:b5:1f:30:
df:94:ce:4b:ee:67:0d:05:31:8b:c5:63:53:d6:bb:2e:d3:fe:
c4:49:f7:e4:4e:fa:51:a6:bb:ae:e1:00:48:13:b3:6c:f5:91:
30:51:4f:9e:9f:e3:f1:ec:ae:0d:af:1e:50:8d:1d:03:10:7a:
68:6d:8a:ca:5b:ba:5e:75:bc:4f:7d:72:b0:cd:fc:c4:44:ca:
57:0c:a2:cd:32:f8:d3:12:0b:25:a5:8c:55:43:4b:c8:d7:a0:
63:ce:28:34:2c:df:b1:a6:11:fe:2b:92:b3:77:dd:37:2c:6b:
19:c3:b4:62:2c:df:d4:29:c6:6f:32:c0:4d:b1:ba:ae:36:0e:
0c:87:de:2a:81:82:7e:2e:94:b2:ff:38:f9:27:ec:0a:a7:24:
c5:8e:18:1b:78:3c:9f:4d:0b:0f:b5:b1:48:8a:5f:44:49:af:
8a:19:01:43:c0:42:12:25:56:e7:09:fc:49:53:76:5a:92:15:
47:5a:69:46
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUIEN6/zg+tweHZZBKafL9izmb0HwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjk3YmNmYWMyN2JiYWYxOWRlMWQzMWU1MzYyOTcyNmMx
ZTRjYWFhMjAeFw0yNDA0MDcxNTU4MjhaFw0yNTA0MDYxNjAzMjhaMDMxMTAvBgNV
BAMTKDNCREVERUREM0VGOTU1REZGOTlBMjgwMDE0NjhGQTlFMzA3OEI1MTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfzUCLT3cs1rcZiaSaEDvEG4zl
tQ9ufkqVf5XoVyGVCq58jhRgwdeNuJTMvQkdewpi0mKKcp8wiZKLrTZ6fxVnCVL/
Dy5V3wP9yde9pJ89zyeoTFD7HvyIhOWJQHQobdXBdEqvKcpeOKmTLMgkBfQN/UD2
x6fGjUDsvVpbsB4nTXZoBZ52UBXzMR1tnVbS/awFXo5K7+oTuHTKqVFCtavZRPHY
U8XzE3AMErPdddn1ecsXCdkZkX7m7eaINJKQ5/lJo5dpJ3kAq7faB+PFr9lpfoYI
Z8KiOeCeVU78CMs4bFjd9kc0LldVhjJjmIaiN5iMGbMGJeACyatyIOQKPe0TAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUO97e3T75Vd/5migAFGj6njB4tRkwHwYDVR0j
BBgwFoAUuXvPrCe7rxneHTHlNilybB5MqqIwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzMvQjk3QkNGQUMyN0JCQUYxOURFMUQzMUU1MzYyOTcyNkMxRTRDQUFBMi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3VYdlByQ2U3cnhuZUhUSGxOaWx5YkI1
TXFxSS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzMvMzEzODM1MmUzMjM1MzAyZTMy
MzIzMDJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDM0MzIzMzM2MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAK5+twwDQYJKoZIhvcNAQELBQADggEBACp4NENaURj3O+f8tXp3w5zmff4vbNhW
XBuE6sbETdcIXxeWdYdpTvOdZnYInSkM0v6idpwdhcaqhs+uQU7k3SKEKPdCXLUf
MN+UzkvuZw0FMYvFY1PWuy7T/sRJ9+RO+lGmu67hAEgTs2z1kTBRT56f4/Hsrg2v
HlCNHQMQemhtispbul51vE99crDN/MREylcMos0y+NMSCyWljFVDS8jXoGPOKDQs
37GmEf4rkrN33TcsaxnDtGIs39Qpxm8ywE2xuq42DgyH3iqBgn4ulLL/OPkn7Aqn
JMWOGBt4PJ9NCw+1sUiKX0RJr4oZAUPAQhIlVucJ/ElTdlqSFUdaaUY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:23 2024 by rpki-client on console-fra.rpki-client.org