Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/47f445-5ea9-437d-a59a-5900a5947b8d/1/nDlEm07Nq2CKgPdXqvgHX_Tz8Ik.roa
File: nDlEm07Nq2CKgPdXqvgHX_Tz8Ik.roa (raw, json)
Hash identifier: 3WeOuhj5tpS0nCatAyn/hk8tw4VlkGca+6c20tJ81WQ=
Subject key identifier: 9C:39:44:9B:4E:CD:AB:60:8A:80:F7:57:AA:F8:07:5F:F4:F3:F0:89
Certificate issuer: /CN=2864bb34fb5d16ca9d1fa3f9794cb48d4bed8473
Certificate serial: 05950CF2
Authority key identifier: 28:64:BB:34:FB:5D:16:CA:9D:1F:A3:F9:79:4C:B4:8D:4B:ED:84:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KGS7NPtdFsqdH6P5eUy0jUvthHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/47f445-5ea9-437d-a59a-5900a5947b8d/1/nDlEm07Nq2CKgPdXqvgHX_Tz8Ik.roa
Signing time: Wed 26 Jan 2022 09:20:59 +0000
ROA not before: Wed 26 Jan 2022 09:20:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398772
IP address blocks: 2.58.144.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93654258 (0x5950cf2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2864bb34fb5d16ca9d1fa3f9794cb48d4bed8473
Validity
Not Before: Jan 26 09:20:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9c39449b4ecdab608a80f757aaf8075ff4f3f089
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:5b:d5:7e:ee:97:46:50:44:4a:04:2d:e0:8e:
dc:ad:f1:8d:52:6d:54:fc:2a:67:f9:a5:8e:da:ae:
58:ab:62:a4:8b:92:a3:30:29:18:7b:e8:22:6b:21:
3b:c4:4b:99:6a:30:64:2b:ad:af:f5:56:19:f9:22:
09:c8:f3:0d:39:34:9f:06:db:2e:10:50:e7:c8:fc:
17:66:ca:57:d0:9f:aa:21:22:eb:26:32:a6:c2:c4:
55:42:06:d5:34:67:fc:fd:25:2c:93:10:ab:33:ce:
fe:2d:14:6f:14:e4:43:99:56:dd:6d:9a:c1:54:1d:
66:ee:49:1d:34:f8:ca:63:46:77:89:30:aa:05:67:
78:30:79:74:38:d6:e3:0f:2e:22:70:1a:89:66:ba:
76:21:0c:59:71:bf:16:c7:fb:52:5b:c7:9d:8d:67:
b0:10:e2:29:91:d8:95:fe:b4:5c:e7:ec:7d:ed:96:
b3:df:54:b4:62:ff:a4:87:6e:37:3f:69:f3:3b:2d:
e3:46:08:3a:2e:85:86:79:7f:d6:78:98:43:ba:44:
8a:bf:9d:ad:07:be:bc:0a:aa:8a:23:53:40:60:24:
fc:f0:27:21:a0:75:6f:d9:ab:26:99:1e:7d:b8:64:
8d:01:08:2c:04:4e:09:75:ea:a3:39:24:f5:cd:e1:
45:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:39:44:9B:4E:CD:AB:60:8A:80:F7:57:AA:F8:07:5F:F4:F3:F0:89
X509v3 Authority Key Identifier:
keyid:28:64:BB:34:FB:5D:16:CA:9D:1F:A3:F9:79:4C:B4:8D:4B:ED:84:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KGS7NPtdFsqdH6P5eUy0jUvthHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/47f445-5ea9-437d-a59a-5900a5947b8d/1/nDlEm07Nq2CKgPdXqvgHX_Tz8Ik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/47f445-5ea9-437d-a59a-5900a5947b8d/1/KGS7NPtdFsqdH6P5eUy0jUvthHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.144.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:3d:3b:25:04:1d:e9:53:c4:aa:ab:f0:88:2b:76:b3:f1:71:
62:1a:a0:ce:70:d4:27:9c:8a:ca:cd:2f:06:98:9c:81:0c:71:
62:7d:0e:0b:e1:bb:ab:b4:59:ad:3e:8a:3c:b6:a8:3a:58:68:
db:4e:62:33:39:70:35:ea:9c:c0:70:fc:55:2d:c2:a9:d2:8b:
ae:e3:71:c3:36:1e:91:16:db:38:14:11:3c:c5:cd:c6:5f:a8:
21:a6:5c:43:e5:a0:a7:b4:ed:d7:22:dc:78:2a:07:a6:66:0e:
10:73:f4:84:d6:99:95:60:8e:40:95:23:3f:71:3b:ba:71:95:
ad:57:d1:78:28:1e:22:e1:68:58:a9:f0:26:a5:c1:8f:80:63:
c1:bf:27:54:ce:b7:c0:89:84:5b:bd:ce:64:f1:d5:ff:cb:d0:
f5:19:68:aa:70:01:da:a6:89:92:99:c1:ac:95:2e:f2:67:03:
62:7b:e4:e3:5c:e6:cc:e9:42:14:f5:29:78:c7:56:52:f0:5c:
e8:81:b9:11:34:6e:57:2e:d0:a2:a2:3f:9f:35:5f:d4:05:11:
f6:05:b2:3e:4c:f9:de:37:59:2a:d4:31:2c:7e:53:7a:31:fa:
21:88:ff:c6:3b:e4:17:86:1d:96:1f:1e:0b:a3:d4:7f:b2:de:
bb:bf:cd:a0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBZUM8jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ODY0YmIzNGZiNWQxNmNhOWQxZmEzZjk3OTRjYjQ4ZDRiZWQ4NDczMB4XDTIyMDEy
NjA5MjA1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWMzOTQ0OWI0ZWNk
YWI2MDhhODBmNzU3YWFmODA3NWZmNGYzZjA4OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJRb1X7ul0ZQREoELeCO3K3xjVJtVPwqZ/mljtquWKtipIuS
ozApGHvoImshO8RLmWowZCutr/VWGfkiCcjzDTk0nwbbLhBQ58j8F2bKV9CfqiEi
6yYypsLEVUIG1TRn/P0lLJMQqzPO/i0UbxTkQ5lW3W2awVQdZu5JHTT4ymNGd4kw
qgVneDB5dDjW4w8uInAaiWa6diEMWXG/Fsf7UlvHnY1nsBDiKZHYlf60XOfsfe2W
s99UtGL/pIduNz9p8zst40YIOi6Fhnl/1niYQ7pEir+drQe+vAqqiiNTQGAk/PAn
IaB1b9mrJpkefbhkjQEILAROCXXqozkk9c3hRakCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBScOUSbTs2rYIqA91eq+Adf9PPwiTAfBgNVHSMEGDAWgBQoZLs0+10Wyp0f
o/l5TLSNS+2EczAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tHUzdOUHRkRnNxZEg2UDVlVXkwalV2dGhITS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzMvNDdmNDQ1LTVlYTktNDM3ZC1hNTlhLTU5MDBhNTk0N2I4ZC8x
L25EbEVtMDdOcTJDS2dQZFhxdmdIWF9UejhJay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzMv
NDdmNDQ1LTVlYTktNDM3ZC1hNTlhLTU5MDBhNTk0N2I4ZC8xL0tHUzdOUHRkRnNx
ZEg2UDVlVXkwalV2dGhITS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAgI6kDANBgkqhkiG9w0BAQsFAAOC
AQEACj07JQQd6VPEqqvwiCt2s/FxYhqgznDUJ5yKys0vBpicgQxxYn0OC+G7q7RZ
rT6KPLaoOlho205iMzlwNeqcwHD8VS3CqdKLruNxwzYekRbbOBQRPMXNxl+oIaZc
Q+Wgp7Tt1yLceCoHpmYOEHP0hNaZlWCOQJUjP3E7unGVrVfReCgeIuFoWKnwJqXB
j4Bjwb8nVM63wImEW73OZPHV/8vQ9RloqnAB2qaJkpnBrJUu8mcDYnvk41zmzOlC
FPUpeMdWUvBc6IG5ETRuVy7QoqI/nzVf1AUR9gWyPkz53jdZKtQxLH5TejH6IYj/
xjvkF4Ydlh8eC6PUf7Leu7/NoA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:06 2024 by rpki-client on console-ams.rpki-client.org