Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/d1a261-8f83-4f6a-87ab-cf41f76d7f03/1/69DzVMlczeTJU1SG46xb7fVL4eI.roa
File: 69DzVMlczeTJU1SG46xb7fVL4eI.roa (raw, json)
Hash identifier: WDy/9nLud31EjRZGmZGlgKJb355eG9HK7/pxNWS8a0o=
Subject key identifier: EB:D0:F3:54:C9:5C:CD:E4:C9:53:54:86:E3:AC:5B:ED:F5:4B:E1:E2
Certificate issuer: /CN=342b03896c76698286f881a6ba472a08b7963ca2
Certificate serial: 01856CF837F5885624CFE389223C7115D048
Authority key identifier: 34:2B:03:89:6C:76:69:82:86:F8:81:A6:BA:47:2A:08:B7:96:3C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NCsDiWx2aYKG-IGmukcqCLeWPKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/d1a261-8f83-4f6a-87ab-cf41f76d7f03/1/69DzVMlczeTJU1SG46xb7fVL4eI.roa
Signing time: Sun 01 Jan 2023 10:54:44 +0000
ROA not before: Sun 01 Jan 2023 10:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205729
IP address blocks: 80.79.60.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:f8:37:f5:88:56:24:cf:e3:89:22:3c:71:15:d0:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=342b03896c76698286f881a6ba472a08b7963ca2
Validity
Not Before: Jan 1 10:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ebd0f354c95ccde4c9535486e3ac5bedf54be1e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:5e:ad:8e:6c:a8:73:0d:03:20:08:0c:fa:df:
95:5a:39:c7:49:e2:49:77:cb:31:86:61:6b:64:75:
f4:40:e0:14:0f:fb:32:d2:1e:1f:13:eb:01:45:d9:
22:98:22:26:36:29:6e:db:76:fc:1e:84:35:03:b0:
a3:6e:a0:5c:8a:71:77:5c:89:e7:c2:f9:b9:6d:05:
9e:fb:d7:8e:bd:32:10:af:40:c2:01:48:ab:17:6a:
16:43:a4:84:bd:e3:22:48:19:13:ee:be:b1:9e:e8:
61:bd:1a:2c:35:97:33:51:1e:47:cd:98:57:62:6a:
ec:92:ae:89:29:a1:42:c1:7d:a9:bb:c3:8c:bb:10:
c0:37:2e:6f:44:51:85:8c:65:40:e3:b4:37:8d:42:
97:97:b1:77:7f:7e:13:5a:f1:96:1a:f2:05:ac:2d:
fe:db:5f:47:da:ac:af:bf:7e:a9:8a:fc:ea:7d:d9:
ba:e7:47:3f:73:68:5f:52:27:94:61:85:64:5b:be:
4c:17:1e:60:d5:97:01:3d:42:10:4a:99:50:11:76:
46:31:5d:17:c1:58:ec:0d:ca:13:53:40:92:0e:b4:
e0:ab:f0:ee:7c:a5:1f:51:76:36:08:e6:ed:c2:13:
4a:1e:47:8a:b3:b1:a8:52:2c:68:86:27:b7:fd:ba:
15:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:D0:F3:54:C9:5C:CD:E4:C9:53:54:86:E3:AC:5B:ED:F5:4B:E1:E2
X509v3 Authority Key Identifier:
keyid:34:2B:03:89:6C:76:69:82:86:F8:81:A6:BA:47:2A:08:B7:96:3C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NCsDiWx2aYKG-IGmukcqCLeWPKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/d1a261-8f83-4f6a-87ab-cf41f76d7f03/1/69DzVMlczeTJU1SG46xb7fVL4eI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/d1a261-8f83-4f6a-87ab-cf41f76d7f03/1/NCsDiWx2aYKG-IGmukcqCLeWPKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.79.60.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:94:bc:c2:50:e8:44:71:ed:cc:21:bb:90:ee:47:85:42:fd:
b3:58:f1:4c:e9:91:99:61:45:f0:a8:d8:ab:c1:2e:7d:72:d4:
ec:e6:e8:56:8f:07:cd:61:50:cb:6f:f3:2e:bb:7b:8d:32:8a:
7a:c4:d5:b3:14:58:ed:1a:8e:d4:24:ab:73:c0:6a:13:f4:37:
8e:dd:8b:18:f6:5c:3a:5f:da:33:5c:76:24:5a:6f:8f:2e:db:
0a:ad:f8:ad:39:d2:9c:3d:c4:9b:1c:26:65:14:7f:d1:cf:23:
33:ab:e9:dd:1a:3a:c0:58:be:64:fc:0c:f0:00:73:0a:64:3a:
0d:8f:59:17:cf:eb:c1:01:e1:45:7b:63:b9:0c:7c:2f:ec:ae:
8a:2b:02:ec:78:a6:9a:17:45:14:01:64:4d:c9:c5:d5:0b:fa:
12:e6:92:94:72:4a:41:05:cd:36:35:0d:58:1b:19:e3:6e:1d:
f8:9a:6f:68:5c:fe:f1:18:f7:bb:bd:3f:66:92:d0:40:b4:de:
78:6b:9f:7d:88:10:b5:80:7c:62:30:48:bd:61:10:c8:4d:1b:
ca:c4:42:50:ef:a9:67:d3:02:38:d8:43:2e:b9:d5:b1:a8:68:
67:88:fb:d2:bf:0b:4d:c9:c6:0b:ed:7e:f8:4c:0f:02:91:f5:
f1:c9:b2:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs+Df1iFYkz+OJIjxxFdBIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MmIwMzg5NmM3NjY5ODI4NmY4ODFhNmJhNDcyYTA4Yjc5
NjNjYTIwHhcNMjMwMTAxMTA1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmQwZjM1NGM5NWNjZGU0Yzk1MzU0ODZlM2FjNWJlZGY1NGJlMWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiV6tjmyocw0DIAgM+t+VWjnHSeJJ
d8sxhmFrZHX0QOAUD/sy0h4fE+sBRdkimCImNilu23b8HoQ1A7CjbqBcinF3XInn
wvm5bQWe+9eOvTIQr0DCAUirF2oWQ6SEveMiSBkT7r6xnuhhvRosNZczUR5HzZhX
Ymrskq6JKaFCwX2pu8OMuxDANy5vRFGFjGVA47Q3jUKXl7F3f34TWvGWGvIFrC3+
219H2qyvv36pivzqfdm650c/c2hfUieUYYVkW75MFx5g1ZcBPUIQSplQEXZGMV0X
wVjsDcoTU0CSDrTgq/DufKUfUXY2CObtwhNKHkeKs7GoUixohie3/boVcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOvQ81TJXM3kyVNUhuOsW+31S+HiMB8GA1UdIwQY
MBaAFDQrA4lsdmmChviBprpHKgi3ljyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkNzRGlXeDJhWUtHLUlHbXVrY3FDTGVXUEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9kMWEyNjEtOGY4My00ZjZhLTg3YWIt
Y2Y0MWY3NmQ3ZjAzLzEvNjlEelZNbGN6ZVRKVTFTRzQ2eGI3ZlZMNGVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9kMWEyNjEtOGY4My00ZjZhLTg3YWItY2Y0MWY3NmQ3ZjAz
LzEvTkNzRGlXeDJhWUtHLUlHbXVrY3FDTGVXUEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUE88MA0G
CSqGSIb3DQEBCwUAA4IBAQALlLzCUOhEce3MIbuQ7keFQv2zWPFM6ZGZYUXwqNir
wS59ctTs5uhWjwfNYVDLb/Muu3uNMop6xNWzFFjtGo7UJKtzwGoT9DeO3YsY9lw6
X9ozXHYkWm+PLtsKrfitOdKcPcSbHCZlFH/RzyMzq+ndGjrAWL5k/AzwAHMKZDoN
j1kXz+vBAeFFe2O5DHwv7K6KKwLseKaaF0UUAWRNycXVC/oS5pKUckpBBc02NQ1Y
Gxnjbh34mm9oXP7xGPe7vT9mktBAtN54a599iBC1gHxiMEi9YRDITRvKxEJQ76ln
0wI42EMuudWxqGhniPvSvwtNycYL7X74TA8CkfXxybIp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:11 2024 by rpki-client on console-ams.rpki-client.org