Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/d1a261-8f83-4f6a-87ab-cf41f76d7f03/1/ntMk5LyxCgQHHtfGenCbz8aFjy0.roa
File: ntMk5LyxCgQHHtfGenCbz8aFjy0.roa (raw, json)
Hash identifier: 5flvhYR9izkhWBJuYyE1eye583fOvjew5C+Dq4rrtCY=
Subject key identifier: 9E:D3:24:E4:BC:B1:0A:04:07:1E:D7:C6:7A:70:9B:CF:C6:85:8F:2D
Certificate issuer: /CN=342b03896c76698286f881a6ba472a08b7963ca2
Certificate serial: 0185841452A80FA07F663B459D918B4DBC32
Authority key identifier: 34:2B:03:89:6C:76:69:82:86:F8:81:A6:BA:47:2A:08:B7:96:3C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NCsDiWx2aYKG-IGmukcqCLeWPKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/d1a261-8f83-4f6a-87ab-cf41f76d7f03/1/ntMk5LyxCgQHHtfGenCbz8aFjy0.roa
Signing time: Thu 05 Jan 2023 22:36:42 +0000
ROA not before: Thu 05 Jan 2023 22:36:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205729
IP address blocks: 80.79.60.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:84:14:52:a8:0f:a0:7f:66:3b:45:9d:91:8b:4d:bc:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=342b03896c76698286f881a6ba472a08b7963ca2
Validity
Not Before: Jan 5 22:36:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ed324e4bcb10a04071ed7c67a709bcfc6858f2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:62:4e:37:0b:69:d2:be:59:cc:5f:5d:e8:49:
2c:74:ca:77:c3:cd:eb:91:5a:9a:ab:b6:e4:fa:ce:
4f:4f:19:93:51:af:f5:2d:92:c4:30:1c:dd:fa:6d:
cf:2b:c3:4f:54:be:97:06:49:b6:b1:e6:20:34:8e:
bf:a4:26:45:cc:7f:59:b1:0b:42:f8:c1:84:68:0d:
f2:76:d4:57:ce:5b:27:64:3f:f6:f2:3d:7f:89:7c:
59:7c:7d:75:28:bb:c1:b1:36:97:ae:9e:4a:1f:6b:
73:84:f6:fa:fb:b7:3b:3e:73:e4:50:40:e2:73:f8:
f8:f7:a8:16:ee:c4:a2:b3:0a:8d:49:db:ce:31:c3:
48:56:2b:ce:1f:12:cc:89:0c:f9:3f:49:5a:07:70:
1c:30:c2:dd:e6:69:72:73:a9:cb:7e:31:42:d1:d7:
c8:ca:b4:cd:81:5a:26:da:63:67:86:d2:4e:a8:71:
3b:6f:48:6b:42:55:0c:01:e9:75:35:4c:60:b3:70:
0b:36:11:4b:5f:48:45:3d:b5:a9:8d:25:61:de:e4:
c7:0b:2b:04:64:dd:4c:2d:0c:ac:f8:1e:55:34:0e:
48:15:b1:a1:b5:fa:1d:f5:32:1f:18:26:71:88:79:
58:7c:1a:84:1c:a2:3f:49:fd:8c:fe:23:89:40:4e:
4e:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:D3:24:E4:BC:B1:0A:04:07:1E:D7:C6:7A:70:9B:CF:C6:85:8F:2D
X509v3 Authority Key Identifier:
keyid:34:2B:03:89:6C:76:69:82:86:F8:81:A6:BA:47:2A:08:B7:96:3C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NCsDiWx2aYKG-IGmukcqCLeWPKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/d1a261-8f83-4f6a-87ab-cf41f76d7f03/1/ntMk5LyxCgQHHtfGenCbz8aFjy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/d1a261-8f83-4f6a-87ab-cf41f76d7f03/1/NCsDiWx2aYKG-IGmukcqCLeWPKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.79.60.0/24
Signature Algorithm: sha256WithRSAEncryption
12:c2:4e:4a:25:d7:d0:d5:df:1e:08:a6:1f:97:30:53:8b:1a:
79:0c:76:e4:83:9c:7c:8b:ad:2c:d9:54:25:35:d6:c9:f4:ca:
66:34:af:07:b3:15:87:95:9d:fb:1b:50:8a:d9:2d:98:b5:5a:
8b:d7:fc:fa:50:b2:2c:ad:fe:31:de:16:8e:be:b3:2d:67:71:
3d:4c:98:8b:8a:43:2c:35:0a:a1:d4:19:d5:1c:83:e7:57:48:
ef:81:e7:d9:ec:bf:f8:f4:a6:e1:5c:ee:f6:22:91:2f:b1:25:
ad:16:94:cf:17:78:84:9f:b7:ee:d5:e9:d0:56:5e:f2:72:ce:
9c:65:d4:38:ac:eb:2e:18:ab:ef:1d:21:6e:f2:50:42:b3:0e:
c2:82:9e:60:a3:2d:ae:c9:ce:01:d9:82:d9:ac:84:54:20:1a:
90:22:7f:59:56:27:62:5f:e0:00:e2:27:e1:a5:31:32:37:dc:
76:bd:9f:04:e4:c0:6b:43:a9:4d:23:ef:44:08:17:74:47:f6:
41:bb:a0:63:58:eb:21:63:2d:af:c5:f3:f3:b8:48:51:9a:bd:
25:39:4d:0a:1a:f0:a8:58:0e:84:f4:f3:5e:31:70:6e:a2:d8:
79:fd:f5:86:c1:12:9b:69:7e:84:f1:ad:8e:f9:55:3e:a1:06:
c6:02:c0:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWEFFKoD6B/ZjtFnZGLTbwyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MmIwMzg5NmM3NjY5ODI4NmY4ODFhNmJhNDcyYTA4Yjc5
NjNjYTIwHhcNMjMwMTA1MjIzNjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWQzMjRlNGJjYjEwYTA0MDcxZWQ3YzY3YTcwOWJjZmM2ODU4ZjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGJONwtp0r5ZzF9d6EksdMp3w83r
kVqaq7bk+s5PTxmTUa/1LZLEMBzd+m3PK8NPVL6XBkm2seYgNI6/pCZFzH9ZsQtC
+MGEaA3ydtRXzlsnZD/28j1/iXxZfH11KLvBsTaXrp5KH2tzhPb6+7c7PnPkUEDi
c/j496gW7sSiswqNSdvOMcNIVivOHxLMiQz5P0laB3AcMMLd5mlyc6nLfjFC0dfI
yrTNgVom2mNnhtJOqHE7b0hrQlUMAel1NUxgs3ALNhFLX0hFPbWpjSVh3uTHCysE
ZN1MLQys+B5VNA5IFbGhtfod9TIfGCZxiHlYfBqEHKI/Sf2M/iOJQE5OtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ7TJOS8sQoEBx7Xxnpwm8/GhY8tMB8GA1UdIwQY
MBaAFDQrA4lsdmmChviBprpHKgi3ljyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkNzRGlXeDJhWUtHLUlHbXVrY3FDTGVXUEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9kMWEyNjEtOGY4My00ZjZhLTg3YWIt
Y2Y0MWY3NmQ3ZjAzLzEvbnRNazVMeXhDZ1FISHRmR2VuQ2J6OGFGankwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9kMWEyNjEtOGY4My00ZjZhLTg3YWItY2Y0MWY3NmQ3ZjAz
LzEvTkNzRGlXeDJhWUtHLUlHbXVrY3FDTGVXUEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUE88MA0G
CSqGSIb3DQEBCwUAA4IBAQASwk5KJdfQ1d8eCKYflzBTixp5DHbkg5x8i60s2VQl
NdbJ9MpmNK8HsxWHlZ37G1CK2S2YtVqL1/z6ULIsrf4x3haOvrMtZ3E9TJiLikMs
NQqh1BnVHIPnV0jvgefZ7L/49KbhXO72IpEvsSWtFpTPF3iEn7fu1enQVl7ycs6c
ZdQ4rOsuGKvvHSFu8lBCsw7Cgp5goy2uyc4B2YLZrIRUIBqQIn9ZVidiX+AA4ifh
pTEyN9x2vZ8E5MBrQ6lNI+9ECBd0R/ZBu6BjWOshYy2vxfPzuEhRmr0lOU0KGvCo
WA6E9PNeMXBuoth5/fWGwRKbaX6E8a2O+VU+oQbGAsCY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:11 2024 by rpki-client on console-ams.rpki-client.org