Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/2Wbd8cPKbwPTwc4dKhWYfBGynIM.roa
File: 2Wbd8cPKbwPTwc4dKhWYfBGynIM.roa (raw, json)
Hash identifier: t8GPh+sDEf512G5vC4qaQH0pTGJmB+1mN59OjUv6S1k=
Subject key identifier: D9:66:DD:F1:C3:CA:6F:03:D3:C1:CE:1D:2A:15:98:7C:11:B2:9C:83
Certificate issuer: /CN=458d12f095053c35876b88b47685d6435421fcf2
Certificate serial: 018875CCBD17676FF56B0F87BC29FA052440
Authority key identifier: 45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/2Wbd8cPKbwPTwc4dKhWYfBGynIM.roa
Signing time: Thu 01 Jun 2023 07:12:12 +0000
ROA not before: Thu 01 Jun 2023 07:12:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51395
IP address blocks: 79.132.141.0/24 maxlen: 24
2a0b:7140:4::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:75:cc:bd:17:67:6f:f5:6b:0f:87:bc:29:fa:05:24:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=458d12f095053c35876b88b47685d6435421fcf2
Validity
Not Before: Jun 1 07:12:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d966ddf1c3ca6f03d3c1ce1d2a15987c11b29c83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:6a:04:39:7c:07:13:79:bb:f3:98:a5:6a:79:
6f:3b:4a:4c:c8:9c:89:24:e2:1d:09:9e:d7:7a:e0:
5f:3e:aa:ff:1e:5c:e1:9f:90:4f:7d:e6:fb:54:f7:
91:f0:d2:ab:c4:2f:fa:f8:13:2a:8b:e1:c2:b2:0f:
b0:93:59:ba:1c:81:01:45:9b:93:ee:6d:90:1e:df:
f5:63:6f:d3:44:f6:a4:66:18:df:b7:23:cc:61:6d:
34:3e:a5:da:3c:8e:9a:4d:3f:10:e7:ac:cb:8f:88:
8b:c2:51:d3:c7:5e:c1:13:1f:88:08:5e:00:db:d1:
cf:af:f6:46:ef:bf:a7:20:77:e6:bb:0f:4b:60:4b:
97:95:39:c5:17:28:fb:b6:a2:66:7d:d9:98:dc:c3:
a5:a9:86:5b:cd:ea:38:f9:0b:4a:b2:d2:24:4d:df:
48:11:40:19:c1:21:43:b7:e2:01:ae:fb:95:67:0a:
f9:96:06:44:58:b6:a0:8a:1b:e6:41:13:72:ec:46:
8b:61:13:3b:23:9e:09:b5:41:31:dd:8c:e9:63:11:
3c:ed:bd:37:22:b1:6a:fd:d9:da:28:13:0e:9d:7a:
aa:68:6a:42:e4:23:48:88:4b:4b:88:c0:b2:41:25:
1b:9c:83:c9:77:6d:02:d7:86:b3:84:b8:bc:9f:0d:
ca:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:66:DD:F1:C3:CA:6F:03:D3:C1:CE:1D:2A:15:98:7C:11:B2:9C:83
X509v3 Authority Key Identifier:
keyid:45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/2Wbd8cPKbwPTwc4dKhWYfBGynIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.132.141.0/24
IPv6:
2a0b:7140:4::/48
Signature Algorithm: sha256WithRSAEncryption
47:30:9a:f1:3f:0b:de:26:23:d3:23:67:c2:4b:d5:8d:b8:71:
f8:66:ac:f7:c7:8f:ba:75:46:c8:95:e2:bc:c1:7d:1e:76:f1:
ac:c3:a7:bf:6b:5b:7f:b6:0c:42:f7:69:5b:60:18:1b:de:fc:
ce:2a:11:ad:36:9b:84:f1:27:74:d5:31:3f:40:21:6b:94:40:
8c:72:1f:8e:0d:47:94:ac:bd:f0:1f:ce:08:33:56:b5:6a:ba:
a7:7a:d9:c7:54:8c:1e:86:87:fa:d3:e6:41:ca:0b:b9:f8:e5:
3f:d2:60:a1:b6:8b:2f:34:83:ff:ae:24:f7:05:60:8b:e9:40:
07:f8:26:12:d0:45:e7:3d:d2:2a:8e:42:a6:3e:a6:18:f0:17:
da:53:6d:c9:6f:56:f0:58:b7:2e:0b:e0:44:9e:50:05:17:6f:
76:b1:90:1d:b7:15:75:85:10:ac:0c:13:83:25:79:cb:27:bd:
e8:11:fb:ba:fe:6b:46:04:8d:f2:94:ef:71:3c:e3:58:b5:ae:
52:f2:bc:f0:15:24:3a:9f:ff:a2:37:a4:96:4c:7f:2a:68:a3:
ab:5d:83:e4:de:ca:d8:bb:c2:1c:81:7d:67:0b:ff:4a:08:c8:
91:a4:a6:72:88:0e:86:9d:45:33:6d:5c:e6:60:56:42:55:03:
3b:b0:ec:2e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYh1zL0XZ2/1aw+HvCn6BSRAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OGQxMmYwOTUwNTNjMzU4NzZiODhiNDc2ODVkNjQzNTQy
MWZjZjIwHhcNMjMwNjAxMDcxMjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTY2ZGRmMWMzY2E2ZjAzZDNjMWNlMWQyYTE1OTg3YzExYjI5YzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2oEOXwHE3m785ilanlvO0pMyJyJ
JOIdCZ7XeuBfPqr/Hlzhn5BPfeb7VPeR8NKrxC/6+BMqi+HCsg+wk1m6HIEBRZuT
7m2QHt/1Y2/TRPakZhjftyPMYW00PqXaPI6aTT8Q56zLj4iLwlHTx17BEx+ICF4A
29HPr/ZG77+nIHfmuw9LYEuXlTnFFyj7tqJmfdmY3MOlqYZbzeo4+QtKstIkTd9I
EUAZwSFDt+IBrvuVZwr5lgZEWLagihvmQRNy7EaLYRM7I54JtUEx3YzpYxE87b03
IrFq/dnaKBMOnXqqaGpC5CNIiEtLiMCyQSUbnIPJd20C14azhLi8nw3KKQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNlm3fHDym8D08HOHSoVmHwRspyDMB8GA1UdIwQY
MBaAFEWNEvCVBTw1h2uItHaF1kNUIfzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTkt
Mzk1NTk1OWVhZjgxLzEvMldiZDhjUEtid1BUd2M0ZEtoV1lmQkd5bklNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTktMzk1NTk1OWVhZjgx
LzEvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAT4SNMA8E
AgACMAkDBwAqC3FAAAQwDQYJKoZIhvcNAQELBQADggEBAEcwmvE/C94mI9MjZ8JL
1Y24cfhmrPfHj7p1RsiV4rzBfR528azDp79rW3+2DEL3aVtgGBve/M4qEa02m4Tx
J3TVMT9AIWuUQIxyH44NR5SsvfAfzggzVrVquqd62cdUjB6Gh/rT5kHKC7n45T/S
YKG2iy80g/+uJPcFYIvpQAf4JhLQRec90iqOQqY+phjwF9pTbclvVvBYty4L4ESe
UAUXb3axkB23FXWFEKwME4MlecsnvegR+7r+a0YEjfKU73E841i1rlLyvPAVJDqf
/6I3pJZMfypoo6tdg+Teyti7whyBfWcL/0oIyJGkpnKIDoadRTNtXOZgVkJVAzuw
7C4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:55 2024 by rpki-client on console-ams.rpki-client.org