Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/52b634-6148-4e2e-b8f3-0c98c570a6e0/1/3D3KLzL5iMP6sUm0Xcue_Vdtv6M.roa
File: 3D3KLzL5iMP6sUm0Xcue_Vdtv6M.roa (raw, json)
Hash identifier: 6dyvxuaSmqbJ1rB4UqD68RzF7HQlyXsnNm3VfmOLCzk=
Subject key identifier: DC:3D:CA:2F:32:F9:88:C3:FA:B1:49:B4:5D:CB:9E:FD:57:6D:BF:A3
Certificate issuer: /CN=607548c37abebc58b928ed285433d69e95df9c3b
Certificate serial: 0185E4F316798B991C13ADE0D179FD77DC21
Authority key identifier: 60:75:48:C3:7A:BE:BC:58:B9:28:ED:28:54:33:D6:9E:95:DF:9C:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YHVIw3q-vFi5KO0oVDPWnpXfnDs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/52b634-6148-4e2e-b8f3-0c98c570a6e0/1/3D3KLzL5iMP6sUm0Xcue_Vdtv6M.roa
Signing time: Tue 24 Jan 2023 18:03:34 +0000
ROA not before: Tue 24 Jan 2023 18:03:34 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31294
IP address blocks: 83.220.160.0/22 maxlen: 22
83.220.164.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:f3:16:79:8b:99:1c:13:ad:e0:d1:79:fd:77:dc:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=607548c37abebc58b928ed285433d69e95df9c3b
Validity
Not Before: Jan 24 18:03:34 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc3dca2f32f988c3fab149b45dcb9efd576dbfa3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:97:14:8c:61:1c:0a:ee:ad:ce:ce:49:d4:10:
ef:b6:09:dd:7a:3d:90:8f:2c:4b:0b:46:cf:7c:67:
21:ae:e8:68:ad:9b:32:be:8c:63:f2:44:39:11:22:
89:b0:90:2b:f5:76:4f:66:f0:13:0a:22:f0:2f:84:
c2:e4:34:f4:30:3c:af:ee:42:7c:6a:ac:43:16:ba:
01:5c:2e:c2:4b:fb:b3:e7:8b:3f:b9:d3:6d:df:96:
4c:20:97:10:15:27:8a:72:bb:8d:b5:e8:57:4e:85:
a9:25:c4:eb:45:d2:66:d9:77:f0:1d:99:b1:de:92:
af:c4:4f:1e:d4:8f:5d:9d:50:ca:6d:04:0a:d6:13:
39:58:71:b5:ad:eb:39:e2:81:f1:01:fc:76:5a:48:
81:c7:4a:bc:90:2f:ab:a1:f9:b3:35:30:43:7b:ff:
47:10:af:78:05:54:02:5d:ea:c5:dc:c8:a2:29:d2:
77:ad:70:d7:6e:5f:d9:2a:bd:59:a4:b8:c3:c6:2a:
a1:bd:db:6d:a2:d1:4a:a2:0d:00:2a:72:96:bc:a8:
b3:ad:25:22:1a:3b:41:30:8a:27:26:36:bd:a9:35:
3c:37:af:74:a3:44:1b:5d:58:bf:3e:dc:db:b7:e4:
77:a7:0f:57:b8:ff:de:3b:5c:10:65:81:24:7b:ff:
ff:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:3D:CA:2F:32:F9:88:C3:FA:B1:49:B4:5D:CB:9E:FD:57:6D:BF:A3
X509v3 Authority Key Identifier:
keyid:60:75:48:C3:7A:BE:BC:58:B9:28:ED:28:54:33:D6:9E:95:DF:9C:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YHVIw3q-vFi5KO0oVDPWnpXfnDs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/52b634-6148-4e2e-b8f3-0c98c570a6e0/1/3D3KLzL5iMP6sUm0Xcue_Vdtv6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/52b634-6148-4e2e-b8f3-0c98c570a6e0/1/YHVIw3q-vFi5KO0oVDPWnpXfnDs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.220.160.0-83.220.165.255
Signature Algorithm: sha256WithRSAEncryption
a8:f2:17:35:16:66:00:20:81:6a:e7:c2:a4:28:fc:4f:0b:1e:
ec:f4:66:30:82:2d:da:a9:12:99:fe:9e:7f:86:a0:7d:ba:17:
61:cf:19:d7:6c:7e:db:eb:94:51:dd:69:a4:a3:cf:07:82:6a:
4b:80:19:37:0a:1f:44:10:c1:7d:aa:14:9a:74:3e:48:71:af:
88:22:48:8b:43:cd:a1:25:6a:06:29:30:1f:19:16:99:9f:4f:
a4:1a:23:33:69:44:7b:73:ee:77:67:c7:6f:4a:fa:84:a2:c6:
cd:d4:45:25:b7:5c:4e:50:17:98:b1:90:74:3f:72:4a:07:09:
70:12:29:62:5b:b5:ed:3c:f6:40:5c:7f:58:d3:9c:d2:3e:17:
e1:4c:37:32:9a:f5:a8:91:05:6c:db:cf:5c:27:62:13:92:0f:
4d:de:8a:f6:6b:bc:01:d9:12:25:a2:0a:b4:7e:df:bc:72:fe:
a2:45:44:88:25:07:f1:57:de:0d:aa:7a:c9:0e:4b:e5:70:09:
c8:69:54:86:9a:21:69:20:2c:d4:c3:8f:1b:eb:37:a2:e2:34:
fc:ec:27:ce:4b:2f:2a:76:4e:d6:99:7e:af:b7:5d:f4:9a:8e:
a2:52:d7:71:64:77:68:1a:d1:20:f6:c2:00:40:27:48:85:fe:
37:c3:58:fa
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYXk8xZ5i5kcE63g0Xn9d9whMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNzU0OGMzN2FiZWJjNThiOTI4ZWQyODU0MzNkNjllOTVk
ZjljM2IwHhcNMjMwMTI0MTgwMzM0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzNkY2EyZjMyZjk4OGMzZmFiMTQ5YjQ1ZGNiOWVmZDU3NmRiZmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZcUjGEcCu6tzs5J1BDvtgndej2Q
jyxLC0bPfGchruhorZsyvoxj8kQ5ESKJsJAr9XZPZvATCiLwL4TC5DT0MDyv7kJ8
aqxDFroBXC7CS/uz54s/udNt35ZMIJcQFSeKcruNtehXToWpJcTrRdJm2XfwHZmx
3pKvxE8e1I9dnVDKbQQK1hM5WHG1res54oHxAfx2WkiBx0q8kC+rofmzNTBDe/9H
EK94BVQCXerF3MiiKdJ3rXDXbl/ZKr1ZpLjDxiqhvdttotFKog0AKnKWvKizrSUi
GjtBMIonJja9qTU8N690o0QbXVi/Ptzbt+R3pw9XuP/eO1wQZYEke///LwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNw9yi8y+YjD+rFJtF3Lnv1Xbb+jMB8GA1UdIwQY
MBaAFGB1SMN6vrxYuSjtKFQz1p6V35w7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUhWSXczcS12Rmk1S08wb1ZEUFducFhmbkRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi81MmI2MzQtNjE0OC00ZTJlLWI4ZjMt
MGM5OGM1NzBhNmUwLzEvM0QzS0x6TDVpTVA2c1VtMFhjdWVfVmR0djZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi81MmI2MzQtNjE0OC00ZTJlLWI4ZjMtMGM5OGM1NzBhNmUw
LzEvWUhWSXczcS12Rmk1S08wb1ZEUFducFhmbkRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAVT3KAD
BAFT3KQwDQYJKoZIhvcNAQELBQADggEBAKjyFzUWZgAggWrnwqQo/E8LHuz0ZjCC
LdqpEpn+nn+GoH26F2HPGddsftvrlFHdaaSjzweCakuAGTcKH0QQwX2qFJp0Pkhx
r4giSItDzaElagYpMB8ZFpmfT6QaIzNpRHtz7ndnx29K+oSixs3URSW3XE5QF5ix
kHQ/ckoHCXASKWJbte089kBcf1jTnNI+F+FMNzKa9aiRBWzbz1wnYhOSD03eivZr
vAHZEiWiCrR+37xy/qJFRIglB/FX3g2qeskOS+VwCchpVIaaIWkgLNTDjxvrN6Li
NPzsJ85LLyp2TtaZfq+3XfSajqJS13Fkd2ga0SD2wgBAJ0iF/jfDWPo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:48 2024 by rpki-client on console-fra.rpki-client.org