Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/272986-88a9-477c-a277-a55b580b0ea3/1/N6Ct5zjDpB4amcn8BiZzUJivp5w.roa
File: N6Ct5zjDpB4amcn8BiZzUJivp5w.roa (raw, json)
Hash identifier: m40nef3GR9U+vwzf+w0/wVtXT8Fixr5dukDJ2jntsiw=
Subject key identifier: 37:A0:AD:E7:38:C3:A4:1E:1A:99:C9:FC:06:26:73:50:98:AF:A7:9C
Certificate issuer: /CN=cdf51a7b4c5b24580292b8c4aa6aa9c325665480
Certificate serial: 01880EBC1D3E706A324BB4210425BD68804D
Authority key identifier: CD:F5:1A:7B:4C:5B:24:58:02:92:B8:C4:AA:6A:A9:C3:25:66:54:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zfUae0xbJFgCkrjEqmqpwyVmVIA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/272986-88a9-477c-a277-a55b580b0ea3/1/N6Ct5zjDpB4amcn8BiZzUJivp5w.roa
Signing time: Fri 12 May 2023 06:53:09 +0000
ROA not before: Fri 12 May 2023 06:53:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48271
IP address blocks: 212.2.224.0/21 maxlen: 24
212.2.232.0/22 maxlen: 24
212.2.232.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:0e:bc:1d:3e:70:6a:32:4b:b4:21:04:25:bd:68:80:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdf51a7b4c5b24580292b8c4aa6aa9c325665480
Validity
Not Before: May 12 06:53:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=37a0ade738c3a41e1a99c9fc0626735098afa79c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:78:e4:61:48:20:2b:e7:02:6d:11:74:63:6d:
68:f8:f3:2d:53:2f:14:e2:b0:23:d7:dc:ec:4c:36:
0f:3e:2b:0c:29:eb:78:b4:e9:cc:e5:3f:81:24:03:
f3:a5:bc:aa:e3:ac:06:39:bc:bd:a6:0a:8e:53:36:
85:0f:b4:76:f3:fd:83:24:2b:e3:22:2b:cc:ef:92:
46:28:b1:9b:b1:aa:9e:83:72:b0:74:02:5a:d0:11:
12:30:69:08:72:33:e9:c2:b7:48:0a:20:51:62:d6:
9e:f4:33:e6:ac:a3:05:f7:d9:a2:e5:ea:b1:9e:85:
b6:97:12:c8:e0:17:63:05:58:7e:8b:cb:62:98:88:
2c:4e:4a:f8:bb:b5:05:49:90:01:35:ca:c7:71:16:
f5:1d:57:49:1e:57:0a:73:16:db:db:1c:6a:30:f9:
e4:ad:77:c9:62:9f:3d:87:68:a0:84:62:d8:08:f9:
e8:15:cb:53:14:c1:33:9a:fc:c4:20:5c:1c:68:3b:
da:0d:a2:11:ad:2f:ec:3f:09:ad:85:0c:91:ac:68:
eb:72:2f:1d:9c:ab:14:ee:0e:b3:be:1a:7d:a2:3a:
e9:a0:25:6f:25:52:bc:c8:75:4b:a5:2a:0b:58:1d:
05:31:1d:9e:81:97:95:ba:d2:b2:73:4d:f5:e4:98:
77:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:A0:AD:E7:38:C3:A4:1E:1A:99:C9:FC:06:26:73:50:98:AF:A7:9C
X509v3 Authority Key Identifier:
keyid:CD:F5:1A:7B:4C:5B:24:58:02:92:B8:C4:AA:6A:A9:C3:25:66:54:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zfUae0xbJFgCkrjEqmqpwyVmVIA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/272986-88a9-477c-a277-a55b580b0ea3/1/N6Ct5zjDpB4amcn8BiZzUJivp5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/272986-88a9-477c-a277-a55b580b0ea3/1/zfUae0xbJFgCkrjEqmqpwyVmVIA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.2.224.0-212.2.235.255
Signature Algorithm: sha256WithRSAEncryption
69:c9:7b:25:8a:b7:8c:41:9d:85:44:58:0a:80:a4:2a:7c:51:
5b:c5:78:54:ac:e9:fd:b7:ff:4a:6a:b2:75:61:8a:16:d7:87:
dd:ed:ad:2d:19:78:56:56:a5:3a:fa:06:36:63:5a:43:18:22:
e4:d8:37:fb:c9:78:25:c5:d0:86:bf:dd:a3:43:f1:17:7c:77:
70:95:77:f4:79:78:d6:85:79:30:df:5b:88:3a:27:0f:97:26:
a8:33:3f:6b:6e:c0:46:e6:7d:49:c4:79:e3:f3:27:0a:9b:2b:
62:cd:d8:46:45:90:19:fb:7f:3e:0d:8d:35:fb:d9:ed:3e:82:
d8:b9:d5:90:e6:90:29:df:d9:74:81:28:d7:e1:35:7d:fc:44:
0b:fd:db:48:72:72:6a:b7:a5:25:e4:7a:c1:97:e6:94:cd:81:
6b:d5:db:6e:38:46:e7:59:4e:82:1b:36:a1:2a:61:eb:b2:f9:
6c:7f:8b:98:fe:78:c5:28:f4:19:05:9f:4c:14:3e:3c:87:10:
be:2b:8a:91:ce:76:1c:f4:3b:94:83:13:50:8e:65:71:dc:e2:
1c:f8:66:20:69:b1:01:cf:7f:c1:4b:6b:fd:f0:60:63:c1:35:
b0:38:b4:88:aa:ff:63:97:c2:fe:22:1a:a2:40:12:de:37:d3:
c9:1e:d2:43
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYgOvB0+cGoyS7QhBCW9aIBNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZjUxYTdiNGM1YjI0NTgwMjkyYjhjNGFhNmFhOWMzMjU2
NjU0ODAwHhcNMjMwNTEyMDY1MzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2EwYWRlNzM4YzNhNDFlMWE5OWM5ZmMwNjI2NzM1MDk4YWZhNzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgnjkYUggK+cCbRF0Y21o+PMtUy8U
4rAj19zsTDYPPisMKet4tOnM5T+BJAPzpbyq46wGOby9pgqOUzaFD7R28/2DJCvj
IivM75JGKLGbsaqeg3KwdAJa0BESMGkIcjPpwrdICiBRYtae9DPmrKMF99mi5eqx
noW2lxLI4BdjBVh+i8timIgsTkr4u7UFSZABNcrHcRb1HVdJHlcKcxbb2xxqMPnk
rXfJYp89h2ighGLYCPnoFctTFMEzmvzEIFwcaDvaDaIRrS/sPwmthQyRrGjrci8d
nKsU7g6zvhp9ojrpoCVvJVK8yHVLpSoLWB0FMR2egZeVutKyc0315Jh3IwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDegrec4w6QeGpnJ/AYmc1CYr6ecMB8GA1UdIwQY
MBaAFM31GntMWyRYApK4xKpqqcMlZlSAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemZVYWUweGJKRmdDa3JqRXFtcXB3eVZtVklBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8yNzI5ODYtODhhOS00NzdjLWEyNzct
YTU1YjU4MGIwZWEzLzEvTjZDdDV6akRwQjRhbWNuOEJpWnpVSml2cDV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni8yNzI5ODYtODhhOS00NzdjLWEyNzctYTU1YjU4MGIwZWEz
LzEvemZVYWUweGJKRmdDa3JqRXFtcXB3eVZtVklBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAXUAuAD
BALUAugwDQYJKoZIhvcNAQELBQADggEBAGnJeyWKt4xBnYVEWAqApCp8UVvFeFSs
6f23/0pqsnVhihbXh93trS0ZeFZWpTr6BjZjWkMYIuTYN/vJeCXF0Ia/3aND8Rd8
d3CVd/R5eNaFeTDfW4g6Jw+XJqgzP2tuwEbmfUnEeePzJwqbK2LN2EZFkBn7fz4N
jTX72e0+gti51ZDmkCnf2XSBKNfhNX38RAv920hycmq3pSXkesGX5pTNgWvV2244
RudZToIbNqEqYeuy+Wx/i5j+eMUo9BkFn0wUPjyHEL4ripHOdhz0O5SDE1COZXHc
4hz4ZiBpsQHPf8FLa/3wYGPBNbA4tIiq/2OXwv4iGqJAEt4308ke0kM=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:45 2025 by rpki-client