Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/272986-88a9-477c-a277-a55b580b0ea3/1/i40C01mtNyl7HgM5LcZqVCdkvGI.roa
File: i40C01mtNyl7HgM5LcZqVCdkvGI.roa (raw, json)
Hash identifier: YTCmJJT0vgT2tCVeqaDcTSKnDgZ23PJSBANZn7C9cO8=
Subject key identifier: 8B:8D:02:D3:59:AD:37:29:7B:1E:03:39:2D:C6:6A:54:27:64:BC:62
Certificate issuer: /CN=cdf51a7b4c5b24580292b8c4aa6aa9c325665480
Certificate serial: 018CC7954FA00A9C60BBEFBD2D087DA277CE
Authority key identifier: CD:F5:1A:7B:4C:5B:24:58:02:92:B8:C4:AA:6A:A9:C3:25:66:54:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zfUae0xbJFgCkrjEqmqpwyVmVIA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/272986-88a9-477c-a277-a55b580b0ea3/1/i40C01mtNyl7HgM5LcZqVCdkvGI.roa
Signing time: Tue 02 Jan 2024 00:31:40 +0000
ROA not before: Tue 02 Jan 2024 00:31:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48271
IP address blocks: 212.2.224.0/21 maxlen: 24
212.2.232.0/22 maxlen: 24
212.2.232.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:4f:a0:0a:9c:60:bb:ef:bd:2d:08:7d:a2:77:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdf51a7b4c5b24580292b8c4aa6aa9c325665480
Validity
Not Before: Jan 2 00:31:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8b8d02d359ad37297b1e03392dc66a542764bc62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:c5:5a:8b:9a:34:0e:f1:f6:b9:ce:a9:4a:72:
ec:9d:2f:6e:63:32:dc:22:56:28:a9:00:f9:09:ab:
ba:74:02:a5:7b:5d:d8:93:47:98:47:c9:c4:67:a6:
13:a1:bc:0b:57:36:9f:fb:88:42:20:a6:91:6a:44:
af:48:76:40:f4:10:e1:df:8c:2a:5d:76:a9:4b:91:
96:a9:08:f4:f1:8f:8b:87:76:18:df:38:f2:d2:dd:
e1:d0:fd:73:ee:14:77:04:a7:e2:ba:41:72:54:c7:
10:2b:9e:66:1e:04:65:0e:f1:6d:e6:42:96:6f:bd:
2e:59:1d:af:89:92:80:dc:58:ed:17:06:73:ca:31:
54:54:6f:e6:e6:be:91:ef:dd:db:6e:96:cb:97:1e:
57:e8:dc:36:d3:92:ff:5b:16:c4:10:d4:e4:02:99:
a6:73:e1:09:c4:d1:d7:c0:8d:02:3d:1b:f2:84:35:
94:19:27:86:f1:60:1c:3a:37:c1:b7:7d:07:12:e1:
e6:00:97:6f:94:b4:6f:27:ca:0c:6e:93:b5:bd:86:
35:c1:e6:a9:f2:eb:2e:2a:d8:07:53:1a:95:45:a1:
10:10:fd:87:f8:44:c0:cf:c7:dc:50:2e:9b:b0:16:
13:20:20:e1:e8:f8:21:dc:d5:7a:59:cd:cf:76:fa:
ca:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:8D:02:D3:59:AD:37:29:7B:1E:03:39:2D:C6:6A:54:27:64:BC:62
X509v3 Authority Key Identifier:
keyid:CD:F5:1A:7B:4C:5B:24:58:02:92:B8:C4:AA:6A:A9:C3:25:66:54:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zfUae0xbJFgCkrjEqmqpwyVmVIA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/272986-88a9-477c-a277-a55b580b0ea3/1/i40C01mtNyl7HgM5LcZqVCdkvGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/272986-88a9-477c-a277-a55b580b0ea3/1/zfUae0xbJFgCkrjEqmqpwyVmVIA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.2.224.0-212.2.235.255
Signature Algorithm: sha256WithRSAEncryption
39:a2:78:43:e0:da:9f:b2:03:f8:5a:a0:bd:30:f8:b0:72:aa:
ac:6d:9b:6d:dd:7e:0c:0c:2b:be:4a:a5:c2:78:f2:68:96:52:
8d:eb:74:2b:6f:a3:bd:d6:c3:9a:34:87:5f:b0:b0:78:fb:ee:
df:25:24:c8:95:bc:8c:cf:2e:8b:8d:79:55:23:60:24:82:02:
ec:e9:bf:d8:9b:30:6e:e9:26:1f:57:8c:00:c0:74:66:68:68:
e4:5c:6e:b3:75:da:b6:48:a9:14:5d:c0:2f:83:9c:c1:d2:01:
aa:ec:74:98:86:84:98:79:79:d1:c0:c2:9e:f9:c8:40:d6:06:
2e:fa:a8:c1:35:e9:1c:57:a9:0d:f4:0f:d2:92:fa:20:d6:60:
3c:51:54:f9:a5:f2:f6:8b:9d:62:ab:52:51:6e:a6:e5:85:92:
18:a8:e6:6c:8a:ad:e0:2d:58:44:2e:f8:87:c6:ae:01:31:9c:
67:38:29:ad:57:d3:61:9b:4f:79:d5:4c:00:9a:01:32:65:79:
03:c7:4c:9e:1b:27:a6:64:fd:24:57:33:2d:d0:17:5d:3a:45:
47:c2:76:7d:31:77:1f:0a:4f:f3:26:9e:bf:80:1b:a5:cc:10:
a7:93:e3:ed:84:9a:d4:f3:26:6c:76:7e:86:d6:c0:4b:1b:47:
5e:87:78:2d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzHlU+gCpxgu++9LQh9onfOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZjUxYTdiNGM1YjI0NTgwMjkyYjhjNGFhNmFhOWMzMjU2
NjU0ODAwHhcNMjQwMTAyMDAzMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjhkMDJkMzU5YWQzNzI5N2IxZTAzMzkyZGM2NmE1NDI3NjRiYzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0MVai5o0DvH2uc6pSnLsnS9uYzLc
IlYoqQD5Cau6dAKle13Yk0eYR8nEZ6YTobwLVzaf+4hCIKaRakSvSHZA9BDh34wq
XXapS5GWqQj08Y+Lh3YY3zjy0t3h0P1z7hR3BKfiukFyVMcQK55mHgRlDvFt5kKW
b70uWR2viZKA3FjtFwZzyjFUVG/m5r6R793bbpbLlx5X6Nw205L/WxbEENTkApmm
c+EJxNHXwI0CPRvyhDWUGSeG8WAcOjfBt30HEuHmAJdvlLRvJ8oMbpO1vYY1weap
8usuKtgHUxqVRaEQEP2H+ETAz8fcUC6bsBYTICDh6Pgh3NV6Wc3PdvrKHwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIuNAtNZrTcpex4DOS3GalQnZLxiMB8GA1UdIwQY
MBaAFM31GntMWyRYApK4xKpqqcMlZlSAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemZVYWUweGJKRmdDa3JqRXFtcXB3eVZtVklBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8yNzI5ODYtODhhOS00NzdjLWEyNzct
YTU1YjU4MGIwZWEzLzEvaTQwQzAxbXROeWw3SGdNNUxjWnFWQ2RrdkdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni8yNzI5ODYtODhhOS00NzdjLWEyNzctYTU1YjU4MGIwZWEz
LzEvemZVYWUweGJKRmdDa3JqRXFtcXB3eVZtVklBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAXUAuAD
BALUAugwDQYJKoZIhvcNAQELBQADggEBADmieEPg2p+yA/haoL0w+LByqqxtm23d
fgwMK75KpcJ48miWUo3rdCtvo73Ww5o0h1+wsHj77t8lJMiVvIzPLouNeVUjYCSC
Auzpv9ibMG7pJh9XjADAdGZoaORcbrN12rZIqRRdwC+DnMHSAarsdJiGhJh5edHA
wp75yEDWBi76qME16RxXqQ30D9KS+iDWYDxRVPml8vaLnWKrUlFupuWFkhio5myK
reAtWEQu+IfGrgExnGc4Ka1X02GbT3nVTACaATJleQPHTJ4bJ6Zk/SRXMy3QF106
RUfCdn0xdx8KT/Mmnr+AG6XMEKeT4+2EmtTzJmx2fobWwEsbR16HeC0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:27 2024 by rpki-client on console-ams.rpki-client.org