Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/A3xwb0f-VM0fTddBNES6EPVgpv8.roa
File: A3xwb0f-VM0fTddBNES6EPVgpv8.roa (raw, json)
Hash identifier: 5BbA9/F69JE27rJKp5sb41g75tRF6nW1OZgNeeWBimc=
Subject key identifier: 03:7C:70:6F:47:FE:54:CD:1F:4D:D7:41:34:44:BA:10:F5:60:A6:FF
Certificate issuer: /CN=813e051cb831d1989607bb76c0bc5693ff947b53
Certificate serial: 01856F9DD0CFC47398D9D7B9536DA7EBBDFE
Authority key identifier: 81:3E:05:1C:B8:31:D1:98:96:07:BB:76:C0:BC:56:93:FF:94:7B:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gT4FHLgx0ZiWB7t2wLxWk_-Ue1M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/A3xwb0f-VM0fTddBNES6EPVgpv8.roa
Signing time: Sun 01 Jan 2023 23:14:51 +0000
ROA not before: Sun 01 Jan 2023 23:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15611
IP address blocks: 185.79.96.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:d0:cf:c4:73:98:d9:d7:b9:53:6d:a7:eb:bd:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=813e051cb831d1989607bb76c0bc5693ff947b53
Validity
Not Before: Jan 1 23:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=037c706f47fe54cd1f4dd7413444ba10f560a6ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:e5:95:3a:fd:2c:98:d3:ec:99:c6:d3:84:1a:
ba:a0:0b:48:02:aa:23:66:7a:c1:d1:0c:15:64:02:
37:bc:6c:d8:e5:c4:cc:70:ee:82:d2:4c:ae:3f:64:
4d:95:64:76:a2:32:bc:db:10:0a:7f:2f:e1:d2:4c:
70:de:9e:e0:8b:69:82:7c:b2:cf:17:19:f9:53:c9:
8c:21:f5:01:b1:fd:de:25:fa:8c:17:db:c1:ee:80:
d1:0e:54:9d:f7:a8:9c:00:76:c6:34:7c:82:e7:7c:
47:62:49:f7:71:10:03:4b:2d:01:80:26:23:de:66:
c9:e9:3c:3f:fd:4c:e8:a8:d3:85:f8:d8:ab:8a:d9:
7d:95:40:8e:2e:9f:b4:8d:03:e9:0b:37:fb:22:27:
1e:ad:0a:11:e5:a4:16:e8:9e:dc:cd:2e:bd:e8:34:
56:87:b2:32:2d:df:a6:34:af:f2:28:ee:e9:54:60:
06:ad:98:50:bb:d5:7c:93:d8:ed:e6:81:9a:31:ac:
8d:74:9a:c9:ce:80:d5:8d:d1:34:98:04:f7:e5:ff:
24:23:ec:2a:45:7b:2b:cc:b9:be:f4:25:f7:90:67:
95:1d:e7:55:4f:9a:15:63:b3:15:01:59:2f:08:3c:
98:52:ab:25:56:37:53:2d:99:77:19:7a:63:38:dd:
d0:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:7C:70:6F:47:FE:54:CD:1F:4D:D7:41:34:44:BA:10:F5:60:A6:FF
X509v3 Authority Key Identifier:
keyid:81:3E:05:1C:B8:31:D1:98:96:07:BB:76:C0:BC:56:93:FF:94:7B:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gT4FHLgx0ZiWB7t2wLxWk_-Ue1M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/A3xwb0f-VM0fTddBNES6EPVgpv8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/gT4FHLgx0ZiWB7t2wLxWk_-Ue1M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.79.96.0/24
Signature Algorithm: sha256WithRSAEncryption
35:91:b0:6d:fe:88:c0:ae:0c:10:3b:ab:7f:bb:8c:16:97:b0:
ec:d3:09:90:86:ed:38:81:23:0b:57:a5:12:61:22:4e:9e:0d:
9d:11:c1:06:7e:c8:cf:4f:30:83:60:43:83:33:3b:d1:d2:e8:
50:69:8c:0b:65:da:89:28:35:50:25:5b:cc:97:70:36:df:c1:
9e:99:e6:6c:8e:e5:f3:f8:f5:c0:9d:30:72:3c:56:1f:9d:ef:
13:8b:bf:dd:0f:91:ab:38:8b:08:36:a0:84:18:a8:6e:8e:b8:
92:3f:25:2b:8e:b9:bb:e0:d3:e9:4e:3a:e8:b2:33:38:38:f2:
ff:f3:4b:39:4b:30:12:cd:97:50:91:e8:9d:46:2d:6d:3f:ac:
c3:ba:d4:6e:5e:61:56:e0:b4:ed:a0:45:95:54:70:dc:63:ca:
7b:46:71:59:bd:da:81:0d:51:1b:c4:5d:d6:ce:ef:f1:b0:c3:
fd:e0:73:42:3d:8d:d8:60:c0:39:22:09:38:eb:a1:8b:b4:10:
05:73:c8:9b:5d:07:22:a8:87:a2:0b:8e:a9:f5:07:c5:f5:d4:
29:d7:15:8e:1e:8a:28:4b:4c:c3:ce:95:bb:0d:74:5d:18:c0:
3d:f8:84:7f:da:02:74:9a:ab:da:0e:4b:71:a8:28:1c:f4:40:
09:5e:85:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvndDPxHOY2de5U22n673+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxM2UwNTFjYjgzMWQxOTg5NjA3YmI3NmMwYmM1NjkzZmY5
NDdiNTMwHhcNMjMwMTAxMjMxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzdjNzA2ZjQ3ZmU1NGNkMWY0ZGQ3NDEzNDQ0YmExMGY1NjBhNmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjuWVOv0smNPsmcbThBq6oAtIAqoj
ZnrB0QwVZAI3vGzY5cTMcO6C0kyuP2RNlWR2ojK82xAKfy/h0kxw3p7gi2mCfLLP
Fxn5U8mMIfUBsf3eJfqMF9vB7oDRDlSd96icAHbGNHyC53xHYkn3cRADSy0BgCYj
3mbJ6Tw//UzoqNOF+Niritl9lUCOLp+0jQPpCzf7IicerQoR5aQW6J7czS696DRW
h7IyLd+mNK/yKO7pVGAGrZhQu9V8k9jt5oGaMayNdJrJzoDVjdE0mAT35f8kI+wq
RXsrzLm+9CX3kGeVHedVT5oVY7MVAVkvCDyYUqslVjdTLZl3GXpjON3QLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAN8cG9H/lTNH03XQTREuhD1YKb/MB8GA1UdIwQY
MBaAFIE+BRy4MdGYlge7dsC8VpP/lHtTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1Q0RkhMZ3gwWmlXQjd0MndMeFdrXy1VZTFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9lNDVhZDYtZTVhZS00ODE5LTlmMjQt
ZjU3N2FhNDZkZTgzLzEvQTN4d2IwZi1WTTBmVGRkQk5FUzZFUFZncHY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9lNDVhZDYtZTVhZS00ODE5LTlmMjQtZjU3N2FhNDZkZTgz
LzEvZ1Q0RkhMZ3gwWmlXQjd0MndMeFdrXy1VZTFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuU9gMA0G
CSqGSIb3DQEBCwUAA4IBAQA1kbBt/ojArgwQO6t/u4wWl7Ds0wmQhu04gSMLV6US
YSJOng2dEcEGfsjPTzCDYEODMzvR0uhQaYwLZdqJKDVQJVvMl3A238GemeZsjuXz
+PXAnTByPFYfne8Ti7/dD5GrOIsINqCEGKhujriSPyUrjrm74NPpTjrosjM4OPL/
80s5SzASzZdQkeidRi1tP6zDutRuXmFW4LTtoEWVVHDcY8p7RnFZvdqBDVEbxF3W
zu/xsMP94HNCPY3YYMA5Igk466GLtBAFc8ibXQciqIeiC46p9QfF9dQp1xWOHooo
S0zDzpW7DXRdGMA9+IR/2gJ0mqvaDktxqCgc9EAJXoVj
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:48 2023 by rpki-client on console-fra.rpki-client.org