Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/0-E1wNLzY1pbmxWaOBQxHToLmUI.roa
File: 0-E1wNLzY1pbmxWaOBQxHToLmUI.roa (raw, json)
Hash identifier: pqqSIO2MmtbFZEmJr7X0Y0UqDjcONNzzLhJCkFJT1/c=
Subject key identifier: D3:E1:35:C0:D2:F3:63:5A:5B:9B:15:9A:38:14:31:1D:3A:0B:99:42
Certificate issuer: /CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Certificate serial: 018DCC34010575BCC7054ABCCBBC6C32F376
Authority key identifier: 3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/0-E1wNLzY1pbmxWaOBQxHToLmUI.roa
Signing time: Wed 21 Feb 2024 15:06:16 +0000
ROA not before: Wed 21 Feb 2024 15:06:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212667
IP address blocks: 212.115.48.0/24 maxlen: 24
212.115.50.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cc:34:01:05:75:bc:c7:05:4a:bc:cb:bc:6c:32:f3:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Validity
Not Before: Feb 21 15:06:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d3e135c0d2f3635a5b9b159a3814311d3a0b9942
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:36:f5:76:69:88:1f:0e:3e:d9:22:72:88:9b:
14:72:96:37:8b:8d:aa:81:7d:4d:0e:6c:f7:26:87:
c4:7b:30:90:fe:1a:22:0a:30:f1:0b:c5:3e:51:a0:
fb:07:73:87:de:78:fe:64:62:da:62:b0:ff:8f:1d:
db:14:2e:fa:bc:b0:1a:dc:d8:ee:c7:08:3d:f5:cd:
dc:b4:fb:0f:e1:4c:64:8c:3d:48:4a:02:22:7f:06:
fe:2d:b1:8e:7f:8b:a9:75:46:21:95:0a:96:30:8f:
92:18:3e:22:34:f2:5a:c6:1e:5a:e1:26:c1:39:f6:
7e:38:20:f2:99:cf:f7:ec:23:5f:58:2d:41:00:3c:
38:f1:65:3b:91:e9:f1:e8:56:b1:4f:30:3e:89:5f:
4c:f0:75:bf:4e:17:c6:b8:8f:e6:61:37:2f:03:c1:
53:ea:07:8b:01:5a:bf:90:ac:f7:fa:dd:f9:13:c2:
98:bb:34:eb:6c:b5:62:17:e9:7b:ad:c0:b5:86:c8:
0e:b3:5c:d3:78:3e:14:77:81:a1:f8:33:ee:26:f8:
26:23:0f:61:19:9e:cc:68:e8:05:7d:f3:df:e5:08:
b7:fd:5b:25:3d:c3:fd:f2:fb:b5:58:aa:b6:81:34:
82:24:a7:cc:7e:bf:89:5f:48:dd:47:39:c6:8e:4a:
1c:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:E1:35:C0:D2:F3:63:5A:5B:9B:15:9A:38:14:31:1D:3A:0B:99:42
X509v3 Authority Key Identifier:
keyid:3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/0-E1wNLzY1pbmxWaOBQxHToLmUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.115.48.0/24
212.115.50.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:bb:49:48:4c:9b:6e:d3:c9:87:40:f9:a8:89:e6:f5:58:00:
19:ef:55:a2:91:50:4f:57:10:f1:30:15:79:88:1d:ab:2e:7e:
27:2e:cb:34:aa:3f:4a:d1:0f:4c:09:55:ca:2e:5c:c8:12:19:
81:a3:d5:24:5a:8d:f5:40:be:bd:37:31:b3:a9:78:9a:74:78:
3a:6b:1d:1e:96:10:62:e3:71:48:1d:55:59:a7:c0:07:7b:61:
19:72:70:12:84:11:07:f2:fb:86:96:b4:f0:11:60:ec:0b:ba:
a4:dc:f7:e4:a0:39:3b:9a:b8:ad:12:ff:1b:63:c4:04:9d:df:
ee:92:69:f2:b6:67:97:f6:9d:43:b4:30:49:8a:05:16:3c:df:
af:a1:82:68:fc:fc:3c:fd:5d:20:64:4f:b9:9d:7e:cd:1d:1d:
d0:be:26:8a:ce:8c:03:a3:91:53:7a:93:95:87:b0:22:f2:be:
d5:c2:ad:1f:cd:fe:92:a2:7b:90:ac:9d:67:01:db:0f:fd:f0:
fc:ae:cc:ae:33:94:d9:ed:fa:03:a2:b3:e3:91:5f:5e:b0:6c:
83:66:71:f1:71:7a:81:f9:43:0d:68:5d:38:50:b3:ed:c9:16:
e9:53:14:1e:8b:01:4b:f1:c2:35:f9:a3:3f:af:33:cb:65:33:
2c:28:b4:49
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3MNAEFdbzHBUq8y7xsMvN2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzUwYWI0Y2NmNzJlM2Q2MGMwOWY5NjQwMTlkNmMwMzRj
NTBhNmMwHhcNMjQwMjIxMTUwNjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2UxMzVjMGQyZjM2MzVhNWI5YjE1OWEzODE0MzExZDNhMGI5OTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkTb1dmmIHw4+2SJyiJsUcpY3i42q
gX1NDmz3JofEezCQ/hoiCjDxC8U+UaD7B3OH3nj+ZGLaYrD/jx3bFC76vLAa3Nju
xwg99c3ctPsP4UxkjD1ISgIifwb+LbGOf4updUYhlQqWMI+SGD4iNPJaxh5a4SbB
OfZ+OCDymc/37CNfWC1BADw48WU7kenx6FaxTzA+iV9M8HW/ThfGuI/mYTcvA8FT
6geLAVq/kKz3+t35E8KYuzTrbLViF+l7rcC1hsgOs1zTeD4Ud4Gh+DPuJvgmIw9h
GZ7MaOgFffPf5Qi3/VslPcP98vu1WKq2gTSCJKfMfr+JX0jdRznGjkocNwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNPhNcDS82NaW5sVmjgUMR06C5lCMB8GA1UdIwQY
MBaAFD7FCrTM9y49YMCflkAZ1sA0xQpsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTct
MjE1OTM3NmQzYTY0LzEvMC1FMXdOTHpZMXBibXhXYU9CUXhIVG9MbVVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTctMjE1OTM3NmQzYTY0
LzEvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1HMwAwQA
1HMyMA0GCSqGSIb3DQEBCwUAA4IBAQBqu0lITJtu08mHQPmoieb1WAAZ71WikVBP
VxDxMBV5iB2rLn4nLss0qj9K0Q9MCVXKLlzIEhmBo9UkWo31QL69NzGzqXiadHg6
ax0elhBi43FIHVVZp8AHe2EZcnAShBEH8vuGlrTwEWDsC7qk3PfkoDk7mritEv8b
Y8QEnd/ukmnytmeX9p1DtDBJigUWPN+voYJo/Pw8/V0gZE+5nX7NHR3QviaKzowD
o5FTepOVh7Ai8r7Vwq0fzf6SonuQrJ1nAdsP/fD8rsyuM5TZ7foDorPjkV9esGyD
ZnHxcXqB+UMNaF04ULPtyRbpUxQeiwFL8cI1+aM/rzPLZTMsKLRJ
-----END CERTIFICATE-----
Generated at Wed Aug 14 10:43:37 2024 by rpki-client on console-fra.rpki-client.org