Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/u8j4Tq9gkSUokqJx77or-ubxIy4.roa
File: u8j4Tq9gkSUokqJx77or-ubxIy4.roa (raw, json)
Hash identifier: WRxW7+lDhseOKcXEvrfh0zAdkm6tZUwROZoTASOCktU=
Subject key identifier: BB:C8:F8:4E:AF:60:91:25:28:92:A2:71:EF:BA:2B:FA:E6:F1:23:2E
Certificate issuer: /CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Certificate serial: 018DCC34009D1B0BF675FD82F9735191E748
Authority key identifier: 3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/u8j4Tq9gkSUokqJx77or-ubxIy4.roa
Signing time: Wed 21 Feb 2024 15:06:16 +0000
ROA not before: Wed 21 Feb 2024 15:06:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12722
IP address blocks: 212.115.48.0/24 maxlen: 24
212.115.50.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cc:34:00:9d:1b:0b:f6:75:fd:82:f9:73:51:91:e7:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Validity
Not Before: Feb 21 15:06:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bbc8f84eaf6091252892a271efba2bfae6f1232e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:b7:86:d8:da:2b:62:82:c0:13:50:38:04:0b:
f7:85:da:5a:9b:fd:32:30:12:88:6c:95:7b:70:c7:
66:cd:a6:16:c6:60:ad:b8:30:5b:5e:74:f1:e2:b7:
55:7e:3a:2e:d7:0d:1a:d1:34:47:31:25:1c:45:7d:
4b:76:e8:f2:2a:93:01:6a:1f:f6:d2:96:f5:67:d8:
ba:78:47:4e:b4:12:f9:a3:bc:22:d2:56:67:f8:04:
82:2b:fa:ff:50:f9:9d:87:ac:95:89:a2:b2:08:10:
79:2d:19:b7:9b:d9:99:40:94:b5:b0:3f:8c:ac:b1:
99:d1:1d:83:50:70:e7:9e:69:7c:85:f9:bd:61:63:
5c:cd:4c:7d:8e:b0:31:eb:c8:23:3c:b7:3b:a7:d8:
6a:12:94:9e:88:ec:0c:eb:b7:17:4f:bc:cf:c8:1e:
88:56:30:ac:fb:8f:f5:99:ee:22:15:4e:ef:12:b8:
fb:6b:3d:93:22:5e:5b:cd:3c:95:de:27:dd:87:78:
4a:70:56:1a:87:d2:ff:6b:6e:f9:a7:4c:49:b3:7f:
0d:97:2c:00:cf:60:17:af:a6:0b:23:32:13:14:c9:
63:d6:c8:ce:f6:a8:a8:7e:3b:8f:3a:8f:76:73:02:
6e:9e:b5:12:40:82:3a:2b:85:7e:d7:61:42:e7:68:
3e:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:C8:F8:4E:AF:60:91:25:28:92:A2:71:EF:BA:2B:FA:E6:F1:23:2E
X509v3 Authority Key Identifier:
keyid:3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/u8j4Tq9gkSUokqJx77or-ubxIy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.115.48.0/24
212.115.50.0/24
Signature Algorithm: sha256WithRSAEncryption
89:3a:46:d3:ae:6c:85:39:92:6f:9a:59:1a:d8:16:38:32:5a:
ec:23:d9:cb:06:3e:d4:4c:43:39:0e:6d:93:90:b1:c7:72:d1:
3b:ce:a8:2a:62:1f:72:ef:67:d7:37:ce:0c:d8:b9:bb:f9:87:
60:dd:aa:6b:1f:8b:82:06:97:b2:e2:a3:b5:aa:76:33:15:04:
b8:fc:2f:56:af:fe:ee:c0:65:a6:63:c5:72:5b:59:ff:97:d5:
a9:3c:ec:ca:fa:b3:d3:21:d4:9a:20:0c:fe:a1:d2:74:b0:d2:
01:b2:7d:4f:d3:51:9b:7b:99:9d:aa:db:a5:fc:08:33:9d:8d:
a2:25:db:97:d2:ec:ac:78:37:fe:9b:cb:c3:61:4f:4e:54:f6:
f1:85:c3:fb:4f:4f:e7:9a:e6:b5:d1:be:3c:96:ae:a6:be:aa:
5e:2c:7b:0f:b2:fd:a1:af:55:34:60:ed:10:88:e5:f0:42:5a:
53:f0:20:5a:d6:74:99:8b:62:1e:55:5e:81:d8:b2:c5:f2:01:
12:01:d1:c5:b0:b1:b6:b3:73:4c:df:51:c6:3e:e9:2a:ab:78:
d9:2f:21:82:7c:72:66:34:4c:cb:7a:b2:f4:cc:6c:02:9e:6f:
93:08:91:13:16:71:97:15:44:20:03:c7:ae:ca:6f:91:11:56:
9b:50:7b:78
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3MNACdGwv2df2C+XNRkedIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzUwYWI0Y2NmNzJlM2Q2MGMwOWY5NjQwMTlkNmMwMzRj
NTBhNmMwHhcNMjQwMjIxMTUwNjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmM4Zjg0ZWFmNjA5MTI1Mjg5MmEyNzFlZmJhMmJmYWU2ZjEyMzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbeG2NorYoLAE1A4BAv3hdpam/0y
MBKIbJV7cMdmzaYWxmCtuDBbXnTx4rdVfjou1w0a0TRHMSUcRX1LdujyKpMBah/2
0pb1Z9i6eEdOtBL5o7wi0lZn+ASCK/r/UPmdh6yViaKyCBB5LRm3m9mZQJS1sD+M
rLGZ0R2DUHDnnml8hfm9YWNczUx9jrAx68gjPLc7p9hqEpSeiOwM67cXT7zPyB6I
VjCs+4/1me4iFU7vErj7az2TIl5bzTyV3ifdh3hKcFYah9L/a275p0xJs38NlywA
z2AXr6YLIzITFMlj1sjO9qiofjuPOo92cwJunrUSQII6K4V+12FC52g+GwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLvI+E6vYJElKJKice+6K/rm8SMuMB8GA1UdIwQY
MBaAFD7FCrTM9y49YMCflkAZ1sA0xQpsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTct
MjE1OTM3NmQzYTY0LzEvdThqNFRxOWdrU1Vva3FKeDc3b3ItdWJ4SXk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTctMjE1OTM3NmQzYTY0
LzEvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1HMwAwQA
1HMyMA0GCSqGSIb3DQEBCwUAA4IBAQCJOkbTrmyFOZJvmlka2BY4MlrsI9nLBj7U
TEM5Dm2TkLHHctE7zqgqYh9y72fXN84M2Lm7+Ydg3aprH4uCBpey4qO1qnYzFQS4
/C9Wr/7uwGWmY8VyW1n/l9WpPOzK+rPTIdSaIAz+odJ0sNIBsn1P01Gbe5mdqtul
/AgznY2iJduX0uyseDf+m8vDYU9OVPbxhcP7T0/nmua10b48lq6mvqpeLHsPsv2h
r1U0YO0QiOXwQlpT8CBa1nSZi2IeVV6B2LLF8gESAdHFsLG2s3NM31HGPukqq3jZ
LyGCfHJmNEzLerL0zGwCnm+TCJETFnGXFUQgA8euym+REVabUHt4
-----END CERTIFICATE-----
Generated at Wed Aug 14 12:20:47 2024 by rpki-client on console-ams.rpki-client.org