Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/K57ONdqrr-aj-qf_WSUlLhyWEHw.roa
File: K57ONdqrr-aj-qf_WSUlLhyWEHw.roa (raw, json)
Hash identifier: enEwFg0jt5Q4EVrPoZkImKF+hdQTc9TEL7qELw9m0VQ=
Subject key identifier: 2B:9E:CE:35:DA:AB:AF:E6:A3:FA:A7:FF:59:25:25:2E:1C:96:10:7C
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 0181D386B0E1E6C40CD7348BEE8E703DA02A
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/K57ONdqrr-aj-qf_WSUlLhyWEHw.roa
Signing time: Wed 06 Jul 2022 12:40:28 +0000
ROA not before: Wed 06 Jul 2022 12:40:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58066
IP address blocks: 92.119.231.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:d3:86:b0:e1:e6:c4:0c:d7:34:8b:ee:8e:70:3d:a0:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Jul 6 12:40:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2b9ece35daabafe6a3faa7ff5925252e1c96107c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:a7:4d:11:70:2d:42:90:d9:94:12:48:82:85:
f0:94:08:4c:eb:d3:ad:64:b9:a1:d0:25:ef:d3:98:
48:cd:ef:ef:81:31:5f:b5:39:2b:8d:c6:01:e2:10:
33:c1:31:8d:b0:53:fd:54:89:64:3e:12:de:c4:d0:
7d:df:f2:63:8e:fa:fc:27:72:00:55:c3:04:f9:22:
88:67:5b:8d:19:dd:e7:dc:0f:cc:9f:a3:d1:f5:c3:
a7:81:8a:2c:62:59:38:1d:03:60:17:03:17:e2:ba:
68:3d:f1:02:af:8f:b6:5c:07:05:53:c8:8d:f2:c9:
6d:99:28:78:a9:ba:8f:f7:41:f9:86:5d:2e:64:75:
1d:24:5f:b1:96:8d:2a:ab:14:44:53:77:b8:b9:59:
cd:b0:64:b9:64:36:68:8d:d1:e3:ed:57:9e:6b:2b:
53:a1:5a:38:30:7c:b9:0d:b4:43:00:9c:7c:ef:e8:
db:11:3a:bf:ee:f5:d8:71:30:0b:87:bd:3d:34:61:
ed:e5:48:fa:b7:c1:99:96:98:e5:c4:f0:5f:68:bf:
d6:ff:6f:96:0b:67:c1:99:74:fb:98:67:72:01:32:
ff:ec:37:37:e2:08:40:3f:9d:7d:7d:0c:f9:04:6e:
39:c7:79:ed:f0:32:f3:a7:56:c6:db:13:97:76:8c:
c4:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:9E:CE:35:DA:AB:AF:E6:A3:FA:A7:FF:59:25:25:2E:1C:96:10:7C
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/K57ONdqrr-aj-qf_WSUlLhyWEHw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.119.231.0/24
Signature Algorithm: sha256WithRSAEncryption
85:ae:ae:43:12:11:9e:72:22:6f:c0:69:41:49:5a:01:7c:9e:
2a:6f:d7:e7:8d:f2:87:e4:e3:91:92:4e:62:f5:ef:ba:31:5b:
e4:bd:66:0c:5b:e1:04:c2:cc:a5:fb:53:f1:f2:74:29:55:33:
42:d9:b7:bc:5e:7a:6e:6d:b8:23:54:39:9b:d6:8e:9d:3c:bf:
10:54:b8:27:1b:ba:58:c2:ea:49:25:4a:a4:59:f5:e3:b5:10:
21:38:f7:c7:44:7d:9c:d7:b4:e9:a5:02:f8:c6:16:19:66:db:
e3:ff:78:8a:1f:89:c5:64:67:28:5a:ab:f7:01:92:8f:fd:2d:
61:49:7c:36:c5:d9:b3:4b:f2:90:57:7f:6a:73:0e:6b:8c:42:
46:72:ee:2a:0d:9b:bf:bd:77:d0:b6:7c:8c:34:4a:56:c9:25:
4a:d9:60:f9:50:9d:b6:4b:d5:f1:4d:39:27:77:b5:97:b9:66:
59:b7:50:48:51:56:12:4c:c6:0e:a0:7a:c2:73:35:77:9f:50:
bf:27:69:90:cd:6c:4d:f5:fc:94:71:6c:f2:4b:34:58:6c:11:
2c:b9:22:0c:70:c8:10:8a:69:68:be:e2:ff:86:ff:f8:6b:cb:
62:83:86:8c:e6:11:2a:73:73:51:e5:43:47:08:a4:d2:1d:b4:
c7:e1:9c:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYHThrDh5sQM1zSL7o5wPaAqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjIwNzA2MTI0MDI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjllY2UzNWRhYWJhZmU2YTNmYWE3ZmY1OTI1MjUyZTFjOTYxMDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk6dNEXAtQpDZlBJIgoXwlAhM69Ot
ZLmh0CXv05hIze/vgTFftTkrjcYB4hAzwTGNsFP9VIlkPhLexNB93/Jjjvr8J3IA
VcME+SKIZ1uNGd3n3A/Mn6PR9cOngYosYlk4HQNgFwMX4rpoPfECr4+2XAcFU8iN
8sltmSh4qbqP90H5hl0uZHUdJF+xlo0qqxREU3e4uVnNsGS5ZDZojdHj7VeeaytT
oVo4MHy5DbRDAJx87+jbETq/7vXYcTALh709NGHt5Uj6t8GZlpjlxPBfaL/W/2+W
C2fBmXT7mGdyATL/7Dc34ghAP519fQz5BG45x3nt8DLzp1bG2xOXdozEJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCuezjXaq6/mo/qn/1klJS4clhB8MB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvSzU3T05kcXJyLWFqLXFmX1dTVWxMaHlXRUh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXHfnMA0G
CSqGSIb3DQEBCwUAA4IBAQCFrq5DEhGeciJvwGlBSVoBfJ4qb9fnjfKH5OORkk5i
9e+6MVvkvWYMW+EEwsyl+1Px8nQpVTNC2be8XnpubbgjVDmb1o6dPL8QVLgnG7pY
wupJJUqkWfXjtRAhOPfHRH2c17TppQL4xhYZZtvj/3iKH4nFZGcoWqv3AZKP/S1h
SXw2xdmzS/KQV39qcw5rjEJGcu4qDZu/vXfQtnyMNEpWySVK2WD5UJ22S9XxTTkn
d7WXuWZZt1BIUVYSTMYOoHrCczV3n1C/J2mQzWxN9fyUcWzySzRYbBEsuSIMcMgQ
imlovuL/hv/4a8tig4aM5hEqc3NR5UNHCKTSHbTH4Zxx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:47 2024 by rpki-client on console-fra.rpki-client.org