Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/NLbfY-pAaVSgjyZdOWbHIIlGUiM.roa
File: NLbfY-pAaVSgjyZdOWbHIIlGUiM.roa (raw, json)
Hash identifier: RmxBzS4WhKj27OAF9rcFA26qqr1bENaR3FESa1FHUNk=
Subject key identifier: 34:B6:DF:63:EA:40:69:54:A0:8F:26:5D:39:66:C7:20:89:46:52:23
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 01856F1DC884C462C186FE0BF4F10FE72F45
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/NLbfY-pAaVSgjyZdOWbHIIlGUiM.roa
Signing time: Sun 01 Jan 2023 20:55:00 +0000
ROA not before: Sun 01 Jan 2023 20:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57975
IP address blocks: 92.119.228.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:c8:84:c4:62:c1:86:fe:0b:f4:f1:0f:e7:2f:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Jan 1 20:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34b6df63ea406954a08f265d3966c72089465223
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:d8:e8:4a:06:83:da:46:5a:48:32:71:d2:df:
59:f8:1e:2b:80:88:99:54:8b:63:5a:45:e5:50:a5:
92:84:e7:2a:90:2c:0c:ac:af:7f:88:58:5a:29:6e:
38:45:1c:e3:82:60:ee:dc:a7:53:e9:c7:51:d9:5f:
07:de:01:c2:62:a5:0a:19:f4:6d:6e:66:a0:43:7b:
2a:2d:fd:e7:1d:a1:68:2d:66:ed:8d:fc:e3:68:8f:
52:f2:82:d6:7b:5a:82:8e:65:6e:32:96:59:38:42:
65:41:38:c0:64:1e:ae:ca:89:09:21:60:bc:04:f3:
02:69:fd:74:06:7d:3f:fe:30:44:32:7a:69:9b:bc:
6c:98:81:15:03:0b:4c:1f:cc:c6:92:50:5c:48:f9:
0a:c3:35:cc:2e:be:48:95:8c:a0:10:67:1b:ec:e5:
45:82:81:b8:c7:b3:17:c9:a4:55:31:05:c4:f3:a6:
17:42:34:f9:4b:6a:6f:5f:1a:72:dc:b5:8e:e7:9b:
98:3e:b6:cd:d4:c6:10:88:dd:db:0f:87:3c:17:30:
9b:3c:3e:7f:f6:47:b6:f9:fe:25:e0:03:ba:f7:29:
f9:6a:a7:2e:11:24:a1:ab:15:92:31:a0:16:1b:7e:
31:5d:d5:c9:74:10:ef:26:bb:5e:c9:90:2f:26:b9:
cb:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:B6:DF:63:EA:40:69:54:A0:8F:26:5D:39:66:C7:20:89:46:52:23
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/NLbfY-pAaVSgjyZdOWbHIIlGUiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.119.228.0/24
Signature Algorithm: sha256WithRSAEncryption
40:51:25:58:da:4c:17:35:de:11:4c:65:59:ec:af:b2:5d:95:
11:5e:2e:85:ca:ff:a3:59:14:a7:1d:5f:71:63:4f:3a:3e:ba:
de:b1:94:e9:ed:29:ad:bc:ce:de:a5:a0:24:39:e2:77:17:a6:
ff:de:3e:ce:25:58:7c:85:5e:4f:80:56:16:2e:b9:d1:da:b8:
33:fd:c9:d2:a1:7f:41:a9:ff:48:41:fc:c8:5f:95:4d:00:08:
f2:39:5a:80:64:44:24:f5:86:1a:f5:f1:1c:5d:a5:28:0a:88:
5b:5b:4c:1d:06:7e:45:53:91:da:b2:68:d0:fc:0d:93:93:1e:
77:f3:a2:38:2f:33:02:db:8e:72:c7:0b:9e:04:24:bb:89:7c:
be:ad:eb:91:aa:83:4c:97:09:4a:2a:56:ca:90:3b:6d:cb:ec:
37:e9:75:8c:8d:5c:a8:12:2c:8b:7d:e4:3a:be:26:ff:e3:8b:
11:9c:63:c5:45:49:91:b4:11:90:c1:8a:2a:06:7a:8e:97:d6:
1d:5d:47:e7:5e:6d:b8:aa:78:12:f5:0b:35:c9:f4:cd:c1:77:
40:88:3e:63:43:d9:06:77:43:be:00:92:8b:4b:d0:5e:c0:35:
0d:3d:1c:a0:0b:5f:99:37:6b:3f:23:a7:a2:75:75:68:d3:b5:
57:e5:30:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvHciExGLBhv4L9PEP5y9FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjMwMTAxMjA1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGI2ZGY2M2VhNDA2OTU0YTA4ZjI2NWQzOTY2YzcyMDg5NDY1MjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAitjoSgaD2kZaSDJx0t9Z+B4rgIiZ
VItjWkXlUKWShOcqkCwMrK9/iFhaKW44RRzjgmDu3KdT6cdR2V8H3gHCYqUKGfRt
bmagQ3sqLf3nHaFoLWbtjfzjaI9S8oLWe1qCjmVuMpZZOEJlQTjAZB6uyokJIWC8
BPMCaf10Bn0//jBEMnppm7xsmIEVAwtMH8zGklBcSPkKwzXMLr5IlYygEGcb7OVF
goG4x7MXyaRVMQXE86YXQjT5S2pvXxpy3LWO55uYPrbN1MYQiN3bD4c8FzCbPD5/
9ke2+f4l4AO69yn5aqcuESShqxWSMaAWG34xXdXJdBDvJrteyZAvJrnLRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDS232PqQGlUoI8mXTlmxyCJRlIjMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvTkxiZlktcEFhVlNnanlaZE9XYkhJSWxHVWlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXHfkMA0G
CSqGSIb3DQEBCwUAA4IBAQBAUSVY2kwXNd4RTGVZ7K+yXZURXi6Fyv+jWRSnHV9x
Y086PrresZTp7SmtvM7epaAkOeJ3F6b/3j7OJVh8hV5PgFYWLrnR2rgz/cnSoX9B
qf9IQfzIX5VNAAjyOVqAZEQk9YYa9fEcXaUoCohbW0wdBn5FU5HasmjQ/A2Tkx53
86I4LzMC245yxwueBCS7iXy+reuRqoNMlwlKKlbKkDtty+w36XWMjVyoEiyLfeQ6
vib/44sRnGPFRUmRtBGQwYoqBnqOl9YdXUfnXm24qngS9Qs1yfTNwXdAiD5jQ9kG
d0O+AJKLS9BewDUNPRygC1+ZN2s/I6eidXVo07VX5TCr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:25 2024 by rpki-client on console-ams.rpki-client.org