Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/RTpjAtlAGwVJBvgYP7WD_3KGsT4.roa
File: RTpjAtlAGwVJBvgYP7WD_3KGsT4.roa (raw, json)
Hash identifier: Z6DqphAgoJ8x2bAf0SiTYQNj7jh4hXqIp1G9szb4sk8=
Subject key identifier: 45:3A:63:02:D9:40:1B:05:49:06:F8:18:3F:B5:83:FF:72:86:B1:3E
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 0185A68A6380C2B533428F629A799D823756
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/RTpjAtlAGwVJBvgYP7WD_3KGsT4.roa
Signing time: Thu 12 Jan 2023 15:12:45 +0000
ROA not before: Thu 12 Jan 2023 15:12:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35479
IP address blocks: 185.219.55.0/24 maxlen: 24
185.219.54.0/24 maxlen: 24
185.219.54.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a6:8a:63:80:c2:b5:33:42:8f:62:9a:79:9d:82:37:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Jan 12 15:12:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=453a6302d9401b054906f8183fb583ff7286b13e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:2e:98:1c:17:79:9e:4b:98:a8:e3:cf:7e:07:
19:a1:19:8f:d4:47:44:2b:4b:50:cf:c7:c8:95:90:
ed:9c:c9:d9:81:4d:1b:3f:35:4a:fa:c7:4a:7d:1b:
87:90:2e:5c:93:15:19:d1:35:87:23:30:b6:a0:1f:
9c:14:2b:d2:3d:9c:0c:d4:dc:f4:fb:71:8b:43:d6:
82:5f:04:b3:a8:0e:f7:4b:fd:17:c2:4b:20:ba:6a:
de:66:3f:aa:1b:65:d1:cb:c5:52:38:7b:ed:0d:a1:
c6:9b:3e:4c:bc:f4:56:3d:e8:e1:a4:f2:3e:c6:a3:
a4:57:0a:db:52:d2:5b:3b:a8:06:9f:43:53:da:e0:
62:6e:e0:cf:15:23:91:38:25:ab:15:5b:6a:ca:05:
83:29:90:06:3e:9d:f7:b1:27:6b:2b:9a:49:46:d1:
5d:c7:ac:89:e5:6d:08:8d:8c:a9:51:c7:2f:dd:7f:
b7:8b:36:aa:f6:1d:8b:4c:0d:2e:85:af:66:37:44:
91:f1:23:05:8c:54:1c:06:46:b9:48:ae:f1:10:81:
98:b7:ab:a9:39:c1:16:de:81:28:58:28:c5:db:2f:
b7:13:c8:98:50:35:eb:28:c3:f0:06:29:86:4e:50:
d2:f1:cb:c7:17:82:c3:94:9d:87:8d:e0:03:c3:76:
15:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:3A:63:02:D9:40:1B:05:49:06:F8:18:3F:B5:83:FF:72:86:B1:3E
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/RTpjAtlAGwVJBvgYP7WD_3KGsT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.219.54.0/23
Signature Algorithm: sha256WithRSAEncryption
9c:96:76:21:62:6d:c4:8d:fb:17:9b:3b:b6:79:80:e2:5e:90:
98:31:e8:92:4d:85:f4:c8:36:84:77:18:80:14:09:85:a4:05:
6b:2f:b1:41:0e:6b:b7:4c:0b:13:8f:1e:42:13:0b:de:39:59:
da:b0:6a:3b:fd:4b:58:0e:5b:04:4c:a8:dd:6e:85:dc:ba:ad:
6b:c7:f3:9f:9b:a8:f5:dd:d3:eb:0a:80:5e:13:78:32:1e:5c:
b6:96:17:52:5f:eb:13:6d:de:94:41:5f:ad:8f:41:43:9f:38:
2f:ef:25:ae:49:c8:a8:5b:56:35:0e:b2:1e:23:de:df:bd:1f:
46:2c:00:e8:8b:4d:79:6a:5f:36:6d:ff:78:99:0e:b2:f0:1f:
e9:4a:dd:38:3f:79:2a:01:14:c4:29:9b:52:31:ae:e0:bd:19:
59:97:0a:f3:0e:c3:4a:12:80:7d:80:60:18:99:b1:69:73:02:
2d:8d:4b:75:c3:42:ec:36:00:80:58:ba:22:94:ab:50:ea:fa:
c9:6b:c5:46:d0:3e:00:b8:b1:45:03:6c:74:73:c0:06:e4:90:
eb:63:9c:26:13:0d:69:38:10:51:7e:59:5a:07:a1:e1:29:7c:
b2:14:cd:4c:49:58:ea:3a:a4:6d:d0:ff:12:74:92:1a:20:28:
1f:b5:ef:03
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWmimOAwrUzQo9imnmdgjdWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjMwMTEyMTUxMjQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTNhNjMwMmQ5NDAxYjA1NDkwNmY4MTgzZmI1ODNmZjcyODZiMTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1y6YHBd5nkuYqOPPfgcZoRmP1EdE
K0tQz8fIlZDtnMnZgU0bPzVK+sdKfRuHkC5ckxUZ0TWHIzC2oB+cFCvSPZwM1Nz0
+3GLQ9aCXwSzqA73S/0XwksgumreZj+qG2XRy8VSOHvtDaHGmz5MvPRWPejhpPI+
xqOkVwrbUtJbO6gGn0NT2uBibuDPFSOROCWrFVtqygWDKZAGPp33sSdrK5pJRtFd
x6yJ5W0IjYypUccv3X+3izaq9h2LTA0uha9mN0SR8SMFjFQcBka5SK7xEIGYt6up
OcEW3oEoWCjF2y+3E8iYUDXrKMPwBimGTlDS8cvHF4LDlJ2HjeADw3YVCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEU6YwLZQBsFSQb4GD+1g/9yhrE+MB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvUlRwakF0bEFHd1ZKQnZnWVA3V0RfM0tHc1Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuds2MA0G
CSqGSIb3DQEBCwUAA4IBAQCclnYhYm3EjfsXmzu2eYDiXpCYMeiSTYX0yDaEdxiA
FAmFpAVrL7FBDmu3TAsTjx5CEwveOVnasGo7/UtYDlsETKjdboXcuq1rx/Ofm6j1
3dPrCoBeE3gyHly2lhdSX+sTbd6UQV+tj0FDnzgv7yWuScioW1Y1DrIeI97fvR9G
LADoi015al82bf94mQ6y8B/pSt04P3kqARTEKZtSMa7gvRlZlwrzDsNKEoB9gGAY
mbFpcwItjUt1w0LsNgCAWLoilKtQ6vrJa8VG0D4AuLFFA2x0c8AG5JDrY5wmEw1p
OBBRfllaB6HhKXyyFM1MSVjqOqRt0P8SdJIaICgfte8D
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:47 2024 by rpki-client on console-fra.rpki-client.org