Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/bsRTE31xL0zW1GF4Pc9GhVTP5lI.roa
File: bsRTE31xL0zW1GF4Pc9GhVTP5lI.roa (raw, json)
Hash identifier: nxuv2LCc1PDH9bYgzIB6biK/hHau5PsPRjXsUif33t4=
Subject key identifier: 6E:C4:53:13:7D:71:2F:4C:D6:D4:61:78:3D:CF:46:85:54:CF:E6:52
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 01856F1DBB03CAD4259879559F7C5639D06C
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/bsRTE31xL0zW1GF4Pc9GhVTP5lI.roa
Signing time: Sun 01 Jan 2023 20:54:57 +0000
ROA not before: Sun 01 Jan 2023 20:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41578
IP address blocks: 109.233.205.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:bb:03:ca:d4:25:98:79:55:9f:7c:56:39:d0:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Jan 1 20:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6ec453137d712f4cd6d461783dcf468554cfe652
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:5b:02:77:bd:22:04:32:b9:5b:a3:64:3d:90:
7f:57:3e:c4:c8:31:d8:77:bc:5e:eb:f1:51:87:5d:
79:bf:03:d1:6f:f0:9d:b8:d7:f0:0a:62:a9:76:87:
b8:84:ae:19:2a:c8:c2:72:69:2d:4c:2b:8d:90:93:
d9:c6:3a:22:cb:50:8c:3d:8d:64:47:b7:13:7c:5f:
87:7d:13:dc:cc:c5:e1:55:51:55:ff:33:ac:bb:0f:
80:10:dd:6e:6c:d5:a8:60:83:4f:b1:aa:c3:5f:19:
39:33:ef:13:1f:3f:bb:52:1e:88:d8:1b:6d:9d:92:
62:eb:76:1f:29:c5:a5:f2:7c:7b:3b:8e:5b:cf:bc:
60:37:9e:27:3b:21:26:02:8a:7f:70:e3:fe:ee:12:
25:77:08:16:1f:62:ba:15:b1:f5:70:48:32:9e:f2:
18:97:fa:e4:51:e1:b5:47:2c:69:ff:6a:d0:9f:f5:
f0:7d:74:1d:dc:c8:1d:2e:be:58:52:16:41:fc:c9:
90:cd:bb:a1:50:e5:4e:bd:ff:a3:81:42:38:f5:65:
17:53:ba:e7:37:0a:89:70:b4:9d:99:f3:36:b4:cd:
49:d7:e2:88:67:d8:b1:fa:2f:9d:2c:a7:9b:f3:99:
76:27:4b:71:22:33:53:ef:3f:e4:7d:2d:22:6e:9d:
28:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:C4:53:13:7D:71:2F:4C:D6:D4:61:78:3D:CF:46:85:54:CF:E6:52
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/bsRTE31xL0zW1GF4Pc9GhVTP5lI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.233.205.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:12:fb:c7:9f:fd:41:8c:25:4d:9f:ff:63:ea:9e:ad:eb:56:
2f:5e:2a:1e:43:87:f8:c4:79:0d:26:51:d9:00:48:f2:8f:44:
af:ae:50:05:b4:d0:bd:dd:54:5d:c6:4d:e3:c4:11:d6:d1:0e:
61:cd:0a:66:7a:bd:13:51:18:a3:a7:29:2c:40:ab:0d:ad:20:
e7:a1:6d:c3:52:ff:6b:36:c5:5e:41:6a:11:3f:9d:dc:77:9a:
ec:36:a0:e2:13:5f:ad:a3:e8:b8:a7:56:43:9d:c9:c3:78:ce:
3f:b9:10:d8:0f:21:6a:1d:74:3f:47:3d:d1:8d:c6:2c:ca:2a:
ba:07:be:d5:31:3e:8d:0c:da:84:18:77:be:7f:96:47:49:76:
1c:bb:e0:6d:4b:02:1f:a5:60:d6:11:bb:ac:b9:4a:e3:99:e5:
54:c5:33:a6:b9:21:1e:c8:1f:0b:b7:6d:b9:f1:83:29:d2:bb:
42:56:22:05:33:86:aa:2a:b2:c3:c6:07:4d:f0:98:ec:5d:b3:
22:bc:07:d7:b9:02:83:5d:b1:f5:f7:c7:43:51:97:6d:d2:d1:
3d:60:9d:3b:df:c4:aa:e0:29:b9:95:91:88:a1:34:db:87:59:
f0:ad:29:be:60:e3:b9:91:fe:ec:93:ef:d7:79:c1:77:03:c5:
ec:25:82:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvHbsDytQlmHlVn3xWOdBsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjMwMTAxMjA1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWM0NTMxMzdkNzEyZjRjZDZkNDYxNzgzZGNmNDY4NTU0Y2ZlNjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1sCd70iBDK5W6NkPZB/Vz7EyDHY
d7xe6/FRh115vwPRb/CduNfwCmKpdoe4hK4ZKsjCcmktTCuNkJPZxjoiy1CMPY1k
R7cTfF+HfRPczMXhVVFV/zOsuw+AEN1ubNWoYINPsarDXxk5M+8THz+7Uh6I2Btt
nZJi63YfKcWl8nx7O45bz7xgN54nOyEmAop/cOP+7hIldwgWH2K6FbH1cEgynvIY
l/rkUeG1Ryxp/2rQn/XwfXQd3MgdLr5YUhZB/MmQzbuhUOVOvf+jgUI49WUXU7rn
NwqJcLSdmfM2tM1J1+KIZ9ix+i+dLKeb85l2J0txIjNT7z/kfS0ibp0oBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG7EUxN9cS9M1tRheD3PRoVUz+ZSMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvYnNSVEUzMXhMMHpXMUdGNFBjOUdoVlRQNWxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbenNMA0G
CSqGSIb3DQEBCwUAA4IBAQCzEvvHn/1BjCVNn/9j6p6t61YvXioeQ4f4xHkNJlHZ
AEjyj0SvrlAFtNC93VRdxk3jxBHW0Q5hzQpmer0TURijpyksQKsNrSDnoW3DUv9r
NsVeQWoRP53cd5rsNqDiE1+to+i4p1ZDncnDeM4/uRDYDyFqHXQ/Rz3RjcYsyiq6
B77VMT6NDNqEGHe+f5ZHSXYcu+BtSwIfpWDWEbusuUrjmeVUxTOmuSEeyB8Lt225
8YMp0rtCViIFM4aqKrLDxgdN8JjsXbMivAfXuQKDXbH198dDUZdt0tE9YJ0738Sq
4Cm5lZGIoTTbh1nwrSm+YOO5kf7sk+/XecF3A8XsJYJA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:47 2024 by rpki-client on console-fra.rpki-client.org