Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/sDzfV9kxXf_aufV7bpt0As5pVdw.roa
File: sDzfV9kxXf_aufV7bpt0As5pVdw.roa (raw, json)
Hash identifier: kQDpFpPMfG0IilOiH+LbsggQDx79bsgGsitlra6uYmo=
Subject key identifier: B0:3C:DF:57:D9:31:5D:FF:DA:B9:F5:7B:6E:9B:74:02:CE:69:55:DC
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 048516B2
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/sDzfV9kxXf_aufV7bpt0As5pVdw.roa
Signing time: Fri 01 Apr 2022 10:13:34 +0000
ROA not before: Fri 01 Apr 2022 10:13:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35830
IP address blocks: 94.231.219.0/24 maxlen: 24
84.54.56.0/23 maxlen: 23
84.54.58.0/24 maxlen: 24
109.94.223.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75830962 (0x48516b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Apr 1 10:13:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b03cdf57d9315dffdab9f57b6e9b7402ce6955dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:55:ef:69:b1:fc:64:3f:66:3b:e3:30:63:6a:
ed:03:3c:24:dc:7d:22:b2:5b:35:b0:3c:92:cc:92:
34:4e:2f:c5:ea:de:79:28:79:e9:75:5a:03:0a:c8:
d6:5c:e9:1d:b2:bd:60:ca:a8:4f:ab:54:c0:69:61:
97:a7:2e:f5:aa:3a:5f:2c:ed:5a:73:89:bd:e2:ab:
df:62:ce:fc:20:60:3b:f9:a0:b5:77:e3:0c:31:ff:
82:b3:23:51:90:9c:96:65:a6:e8:0a:e6:75:67:77:
b3:37:ef:a0:1f:f7:75:f3:21:10:36:77:a8:5b:c4:
7c:9a:f1:fe:06:71:dc:76:17:5c:06:63:f7:cf:dd:
38:60:b4:d8:28:ea:88:ad:a6:19:64:ac:2e:6d:e0:
44:39:ee:24:b7:84:2f:27:93:ad:7e:cf:3e:37:a8:
f8:5d:70:ab:aa:ac:69:40:14:50:dc:c3:73:00:c4:
2f:39:48:b4:75:b5:9f:04:ac:71:2a:5f:86:30:34:
db:56:c9:95:a3:db:89:94:bd:82:9b:68:9c:7b:ba:
63:cd:b9:6d:18:5b:5b:f2:e5:70:44:5c:7e:4a:7a:
97:bc:f5:05:4f:1d:a2:17:7d:64:2d:98:4e:07:1b:
48:bc:ec:cb:2c:ac:90:4f:7b:5e:d2:9b:eb:b8:dc:
ca:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:3C:DF:57:D9:31:5D:FF:DA:B9:F5:7B:6E:9B:74:02:CE:69:55:DC
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/sDzfV9kxXf_aufV7bpt0As5pVdw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.54.56.0-84.54.58.255
94.231.219.0/24
109.94.223.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:dc:b8:c5:4f:39:21:70:55:1e:d5:33:18:58:bb:b7:b6:25:
97:87:a6:61:ba:43:6b:fa:90:d9:d1:b0:f7:3c:d0:95:e0:ae:
7e:81:e2:0e:bd:35:53:c7:39:42:c8:a4:d0:35:7b:70:c4:0d:
ba:06:41:10:63:e9:d0:bb:58:9d:27:7f:b2:32:d1:c2:31:82:
ea:cd:1f:5f:76:7b:c9:79:0c:0a:20:a8:21:ef:7a:65:e1:3d:
cf:10:5f:ac:99:91:59:70:a9:e8:44:d6:05:76:64:d1:ec:96:
d9:50:71:8d:78:7a:eb:66:eb:30:f3:09:f6:ca:65:16:15:21:
58:bd:c0:f5:4d:0b:ea:99:15:fe:65:59:c5:cb:c3:a0:fb:35:
5d:65:8c:28:f3:3b:fc:d0:f7:f0:0c:52:bd:14:1a:6a:fe:78:
11:ed:0f:db:db:50:e6:0a:fb:b0:96:20:f5:8b:c0:31:60:60:
27:0d:fa:24:21:07:c7:a2:eb:27:0b:34:f9:04:2f:53:1f:65:
2f:57:ca:a9:b9:b0:d0:f7:dd:32:53:67:b5:ae:96:df:b2:3c:
41:77:98:5f:3d:68:f7:5f:7e:1e:b3:3f:8c:1e:b6:84:31:95:
7d:25:6e:c6:e9:7f:40:d9:79:28:de:a8:0b:5d:d8:7e:c8:91:
c9:d0:45:cc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEBIUWsjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZGEzOTQxYzI3Y2ZlNWMyMzRjNGJmMjIxZWNiMmE1NzliMmRlYWFiMB4XDTIyMDQw
MTEwMTMzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjAzY2RmNTdkOTMx
NWRmZmRhYjlmNTdiNmU5Yjc0MDJjZTY5NTVkYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMhV72mx/GQ/ZjvjMGNq7QM8JNx9IrJbNbA8ksySNE4vxere
eSh56XVaAwrI1lzpHbK9YMqoT6tUwGlhl6cu9ao6XyztWnOJveKr32LO/CBgO/mg
tXfjDDH/grMjUZCclmWm6ArmdWd3szfvoB/3dfMhEDZ3qFvEfJrx/gZx3HYXXAZj
98/dOGC02CjqiK2mGWSsLm3gRDnuJLeELyeTrX7PPjeo+F1wq6qsaUAUUNzDcwDE
LzlItHW1nwSscSpfhjA021bJlaPbiZS9gptonHu6Y825bRhbW/LlcERcfkp6l7z1
BU8dohd9ZC2YTgcbSLzsyyyskE97XtKb67jcysUCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBSwPN9X2TFd/9q59Xtum3QCzmlV3DAfBgNVHSMEGDAWgBRdo5QcJ8/lwjTE
vyIeyypXmy3qqzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hhT1VIQ2ZQNWNJMHhMOGlIc3NxVjVzdDZxcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODAvMzBlZDNlLWM0YzQtNGRlOC1iNGYxLWYxMWEzOWYyNmMzYi8x
L3NEemZWOWt4WGZfYXVmVjdicHQwQXM1cFZkdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODAv
MzBlZDNlLWM0YzQtNGRlOC1iNGYxLWYxMWEzOWYyNmMzYi8xL1hhT1VIQ2ZQNWNJ
MHhMOGlIc3NxVjVzdDZxcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGjAMAwQDVDY4AwQAVDY6AwQAXufbAwQA
bV7fMA0GCSqGSIb3DQEBCwUAA4IBAQAK3LjFTzkhcFUe1TMYWLu3tiWXh6ZhukNr
+pDZ0bD3PNCV4K5+geIOvTVTxzlCyKTQNXtwxA26BkEQY+nQu1idJ3+yMtHCMYLq
zR9fdnvJeQwKIKgh73pl4T3PEF+smZFZcKnoRNYFdmTR7JbZUHGNeHrrZusw8wn2
ymUWFSFYvcD1TQvqmRX+ZVnFy8Og+zVdZYwo8zv80PfwDFK9FBpq/ngR7Q/b21Dm
CvuwliD1i8AxYGAnDfokIQfHousnCzT5BC9TH2UvV8qpubDQ990yU2e1rpbfsjxB
d5hfPWj3X34esz+MHraEMZV9JW7G6X9A2Xko3qgLXdh+yJHJ0EXM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:25 2024 by rpki-client on console-ams.rpki-client.org