Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/w04489x64uEGoXcPo_a2hH2kSws.roa
File: w04489x64uEGoXcPo_a2hH2kSws.roa (raw, json)
Hash identifier: f42rW+PZyXysF7LTErtrjF18T2+03AJvsE3KvieFfVs=
Subject key identifier: C3:4E:38:F3:DC:7A:E2:E1:06:A1:77:0F:A3:F6:B6:84:7D:A4:4B:0B
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 01856F1DCDD42D629B17F7BF251BD2F2651A
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/w04489x64uEGoXcPo_a2hH2kSws.roa
Signing time: Sun 01 Jan 2023 20:55:02 +0000
ROA not before: Sun 01 Jan 2023 20:55:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202317
IP address blocks: 2.59.215.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:cd:d4:2d:62:9b:17:f7:bf:25:1b:d2:f2:65:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Jan 1 20:55:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c34e38f3dc7ae2e106a1770fa3f6b6847da44b0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:98:8e:fa:bd:7c:68:51:b3:65:d3:fe:f8:b5:
06:8d:21:37:7a:14:ad:6a:eb:bb:bb:90:b0:8c:18:
69:e1:32:a0:a4:30:10:9d:db:17:e9:56:95:a0:f9:
e6:47:4a:75:4a:a5:d8:ae:0e:9c:a3:60:19:4b:90:
e4:95:69:80:92:b9:00:e7:39:2c:a1:f0:a1:0f:f6:
ce:28:55:55:39:e5:b5:05:12:b1:d0:06:ba:84:ca:
c2:fa:54:9c:4b:b7:de:26:39:e3:a7:2b:24:30:7f:
c8:70:14:e3:0e:ee:39:c1:e8:a5:a7:86:58:08:70:
19:e5:02:fe:6e:0c:3a:af:2c:9b:74:2c:76:95:c6:
ea:e6:c8:2a:d8:31:87:04:fc:cd:ea:24:a0:7d:95:
c5:19:a5:75:77:44:f2:0f:6c:32:4c:3b:72:8f:8e:
11:b6:0c:26:b5:50:de:1a:85:7a:b6:f5:96:5f:c0:
e0:99:c0:ee:f9:1e:62:2a:15:27:03:e6:f1:69:fe:
14:3f:d0:c8:0d:94:90:85:e9:54:39:5f:3e:4d:7a:
0f:14:21:b1:20:96:10:7f:d0:70:0d:ad:71:f8:50:
62:2d:60:a5:3c:20:88:56:f7:8c:da:56:33:3d:0d:
5c:5b:ef:ff:14:cd:66:14:13:1e:db:03:10:e5:fb:
60:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:4E:38:F3:DC:7A:E2:E1:06:A1:77:0F:A3:F6:B6:84:7D:A4:4B:0B
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/w04489x64uEGoXcPo_a2hH2kSws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.215.0/24
Signature Algorithm: sha256WithRSAEncryption
40:cd:0a:44:99:8c:cf:2f:29:78:c3:32:61:05:fb:5f:47:37:
b2:cc:2c:85:f4:c1:66:5d:f5:d0:b0:4c:46:34:ad:38:6b:dd:
b9:0b:0f:1d:32:e8:e8:83:03:61:40:e6:4a:16:68:61:ef:08:
1e:6e:8c:12:a7:ce:09:19:0d:f3:d8:5f:83:5c:8a:94:02:5b:
4c:cc:c1:e8:85:95:83:a8:7b:44:1a:53:42:d3:4a:11:a2:98:
ff:e3:2f:6e:63:ff:e3:90:c0:95:f2:4d:53:dc:2b:56:f7:22:
19:6e:20:85:ae:ff:77:a0:88:c1:e4:20:e0:6f:68:ac:8b:43:
86:36:b8:1f:8e:0d:bd:d5:5b:61:fb:79:72:45:1d:01:b8:a1:
47:c7:dd:55:f9:05:57:af:18:e9:66:de:70:25:22:bd:f7:84:
c7:23:6c:0e:4d:52:61:53:0f:99:20:e7:bb:e1:98:b3:cd:25:
19:3a:27:f2:e7:99:4c:1b:86:e0:7d:d1:fd:41:6c:2c:26:7e:
ad:7a:0d:f8:7c:9b:a1:fa:68:f1:09:f2:d2:10:bb:90:a1:08:
12:85:17:06:46:6e:eb:b0:c1:a5:3a:62:b3:f4:0a:7d:16:29:
ed:d5:5a:bd:09:cf:5d:fd:a4:b3:58:18:dc:bc:2b:da:37:89:
1a:c1:8f:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvHc3ULWKbF/e/JRvS8mUaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjMwMTAxMjA1NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzRlMzhmM2RjN2FlMmUxMDZhMTc3MGZhM2Y2YjY4NDdkYTQ0YjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupiO+r18aFGzZdP++LUGjSE3ehSt
auu7u5CwjBhp4TKgpDAQndsX6VaVoPnmR0p1SqXYrg6co2AZS5DklWmAkrkA5zks
ofChD/bOKFVVOeW1BRKx0Aa6hMrC+lScS7feJjnjpyskMH/IcBTjDu45weilp4ZY
CHAZ5QL+bgw6ryybdCx2lcbq5sgq2DGHBPzN6iSgfZXFGaV1d0TyD2wyTDtyj44R
tgwmtVDeGoV6tvWWX8DgmcDu+R5iKhUnA+bxaf4UP9DIDZSQhelUOV8+TXoPFCGx
IJYQf9BwDa1x+FBiLWClPCCIVveM2lYzPQ1cW+//FM1mFBMe2wMQ5ftg2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMNOOPPceuLhBqF3D6P2toR9pEsLMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvdzA0NDg5eDY0dUVHb1hjUG9fYTJoSDJrU3dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjvXMA0G
CSqGSIb3DQEBCwUAA4IBAQBAzQpEmYzPLyl4wzJhBftfRzeyzCyF9MFmXfXQsExG
NK04a925Cw8dMujogwNhQOZKFmhh7wgebowSp84JGQ3z2F+DXIqUAltMzMHohZWD
qHtEGlNC00oRopj/4y9uY//jkMCV8k1T3CtW9yIZbiCFrv93oIjB5CDgb2isi0OG
Nrgfjg291Vth+3lyRR0BuKFHx91V+QVXrxjpZt5wJSK994THI2wOTVJhUw+ZIOe7
4ZizzSUZOify55lMG4bgfdH9QWwsJn6teg34fJuh+mjxCfLSELuQoQgShRcGRm7r
sMGlOmKz9Ap9Fint1Vq9Cc9d/aSzWBjcvCvaN4kawY9C
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:13 2023 by rpki-client on console-ams.rpki-client.org