Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/yeV_S0Weg0bwP5knNT8KLEFWABY.roa
File: yeV_S0Weg0bwP5knNT8KLEFWABY.roa (raw, json)
Hash identifier: 2RfBXMhpiMogODdhojxzykx7O5ByEK5vkpEzgODb7qQ=
Subject key identifier: C9:E5:7F:4B:45:9E:83:46:F0:3F:99:27:35:3F:0A:2C:41:56:00:16
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 018D2D73AC9E323FADBDDF0A8958EB404428
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/yeV_S0Weg0bwP5knNT8KLEFWABY.roa
Signing time: Sun 21 Jan 2024 19:16:11 +0000
ROA not before: Sun 21 Jan 2024 19:16:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12722
IP address blocks: 2.59.48.0/24 maxlen: 24
45.14.220.0/24 maxlen: 24
45.14.221.0/24 maxlen: 24
85.235.81.0/24 maxlen: 24
192.109.97.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:2d:73:ac:9e:32:3f:ad:bd:df:0a:89:58:eb:40:44:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Jan 21 19:16:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c9e57f4b459e8346f03f9927353f0a2c41560016
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:2d:07:1f:32:f4:16:e9:28:76:cf:8d:bf:ca:
9b:dd:86:75:85:39:0c:e3:02:e5:94:af:c2:d6:2d:
cd:01:39:2c:81:bd:57:65:07:4b:e0:52:f7:8b:3c:
02:ef:67:21:17:48:96:d5:9f:d3:bb:27:d0:02:1f:
ea:74:c7:3f:59:05:24:25:89:c6:dd:f9:95:1f:dd:
30:04:c3:fc:10:a0:c2:75:55:9b:dc:71:f2:6b:0c:
40:ac:0d:6b:ac:01:e0:8f:82:65:b4:56:ee:b7:3e:
ac:fd:be:2c:c1:a5:b0:f6:d4:66:de:a8:eb:20:97:
a0:b8:b3:37:aa:fb:07:36:6e:98:fa:27:ff:16:8c:
45:10:48:cc:c1:5f:43:0b:36:0a:ca:a2:21:3d:cd:
ae:da:04:0f:ed:82:32:6b:b3:e2:45:f8:52:35:2e:
6b:a5:ae:51:3b:8a:e2:f4:b6:f0:c2:31:45:42:fb:
29:c6:ba:7d:98:c4:7c:fa:cd:e9:74:03:ff:62:5c:
96:fe:b8:b0:76:e2:1d:8b:a3:ce:44:72:00:4d:d8:
b2:52:ee:6c:2f:04:58:41:29:4a:21:af:aa:ac:22:
6a:4b:97:3e:cd:0c:2c:bc:48:09:a1:1d:84:d1:eb:
87:c1:dc:c4:6e:0c:89:48:8c:1c:82:5a:bf:08:ad:
e2:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:E5:7F:4B:45:9E:83:46:F0:3F:99:27:35:3F:0A:2C:41:56:00:16
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/yeV_S0Weg0bwP5knNT8KLEFWABY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.48.0/24
45.14.220.0/23
85.235.81.0/24
192.109.97.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:6f:07:6d:c8:93:37:09:fd:8e:af:a8:12:ad:63:58:84:71:
d3:1e:e5:ad:38:3a:e2:7d:8e:99:e9:1d:21:14:2d:95:e5:82:
a5:9d:10:b4:c1:4d:68:15:4f:e0:c6:1c:7b:bb:9c:49:c3:f8:
af:fa:10:ae:a6:07:ee:aa:14:41:61:ad:ec:91:07:50:44:03:
2d:95:17:86:57:2a:dc:36:89:4e:d7:83:78:c3:8f:01:8f:57:
6e:f0:25:03:db:29:bb:e8:7d:f2:fc:58:df:81:dd:fc:fc:7f:
c4:21:85:80:1a:ca:7b:a8:83:5b:e4:84:a3:db:a2:e3:bb:d6:
cc:ee:2c:2b:31:52:32:c9:43:b5:2c:b6:05:c1:3f:5c:6f:e7:
c6:9a:1e:3a:c7:e9:a9:89:0d:60:c8:cd:71:16:7a:f0:27:7d:
80:7d:04:36:06:a0:17:81:07:90:ef:03:11:e4:ee:f0:c4:72:
60:42:d5:83:c3:88:7f:49:f8:fb:9b:9f:88:5e:b1:3a:f5:10:
58:40:ee:8f:24:49:13:67:c5:7d:42:da:6d:37:03:1e:2a:e3:
18:a5:5f:a4:11:ca:82:f2:0d:f0:96:d3:ee:18:c7:25:07:a8:
7e:b1:18:62:9e:30:74:69:98:cd:46:dd:ee:36:cb:19:a1:fd:
56:25:43:59
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY0tc6yeMj+tvd8KiVjrQEQoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjQwMTIxMTkxNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWU1N2Y0YjQ1OWU4MzQ2ZjAzZjk5MjczNTNmMGEyYzQxNTYwMDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmi0HHzL0Fukods+Nv8qb3YZ1hTkM
4wLllK/C1i3NATksgb1XZQdL4FL3izwC72chF0iW1Z/TuyfQAh/qdMc/WQUkJYnG
3fmVH90wBMP8EKDCdVWb3HHyawxArA1rrAHgj4JltFbutz6s/b4swaWw9tRm3qjr
IJeguLM3qvsHNm6Y+if/FoxFEEjMwV9DCzYKyqIhPc2u2gQP7YIya7PiRfhSNS5r
pa5RO4ri9LbwwjFFQvspxrp9mMR8+s3pdAP/YlyW/riwduIdi6PORHIATdiyUu5s
LwRYQSlKIa+qrCJqS5c+zQwsvEgJoR2E0euHwdzEbgyJSIwcglq/CK3iIwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMnlf0tFnoNG8D+ZJzU/CixBVgAWMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEveWVWX1MwV2VnMGJ3UDVrbk5UOEtMRUZXQUJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAAjswAwQB
LQ7cAwQAVetRAwQAwG1hMA0GCSqGSIb3DQEBCwUAA4IBAQCObwdtyJM3Cf2Or6gS
rWNYhHHTHuWtODrifY6Z6R0hFC2V5YKlnRC0wU1oFU/gxhx7u5xJw/iv+hCupgfu
qhRBYa3skQdQRAMtlReGVyrcNolO14N4w48Bj1du8CUD2ym76H3y/Fjfgd38/H/E
IYWAGsp7qINb5ISj26Lju9bM7iwrMVIyyUO1LLYFwT9cb+fGmh46x+mpiQ1gyM1x
FnrwJ32AfQQ2BqAXgQeQ7wMR5O7wxHJgQtWDw4h/Sfj7m5+IXrE69RBYQO6PJEkT
Z8V9QtptNwMeKuMYpV+kEcqC8g3wltPuGMclB6h+sRhinjB0aZjNRt3uNssZof1W
JUNZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:25 2024 by rpki-client on console-ams.rpki-client.org