Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/2NDIZcnuzkgDBDYKn9xqR-ifBOY.roa
File: 2NDIZcnuzkgDBDYKn9xqR-ifBOY.roa (raw, json)
Hash identifier: qso5aBPmKCmuAqzYCxBrKjlHjRgTYrZT1Ehps+J9vDw=
Subject key identifier: D8:D0:C8:65:C9:EE:CE:48:03:04:36:0A:9F:DC:6A:47:E8:9F:04:E6
Certificate issuer: /CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Certificate serial: 2FBB06AD
Authority key identifier: C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/2NDIZcnuzkgDBDYKn9xqR-ifBOY.roa
Signing time: Sat 01 Jan 2022 10:04:50 +0000
ROA not before: Sat 01 Jan 2022 10:04:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25038
IP address blocks: 194.121.123.0/24 maxlen: 24
62.132.115.0/24 maxlen: 24
194.45.13.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 800786093 (0x2fbb06ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Validity
Not Before: Jan 1 10:04:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d8d0c865c9eece480304360a9fdc6a47e89f04e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:3a:7b:08:01:04:d1:fa:b3:89:88:1d:f6:87:
ce:f1:07:ae:9b:90:c1:15:f2:00:58:d6:08:b5:eb:
66:89:12:f9:fa:4b:48:f9:81:e7:c6:90:fb:e3:c1:
4c:8c:46:f3:3b:da:cc:53:26:f7:21:23:7f:23:07:
0e:33:0c:fa:41:2b:c5:cc:f4:1d:de:02:22:23:3d:
79:e2:cb:b8:9e:31:2c:27:e9:3d:f8:79:75:04:fa:
18:40:9f:0e:b6:df:b5:0b:72:ec:df:82:83:b0:2a:
c1:63:47:d9:56:e8:81:55:45:e4:1c:b8:52:36:0a:
14:90:3c:f0:24:f2:2c:ac:78:cc:8e:c0:60:26:71:
2b:9d:be:86:c2:13:2e:86:4c:df:06:af:c3:97:4f:
04:ab:c1:2e:64:5e:c9:43:ee:07:15:f6:c7:93:58:
8e:e7:3b:6e:8a:b4:d9:5a:58:71:79:00:d1:6e:c1:
49:b8:46:ba:36:c1:3a:2f:be:e9:87:b3:41:31:ff:
95:8a:3d:77:ae:a1:7f:37:f2:d0:f6:2f:14:46:39:
77:74:bd:5e:ce:87:7e:c4:37:93:96:61:0f:b0:51:
43:85:76:92:d6:a2:ad:08:50:2e:75:f1:f9:8c:a3:
f2:b2:dd:0b:4d:a1:10:7e:65:25:c3:7c:9f:a3:28:
1e:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:D0:C8:65:C9:EE:CE:48:03:04:36:0A:9F:DC:6A:47:E8:9F:04:E6
X509v3 Authority Key Identifier:
keyid:C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/2NDIZcnuzkgDBDYKn9xqR-ifBOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.132.115.0/24
194.45.13.0/24
194.121.123.0/24
Signature Algorithm: sha256WithRSAEncryption
51:1f:03:18:3f:63:1a:32:42:12:d9:da:49:f9:7e:79:61:5c:
39:5a:ed:95:8e:af:96:b8:23:ca:d2:9d:66:58:4e:9f:5c:da:
21:52:e0:50:23:46:c0:ff:97:b5:a3:e2:68:22:56:5e:37:b7:
97:91:c1:24:a5:7f:f6:6f:c1:1b:3a:09:26:cc:1d:12:ba:86:
a3:f1:99:e3:3d:9b:2c:73:85:2f:4b:63:51:f0:b3:8e:b5:4f:
03:33:ae:00:91:8c:d5:c5:6d:30:23:2e:7f:c5:b3:b8:3c:f0:
72:68:ea:24:42:12:35:ca:8f:b7:4c:2a:ad:67:91:49:75:1b:
90:fe:8e:20:37:04:af:15:d9:2c:91:02:5e:fc:46:0a:98:20:
7e:26:c5:cb:1e:10:cf:26:3e:5b:0b:34:95:d1:7f:be:c0:32:
24:54:e5:74:05:17:10:08:39:68:ac:a0:0f:9f:72:64:dc:0f:
56:76:d3:7b:75:24:0f:db:06:95:1b:fe:6d:f6:89:7f:69:07:
46:78:7b:e8:80:27:b0:3c:1a:ee:de:03:ed:e4:72:19:c3:da:
3d:f5:1f:f0:4a:cc:59:cc:aa:c2:d7:9b:27:df:73:a8:a4:12:
c8:0f:53:7f:90:83:ad:48:8b:48:18:c1:b5:5d:06:41:bf:ec:
c8:fd:07:4f
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEL7sGrTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Mzk4MDYwZjFiZjIyZjA5OTljYjA3MWIxYjQyNjk2ZGJjNDNlMTBjMB4XDTIyMDEw
MTEwMDQ1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDhkMGM4NjVjOWVl
Y2U0ODAzMDQzNjBhOWZkYzZhNDdlODlmMDRlNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL86ewgBBNH6s4mIHfaHzvEHrpuQwRXyAFjWCLXrZokS+fpL
SPmB58aQ++PBTIxG8zvazFMm9yEjfyMHDjMM+kErxcz0Hd4CIiM9eeLLuJ4xLCfp
Pfh5dQT6GECfDrbftQty7N+Cg7AqwWNH2VbogVVF5By4UjYKFJA88CTyLKx4zI7A
YCZxK52+hsITLoZM3wavw5dPBKvBLmReyUPuBxX2x5NYjuc7boq02VpYcXkA0W7B
SbhGujbBOi++6YezQTH/lYo9d66hfzfy0PYvFEY5d3S9Xs6HfsQ3k5ZhD7BRQ4V2
ktairQhQLnXx+Yyj8rLdC02hEH5lJcN8n6MoHpECAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBTY0Mhlye7OSAMENgqf3GpH6J8E5jAfBgNVHSMEGDAWgBTDmAYPG/IvCZnL
BxsbQmltvEPhDDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3c1Z0dEeHZ5THdtWnl3Y2JHMEpwYmJ4RDRRdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvM2JmYzMxLWRjMzItNDU0MS04NDYwLWM5MjdiOGMyYzdjNC8x
LzJORElaY251emtnREJEWUtuOXhxUi1pZkJPWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
M2JmYzMxLWRjMzItNDU0MS04NDYwLWM5MjdiOGMyYzdjNC8xL3c1Z0dEeHZ5THdt
Wnl3Y2JHMEpwYmJ4RDRRdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAD6EcwMEAMItDQMEAMJ5ezANBgkq
hkiG9w0BAQsFAAOCAQEAUR8DGD9jGjJCEtnaSfl+eWFcOVrtlY6vlrgjytKdZlhO
n1zaIVLgUCNGwP+XtaPiaCJWXje3l5HBJKV/9m/BGzoJJswdErqGo/GZ4z2bLHOF
L0tjUfCzjrVPAzOuAJGM1cVtMCMuf8WzuDzwcmjqJEISNcqPt0wqrWeRSXUbkP6O
IDcErxXZLJECXvxGCpggfibFyx4QzyY+Wws0ldF/vsAyJFTldAUXEAg5aKygD59y
ZNwPVnbTe3UkD9sGlRv+bfaJf2kHRnh76IAnsDwa7t4D7eRyGcPaPfUf8ErMWcyq
wtebJ99zqKQSyA9Tf5CDrUiLSBjBtV0GQb/syP0HTw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:51 2024 by rpki-client on console-ams.rpki-client.org