Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/58bac7-0f52-4e70-9d9f-6a0ad6bc8240/1/Dc3oQrBST2zOYbyAwg2J6kFYItE.roa
File: Dc3oQrBST2zOYbyAwg2J6kFYItE.roa (raw, json)
Hash identifier: Q0NQ3UT4ctn5XXTqe2gGk/JMEvnafgUDCYm8XiFXfG4=
Subject key identifier: 0D:CD:E8:42:B0:52:4F:6C:CE:61:BC:80:C2:0D:89:EA:41:58:22:D1
Certificate issuer: /CN=57b02b5f682c0955f4cf47a35f8bb0c2b57f3a75
Certificate serial: 01853A55BA2F69ED384179A3A1A36F66C7ED
Authority key identifier: 57:B0:2B:5F:68:2C:09:55:F4:CF:47:A3:5F:8B:B0:C2:B5:7F:3A:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V7ArX2gsCVX0z0ejX4uwwrV_OnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/58bac7-0f52-4e70-9d9f-6a0ad6bc8240/1/Dc3oQrBST2zOYbyAwg2J6kFYItE.roa
Signing time: Thu 22 Dec 2022 14:56:14 +0000
ROA not before: Thu 22 Dec 2022 14:56:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39259
IP address blocks: 109.230.210.0/24 maxlen: 24
2a05:c680::/29 maxlen: 29
2a05:c680:53::/48 maxlen: 48
2a0c:e6c0::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3a:55:ba:2f:69:ed:38:41:79:a3:a1:a3:6f:66:c7:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57b02b5f682c0955f4cf47a35f8bb0c2b57f3a75
Validity
Not Before: Dec 22 14:56:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0dcde842b0524f6cce61bc80c20d89ea415822d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:59:98:d2:07:a1:13:32:67:fd:4e:75:20:2d:
24:46:9a:98:e0:a5:8a:85:18:7a:09:2e:41:d9:11:
3f:79:ef:a3:e3:6b:ac:48:af:90:4b:9e:bb:16:f9:
ad:54:d2:66:af:42:de:90:b7:ae:2f:70:bf:ff:86:
72:74:d6:e4:a5:9a:32:ca:1b:d8:3f:aa:93:d0:82:
e7:3b:48:2a:cf:fa:a4:f1:a1:7c:b5:50:55:0e:7a:
70:b8:35:da:28:6f:a0:d4:ee:89:d0:7f:78:bd:3d:
a3:10:a5:ef:e6:1d:a6:71:37:10:5b:4a:a7:ae:aa:
1d:1f:62:b3:92:09:da:1e:03:bf:37:c6:29:23:f9:
b0:6c:e5:94:2f:07:16:02:6d:3c:81:5b:92:32:e8:
61:5f:45:a2:41:ce:15:61:da:a4:37:16:c2:08:72:
fe:d4:6b:5f:b6:72:fe:88:82:d4:ec:95:7c:93:1d:
36:39:8a:b3:dd:d4:50:b8:69:bd:52:b6:e9:1c:dc:
14:cf:f5:54:f8:90:95:3e:d8:87:91:10:fc:da:3d:
32:5a:e4:05:be:4c:62:cc:d1:27:04:37:bf:8e:92:
22:ff:c8:9e:f9:73:a3:7d:2a:d5:ad:32:f3:02:08:
d6:b0:44:93:fd:d1:50:5b:48:b3:2a:05:9d:b5:5e:
2f:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:CD:E8:42:B0:52:4F:6C:CE:61:BC:80:C2:0D:89:EA:41:58:22:D1
X509v3 Authority Key Identifier:
keyid:57:B0:2B:5F:68:2C:09:55:F4:CF:47:A3:5F:8B:B0:C2:B5:7F:3A:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V7ArX2gsCVX0z0ejX4uwwrV_OnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/58bac7-0f52-4e70-9d9f-6a0ad6bc8240/1/Dc3oQrBST2zOYbyAwg2J6kFYItE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/58bac7-0f52-4e70-9d9f-6a0ad6bc8240/1/V7ArX2gsCVX0z0ejX4uwwrV_OnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.230.210.0/24
IPv6:
2a05:c680::/29
2a0c:e6c0::/29
Signature Algorithm: sha256WithRSAEncryption
3d:01:7d:26:be:5b:8f:e3:9d:86:76:dd:46:5b:52:8b:1c:c5:
f4:fd:bf:38:f8:bb:d8:2b:a3:c1:1b:d0:28:80:9a:76:08:45:
12:2c:93:18:9b:3d:c2:7f:d3:93:92:56:66:7b:47:38:9a:64:
39:11:ac:a8:9f:1e:8f:b0:b2:aa:40:ae:03:2d:49:bf:b8:b1:
3f:49:1b:a9:2e:7e:92:5e:bd:df:20:b8:e1:17:89:f4:af:a5:
32:df:da:ee:3a:dc:ca:4a:43:fc:cd:7a:9d:76:f2:0e:a1:f2:
f4:3a:91:0d:4e:8c:a5:68:2c:43:a1:b1:9c:ff:6f:62:ab:88:
37:45:1b:f5:bb:f9:4c:e7:a5:57:3c:2f:61:2e:7a:c0:a0:af:
f8:57:62:3c:4b:22:90:f3:2f:95:c0:87:b9:06:1d:b8:d4:70:
dc:0c:93:fc:e7:ad:d3:32:c6:34:c6:15:4b:6f:c9:c1:d5:f1:
77:3d:cb:ae:24:0b:77:e7:1e:50:0f:6a:84:a3:29:20:9f:d1:
b6:82:3b:73:0f:97:f8:df:bd:aa:a7:35:b8:f5:43:fb:a8:8e:
36:3d:c4:a2:25:19:ee:aa:fc:8a:6f:bf:89:1d:ec:26:5e:b3:
ae:43:1c:1a:74:3a:cf:59:8b:8b:e2:2b:b5:cd:f1:99:44:7b:
fc:4b:6c:0d
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYU6Vbovae04QXmjoaNvZsftMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YjAyYjVmNjgyYzA5NTVmNGNmNDdhMzVmOGJiMGMyYjU3
ZjNhNzUwHhcNMjIxMjIyMTQ1NjE0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGNkZTg0MmIwNTI0ZjZjY2U2MWJjODBjMjBkODllYTQxNTgyMmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1mY0gehEzJn/U51IC0kRpqY4KWK
hRh6CS5B2RE/ee+j42usSK+QS567FvmtVNJmr0LekLeuL3C//4ZydNbkpZoyyhvY
P6qT0ILnO0gqz/qk8aF8tVBVDnpwuDXaKG+g1O6J0H94vT2jEKXv5h2mcTcQW0qn
rqodH2KzkgnaHgO/N8YpI/mwbOWULwcWAm08gVuSMuhhX0WiQc4VYdqkNxbCCHL+
1GtftnL+iILU7JV8kx02OYqz3dRQuGm9UrbpHNwUz/VU+JCVPtiHkRD82j0yWuQF
vkxizNEnBDe/jpIi/8ie+XOjfSrVrTLzAgjWsEST/dFQW0izKgWdtV4v0wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFA3N6EKwUk9szmG8gMINiepBWCLRMB8GA1UdIwQY
MBaAFFewK19oLAlV9M9Ho1+LsMK1fzp1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjdBclgyZ3NDVlgwejBlalg0dXd3clZfT25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi81OGJhYzctMGY1Mi00ZTcwLTlkOWYt
NmEwYWQ2YmM4MjQwLzEvRGMzb1FyQlNUMnpPWWJ5QXdnMko2a0ZZSXRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi81OGJhYzctMGY1Mi00ZTcwLTlkOWYtNmEwYWQ2YmM4MjQw
LzEvVjdBclgyZ3NDVlgwejBlalg0dXd3clZfT25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQAbebSMBQE
AgACMA4DBQMqBcaAAwUDKgzmwDANBgkqhkiG9w0BAQsFAAOCAQEAPQF9Jr5bj+Od
hnbdRltSixzF9P2/OPi72CujwRvQKICadghFEiyTGJs9wn/Tk5JWZntHOJpkORGs
qJ8ej7CyqkCuAy1Jv7ixP0kbqS5+kl693yC44ReJ9K+lMt/a7jrcykpD/M16nXby
DqHy9DqRDU6MpWgsQ6GxnP9vYquIN0Ub9bv5TOelVzwvYS56wKCv+FdiPEsikPMv
lcCHuQYduNRw3AyT/Oet0zLGNMYVS2/JwdXxdz3LriQLd+ceUA9qhKMpIJ/RtoI7
cw+X+N+9qqc1uPVD+6iONj3EoiUZ7qr8im+/iR3sJl6zrkMcGnQ6z1mLi+Irtc3x
mUR7/EtsDQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:06 2024 by rpki-client on console-fra.rpki-client.org