Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/3CdpyDiBQ_WEbt_VysQaTSIo6UY.roa
File: 3CdpyDiBQ_WEbt_VysQaTSIo6UY.roa (raw, json)
Hash identifier: RC16fLhVkieIF0pc//kY9JPep1n3vhy85qui0Hbx6G4=
Subject key identifier: DC:27:69:C8:38:81:43:F5:84:6E:DF:D5:CA:C4:1A:4D:22:28:E9:46
Certificate issuer: /CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Certificate serial: 37415ED5
Authority key identifier: E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/3CdpyDiBQ_WEbt_VysQaTSIo6UY.roa
Signing time: Sat 01 Jan 2022 05:59:19 +0000
ROA not before: Sat 01 Jan 2022 05:59:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35461
IP address blocks: 212.49.136.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 927030997 (0x37415ed5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Validity
Not Before: Jan 1 05:59:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dc2769c8388143f5846edfd5cac41a4d2228e946
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:16:4f:05:4d:ca:c5:55:21:cc:2e:2f:44:09:
43:b3:b2:d9:8b:d9:67:f3:44:f2:65:15:a2:9c:a5:
54:1d:2b:bb:7e:d0:00:51:9f:08:14:ec:ed:93:39:
45:4a:9d:71:ee:58:0e:45:cc:f8:05:87:a7:19:c3:
58:e7:cb:4b:b3:b0:cf:47:a4:16:82:bf:ab:2c:ee:
f2:83:f0:d7:ea:20:92:d6:a7:3c:f6:24:8c:f5:6d:
0f:08:b1:06:cd:3d:f1:67:25:3b:ed:a1:76:82:6c:
a1:5d:6d:7e:22:13:61:9f:26:70:87:13:60:8f:71:
da:a1:e8:32:85:65:28:c6:c1:e3:9f:b1:32:a4:14:
f6:38:f8:a9:e4:36:f5:ae:3e:9f:80:c4:e5:e3:57:
06:7f:4a:1a:9d:c8:d0:a1:c8:c2:84:b5:b2:b8:81:
15:93:29:f3:35:4a:5b:27:c4:3d:b8:77:f4:06:8b:
e8:0a:46:24:58:52:6f:59:28:47:66:b3:df:06:8d:
c5:a1:f6:3b:17:a4:8f:cc:4e:af:e4:83:41:0e:10:
1b:49:14:df:43:5a:94:41:95:2c:cc:29:b4:d8:4e:
be:27:0c:42:fd:4f:88:eb:e0:47:36:8e:2f:83:30:
c9:3b:38:51:93:09:8b:38:66:41:9c:e1:c5:62:a2:
64:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:27:69:C8:38:81:43:F5:84:6E:DF:D5:CA:C4:1A:4D:22:28:E9:46
X509v3 Authority Key Identifier:
keyid:E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/3CdpyDiBQ_WEbt_VysQaTSIo6UY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/6EA7XkXNWL5fbF0z-lZatJIj49s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.49.136.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:9b:a9:ca:be:aa:3d:63:ca:e9:97:76:e4:95:13:a0:2a:80:
f1:f2:cc:e6:ad:66:9f:c4:5c:32:69:da:52:d0:4f:1e:5d:bc:
bd:e5:4c:08:41:43:0e:38:d9:07:31:65:2c:76:96:bc:44:69:
b8:85:fd:9c:9b:b8:a0:36:3e:00:80:8c:32:fc:b9:f8:57:a8:
48:f7:ee:92:49:0d:5a:b7:35:fd:a6:8e:28:83:b8:60:1f:09:
01:28:d8:f6:f1:32:a7:7a:ac:25:84:79:23:47:15:15:72:8d:
f4:73:05:a9:c3:77:3f:7e:2f:eb:3f:ce:05:6e:94:50:b6:26:
b7:1c:ae:2d:28:1b:b0:61:28:23:de:9a:88:de:11:00:7e:09:
b7:18:d9:a9:0c:e1:f8:7c:50:d3:e6:9d:e4:ef:7a:93:54:a5:
60:31:ae:64:20:af:19:a0:7b:46:b0:31:d1:ae:5e:ef:d1:3a:
23:a7:21:05:06:5d:b7:d4:42:94:38:32:af:1e:cf:3d:ba:c4:
34:1f:ad:1c:59:ee:35:a7:cd:95:fc:d8:05:3d:47:4b:81:31:
a5:15:27:f6:8e:22:33:71:57:af:01:0d:f5:2d:62:df:55:e6:
fe:ea:3c:69:a2:d7:4d:ae:bd:19:18:9e:38:8b:29:cc:d3:f4:
0b:7b:d1:4b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEN0Fe1TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ODQwM2I1ZTQ1Y2Q1OGJlNWY2YzVkMzNmYTU2NWFiNDkyMjNlM2RiMB4XDTIyMDEw
MTA1NTkxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGMyNzY5YzgzODgx
NDNmNTg0NmVkZmQ1Y2FjNDFhNGQyMjI4ZTk0NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM4WTwVNysVVIcwuL0QJQ7Oy2YvZZ/NE8mUVopylVB0ru37Q
AFGfCBTs7ZM5RUqdce5YDkXM+AWHpxnDWOfLS7Owz0ekFoK/qyzu8oPw1+ogktan
PPYkjPVtDwixBs098WclO+2hdoJsoV1tfiITYZ8mcIcTYI9x2qHoMoVlKMbB45+x
MqQU9jj4qeQ29a4+n4DE5eNXBn9KGp3I0KHIwoS1sriBFZMp8zVKWyfEPbh39AaL
6ApGJFhSb1koR2az3waNxaH2Oxekj8xOr+SDQQ4QG0kU30NalEGVLMwptNhOvicM
Qv1PiOvgRzaOL4MwyTs4UZMJizhmQZzhxWKiZJUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTcJ2nIOIFD9YRu39XKxBpNIijpRjAfBgNVHSMEGDAWgBToQDteRc1Yvl9s
XTP6Vlq0kiPj2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZFQTdYa1hOV0w1ZmJGMHotbFphdEpJajQ5cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTcvODk3NmVkLWRhMGEtNDlhNS1hNzUxLWE4NzFlY2MyMTJhNi8x
LzNDZHB5RGlCUV9XRWJ0X1Z5c1FhVFNJbzZVWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTcv
ODk3NmVkLWRhMGEtNDlhNS1hNzUxLWE4NzFlY2MyMTJhNi8xLzZFQTdYa1hOV0w1
ZmJGMHotbFphdEpJajQ5cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANQxiDANBgkqhkiG9w0BAQsFAAOC
AQEAa5upyr6qPWPK6Zd25JUToCqA8fLM5q1mn8RcMmnaUtBPHl28veVMCEFDDjjZ
BzFlLHaWvERpuIX9nJu4oDY+AICMMvy5+FeoSPfukkkNWrc1/aaOKIO4YB8JASjY
9vEyp3qsJYR5I0cVFXKN9HMFqcN3P34v6z/OBW6UULYmtxyuLSgbsGEoI96aiN4R
AH4JtxjZqQzh+HxQ0+ad5O96k1SlYDGuZCCvGaB7RrAx0a5e79E6I6chBQZdt9RC
lDgyrx7PPbrENB+tHFnuNafNlfzYBT1HS4ExpRUn9o4iM3FXrwEN9S1i31Xm/uo8
aaLXTa69GRieOIspzNP0C3vRSw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:43 2023 by rpki-client on console-fra.rpki-client.org