Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/974749-4d7e-4450-9793-df854f47baf4/1/EkhAFlnzXmZ9XyjchZHZh6s9qEg.roa
File: EkhAFlnzXmZ9XyjchZHZh6s9qEg.roa (raw, json)
Hash identifier: uQvXWhoKIVVwJkoKWqsyNz4r/v/5rsPwtrmYxcz5+Pk=
Subject key identifier: 12:48:40:16:59:F3:5E:66:7D:5F:28:DC:85:91:D9:87:AB:3D:A8:48
Certificate issuer: /CN=b0fa0c7abc10796915e335ba19780e473e027969
Certificate serial: 020DFB2C
Authority key identifier: B0:FA:0C:7A:BC:10:79:69:15:E3:35:BA:19:78:0E:47:3E:02:79:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sPoMerwQeWkV4zW6GXgORz4CeWk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/974749-4d7e-4450-9793-df854f47baf4/1/EkhAFlnzXmZ9XyjchZHZh6s9qEg.roa
Signing time: Sat 01 Jan 2022 04:56:40 +0000
ROA not before: Sat 01 Jan 2022 04:56:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35258
IP address blocks: 213.238.48.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34470700 (0x20dfb2c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0fa0c7abc10796915e335ba19780e473e027969
Validity
Not Before: Jan 1 04:56:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1248401659f35e667d5f28dc8591d987ab3da848
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:3e:83:03:67:8b:0e:c2:9f:6c:c8:82:e8:da:
ad:09:ae:14:77:28:2e:15:a8:2e:6c:dd:87:e3:6c:
a6:29:86:77:e3:7f:c2:ee:74:4d:23:eb:3f:2a:f0:
ba:6c:5f:c0:c3:a3:f2:ba:d3:9c:f8:97:71:71:d3:
77:57:6b:60:25:09:fe:fd:1b:18:0e:f1:62:0d:54:
06:e7:b2:0d:5c:84:5a:6a:7d:1f:58:70:05:d4:f6:
98:f6:1d:7d:7b:be:30:75:e3:15:97:dc:2a:35:10:
33:56:65:a4:c7:ff:91:57:e5:43:53:ad:1a:09:d3:
49:ad:c4:a7:40:66:b4:a4:74:9b:67:80:f9:ee:8e:
16:f6:fd:f5:b6:30:bc:16:84:4e:46:8d:b3:9b:34:
69:59:05:f4:d9:22:a4:0b:34:85:fb:0c:73:94:81:
4d:48:08:b3:0a:14:7e:2a:08:b5:9f:b6:d8:63:ba:
9d:a0:c8:20:52:29:71:56:56:4a:1a:9a:77:27:27:
04:07:57:2f:81:d1:28:df:f4:6b:b9:76:0e:9b:76:
96:6e:e6:53:91:f3:f3:f2:43:0a:c9:bc:1e:f0:01:
cb:57:6f:e1:ae:81:fa:19:d8:74:1e:c1:c8:15:3b:
d5:9d:95:49:77:7e:7f:a9:9e:fc:2b:3d:8c:23:dd:
83:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:48:40:16:59:F3:5E:66:7D:5F:28:DC:85:91:D9:87:AB:3D:A8:48
X509v3 Authority Key Identifier:
keyid:B0:FA:0C:7A:BC:10:79:69:15:E3:35:BA:19:78:0E:47:3E:02:79:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sPoMerwQeWkV4zW6GXgORz4CeWk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/974749-4d7e-4450-9793-df854f47baf4/1/EkhAFlnzXmZ9XyjchZHZh6s9qEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/974749-4d7e-4450-9793-df854f47baf4/1/sPoMerwQeWkV4zW6GXgORz4CeWk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.238.48.0/23
Signature Algorithm: sha256WithRSAEncryption
10:dd:71:7a:0e:fc:f9:5d:6d:85:f1:1f:76:8d:68:c2:ce:23:
0b:5a:ca:e8:c8:61:af:55:0b:1b:60:5f:4d:62:5b:6e:6a:29:
3d:97:90:0f:d8:dc:e1:92:6a:cd:14:24:6b:d9:11:6a:54:f0:
f6:c2:7c:44:87:b9:2f:e3:bf:51:8f:23:f6:6b:10:76:c1:2c:
f4:7e:65:90:c4:5d:14:79:0b:77:ea:b6:f3:66:33:1c:88:d2:
62:35:09:78:bf:e9:36:a7:12:74:91:6b:0f:77:66:96:ad:77:
92:69:f6:d8:73:11:20:09:3e:1d:eb:b5:2d:30:af:3b:9e:d7:
d0:a4:f0:a8:9b:8f:af:b7:25:87:b7:9d:25:fa:4e:df:ad:d9:
02:9e:8d:ff:7b:3f:30:1c:e1:af:f0:0e:fb:2e:52:4c:93:6d:
25:cc:bc:d1:a8:86:22:87:6e:7b:a9:05:72:24:3b:38:b8:01:
08:89:49:e4:9b:41:89:e4:4e:57:12:6b:67:8d:47:32:1b:88:
8a:bd:7a:2c:3e:fb:7f:2d:e7:b4:d5:92:92:03:55:2b:a2:78:
c5:f3:30:81:f5:1d:d2:cf:25:b1:e2:b7:b5:e3:e7:3b:ce:1e:
9f:31:d9:a8:a2:d4:26:c3:5c:3f:03:be:a1:0e:6c:26:97:0f:
2a:12:b6:71
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAg37LDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MGZhMGM3YWJjMTA3OTY5MTVlMzM1YmExOTc4MGU0NzNlMDI3OTY5MB4XDTIyMDEw
MTA0NTY0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTI0ODQwMTY1OWYz
NWU2NjdkNWYyOGRjODU5MWQ5ODdhYjNkYTg0ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKY+gwNniw7Cn2zIgujarQmuFHcoLhWoLmzdh+NspimGd+N/
wu50TSPrPyrwumxfwMOj8rrTnPiXcXHTd1drYCUJ/v0bGA7xYg1UBueyDVyEWmp9
H1hwBdT2mPYdfXu+MHXjFZfcKjUQM1ZlpMf/kVflQ1OtGgnTSa3Ep0BmtKR0m2eA
+e6OFvb99bYwvBaETkaNs5s0aVkF9NkipAs0hfsMc5SBTUgIswoUfioItZ+22GO6
naDIIFIpcVZWShqadycnBAdXL4HRKN/0a7l2Dpt2lm7mU5Hz8/JDCsm8HvABy1dv
4a6B+hnYdB7ByBU71Z2VSXd+f6me/Cs9jCPdgwsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQSSEAWWfNeZn1fKNyFkdmHqz2oSDAfBgNVHSMEGDAWgBSw+gx6vBB5aRXj
NboZeA5HPgJ5aTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NQb01lcndRZVdrVjR6VzZHWGdPUno0Q2VXay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjAvOTc0NzQ5LTRkN2UtNDQ1MC05NzkzLWRmODU0ZjQ3YmFmNC8x
L0VraEFGbG56WG1aOVh5amNoWkhaaDZzOXFFZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjAv
OTc0NzQ5LTRkN2UtNDQ1MC05NzkzLWRmODU0ZjQ3YmFmNC8xL3NQb01lcndRZVdr
VjR6VzZHWGdPUno0Q2VXay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAdXuMDANBgkqhkiG9w0BAQsFAAOC
AQEAEN1xeg78+V1thfEfdo1ows4jC1rK6Mhhr1ULG2BfTWJbbmopPZeQD9jc4ZJq
zRQka9kRalTw9sJ8RIe5L+O/UY8j9msQdsEs9H5lkMRdFHkLd+q282YzHIjSYjUJ
eL/pNqcSdJFrD3dmlq13kmn22HMRIAk+Heu1LTCvO57X0KTwqJuPr7clh7edJfpO
363ZAp6N/3s/MBzhr/AO+y5STJNtJcy80aiGIodue6kFciQ7OLgBCIlJ5JtBieRO
VxJrZ41HMhuIir16LD77fy3ntNWSkgNVK6J4xfMwgfUd0s8lseK3tePnO84enzHZ
qKLUJsNcPwO+oQ5sJpcPKhK2cQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:56 2024 by rpki-client on console-ams.rpki-client.org