Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/EaSc9XIsm9VN2PMVxkK6veBYJzw.roa
File: EaSc9XIsm9VN2PMVxkK6veBYJzw.roa (raw, json)
Hash identifier: NBSuRug457/ygghdTrH6UdtjTaFINq/TE7Yv5I1YGJo=
Subject key identifier: 11:A4:9C:F5:72:2C:9B:D5:4D:D8:F3:15:C6:42:BA:BD:E0:58:27:3C
Certificate issuer: /CN=1045dacc837798c3e6cf31f4d27946a33b0de661
Certificate serial: 29F41D5D
Authority key identifier: 10:45:DA:CC:83:77:98:C3:E6:CF:31:F4:D2:79:46:A3:3B:0D:E6:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EEXazIN3mMPmzzH00nlGozsN5mE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/EaSc9XIsm9VN2PMVxkK6veBYJzw.roa
Signing time: Sat 01 Jan 2022 13:54:28 +0000
ROA not before: Sat 01 Jan 2022 13:54:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201247
IP address blocks: 185.13.34.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 703864157 (0x29f41d5d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1045dacc837798c3e6cf31f4d27946a33b0de661
Validity
Not Before: Jan 1 13:54:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=11a49cf5722c9bd54dd8f315c642babde058273c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:d0:0d:8c:be:50:fc:9a:7c:5d:a9:70:af:96:
e2:23:6f:30:ed:ae:62:9b:55:51:4e:65:26:9d:9f:
80:59:1f:00:19:83:fa:35:75:cb:60:7f:bf:c4:2a:
cb:1b:c8:10:4c:00:47:d3:06:03:36:55:ea:d3:d4:
78:7f:3e:1a:bd:75:ee:84:f2:21:d2:4a:ff:5d:e1:
a2:7e:07:6c:b4:40:6f:0b:92:d7:d7:5a:d7:41:f7:
57:4f:74:52:bd:30:b7:49:de:d8:3c:e8:de:c7:d7:
ed:75:dc:58:ab:2e:01:c5:49:1a:f1:46:b3:90:fd:
61:28:50:0d:1f:d7:34:f6:6d:db:66:22:b9:ac:74:
3f:bf:fa:f2:d5:b3:e3:ea:bb:a4:b7:2f:be:b6:67:
f7:f6:2f:43:74:48:35:6c:79:76:fb:c9:b1:02:f8:
c9:51:32:e8:e1:2b:b0:06:8d:36:0a:4f:b1:17:06:
43:5d:d0:cf:80:99:b5:1c:7a:41:52:ba:38:e9:3d:
c6:bb:07:b4:76:0d:12:fe:12:75:f2:1a:85:c3:ce:
d2:50:61:da:fd:59:d9:20:16:7a:ee:61:3b:4a:a6:
88:cc:2e:73:cb:68:b1:2c:7a:2a:43:72:35:02:e0:
f2:a9:32:2a:b4:71:9d:69:bd:11:d1:16:dc:5d:03:
07:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:A4:9C:F5:72:2C:9B:D5:4D:D8:F3:15:C6:42:BA:BD:E0:58:27:3C
X509v3 Authority Key Identifier:
keyid:10:45:DA:CC:83:77:98:C3:E6:CF:31:F4:D2:79:46:A3:3B:0D:E6:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EEXazIN3mMPmzzH00nlGozsN5mE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/EaSc9XIsm9VN2PMVxkK6veBYJzw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/EEXazIN3mMPmzzH00nlGozsN5mE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.13.34.0/24
Signature Algorithm: sha256WithRSAEncryption
66:8a:0f:11:7c:2a:5a:68:0b:db:19:41:99:b3:5e:70:65:25:
36:b8:f1:6b:df:aa:69:67:95:47:9c:b7:04:0e:d4:ad:f5:f9:
63:74:87:44:a7:bd:3b:07:f1:90:0a:1d:a7:f2:cb:fe:b1:bc:
39:46:8f:40:6c:12:71:d0:02:c3:47:ce:5e:88:5e:c4:f3:7e:
89:cc:39:f7:26:83:db:b1:a8:15:00:f8:3d:19:b0:92:93:64:
96:e8:3b:8a:c2:c5:5c:52:05:57:ec:08:59:ee:0d:e5:ef:c6:
cb:fd:d7:46:01:1a:0c:ed:da:c5:54:d2:38:24:8a:01:b4:7e:
9a:31:40:70:26:f6:a4:08:08:38:98:ec:c5:9a:c2:ab:fe:ea:
13:44:88:1c:ee:77:77:bc:32:af:5b:2f:2d:4d:01:63:34:65:
e0:65:17:e9:e7:7e:74:8c:81:6f:82:81:6b:ea:14:90:5e:8c:
44:2d:fb:3d:42:7e:41:55:b1:fe:25:4c:8a:9a:58:ed:6a:11:
a7:d6:3a:59:6d:89:59:56:63:d8:3d:e2:b3:b1:77:68:e3:1f:
c2:0e:1b:bf:ca:88:37:6c:08:e2:62:e6:c5:0a:f2:d9:fd:27:
9c:af:53:ce:dd:ef:8a:74:e7:1d:30:54:e7:f5:a3:49:88:c1:
fa:94:e1:63
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEKfQdXTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MDQ1ZGFjYzgzNzc5OGMzZTZjZjMxZjRkMjc5NDZhMzNiMGRlNjYxMB4XDTIyMDEw
MTEzNTQyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTFhNDljZjU3MjJj
OWJkNTRkZDhmMzE1YzY0MmJhYmRlMDU4MjczYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJvQDYy+UPyafF2pcK+W4iNvMO2uYptVUU5lJp2fgFkfABmD
+jV1y2B/v8QqyxvIEEwAR9MGAzZV6tPUeH8+Gr117oTyIdJK/13hon4HbLRAbwuS
19da10H3V090Ur0wt0ne2Dzo3sfX7XXcWKsuAcVJGvFGs5D9YShQDR/XNPZt22Yi
uax0P7/68tWz4+q7pLcvvrZn9/YvQ3RINWx5dvvJsQL4yVEy6OErsAaNNgpPsRcG
Q13Qz4CZtRx6QVK6OOk9xrsHtHYNEv4SdfIahcPO0lBh2v1Z2SAWeu5hO0qmiMwu
c8tosSx6KkNyNQLg8qkyKrRxnWm9EdEW3F0DB58CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQRpJz1ciyb1U3Y8xXGQrq94FgnPDAfBgNVHSMEGDAWgBQQRdrMg3eYw+bP
MfTSeUajOw3mYTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VFWGF6SU4zbU1QbXp6SDAwbmxHb3pzTjVtRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjIvMjY2Y2FmLTNiNDMtNDllMC1iNmUxLTljMTc0ZTUzZTRmZS8x
L0VhU2M5WElzbTlWTjJQTVZ4a0s2dmVCWUp6dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjIv
MjY2Y2FmLTNiNDMtNDllMC1iNmUxLTljMTc0ZTUzZTRmZS8xL0VFWGF6SU4zbU1Q
bXp6SDAwbmxHb3pzTjVtRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALkNIjANBgkqhkiG9w0BAQsFAAOC
AQEAZooPEXwqWmgL2xlBmbNecGUlNrjxa9+qaWeVR5y3BA7UrfX5Y3SHRKe9Owfx
kAodp/LL/rG8OUaPQGwScdACw0fOXohexPN+icw59yaD27GoFQD4PRmwkpNklug7
isLFXFIFV+wIWe4N5e/Gy/3XRgEaDO3axVTSOCSKAbR+mjFAcCb2pAgIOJjsxZrC
q/7qE0SIHO53d7wyr1svLU0BYzRl4GUX6ed+dIyBb4KBa+oUkF6MRC37PUJ+QVWx
/iVMippY7WoRp9Y6WW2JWVZj2D3is7F3aOMfwg4bv8qIN2wI4mLmxQry2f0nnK9T
zt3vinTnHTBU5/WjSYjB+pThYw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:18 2023 by rpki-client on console-fra.rpki-client.org