Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/17836a-d678-41ca-8fb2-5eb7bef9a7a8/1/_xUMJHRtlbiQ9oBC0YxXFwGYLMw.roa
File: _xUMJHRtlbiQ9oBC0YxXFwGYLMw.roa (raw, json)
Hash identifier: 30Jpc1mvOozMy+ARcp/l9D0zlQ5PypZoopdMK147jDg=
Subject key identifier: FF:15:0C:24:74:6D:95:B8:90:F6:80:42:D1:8C:57:17:01:98:2C:CC
Certificate issuer: /CN=fb744006eac3084bf88f128349b0e733bb3d79e3
Certificate serial: 09135A82
Authority key identifier: FB:74:40:06:EA:C3:08:4B:F8:8F:12:83:49:B0:E7:33:BB:3D:79:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-3RABurDCEv4jxKDSbDnM7s9eeM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/17836a-d678-41ca-8fb2-5eb7bef9a7a8/1/_xUMJHRtlbiQ9oBC0YxXFwGYLMw.roa
Signing time: Sat 01 Jan 2022 11:02:26 +0000
ROA not before: Sat 01 Jan 2022 11:02:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39421
IP address blocks: 2.58.57.0/24 maxlen: 24
2.58.56.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 152263298 (0x9135a82)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb744006eac3084bf88f128349b0e733bb3d79e3
Validity
Not Before: Jan 1 11:02:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ff150c24746d95b890f68042d18c571701982ccc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:e8:e4:2b:09:0d:c4:2b:d3:83:f4:8b:14:5f:
94:fc:65:19:cd:fd:50:c2:7f:50:04:75:ec:cc:ec:
f2:5a:b3:74:3b:83:e8:39:a9:75:73:1f:5b:0c:8a:
7d:6c:ec:ba:8f:18:1c:43:7c:d1:61:fe:c9:38:a8:
be:4d:62:51:7f:2d:f8:04:0e:8c:5f:e9:b8:d0:0d:
0f:42:10:48:10:4d:78:f5:01:c5:37:b8:fb:b5:8b:
21:a1:ac:20:7a:bc:49:c2:5e:bb:34:26:14:1e:8c:
83:2f:e0:6e:ff:c8:ae:cd:3a:64:74:b6:7f:02:5d:
4f:d7:0a:08:79:e6:c5:53:cf:f2:f1:37:d1:f0:6d:
8d:d8:94:cb:ab:70:8e:33:9b:0b:ae:3b:15:a0:c8:
b7:72:0f:8c:4c:69:6e:d1:7a:2a:60:65:8b:f2:20:
ac:00:0f:6c:77:57:14:e7:74:d6:25:55:9b:0f:29:
1e:b4:69:35:83:ad:69:74:99:2c:19:da:2e:15:ae:
2e:b6:e3:e9:e3:ea:80:46:60:a7:44:ad:91:39:4a:
7b:5b:85:dd:85:67:8b:e2:14:fc:d5:48:8b:7b:87:
44:bc:d3:ec:58:ef:92:a2:cb:c8:07:0f:4d:b5:be:
b2:a9:f0:03:f4:01:84:b4:6a:6b:34:ba:3f:28:11:
97:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:15:0C:24:74:6D:95:B8:90:F6:80:42:D1:8C:57:17:01:98:2C:CC
X509v3 Authority Key Identifier:
keyid:FB:74:40:06:EA:C3:08:4B:F8:8F:12:83:49:B0:E7:33:BB:3D:79:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-3RABurDCEv4jxKDSbDnM7s9eeM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/17836a-d678-41ca-8fb2-5eb7bef9a7a8/1/_xUMJHRtlbiQ9oBC0YxXFwGYLMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/17836a-d678-41ca-8fb2-5eb7bef9a7a8/1/1-3RABurDCEv4jxKDSbDnM7s9eeM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.56.0/23
Signature Algorithm: sha256WithRSAEncryption
18:1f:6b:6d:a4:93:60:76:56:bc:2f:8d:88:40:d2:4d:1a:37:
06:6c:f8:ec:bd:3f:7e:bd:50:d3:03:ac:54:86:d8:aa:89:fd:
57:d8:ed:f8:eb:7c:5c:6a:fa:7a:b9:88:1d:10:ab:38:25:ff:
e6:4b:d8:c8:93:ff:20:52:4d:ab:7d:8d:08:d5:d7:be:61:8f:
2a:85:35:b7:7f:8f:db:7f:d7:9a:a2:04:75:15:49:3d:ff:53:
60:38:96:12:6e:39:06:92:f5:3c:93:c6:ba:82:77:f2:8e:a1:
46:a4:1d:32:53:44:96:56:e6:9f:85:08:9a:0c:d8:2a:97:b8:
75:47:81:d9:d3:0c:5e:b4:25:20:ac:33:2e:54:00:11:19:39:
6c:0e:d2:bc:0c:b0:f7:d1:23:8d:cc:c9:55:ff:2a:14:d6:96:
ef:be:a8:4c:96:5f:6a:f2:a4:e6:d4:cd:93:1b:ce:25:51:02:
e2:a1:56:68:c7:8f:84:7d:64:15:94:43:9d:1e:da:5d:b1:44:
6b:13:da:40:db:e0:56:28:91:25:5b:6c:e0:e9:6c:55:97:48:
eb:e4:61:5c:e1:8a:18:96:3e:fc:21:18:2b:44:75:a9:0f:d0:
84:cd:9e:d3:3a:e0:6a:df:49:a1:e1:1a:5d:07:db:4b:fe:30:
e2:ae:c7:78
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIECRNagjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
Yjc0NDAwNmVhYzMwODRiZjg4ZjEyODM0OWIwZTczM2JiM2Q3OWUzMB4XDTIyMDEw
MTExMDIyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmYxNTBjMjQ3NDZk
OTViODkwZjY4MDQyZDE4YzU3MTcwMTk4MmNjYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOzo5CsJDcQr04P0ixRflPxlGc39UMJ/UAR17Mzs8lqzdDuD
6DmpdXMfWwyKfWzsuo8YHEN80WH+yTiovk1iUX8t+AQOjF/puNAND0IQSBBNePUB
xTe4+7WLIaGsIHq8ScJeuzQmFB6Mgy/gbv/Irs06ZHS2fwJdT9cKCHnmxVPP8vE3
0fBtjdiUy6twjjObC647FaDIt3IPjExpbtF6KmBli/IgrAAPbHdXFOd01iVVmw8p
HrRpNYOtaXSZLBnaLhWuLrbj6ePqgEZgp0StkTlKe1uF3YVni+IU/NVIi3uHRLzT
7FjvkqLLyAcPTbW+sqnwA/QBhLRqazS6PygRlxsCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBT/FQwkdG2VuJD2gELRjFcXAZgszDAfBgNVHSMEGDAWgBT7dEAG6sMIS/iP
EoNJsOczuz154zAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtM1JBQnVyRENFdjRqeEtEU2JEbk03czllZU0uY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL2ZlLzE3ODM2YS1kNjc4LTQxY2EtOGZiMi01ZWI3YmVmOWE3YTgv
MS9feFVNSkhSdGxiaVE5b0JDMFl4WEZ3R1lMTXcucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Zl
LzE3ODM2YS1kNjc4LTQxY2EtOGZiMi01ZWI3YmVmOWE3YTgvMS8xLTNSQUJ1ckRD
RXY0anhLRFNiRG5NN3M5ZWVNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBAjo4MA0GCSqGSIb3DQEBCwUA
A4IBAQAYH2ttpJNgdla8L42IQNJNGjcGbPjsvT9+vVDTA6xUhtiqif1X2O3463xc
avp6uYgdEKs4Jf/mS9jIk/8gUk2rfY0I1de+YY8qhTW3f4/bf9eaogR1FUk9/1Ng
OJYSbjkGkvU8k8a6gnfyjqFGpB0yU0SWVuafhQiaDNgql7h1R4HZ0wxetCUgrDMu
VAARGTlsDtK8DLD30SONzMlV/yoU1pbvvqhMll9q8qTm1M2TG84lUQLioVZox4+E
fWQVlEOdHtpdsURrE9pA2+BWKJElW2zg6WxVl0jr5GFc4YoYlj78IRgrRHWpD9CE
zZ7TOuBq30mh4RpdB9tL/jDirsd4
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:50 2023 by rpki-client on console-ams.rpki-client.org