Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/3138352e3139352e3233382e3132382f32352d3235203d3e20323135383230.roa
File: 3138352e3139352e3233382e3132382f32352d3235203d3e20323135383230.roa (raw, json)
Hash identifier: suFIEjizRLXTphcDNNw/ziFXJKsYlOc0LyPKzZwkIY0=
Subject key identifier: 2A:AF:52:7B:A6:6F:18:03:49:17:5F:BC:1B:D2:FF:C2:14:26:26:D7
Certificate issuer: /CN=57A9746FE543EB3EA0D449534244C93FC88F8503
Certificate serial: 76A108F46DAF22340F3C0231CBFCDC364F34B0C4
Authority key identifier: 57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/3138352e3139352e3233382e3132382f32352d3235203d3e20323135383230.roa
Signing time: Fri 28 Jun 2024 21:31:27 +0000
ROA not before: Fri 28 Jun 2024 21:26:27 +0000
ROA not after: Fri 27 Jun 2025 21:31:27 +0000
asID: 215820
IP address blocks: 185.195.238.128/25 maxlen: 25
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:a1:08:f4:6d:af:22:34:0f:3c:02:31:cb:fc:dc:36:4f:34:b0:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57A9746FE543EB3EA0D449534244C93FC88F8503
Validity
Not Before: Jun 28 21:26:27 2024 GMT
Not After : Jun 27 21:31:27 2025 GMT
Subject: CN=2AAF527BA66F180349175FBC1BD2FFC2142626D7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:8a:97:e8:1c:97:12:b7:1e:5f:9c:f4:0f:db:
f8:0f:5c:63:cf:2b:9a:82:a2:12:a6:8d:44:40:e5:
08:bc:7e:fe:ae:02:51:23:75:1c:d3:c6:47:19:32:
fb:6a:c0:ef:43:36:57:97:cc:53:eb:58:35:2e:3c:
8d:57:6d:e5:d7:4e:e1:99:8f:bd:34:a0:51:3d:e7:
0a:07:54:df:45:ab:87:73:e9:be:9e:94:e2:b5:e3:
a7:4b:af:be:20:c1:2b:78:f5:36:8c:0c:8a:2e:e2:
b4:bf:da:42:14:3b:ea:e0:41:f9:61:59:0b:46:1d:
7f:33:58:3a:c8:53:99:5d:5e:fb:51:ac:c5:e0:28:
1d:f4:25:b5:3b:dc:d2:c6:9f:d4:00:a7:10:e6:b8:
8a:b6:9e:0e:51:de:71:84:e2:ab:b8:e9:43:a7:a3:
c0:69:d7:de:0b:34:e2:ef:65:94:0a:0f:b1:ec:a5:
1a:ed:23:5b:f6:35:15:b5:42:01:b1:1e:88:79:16:
ec:d4:3e:33:5c:ee:e5:59:84:a2:b6:46:3a:b3:6f:
29:7f:e2:a0:2a:c7:fa:ec:31:dd:df:13:16:11:eb:
ca:9d:88:34:b9:dc:41:20:61:c9:75:27:7d:8f:98:
c6:60:89:28:20:f6:ca:d7:3e:3f:4c:57:72:44:29:
f9:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:AF:52:7B:A6:6F:18:03:49:17:5F:BC:1B:D2:FF:C2:14:26:26:D7
X509v3 Authority Key Identifier:
keyid:57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/3138352e3139352e3233382e3132382f32352d3235203d3e20323135383230.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.195.238.128/25
Signature Algorithm: sha256WithRSAEncryption
4d:43:4a:03:65:e1:45:db:8a:0f:9d:85:22:30:93:31:a0:7e:
40:0b:59:5b:b8:1d:1c:f1:16:b1:9a:80:f8:1a:4a:43:3d:99:
c8:4f:32:42:a2:d3:ac:31:cb:6f:0c:00:51:a7:53:d0:dc:04:
d2:55:cb:12:7c:a8:57:5e:a8:a6:c7:c2:76:77:e9:5a:72:1e:
23:f2:b2:87:de:62:57:1a:cd:71:a6:ef:49:7a:9a:4e:a6:ea:
c5:b4:3e:3a:f7:a2:58:17:ca:aa:2a:c3:a3:d7:10:66:cc:6f:
7d:6a:f7:16:ac:07:dd:83:45:26:d3:ec:61:41:2c:21:03:12:
b7:f8:9d:6e:6a:3d:1a:96:d7:84:75:06:61:14:b5:84:25:1c:
85:0f:63:09:5a:34:da:e6:39:11:6f:d2:2d:87:af:02:62:32:
a6:68:45:fe:17:ad:7c:e5:6a:58:fb:ce:16:b6:9c:c2:a0:37:
df:0b:63:aa:54:ba:fe:1a:1b:f1:ed:77:81:64:ef:2c:b1:b8:
05:7a:30:2e:0c:59:2b:6c:23:3b:45:bc:48:b5:b6:58:7c:6c:
de:2f:f4:80:45:11:65:80:49:74:9e:93:5f:12:6a:b1:45:dc:
ce:42:32:08:9a:1f:24:8f:61:3f:43:07:a2:0e:64:39:b6:cb:
90:5d:3e:ec
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIUdqEI9G2vIjQPPAIxy/zcNk80sMQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZD
ODhGODUwMzAeFw0yNDA2MjgyMTI2MjdaFw0yNTA2MjcyMTMxMjdaMDMxMTAvBgNV
BAMTKDJBQUY1MjdCQTY2RjE4MDM0OTE3NUZCQzFCRDJGRkMyMTQyNjI2RDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6ipfoHJcStx5fnPQP2/gPXGPP
K5qCohKmjURA5Qi8fv6uAlEjdRzTxkcZMvtqwO9DNleXzFPrWDUuPI1XbeXXTuGZ
j700oFE95woHVN9Fq4dz6b6elOK146dLr74gwSt49TaMDIou4rS/2kIUO+rgQflh
WQtGHX8zWDrIU5ldXvtRrMXgKB30JbU73NLGn9QApxDmuIq2ng5R3nGE4qu46UOn
o8Bp194LNOLvZZQKD7HspRrtI1v2NRW1QgGxHoh5FuzUPjNc7uVZhKK2Rjqzbyl/
4qAqx/rsMd3fExYR68qdiDS53EEgYcl1J32PmMZgiSgg9srXPj9MV3JEKfnBAgMB
AAGjggJ2MIICcjAdBgNVHQ4EFgQUKq9Se6ZvGANJF1+8G9L/whQmJtcwHwYDVR0j
BBgwFoAUV6l0b+VD6z6g1ElTQkTJP8iPhQMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMtZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1
YzdkLzAvNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZDODhGODUwMy5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZDODhG
ODUwMy5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMt
ZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1YzdkLzAvMzEzODM1MmUzMTM5MzUyZTMy
MzMzODJlMzEzMjM4MmYzMjM1MmQzMjM1MjAzZDNlMjAzMjMxMzUzODMyMzAucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0E
AgABMAcDBQe5w+6AMA0GCSqGSIb3DQEBCwUAA4IBAQBNQ0oDZeFF24oPnYUiMJMx
oH5AC1lbuB0c8RaxmoD4GkpDPZnITzJCotOsMctvDABRp1PQ3ATSVcsSfKhXXqim
x8J2d+lach4j8rKH3mJXGs1xpu9JeppOpurFtD4696JYF8qqKsOj1xBmzG99avcW
rAfdg0Um0+xhQSwhAxK3+J1uaj0alteEdQZhFLWEJRyFD2MJWjTa5jkRb9Ith68C
YjKmaEX+F6185WpY+84WtpzCoDffC2OqVLr+Ghvx7XeBZO8ssbgFejAuDFkrbCM7
RbxItbZYfGzeL/SARRFlgEl0npNfEmqxRdzOQjIImh8kj2E/QweiDmQ5tsuQXT7s
-----END CERTIFICATE-----
Generated at Thu Jul 25 06:45:49 2024 by rpki-client on console-fra.rpki-client.org