Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/322e35382e38342e302f32342d3234203d3e20323136323231.roa
File: 322e35382e38342e302f32342d3234203d3e20323136323231.roa (raw, json)
Hash identifier: EPX6XGpgNwtiRnBvxDuCW65ZQ4Gu+llG59fAl/wr2K4=
Subject key identifier: 4C:4D:FA:CE:50:7C:48:01:40:ED:76:77:10:3B:68:E9:4E:EB:FB:DB
Certificate issuer: /CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Certificate serial: 372BAC4EFB1398FDD4152EB816289ADB02F1CECF
Authority key identifier: 8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/322e35382e38342e302f32342d3234203d3e20323136323231.roa
Signing time: Fri 12 Apr 2024 15:02:05 +0000
ROA not before: Fri 12 Apr 2024 14:57:05 +0000
ROA not after: Fri 11 Apr 2025 15:02:05 +0000
asID: 216221
IP address blocks: 2.58.84.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:2b:ac:4e:fb:13:98:fd:d4:15:2e:b8:16:28:9a:db:02:f1:ce:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Validity
Not Before: Apr 12 14:57:05 2024 GMT
Not After : Apr 11 15:02:05 2025 GMT
Subject: CN=4C4DFACE507C480140ED7677103B68E94EEBFBDB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:99:9e:66:0e:07:42:6f:f3:3f:39:58:fe:2e:
23:d2:95:28:15:6d:9e:52:6e:5b:d0:64:e2:9d:4e:
90:53:13:8e:22:6b:8d:8f:34:4f:95:62:d7:d9:7f:
81:e0:53:9c:b6:88:58:d0:8f:4a:57:55:3d:3e:c4:
df:b2:34:12:b5:15:eb:1d:31:fb:52:ab:19:bf:81:
57:85:b6:7b:df:25:2d:4e:32:70:d7:f1:30:4f:19:
f7:36:97:f0:7c:2d:e7:07:a8:0f:8d:26:b5:0d:25:
a9:66:58:4a:0d:40:3e:d0:c5:8e:2f:df:ce:a9:ca:
54:37:df:0e:20:56:44:68:1b:5a:b6:98:63:da:dd:
39:25:a1:d9:58:4d:bd:d9:6d:f8:fd:d8:98:bd:d4:
d8:79:90:d7:e7:d1:13:79:a4:f8:dd:8b:85:ce:22:
62:76:23:da:b5:91:4a:57:1f:9b:4c:1d:16:8d:9c:
3b:82:92:ce:1c:0e:80:ec:83:6d:90:b4:28:15:a7:
48:69:b2:33:72:92:7a:3b:92:06:d3:8b:b2:da:1a:
0f:af:59:b0:39:8c:eb:e5:e5:41:82:cd:0e:2c:90:
26:44:95:7a:4a:7d:fc:fa:c7:50:65:2d:f4:df:6a:
0d:dd:19:f5:12:0f:2e:a5:2e:81:02:6a:a9:b5:90:
72:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:4D:FA:CE:50:7C:48:01:40:ED:76:77:10:3B:68:E9:4E:EB:FB:DB
X509v3 Authority Key Identifier:
keyid:8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/322e35382e38342e302f32342d3234203d3e20323136323231.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.84.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:2b:2c:2a:27:8c:ae:01:c3:e7:af:41:a0:96:f6:49:af:fa:
92:b7:75:5f:3b:26:e1:96:7b:88:35:31:53:6a:3e:51:49:44:
55:44:ed:da:05:f8:6d:44:b1:dc:44:ca:61:59:26:24:7f:6b:
d1:a9:d5:f5:e6:e0:bb:20:14:0c:7c:e6:e0:3c:b6:15:8c:4d:
68:69:e1:0e:f0:0e:22:11:be:1b:4b:cf:5a:a3:8a:67:ea:fd:
07:8c:aa:84:76:db:a2:53:fe:7b:9e:0b:24:88:d9:ec:9a:bf:
a1:43:98:15:6b:6d:c6:07:7e:66:ca:4d:bd:a0:13:5f:63:5b:
b0:d9:33:98:87:64:66:c2:7f:60:64:16:6f:bd:b4:06:2e:bf:
23:9c:3b:06:38:b7:a0:b1:46:bf:7f:25:c0:c2:b9:d2:c9:eb:
a5:b1:7b:e6:2f:5f:cb:e6:53:32:5a:a2:19:db:f6:40:99:4a:
a1:dd:e6:d8:dc:b6:d1:64:70:fe:a5:db:af:9f:7e:f7:e4:60:
5f:a2:c1:46:85:a5:e6:66:a2:e9:7b:09:48:a0:a5:f1:3a:f8:
bf:e7:27:fe:84:d5:7a:c2:8b:f3:5d:e3:ad:28:2a:35:87:c4:
33:3c:07:f4:9a:20:37:f3:4d:66:20:6f:1a:b5:cd:f1:95:46:
00:57:2b:08
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUNyusTvsTmP3UFS64Fiia2wLxzs8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGY0Y2U3NzIyZjk5MDc1ZDk0NzM4YjdlNjEwNzA0MDEy
NjllYjNkNjAeFw0yNDA0MTIxNDU3MDVaFw0yNTA0MTExNTAyMDVaMDMxMTAvBgNV
BAMTKDRDNERGQUNFNTA3QzQ4MDE0MEVENzY3NzEwM0I2OEU5NEVFQkZCREIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQmZ5mDgdCb/M/OVj+LiPSlSgV
bZ5SblvQZOKdTpBTE44ia42PNE+VYtfZf4HgU5y2iFjQj0pXVT0+xN+yNBK1Fesd
MftSqxm/gVeFtnvfJS1OMnDX8TBPGfc2l/B8LecHqA+NJrUNJalmWEoNQD7QxY4v
386pylQ33w4gVkRoG1q2mGPa3TklodlYTb3Zbfj92Ji91Nh5kNfn0RN5pPjdi4XO
ImJ2I9q1kUpXH5tMHRaNnDuCks4cDoDsg22QtCgVp0hpsjNykno7kgbTi7LaGg+v
WbA5jOvl5UGCzQ4skCZElXpKffz6x1BlLfTfag3dGfUSDy6lLoECaqm1kHIXAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUTE36zlB8SAFA7XZ3EDto6U7r+9swHwYDVR0j
BBgwFoAUj0znci+ZB12Uc4t+YQcEASaes9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUtNTExMC00MjU3LTk0ZWYtNGQyYjQzODg0
MDQwLzAvOEY0Q0U3NzIyRjk5MDc1RDk0NzM4QjdFNjEwNzA0MDEyNjlFQjNENi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2owem5jaS1aQjEyVWM0dC1ZUWNFQVNh
ZXM5WS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUt
NTExMC00MjU3LTk0ZWYtNGQyYjQzODg0MDQwLzAvMzIyZTM1MzgyZTM4MzQyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzYzMjMyMzEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAACOlQw
DQYJKoZIhvcNAQELBQADggEBADorLConjK4Bw+evQaCW9kmv+pK3dV87JuGWe4g1
MVNqPlFJRFVE7doF+G1EsdxEymFZJiR/a9Gp1fXm4LsgFAx85uA8thWMTWhp4Q7w
DiIRvhtLz1qjimfq/QeMqoR226JT/nueCySI2eyav6FDmBVrbcYHfmbKTb2gE19j
W7DZM5iHZGbCf2BkFm+9tAYuvyOcOwY4t6CxRr9/JcDCudLJ66Wxe+YvX8vmUzJa
ohnb9kCZSqHd5tjcttFkcP6l26+ffvfkYF+iwUaFpeZmoul7CUigpfE6+L/nJ/6E
1XrCi/Nd460oKjWHxDM8B/SaIDfzTWYgbxq1zfGVRgBXKwg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 12:41:07 2024 by rpki-client on console-fra.rpki-client.org