Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/322e35382e38352e302f32342d3234203d3e203437343336.roa
File: 322e35382e38352e302f32342d3234203d3e203437343336.roa (raw, json)
Hash identifier: nYgu9kBkRhcLmcGO/2u6SLmuyYzZA0j/VnRcY6P4Llo=
Subject key identifier: 1A:0F:CC:24:0D:F1:A4:0E:E8:25:C8:E7:B0:62:90:E1:AF:32:8F:21
Certificate issuer: /CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Certificate serial: 669AC02E10DD17D13DC5260334C0FCFEF332CD08
Authority key identifier: 8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/322e35382e38352e302f32342d3234203d3e203437343336.roa
Signing time: Sun 22 Oct 2023 05:39:54 +0000
ROA not before: Sun 22 Oct 2023 05:34:54 +0000
ROA not after: Sun 20 Oct 2024 05:39:54 +0000
asID: 47436
IP address blocks: 2.58.85.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:9a:c0:2e:10:dd:17:d1:3d:c5:26:03:34:c0:fc:fe:f3:32:cd:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Validity
Not Before: Oct 22 05:34:54 2023 GMT
Not After : Oct 20 05:39:54 2024 GMT
Subject: CN=1A0FCC240DF1A40EE825C8E7B06290E1AF328F21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:b7:dd:d0:e5:10:32:d6:97:a0:8d:3c:0c:70:
99:b6:88:a5:b1:0d:28:46:48:99:27:19:d7:0c:d7:
38:66:3b:2a:07:6b:d9:49:a5:b9:e6:3f:76:23:3e:
62:ef:df:4f:44:a2:57:0e:9e:5c:2a:30:53:fb:7a:
89:26:4d:06:24:16:99:16:50:fb:df:db:6f:f3:be:
0d:d0:59:59:21:67:93:45:85:b6:ef:82:01:16:ba:
7a:de:63:24:8c:3b:b6:ad:3a:ff:26:50:19:fd:59:
7d:49:4e:19:dc:33:c6:00:80:e9:57:e0:c8:a9:0a:
55:54:57:1d:fc:23:5e:7f:fe:5c:5c:20:09:fa:67:
47:2b:78:e2:66:d2:97:c4:2e:fc:f0:1e:b6:ea:41:
17:d2:ab:4f:dd:8e:0c:30:28:19:be:a5:55:0a:be:
f6:82:5e:f4:3c:87:32:3d:96:7a:a8:f2:42:af:17:
62:40:6b:01:86:a5:71:dd:8b:d7:87:f1:ec:2b:23:
ab:b2:a2:95:a4:70:83:4f:de:02:5b:cf:95:1e:4a:
9b:46:e3:2a:bf:95:51:60:6b:53:f4:f7:b7:ec:b2:
4b:81:e7:65:f3:8d:3b:61:c5:ed:44:13:58:3d:77:
05:ac:45:8a:9c:f0:fe:e5:45:da:39:d8:4d:1e:47:
6e:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:0F:CC:24:0D:F1:A4:0E:E8:25:C8:E7:B0:62:90:E1:AF:32:8F:21
X509v3 Authority Key Identifier:
keyid:8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/322e35382e38352e302f32342d3234203d3e203437343336.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.85.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:29:8b:5e:52:5c:36:95:4c:4b:f6:20:1d:43:56:86:af:4e:
03:ed:a4:11:7e:9d:86:f3:22:13:f4:69:8c:1e:2e:11:6a:a6:
b9:13:c4:83:f0:dc:6f:dc:09:ee:e9:62:18:cf:e6:5c:83:68:
5e:af:f3:e6:8d:f1:67:d6:86:97:55:bf:ed:22:f5:c1:15:b2:
cd:e9:cd:8d:28:ec:89:43:c3:7e:b7:bc:45:02:ea:15:e4:3a:
48:2b:61:89:b3:3d:40:19:6d:6e:49:70:bc:1c:b6:71:d7:9c:
12:5c:76:9f:26:71:83:7f:81:dc:35:69:c1:28:b5:12:61:46:
f7:dc:2e:a8:02:5c:fc:ca:3c:49:42:2a:87:a4:5d:1f:96:fc:
c4:5b:43:74:38:4c:55:c2:c9:3d:13:63:f6:ee:f6:d4:e1:bd:
da:c7:70:8c:54:8c:83:90:22:ab:60:c0:c0:ba:71:5e:7e:55:
79:1d:af:1c:6d:27:44:8b:49:dd:b0:9d:cf:65:93:1f:e1:dd:
2f:7d:36:4e:a7:e9:55:09:02:63:99:2c:6e:10:fb:91:28:cb:
a9:6b:4e:3a:92:4a:9e:02:2a:f1:e9:3f:cf:88:7f:a3:f9:6d:
43:ac:09:28:81:9c:7f:a7:1d:f3:a2:fe:5b:5b:a5:0a:e4:ca:
51:67:f2:09
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUZprALhDdF9E9xSYDNMD8/vMyzQgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGY0Y2U3NzIyZjk5MDc1ZDk0NzM4YjdlNjEwNzA0MDEy
NjllYjNkNjAeFw0yMzEwMjIwNTM0NTRaFw0yNDEwMjAwNTM5NTRaMDMxMTAvBgNV
BAMTKDFBMEZDQzI0MERGMUE0MEVFODI1QzhFN0IwNjI5MEUxQUYzMjhGMjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYt93Q5RAy1pegjTwMcJm2iKWx
DShGSJknGdcM1zhmOyoHa9lJpbnmP3YjPmLv309EolcOnlwqMFP7eokmTQYkFpkW
UPvf22/zvg3QWVkhZ5NFhbbvggEWunreYySMO7atOv8mUBn9WX1JThncM8YAgOlX
4MipClVUVx38I15//lxcIAn6Z0creOJm0pfELvzwHrbqQRfSq0/djgwwKBm+pVUK
vvaCXvQ8hzI9lnqo8kKvF2JAawGGpXHdi9eH8ewrI6uyopWkcINP3gJbz5UeSptG
4yq/lVFga1P097fsskuB52XzjTthxe1EE1g9dwWsRYqc8P7lRdo52E0eR27TAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUGg/MJA3xpA7oJcjnsGKQ4a8yjyEwHwYDVR0j
BBgwFoAUj0znci+ZB12Uc4t+YQcEASaes9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUtNTExMC00MjU3LTk0ZWYtNGQyYjQzODg0
MDQwLzAvOEY0Q0U3NzIyRjk5MDc1RDk0NzM4QjdFNjEwNzA0MDEyNjlFQjNENi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2owem5jaS1aQjEyVWM0dC1ZUWNFQVNh
ZXM5WS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUt
NTExMC00MjU3LTk0ZWYtNGQyYjQzODg0MDQwLzAvMzIyZTM1MzgyZTM4MzUyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzNDM3MzQzMzM2LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjpVMA0G
CSqGSIb3DQEBCwUAA4IBAQBKKYteUlw2lUxL9iAdQ1aGr04D7aQRfp2G8yIT9GmM
Hi4Raqa5E8SD8Nxv3Anu6WIYz+Zcg2her/PmjfFn1oaXVb/tIvXBFbLN6c2NKOyJ
Q8N+t7xFAuoV5DpIK2GJsz1AGW1uSXC8HLZx15wSXHafJnGDf4HcNWnBKLUSYUb3
3C6oAlz8yjxJQiqHpF0flvzEW0N0OExVwsk9E2P27vbU4b3ax3CMVIyDkCKrYMDA
unFeflV5Ha8cbSdEi0ndsJ3PZZMf4d0vfTZOp+lVCQJjmSxuEPuRKMupa046kkqe
Airx6T/PiH+j+W1DrAkogZx/px3zov5bW6UK5MpRZ/IJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 12:41:07 2024 by rpki-client on console-fra.rpki-client.org