Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3233322e31322e302f32332d3234203d3e203432333636.roa
File: 3138352e3233322e31322e302f32332d3234203d3e203432333636.roa (raw, json)
Hash identifier: ZsKhhToTCNz0SZg9Rm9z2e7AvVA2JiARdDeYEEJMjwU=
Subject key identifier: 8F:8F:86:CA:BD:D1:11:E2:30:EC:67:42:DC:E4:81:00:B4:83:1C:03
Certificate issuer: /CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Certificate serial: 57607E56F9166514D480C413BE3C6885F5B21A4C
Authority key identifier: B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3233322e31322e302f32332d3234203d3e203432333636.roa
Signing time: Sun 07 Apr 2024 16:03:28 +0000
ROA not before: Sun 07 Apr 2024 15:58:28 +0000
ROA not after: Sun 06 Apr 2025 16:03:28 +0000
asID: 42366
IP address blocks: 185.232.12.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:60:7e:56:f9:16:65:14:d4:80:c4:13:be:3c:68:85:f5:b2:1a:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Validity
Not Before: Apr 7 15:58:28 2024 GMT
Not After : Apr 6 16:03:28 2025 GMT
Subject: CN=8F8F86CABDD111E230EC6742DCE48100B4831C03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:e1:14:cb:ca:05:aa:c3:9a:5c:0d:d2:f4:77:
77:20:c9:be:86:4b:73:3f:3f:1c:97:f8:e0:e9:54:
25:a9:98:8f:93:e6:76:3c:cd:af:e2:4e:8f:d3:f6:
22:d2:7a:48:92:5b:d0:3a:59:24:53:f2:01:0a:a2:
80:98:62:f0:f6:56:5b:7d:50:e6:2c:e7:42:a7:fc:
9c:b4:1d:0d:d4:3f:d1:fb:17:88:c7:75:2f:44:90:
06:70:cd:e6:ae:4b:93:da:ed:14:74:a7:21:14:e2:
98:78:e7:5d:74:44:ec:6c:74:f8:b4:c4:c5:44:0e:
ff:5f:5a:b2:a7:31:19:1b:f0:03:0f:02:3b:29:04:
a0:5e:c8:bf:eb:f0:c0:b0:56:d5:eb:1b:67:ee:66:
c5:03:2f:b5:03:70:2c:71:b8:1c:31:0e:c6:0a:e7:
e7:a4:62:c4:7a:03:c1:7b:b8:80:5c:eb:01:52:ff:
fa:5c:74:0f:a2:78:af:55:ae:f4:9e:99:66:05:ad:
1d:8b:5c:b1:1c:f8:b8:df:96:58:32:06:b7:bd:99:
a1:f7:e9:17:b5:50:5d:ce:b4:f4:d4:f7:65:1a:65:
6e:cf:e5:c7:34:47:2f:b8:b7:0e:d5:69:5d:1d:ba:
d1:df:a1:35:33:01:23:81:88:da:fb:d0:66:07:d5:
06:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:8F:86:CA:BD:D1:11:E2:30:EC:67:42:DC:E4:81:00:B4:83:1C:03
X509v3 Authority Key Identifier:
keyid:B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3233322e31322e302f32332d3234203d3e203432333636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.232.12.0/23
Signature Algorithm: sha256WithRSAEncryption
48:82:fb:44:e8:e7:19:11:e4:74:d2:bc:61:e1:f7:54:28:43:
14:fe:9a:2b:b2:3c:6d:8b:02:f2:3a:25:5d:a9:34:70:d2:85:
90:08:8d:57:05:74:f4:4a:89:67:33:fd:3d:61:32:2e:54:46:
fa:a2:27:0b:68:ac:55:d8:fa:f2:fb:a1:5d:7e:fc:34:c7:d6:
d2:56:71:84:1c:37:f9:8a:05:01:c8:0e:ae:52:86:2f:a1:fd:
06:b0:0a:8d:db:f6:ab:08:09:64:3e:29:ae:78:fb:04:f5:5e:
95:04:79:24:d7:d9:f2:d4:f4:f5:5d:1f:93:d5:f5:18:2b:22:
8c:50:dd:c1:8f:6f:b6:ea:9a:ee:1d:3b:e5:2a:65:33:ad:6e:
b3:87:63:4b:2f:2b:ba:db:23:a8:39:00:ce:4c:0c:9c:d5:cd:
76:06:bb:7c:2a:7d:1a:58:66:71:89:aa:88:9f:c4:0c:d4:0c:
02:2e:04:67:76:00:db:9b:d6:6f:14:0b:00:89:68:bc:d8:0b:
6d:c1:8f:73:05:04:65:3e:14:4b:6e:c8:4e:f4:88:f7:23:81:
0e:6e:f2:5e:71:ab:76:24:7c:8c:3d:70:c0:1e:4c:86:26:d4:
18:b1:7c:54:4d:70:0f:fa:6f:25:f2:ea:59:c2:88:05:3f:da:
42:a4:99:fb
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUV2B+VvkWZRTUgMQTvjxohfWyGkwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjk3YmNmYWMyN2JiYWYxOWRlMWQzMWU1MzYyOTcyNmMx
ZTRjYWFhMjAeFw0yNDA0MDcxNTU4MjhaFw0yNTA0MDYxNjAzMjhaMDMxMTAvBgNV
BAMTKDhGOEY4NkNBQkREMTExRTIzMEVDNjc0MkRDRTQ4MTAwQjQ4MzFDMDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCi4RTLygWqw5pcDdL0d3cgyb6G
S3M/PxyX+ODpVCWpmI+T5nY8za/iTo/T9iLSekiSW9A6WSRT8gEKooCYYvD2Vlt9
UOYs50Kn/Jy0HQ3UP9H7F4jHdS9EkAZwzeauS5Pa7RR0pyEU4ph45110ROxsdPi0
xMVEDv9fWrKnMRkb8AMPAjspBKBeyL/r8MCwVtXrG2fuZsUDL7UDcCxxuBwxDsYK
5+ekYsR6A8F7uIBc6wFS//pcdA+ieK9VrvSemWYFrR2LXLEc+LjfllgyBre9maH3
6Re1UF3OtPTU92UaZW7P5cc0Ry+4tw7VaV0dutHfoTUzASOBiNr70GYH1QYjAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUj4+Gyr3REeIw7GdC3OSBALSDHAMwHwYDVR0j
BBgwFoAUuXvPrCe7rxneHTHlNilybB5MqqIwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzMvQjk3QkNGQUMyN0JCQUYxOURFMUQzMUU1MzYyOTcyNkMxRTRDQUFBMi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3VYdlByQ2U3cnhuZUhUSGxOaWx5YkI1
TXFxSS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzMvMzEzODM1MmUzMjMzMzIyZTMx
MzIyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzNDMyMzMzNjM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
uegMMA0GCSqGSIb3DQEBCwUAA4IBAQBIgvtE6OcZEeR00rxh4fdUKEMU/porsjxt
iwLyOiVdqTRw0oWQCI1XBXT0SolnM/09YTIuVEb6oicLaKxV2Pry+6Fdfvw0x9bS
VnGEHDf5igUByA6uUoYvof0GsAqN2/arCAlkPimuePsE9V6VBHkk19ny1PT1XR+T
1fUYKyKMUN3Bj2+26pruHTvlKmUzrW6zh2NLLyu62yOoOQDOTAyc1c12Brt8Kn0a
WGZxiaqIn8QM1AwCLgRndgDbm9ZvFAsAiWi82AttwY9zBQRlPhRLbshO9Ij3I4EO
bvJecat2JHyMPXDAHkyGJtQYsXxUTXAP+m8l8upZwogFP9pCpJn7
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:23 2024 by rpki-client on console-fra.rpki-client.org