Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/cbb2e4-88c3-4cc0-9675-c98a1bde6476/1/PLXKgLO6uWu4rqsjDUdoZyjIlKw.roa
File: PLXKgLO6uWu4rqsjDUdoZyjIlKw.roa (raw, json)
Hash identifier: l5nVmwUhunlsYDk7+3G/tMg3BeSmEM60CQ/2S1kpfqk=
Subject key identifier: 3C:B5:CA:80:B3:BA:B9:6B:B8:AE:AB:23:0D:47:68:67:28:C8:94:AC
Certificate issuer: /CN=ea1219292d86ca96397b8a8bd24e08b1a897c1a3
Certificate serial: 018CC801986DD06AFDCAD766B44601797591
Authority key identifier: EA:12:19:29:2D:86:CA:96:39:7B:8A:8B:D2:4E:08:B1:A8:97:C1:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6hIZKS2GypY5e4qL0k4IsaiXwaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/cbb2e4-88c3-4cc0-9675-c98a1bde6476/1/PLXKgLO6uWu4rqsjDUdoZyjIlKw.roa
Signing time: Tue 02 Jan 2024 02:29:56 +0000
ROA not before: Tue 02 Jan 2024 02:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15763
IP address blocks: 149.232.0.0/17 maxlen: 17
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:98:6d:d0:6a:fd:ca:d7:66:b4:46:01:79:75:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea1219292d86ca96397b8a8bd24e08b1a897c1a3
Validity
Not Before: Jan 2 02:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3cb5ca80b3bab96bb8aeab230d47686728c894ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:03:92:2e:10:73:ef:be:7a:60:a5:d6:aa:9b:
a0:f8:ea:f3:9c:5c:b0:4b:31:ee:11:c2:fc:93:e6:
d4:0c:79:30:74:48:ed:b1:97:c5:ad:6a:81:ec:8e:
9e:61:0f:d3:92:a7:cd:8b:7c:d9:5f:b4:ba:e2:2c:
ff:50:f2:6d:e5:03:d7:c6:00:e1:3b:14:d9:2c:d2:
c1:3a:81:7a:72:a6:34:5f:6b:fd:f6:54:fd:65:c4:
e9:ff:b1:ea:11:13:1f:65:30:81:fa:dc:f2:ce:cf:
af:08:6d:05:05:e1:28:b2:c1:4e:90:5b:b9:83:0d:
f0:41:71:d5:36:2b:92:ca:d7:44:f5:e4:fa:e9:c7:
fd:91:c4:45:a9:c9:c3:c2:1b:d0:9b:84:2f:81:d3:
1b:62:9b:9e:b8:c7:9b:12:f4:1f:e1:96:42:1a:3a:
48:a7:a0:36:a1:81:4d:d5:00:1b:48:8b:dd:84:76:
90:19:4d:2b:bd:59:46:3c:9a:2b:7f:e4:0d:50:cd:
30:7e:67:47:cc:5e:ce:99:0b:2c:5d:da:d6:cd:4a:
73:56:ce:86:0f:84:77:e7:8e:f8:00:63:b9:f6:73:
27:3b:93:f3:7d:63:4b:59:e6:15:4b:da:04:d6:61:
c2:01:8c:5c:32:66:7a:6b:a3:c6:83:5e:a8:19:6b:
ce:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:B5:CA:80:B3:BA:B9:6B:B8:AE:AB:23:0D:47:68:67:28:C8:94:AC
X509v3 Authority Key Identifier:
keyid:EA:12:19:29:2D:86:CA:96:39:7B:8A:8B:D2:4E:08:B1:A8:97:C1:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6hIZKS2GypY5e4qL0k4IsaiXwaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/cbb2e4-88c3-4cc0-9675-c98a1bde6476/1/PLXKgLO6uWu4rqsjDUdoZyjIlKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/cbb2e4-88c3-4cc0-9675-c98a1bde6476/1/6hIZKS2GypY5e4qL0k4IsaiXwaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.232.0.0/17
Signature Algorithm: sha256WithRSAEncryption
59:d7:de:f4:ef:b2:f3:3c:2e:ff:4f:67:d9:d1:50:bb:54:9f:
a0:dd:63:f6:ab:27:c5:bd:c5:04:f1:3d:0b:16:28:ee:ec:b5:
38:ce:11:ea:1d:cd:8f:91:b6:d5:a6:c9:38:39:7f:3c:c3:36:
10:a7:09:3d:24:48:c5:7f:e4:b2:94:fa:3e:cd:ea:64:c0:f8:
3d:6c:2d:b4:d7:d2:bf:9b:66:f4:26:0e:bd:a5:47:3e:35:98:
90:d8:47:26:9d:e1:c3:8c:e1:1a:f1:5e:12:91:b8:0b:8f:0d:
d2:65:7c:02:e6:17:b9:2e:4a:d0:f0:21:c9:bb:c2:ce:91:50:
8a:a5:1d:52:98:c4:64:80:81:9e:aa:bb:28:a3:7a:01:ed:17:
54:04:e0:fb:11:78:45:a0:7a:a6:d5:1b:c5:83:ca:94:7a:cf:
58:45:c4:23:69:b1:be:ba:a4:05:9c:59:8d:d2:92:ea:e6:49:
a2:c8:67:89:ba:a9:0e:9a:d7:2f:18:c5:94:18:27:21:38:21:
91:6e:9a:4d:ba:76:e6:19:76:23:1b:53:e3:89:d0:14:ae:c9:
5b:16:b7:34:67:ee:13:96:1b:0a:d3:2b:4e:2d:ca:60:8f:c7:
82:b3:c3:db:88:0b:b3:6f:3d:92:71:f5:37:d7:a2:8b:0b:e3:
fc:9b:04:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAZht0Gr9ytdmtEYBeXWRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhMTIxOTI5MmQ4NmNhOTYzOTdiOGE4YmQyNGUwOGIxYTg5
N2MxYTMwHhcNMjQwMTAyMDIyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2I1Y2E4MGIzYmFiOTZiYjhhZWFiMjMwZDQ3Njg2NzI4Yzg5NGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiAOSLhBz7756YKXWqpug+OrznFyw
SzHuEcL8k+bUDHkwdEjtsZfFrWqB7I6eYQ/TkqfNi3zZX7S64iz/UPJt5QPXxgDh
OxTZLNLBOoF6cqY0X2v99lT9ZcTp/7HqERMfZTCB+tzyzs+vCG0FBeEossFOkFu5
gw3wQXHVNiuSytdE9eT66cf9kcRFqcnDwhvQm4QvgdMbYpueuMebEvQf4ZZCGjpI
p6A2oYFN1QAbSIvdhHaQGU0rvVlGPJorf+QNUM0wfmdHzF7OmQssXdrWzUpzVs6G
D4R35474AGO59nMnO5PzfWNLWeYVS9oE1mHCAYxcMmZ6a6PGg16oGWvO6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDy1yoCzurlruK6rIw1HaGcoyJSsMB8GA1UdIwQY
MBaAFOoSGSkthsqWOXuKi9JOCLGol8GjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmhJWktTMkd5cFk1ZTRxTDBrNElzYWlYd2FNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9jYmIyZTQtODhjMy00Y2MwLTk2NzUt
Yzk4YTFiZGU2NDc2LzEvUExYS2dMTzZ1V3U0cnFzakRVZG9aeWpJbEt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9jYmIyZTQtODhjMy00Y2MwLTk2NzUtYzk4YTFiZGU2NDc2
LzEvNmhJWktTMkd5cFk1ZTRxTDBrNElzYWlYd2FNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHlegAMA0G
CSqGSIb3DQEBCwUAA4IBAQBZ197077LzPC7/T2fZ0VC7VJ+g3WP2qyfFvcUE8T0L
Fiju7LU4zhHqHc2PkbbVpsk4OX88wzYQpwk9JEjFf+SylPo+zepkwPg9bC2019K/
m2b0Jg69pUc+NZiQ2EcmneHDjOEa8V4SkbgLjw3SZXwC5he5LkrQ8CHJu8LOkVCK
pR1SmMRkgIGeqrsoo3oB7RdUBOD7EXhFoHqm1RvFg8qUes9YRcQjabG+uqQFnFmN
0pLq5kmiyGeJuqkOmtcvGMWUGCchOCGRbppNunbmGXYjG1PjidAUrslbFrc0Z+4T
lhsK0ytOLcpgj8eCs8PbiAuzbz2ScfU316KLC+P8mwQ1
-----END CERTIFICATE-----
Generated at Tue Feb 27 00:59:58 2024 by rpki-client on console.sobornost.net