Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/ac0c06-8072-4e30-95d1-a3d5533f1757/1/ZnM4BGs2MuiI4Ej-SkElCaMoJbg.roa
File: ZnM4BGs2MuiI4Ej-SkElCaMoJbg.roa (raw, json)
Hash identifier: ERsF2uk1bdp0zJV0BeswUlxCjqiOwarlgymE3Cp53Uw=
Subject key identifier: 66:73:38:04:6B:36:32:E8:88:E0:48:FE:4A:41:25:09:A3:28:25:B8
Certificate issuer: /CN=48cb94a44349f98d409b7ddb9a053df4aef1addf
Certificate serial: 8CDF67
Authority key identifier: 48:CB:94:A4:43:49:F9:8D:40:9B:7D:DB:9A:05:3D:F4:AE:F1:AD:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SMuUpENJ-Y1Am33bmgU99K7xrd8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/ac0c06-8072-4e30-95d1-a3d5533f1757/1/ZnM4BGs2MuiI4Ej-SkElCaMoJbg.roa
Signing time: Sat 01 Jan 2022 02:58:17 +0000
ROA not before: Sat 01 Jan 2022 02:58:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60068
IP address blocks: 87.249.128.0/21 maxlen: 24
87.249.136.0/23 maxlen: 24
185.24.8.0/22 maxlen: 24
178.249.208.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9232231 (0x8cdf67)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48cb94a44349f98d409b7ddb9a053df4aef1addf
Validity
Not Before: Jan 1 02:58:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=667338046b3632e888e048fe4a412509a32825b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:3c:c0:4c:f0:6c:b6:84:61:4c:94:3d:f3:60:
48:dd:6c:a4:c1:4d:0d:c0:86:3f:75:69:0e:d0:5b:
04:b0:46:52:dd:40:f3:cf:54:22:85:19:46:58:88:
6c:45:d3:98:53:1a:c1:4b:1c:66:26:3e:67:f5:74:
dc:01:d5:b0:67:99:2b:ce:6f:d2:ef:de:a7:dc:37:
e1:6b:6f:03:3a:1c:6f:73:78:01:62:60:b0:13:b5:
e8:f3:1f:86:38:b6:be:8b:8e:5c:1f:b7:33:64:6c:
cb:84:86:4a:a9:82:3a:e0:da:d5:6e:89:ab:c6:a0:
23:3b:e0:9b:12:6d:b6:74:aa:68:85:64:0f:f1:0c:
5c:7f:c9:67:3b:34:cf:6d:3c:e2:3d:92:ba:1f:13:
a8:3a:ff:1a:78:97:58:c8:fc:d6:d6:23:67:c7:2f:
8c:7f:70:19:4e:7d:91:3c:58:70:7f:ab:6f:e0:21:
71:8c:26:35:d2:45:94:00:dd:a6:4e:15:ec:38:05:
77:73:ff:21:eb:86:13:1f:19:35:47:0b:7a:09:1d:
9d:44:d2:0d:5b:03:ca:bd:29:62:77:da:b3:99:65:
56:1c:4c:29:53:42:2e:d6:32:b1:3f:c3:bd:ce:0b:
5a:53:f1:2d:86:52:59:95:bb:7b:b9:73:85:e7:c3:
ea:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:73:38:04:6B:36:32:E8:88:E0:48:FE:4A:41:25:09:A3:28:25:B8
X509v3 Authority Key Identifier:
keyid:48:CB:94:A4:43:49:F9:8D:40:9B:7D:DB:9A:05:3D:F4:AE:F1:AD:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SMuUpENJ-Y1Am33bmgU99K7xrd8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/ac0c06-8072-4e30-95d1-a3d5533f1757/1/ZnM4BGs2MuiI4Ej-SkElCaMoJbg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/ac0c06-8072-4e30-95d1-a3d5533f1757/1/SMuUpENJ-Y1Am33bmgU99K7xrd8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.249.128.0-87.249.137.255
178.249.208.0/21
185.24.8.0/22
Signature Algorithm: sha256WithRSAEncryption
13:45:2c:0c:c2:47:de:8b:cb:f2:f8:a9:c3:6e:1c:32:c5:38:
03:4a:5c:d5:da:43:51:f1:6b:a2:fd:73:7d:ea:69:a5:87:57:
70:f7:b7:b3:2b:c5:b9:2d:97:bb:92:67:1c:60:88:c0:60:e6:
7a:8f:61:62:c7:79:f5:62:71:b9:6b:18:ad:f6:c7:f8:67:3b:
a7:c7:f0:84:3c:c7:d7:5e:c2:06:08:aa:fa:74:48:56:2d:57:
b7:f5:b5:e1:20:6f:46:39:08:9b:81:6b:3f:56:84:c8:17:6c:
bf:5d:87:e8:7f:8a:17:23:38:08:b4:a7:ab:e1:c9:c6:0c:65:
f4:de:65:da:be:84:c4:25:f1:6c:b1:22:05:cb:0d:cd:d5:00:
8a:1c:1b:8f:88:ef:7f:0d:07:45:3d:5c:40:4a:8f:3c:09:e4:
e8:df:86:9e:d6:c0:20:e6:13:b4:2a:82:33:54:e5:55:c7:83:
d6:09:9f:2c:65:4b:af:06:32:3a:db:f2:cb:f0:7e:f4:48:39:
b0:c6:8e:fa:4c:57:77:96:a5:11:9f:08:87:47:b7:ca:14:0c:
66:b2:c8:22:80:17:e9:a6:3f:ba:c3:0e:a9:41:f7:5c:99:ca:
6b:e9:af:12:65:8e:0e:f5:a0:b2:3c:40:aa:a2:6a:f4:98:1d:
86:37:93:63
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEAIzfZzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
OGNiOTRhNDQzNDlmOThkNDA5YjdkZGI5YTA1M2RmNGFlZjFhZGRmMB4XDTIyMDEw
MTAyNTgxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjY3MzM4MDQ2YjM2
MzJlODg4ZTA0OGZlNGE0MTI1MDlhMzI4MjViODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALQ8wEzwbLaEYUyUPfNgSN1spMFNDcCGP3VpDtBbBLBGUt1A
889UIoUZRliIbEXTmFMawUscZiY+Z/V03AHVsGeZK85v0u/ep9w34WtvAzocb3N4
AWJgsBO16PMfhji2vouOXB+3M2Rsy4SGSqmCOuDa1W6Jq8agIzvgmxJttnSqaIVk
D/EMXH/JZzs0z2084j2Suh8TqDr/GniXWMj81tYjZ8cvjH9wGU59kTxYcH+rb+Ah
cYwmNdJFlADdpk4V7DgFd3P/IeuGEx8ZNUcLegkdnUTSDVsDyr0pYnfas5llVhxM
KVNCLtYysT/Dvc4LWlPxLYZSWZW7e7lzhefD6j8CAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBRmczgEazYy6IjgSP5KQSUJoygluDAfBgNVHSMEGDAWgBRIy5SkQ0n5jUCb
fduaBT30rvGt3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NNdVVwRU5KLVkxQW0zM2JtZ1U5OUs3eHJkOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDgvYWMwYzA2LTgwNzItNGUzMC05NWQxLWEzZDU1MzNmMTc1Ny8x
L1puTTRCR3MyTXVpSTRFai1Ta0VsQ2FNb0piZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDgv
YWMwYzA2LTgwNzItNGUzMC05NWQxLWEzZDU1MzNmMTc1Ny8xL1NNdVVwRU5KLVkx
QW0zM2JtZ1U5OUs3eHJkOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGjAMAwQHV/mAAwQBV/mIAwQDsvnQAwQC
uRgIMA0GCSqGSIb3DQEBCwUAA4IBAQATRSwMwkfei8vy+KnDbhwyxTgDSlzV2kNR
8Wui/XN96mmlh1dw97ezK8W5LZe7kmccYIjAYOZ6j2Fix3n1YnG5axit9sf4Zzun
x/CEPMfXXsIGCKr6dEhWLVe39bXhIG9GOQibgWs/VoTIF2y/XYfof4oXIzgItKer
4cnGDGX03mXavoTEJfFssSIFyw3N1QCKHBuPiO9/DQdFPVxASo88CeTo34ae1sAg
5hO0KoIzVOVVx4PWCZ8sZUuvBjI62/LL8H70SDmwxo76TFd3lqURnwiHR7fKFAxm
ssgigBfppj+6ww6pQfdcmcpr6a8SZY4O9aCyPECqomr0mB2GN5Nj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:00 2024 by rpki-client on console-fra.rpki-client.org