Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/e05e77-12ae-4f59-9491-cadd1129c98d/1/Z-ZMSINL791P4Hq_ul8QZiphkA0.roa
File: Z-ZMSINL791P4Hq_ul8QZiphkA0.roa (raw, json)
Hash identifier: WwA8JhSbORYR3J/qs4se3cOvuK6553LGy6YU/YkicDg=
Subject key identifier: 67:E6:4C:48:83:4B:EF:DD:4F:E0:7A:BF:BA:5F:10:66:2A:61:90:0D
Certificate issuer: /CN=e5bcfc1077cf876888fb6c75b2e394923205f3b5
Certificate serial: 05CD7D5C
Authority key identifier: E5:BC:FC:10:77:CF:87:68:88:FB:6C:75:B2:E3:94:92:32:05:F3:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5bz8EHfPh2iI-2x1suOUkjIF87U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/e05e77-12ae-4f59-9491-cadd1129c98d/1/Z-ZMSINL791P4Hq_ul8QZiphkA0.roa
Signing time: Mon 04 Apr 2022 19:36:21 +0000
ROA not before: Mon 04 Apr 2022 19:36:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 10753
IP address blocks: 176.116.117.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97353052 (0x5cd7d5c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5bcfc1077cf876888fb6c75b2e394923205f3b5
Validity
Not Before: Apr 4 19:36:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=67e64c48834befdd4fe07abfba5f10662a61900d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f1:87:4a:69:f7:1d:ce:fe:46:3c:4d:0b:8f:
1b:53:24:b2:a6:cb:89:be:1b:7e:c8:08:d5:b8:97:
c0:aa:e0:02:ce:9c:0c:8b:80:88:ab:0d:6e:c2:72:
02:82:2d:79:6d:a1:b6:8d:57:3b:55:f8:97:1e:4e:
60:b0:88:33:83:eb:1c:f5:e7:0e:83:e9:ad:2b:88:
07:b1:47:c7:38:00:29:ac:cf:81:8a:53:7a:e2:33:
fa:61:5a:11:22:c8:35:53:61:d6:ed:16:a0:8d:42:
51:cb:36:08:8d:d3:88:4e:d4:7b:01:ae:7c:c7:cb:
70:ac:43:c8:92:b9:3a:e4:32:b5:50:80:fa:a9:c6:
3c:61:b8:03:0c:6f:b5:2f:e1:0a:b0:48:dc:8c:50:
9c:6c:2f:80:d9:2f:93:f7:fd:fa:bd:78:9c:2f:93:
d0:b5:5b:76:ed:f2:ea:67:1c:7a:64:a8:d1:03:aa:
34:0e:2d:1a:29:77:68:dd:d3:d8:9d:f4:42:fa:d9:
2a:92:d8:ef:76:76:6c:a8:a4:23:1a:c5:e2:3c:f8:
8f:ec:d4:95:a5:e4:6e:9b:cf:0d:29:a1:a3:23:a3:
12:4c:1f:c0:5c:1a:18:e0:31:b1:9d:32:7b:53:9c:
7b:fc:81:ae:9f:00:a2:4a:42:c3:fa:23:58:74:b3:
ff:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:E6:4C:48:83:4B:EF:DD:4F:E0:7A:BF:BA:5F:10:66:2A:61:90:0D
X509v3 Authority Key Identifier:
keyid:E5:BC:FC:10:77:CF:87:68:88:FB:6C:75:B2:E3:94:92:32:05:F3:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5bz8EHfPh2iI-2x1suOUkjIF87U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/e05e77-12ae-4f59-9491-cadd1129c98d/1/Z-ZMSINL791P4Hq_ul8QZiphkA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/e05e77-12ae-4f59-9491-cadd1129c98d/1/5bz8EHfPh2iI-2x1suOUkjIF87U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.116.117.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:65:57:8b:a7:18:e8:6e:a9:0e:32:68:f4:16:37:ab:b1:47:
0a:b5:b3:98:ca:23:d4:62:6d:49:19:d0:0e:5a:5a:e1:53:6c:
1e:a2:56:bb:f7:64:d4:71:e9:aa:85:ee:26:76:e4:d1:b8:b7:
34:82:e0:f3:af:18:73:33:2a:ca:87:60:86:3e:27:20:05:42:
14:5a:8d:de:0f:6f:af:02:b6:63:cd:22:ba:85:90:5d:f6:3f:
46:6e:e4:7b:87:25:42:4b:25:32:e5:ef:0e:09:25:e9:4c:11:
3e:38:81:90:2a:93:3f:97:7d:1e:e1:e1:d0:c1:4e:08:14:84:
96:52:4c:ef:3b:1d:d3:ff:61:f9:55:e0:c0:0f:df:2d:d9:f1:
b2:84:25:ff:78:06:6d:91:4c:06:91:4e:e3:59:60:92:ef:de:
3b:1a:1b:80:f9:3b:11:91:45:6f:62:f5:35:e9:d3:17:08:10:
fc:f9:e7:7c:32:f2:95:77:f3:0f:ab:63:11:f0:57:6f:13:89:
3b:da:db:b0:63:d3:68:3a:e6:1a:4b:29:a5:c3:84:72:77:61:
e6:2d:3a:93:71:bc:84:63:ea:40:c3:ba:7e:2b:8a:f7:f3:7c:
f2:d2:6b:eb:e1:8d:d7:c0:24:43:9d:82:af:89:a9:84:38:7b:
5f:94:ba:99
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBc19XDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NWJjZmMxMDc3Y2Y4NzY4ODhmYjZjNzViMmUzOTQ5MjMyMDVmM2I1MB4XDTIyMDQw
NDE5MzYyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjdlNjRjNDg4MzRi
ZWZkZDRmZTA3YWJmYmE1ZjEwNjYyYTYxOTAwZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ7xh0pp9x3O/kY8TQuPG1MksqbLib4bfsgI1biXwKrgAs6c
DIuAiKsNbsJyAoIteW2hto1XO1X4lx5OYLCIM4PrHPXnDoPprSuIB7FHxzgAKazP
gYpTeuIz+mFaESLINVNh1u0WoI1CUcs2CI3TiE7UewGufMfLcKxDyJK5OuQytVCA
+qnGPGG4AwxvtS/hCrBI3IxQnGwvgNkvk/f9+r14nC+T0LVbdu3y6mccemSo0QOq
NA4tGil3aN3T2J30QvrZKpLY73Z2bKikIxrF4jz4j+zUlaXkbpvPDSmhoyOjEkwf
wFwaGOAxsZ0ye1Oce/yBrp8AokpCw/ojWHSz/3cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRn5kxIg0vv3U/ger+6XxBmKmGQDTAfBgNVHSMEGDAWgBTlvPwQd8+HaIj7
bHWy45SSMgXztTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzViejhFSGZQaDJpSS0yeDFzdU9Va2pJRjg3VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGYvZTA1ZTc3LTEyYWUtNGY1OS05NDkxLWNhZGQxMTI5Yzk4ZC8x
L1otWk1TSU5MNzkxUDRIcV91bDhRWmlwaGtBMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGYv
ZTA1ZTc3LTEyYWUtNGY1OS05NDkxLWNhZGQxMTI5Yzk4ZC8xLzViejhFSGZQaDJp
SS0yeDFzdU9Va2pJRjg3VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALB0dTANBgkqhkiG9w0BAQsFAAOC
AQEAv2VXi6cY6G6pDjJo9BY3q7FHCrWzmMoj1GJtSRnQDlpa4VNsHqJWu/dk1HHp
qoXuJnbk0bi3NILg868YczMqyodghj4nIAVCFFqN3g9vrwK2Y80iuoWQXfY/Rm7k
e4clQkslMuXvDgkl6UwRPjiBkCqTP5d9HuHh0MFOCBSEllJM7zsd0/9h+VXgwA/f
LdnxsoQl/3gGbZFMBpFO41lgku/eOxobgPk7EZFFb2L1NenTFwgQ/PnnfDLylXfz
D6tjEfBXbxOJO9rbsGPTaDrmGksppcOEcndh5i06k3G8hGPqQMO6fiuK9/N88tJr
6+GN18AkQ52Cr4mphDh7X5S6mQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:22 2024 by rpki-client on console-ams.rpki-client.org