Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/40ade0-98da-4aa5-b817-6edc1b225625/1/8W1Dl6YXzACQIHIhmHTky_AScDQ.roa
File: 8W1Dl6YXzACQIHIhmHTky_AScDQ.roa (raw, json)
Hash identifier: wEIcC9OeZGwUBdBEkgFeClDjRTfN7wIP+OELZsnmLO8=
Subject key identifier: F1:6D:43:97:A6:17:CC:00:90:20:72:21:98:74:E4:CB:F0:12:70:34
Certificate issuer: /CN=cfcd73f82c260da87386dcf7be26d5c5445526fa
Certificate serial: 018CF5502BCF53661EA7FEE0AE949DA3A8EF
Authority key identifier: CF:CD:73:F8:2C:26:0D:A8:73:86:DC:F7:BE:26:D5:C5:44:55:26:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z81z-CwmDahzhtz3vibVxURVJvo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/40ade0-98da-4aa5-b817-6edc1b225625/1/8W1Dl6YXzACQIHIhmHTky_AScDQ.roa
Signing time: Wed 10 Jan 2024 21:38:41 +0000
ROA not before: Wed 10 Jan 2024 21:38:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207518
IP address blocks: 85.158.187.0/24 maxlen: 24
2a09:d2c1:4::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f5:50:2b:cf:53:66:1e:a7:fe:e0:ae:94:9d:a3:a8:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfcd73f82c260da87386dcf7be26d5c5445526fa
Validity
Not Before: Jan 10 21:38:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f16d4397a617cc00902072219874e4cbf0127034
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:97:90:0b:39:37:25:fd:5d:f8:3e:3b:7e:c0:
d0:62:32:a1:72:ed:1c:d6:97:e7:a1:8d:1d:38:ca:
24:20:6d:1d:31:91:b5:13:8a:47:65:dd:d2:f0:9c:
b9:0c:89:11:e7:95:36:9d:21:b5:29:9c:e0:d0:ed:
f3:f2:6b:6e:07:01:d6:44:5d:9a:ee:0a:bf:03:33:
78:cc:37:ad:3e:b9:ea:8d:34:52:0d:d0:14:bb:ed:
81:c3:9a:69:34:2c:15:5f:89:2d:26:61:67:2f:49:
19:cd:9f:1b:19:89:9b:ec:4b:a3:6f:c1:74:73:db:
26:3e:ba:13:ed:35:c9:43:93:22:6d:44:a8:80:19:
2e:0d:5b:25:15:e2:48:88:32:fe:02:4e:be:27:1c:
b9:4b:44:2e:99:f4:b2:61:a1:72:ad:de:70:ce:f7:
e1:b8:36:11:54:81:e5:7b:1b:6b:56:fb:3e:13:27:
6d:46:10:42:ef:e7:72:69:80:b9:5b:ab:cc:27:5a:
ea:0d:9b:ed:b2:5b:67:ea:d2:89:d4:5f:0a:13:26:
50:15:89:6f:b2:25:ea:31:aa:57:1a:b1:5b:99:ff:
15:53:48:89:74:c0:32:1c:ef:6b:2e:05:6f:81:d9:
39:57:c0:c4:c6:8c:0e:f7:a4:6d:c5:dc:16:05:1a:
9f:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:6D:43:97:A6:17:CC:00:90:20:72:21:98:74:E4:CB:F0:12:70:34
X509v3 Authority Key Identifier:
keyid:CF:CD:73:F8:2C:26:0D:A8:73:86:DC:F7:BE:26:D5:C5:44:55:26:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z81z-CwmDahzhtz3vibVxURVJvo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/40ade0-98da-4aa5-b817-6edc1b225625/1/8W1Dl6YXzACQIHIhmHTky_AScDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/40ade0-98da-4aa5-b817-6edc1b225625/1/z81z-CwmDahzhtz3vibVxURVJvo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.187.0/24
IPv6:
2a09:d2c1:4::/48
Signature Algorithm: sha256WithRSAEncryption
46:11:40:1e:0e:c2:70:ff:78:21:cb:37:ee:a1:1d:99:fa:3c:
4c:1a:4b:44:2d:68:c2:da:c3:00:b2:06:76:93:3c:c9:33:7b:
29:d9:f0:3f:75:21:0a:9d:e9:d1:db:7d:de:31:ba:9e:07:c0:
fe:04:11:97:f9:06:e7:c3:1b:ae:a7:8f:9c:15:f0:b2:2d:71:
7c:a0:9d:88:2d:ae:40:ea:c3:2a:0a:28:b0:4c:a4:b5:a8:6f:
e0:9d:d1:0f:32:e3:4b:94:61:ad:1b:a1:1e:31:ca:09:55:8c:
40:71:67:c4:f3:45:9b:a1:11:ee:95:f8:99:82:4c:1a:5b:ba:
e1:bd:81:be:b3:a0:37:ab:d4:e9:dc:88:3e:74:a9:05:a4:d0:
80:1a:e8:38:c9:c3:91:f6:b1:58:b7:84:b7:58:15:f4:1e:35:
96:de:45:43:96:26:f6:73:59:85:77:71:67:9d:24:25:78:d9:
cc:34:1f:4c:13:fa:b0:26:1b:9a:a7:ab:7a:90:8a:5b:37:11:
fa:8e:21:18:1b:c1:c6:2b:4d:ff:96:6b:d4:31:09:d5:42:ab:
c7:ae:d4:bc:ee:fa:05:cb:af:9b:b6:f0:65:00:8a:12:85:a4:
36:0c:80:5d:ba:49:82:27:f3:93:32:ac:26:39:1f:34:bc:b0:
c8:64:b5:7f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYz1UCvPU2Yep/7grpSdo6jvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmY2Q3M2Y4MmMyNjBkYTg3Mzg2ZGNmN2JlMjZkNWM1NDQ1
NTI2ZmEwHhcNMjQwMTEwMjEzODQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTZkNDM5N2E2MTdjYzAwOTAyMDcyMjE5ODc0ZTRjYmYwMTI3MDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5eQCzk3Jf1d+D47fsDQYjKhcu0c
1pfnoY0dOMokIG0dMZG1E4pHZd3S8Jy5DIkR55U2nSG1KZzg0O3z8mtuBwHWRF2a
7gq/AzN4zDetPrnqjTRSDdAUu+2Bw5ppNCwVX4ktJmFnL0kZzZ8bGYmb7Eujb8F0
c9smProT7TXJQ5MibUSogBkuDVslFeJIiDL+Ak6+Jxy5S0QumfSyYaFyrd5wzvfh
uDYRVIHlextrVvs+EydtRhBC7+dyaYC5W6vMJ1rqDZvtsltn6tKJ1F8KEyZQFYlv
siXqMapXGrFbmf8VU0iJdMAyHO9rLgVvgdk5V8DExowO96RtxdwWBRqfXwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPFtQ5emF8wAkCByIZh05MvwEnA0MB8GA1UdIwQY
MBaAFM/Nc/gsJg2oc4bc974m1cVEVSb6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejgxei1Dd21EYWh6aHR6M3ZpYlZ4VVJWSnZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy80MGFkZTAtOThkYS00YWE1LWI4MTct
NmVkYzFiMjI1NjI1LzEvOFcxRGw2WVh6QUNRSUhJaG1IVGt5X0FTY0RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy80MGFkZTAtOThkYS00YWE1LWI4MTctNmVkYzFiMjI1NjI1
LzEvejgxei1Dd21EYWh6aHR6M3ZpYlZ4VVJWSnZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAVZ67MA8E
AgACMAkDBwAqCdLBAAQwDQYJKoZIhvcNAQELBQADggEBAEYRQB4OwnD/eCHLN+6h
HZn6PEwaS0QtaMLawwCyBnaTPMkzeynZ8D91IQqd6dHbfd4xup4HwP4EEZf5BufD
G66nj5wV8LItcXygnYgtrkDqwyoKKLBMpLWob+Cd0Q8y40uUYa0boR4xyglVjEBx
Z8TzRZuhEe6V+JmCTBpbuuG9gb6zoDer1OnciD50qQWk0IAa6DjJw5H2sVi3hLdY
FfQeNZbeRUOWJvZzWYV3cWedJCV42cw0H0wT+rAmG5qnq3qQils3EfqOIRgbwcYr
Tf+Wa9QxCdVCq8eu1Lzu+gXLr5u28GUAihKFpDYMgF26SYIn85MyrCY5HzS8sMhk
tX8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:36 2024 by rpki-client on console-fra.rpki-client.org