Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/dd55e8-febd-49d0-a5a7-1cf15b2ba7be/1/PcZ8PoySBbsROs57b_9o3B38SXE.roa
File: PcZ8PoySBbsROs57b_9o3B38SXE.roa (raw, json)
Hash identifier: ozwfHoUt5txBj0UuTssez5t9US+yxUq5RD8W/4lc/Qc=
Subject key identifier: 3D:C6:7C:3E:8C:92:05:BB:11:3A:CE:7B:6F:FF:68:DC:1D:FC:49:71
Certificate issuer: /CN=ac7cc334f51d2b6eb4e27d6d56b9bce3e85560cc
Certificate serial: 16689987
Authority key identifier: AC:7C:C3:34:F5:1D:2B:6E:B4:E2:7D:6D:56:B9:BC:E3:E8:55:60:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rHzDNPUdK2604n1tVrm84-hVYMw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/dd55e8-febd-49d0-a5a7-1cf15b2ba7be/1/PcZ8PoySBbsROs57b_9o3B38SXE.roa
Signing time: Sat 01 Jan 2022 13:00:01 +0000
ROA not before: Sat 01 Jan 2022 13:00:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 28716
IP address blocks: 185.61.12.0/22 maxlen: 24
2a02:5ca0::/32 maxlen: 56
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 375953799 (0x16689987)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac7cc334f51d2b6eb4e27d6d56b9bce3e85560cc
Validity
Not Before: Jan 1 13:00:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3dc67c3e8c9205bb113ace7b6fff68dc1dfc4971
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:63:1d:23:f3:bf:64:d6:d5:d3:44:9e:7e:88:
13:cc:e7:c8:fe:f1:cf:dc:4d:28:1a:3d:aa:6e:dc:
f7:4c:82:c9:95:1a:cc:63:22:d5:00:96:d6:97:b3:
4b:f1:b0:71:1f:c5:68:62:ef:ae:67:45:55:ca:a0:
00:5d:81:3a:21:75:71:d0:0f:a0:c7:9d:8b:91:2c:
b9:c3:45:43:7f:44:1d:e3:ee:04:33:e7:7d:cf:4e:
e5:be:0d:d8:b3:b3:64:70:c6:19:e4:ec:07:8d:e2:
d9:05:75:0d:8c:58:56:d1:bc:c4:2b:0c:53:fa:b9:
a7:46:c8:01:62:c6:fb:4b:1c:81:f8:9f:e2:0c:eb:
8f:84:16:21:ed:1a:92:2b:4c:a0:59:df:55:0a:7c:
42:b5:fa:fb:9d:a3:c3:3c:74:fc:a6:22:96:7f:dc:
02:19:3d:1a:2c:dc:5c:f4:59:1d:46:20:72:5e:c3:
40:9c:b7:a9:80:f8:38:b7:48:ce:e2:dc:a8:55:7c:
d4:07:34:4e:3e:c6:72:29:65:e8:83:50:aa:16:36:
d9:5e:96:50:aa:ce:2c:99:58:12:67:94:d5:79:c6:
b9:4a:d7:06:f5:19:16:8a:cd:cb:59:7b:9e:9b:49:
3b:c8:a1:eb:03:06:7c:27:26:4a:a3:33:31:de:8c:
11:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:C6:7C:3E:8C:92:05:BB:11:3A:CE:7B:6F:FF:68:DC:1D:FC:49:71
X509v3 Authority Key Identifier:
keyid:AC:7C:C3:34:F5:1D:2B:6E:B4:E2:7D:6D:56:B9:BC:E3:E8:55:60:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rHzDNPUdK2604n1tVrm84-hVYMw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/dd55e8-febd-49d0-a5a7-1cf15b2ba7be/1/PcZ8PoySBbsROs57b_9o3B38SXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/dd55e8-febd-49d0-a5a7-1cf15b2ba7be/1/rHzDNPUdK2604n1tVrm84-hVYMw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.61.12.0/22
IPv6:
2a02:5ca0::/32
Signature Algorithm: sha256WithRSAEncryption
74:d5:da:31:12:07:5b:1d:e0:88:38:ee:26:27:bf:52:1e:1f:
b3:7e:64:35:96:8e:49:6b:a5:c2:8e:ce:7d:ce:00:25:14:5d:
f7:38:a8:35:c0:be:09:f0:35:74:0d:bd:e5:43:a2:0a:0f:70:
b8:8c:ef:9c:32:78:a7:02:5d:f7:e5:63:c9:bb:e5:d6:a4:a9:
52:43:fb:b8:93:5c:74:82:3f:a3:5a:36:2f:ca:41:f0:3f:27:
11:7c:77:e6:e1:83:3f:d6:de:78:75:a6:4b:e7:05:98:74:d8:
2f:28:c6:13:52:36:da:d4:29:30:e1:f1:0a:62:87:b3:0d:67:
a2:81:96:0f:0e:44:35:dc:0a:17:e2:7b:3b:7b:9b:33:ac:af:
df:26:60:b7:2b:b7:c1:ea:f6:cf:b1:b1:a0:c3:66:3a:b6:1b:
99:c0:11:4e:b2:50:e4:8a:b4:05:b9:f2:dc:db:be:a4:aa:26:
74:be:d5:4e:26:b0:b2:4f:1f:ab:1e:be:73:6b:19:25:fe:b9:
5c:e3:8a:7a:48:85:ef:a3:ba:75:71:e8:92:3f:0d:7a:67:92:
24:05:5a:9f:6d:ee:d0:bc:af:b2:05:4c:73:8d:ae:c4:87:cf:
8c:97:62:49:7e:ad:98:e4:31:bc:3d:34:b8:da:e8:65:53:6c:
1c:2c:ff:1a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEFmiZhzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YzdjYzMzNGY1MWQyYjZlYjRlMjdkNmQ1NmI5YmNlM2U4NTU2MGNjMB4XDTIyMDEw
MTEzMDAwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2RjNjdjM2U4Yzky
MDViYjExM2FjZTdiNmZmZjY4ZGMxZGZjNDk3MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALtjHSPzv2TW1dNEnn6IE8znyP7xz9xNKBo9qm7c90yCyZUa
zGMi1QCW1pezS/GwcR/FaGLvrmdFVcqgAF2BOiF1cdAPoMedi5EsucNFQ39EHePu
BDPnfc9O5b4N2LOzZHDGGeTsB43i2QV1DYxYVtG8xCsMU/q5p0bIAWLG+0scgfif
4gzrj4QWIe0akitMoFnfVQp8QrX6+52jwzx0/KYiln/cAhk9GizcXPRZHUYgcl7D
QJy3qYD4OLdIzuLcqFV81Ac0Tj7Gcill6INQqhY22V6WUKrOLJlYEmeU1XnGuUrX
BvUZForNy1l7nptJO8ih6wMGfCcmSqMzMd6METMCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQ9xnw+jJIFuxE6zntv/2jcHfxJcTAfBgNVHSMEGDAWgBSsfMM09R0rbrTi
fW1Wubzj6FVgzDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JIekROUFVkSzI2MDRuMXRWcm04NC1oVllNdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTUvZGQ1NWU4LWZlYmQtNDlkMC1hNWE3LTFjZjE1YjJiYTdiZS8x
L1BjWjhQb3lTQmJzUk9zNTdiXzlvM0IzOFNYRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTUv
ZGQ1NWU4LWZlYmQtNDlkMC1hNWE3LTFjZjE1YjJiYTdiZS8xL3JIekROUFVkSzI2
MDRuMXRWcm04NC1oVllNdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArk9DDANBAIAAjAHAwUAKgJcoDAN
BgkqhkiG9w0BAQsFAAOCAQEAdNXaMRIHWx3giDjuJie/Uh4fs35kNZaOSWulwo7O
fc4AJRRd9zioNcC+CfA1dA295UOiCg9wuIzvnDJ4pwJd9+Vjybvl1qSpUkP7uJNc
dII/o1o2L8pB8D8nEXx35uGDP9beeHWmS+cFmHTYLyjGE1I22tQpMOHxCmKHsw1n
ooGWDw5ENdwKF+J7O3ubM6yv3yZgtyu3wer2z7GxoMNmOrYbmcARTrJQ5Iq0Bbny
3Nu+pKomdL7VTiawsk8fqx6+c2sZJf65XOOKekiF76O6dXHokj8NemeSJAVan23u
0LyvsgVMc42uxIfPjJdiSX6tmOQxvD00uNroZVNsHCz/Gg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:14 2024 by rpki-client on console-fra.rpki-client.org