Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/ZbSJPdedamcBxTX8TSYiFOSmx28.roa
File: ZbSJPdedamcBxTX8TSYiFOSmx28.roa (raw, json)
Hash identifier: 1T430mfglTKieL4lHWJQaAntjfS/dRYyleOM2D45dvk=
Subject key identifier: 65:B4:89:3D:D7:9D:6A:67:01:C5:35:FC:4D:26:22:14:E4:A6:C7:6F
Certificate issuer: /CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Certificate serial: 05459868
Authority key identifier: 46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/ZbSJPdedamcBxTX8TSYiFOSmx28.roa
Signing time: Sat 01 Jan 2022 11:58:49 +0000
ROA not before: Sat 01 Jan 2022 11:58:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212238
IP address blocks: 185.244.51.0/24 maxlen: 24
185.239.48.0/24 maxlen: 24
193.39.171.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88447080 (0x5459868)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Validity
Not Before: Jan 1 11:58:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=65b4893dd79d6a6701c535fc4d262214e4a6c76f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:8b:62:26:47:cc:0c:77:e1:72:0a:ba:e4:d6:
34:39:14:fb:93:72:62:43:67:d7:2e:2e:48:04:3d:
83:13:89:4c:66:0d:5c:e6:3f:a3:44:b9:e7:8d:6d:
97:8d:a3:80:c1:e5:13:10:9b:a6:92:52:d0:33:6a:
e1:b6:e9:23:f8:99:42:65:21:0c:55:03:e9:90:9f:
25:61:51:7c:d6:03:90:c5:c7:22:4b:51:7b:15:a8:
02:8b:7d:a4:c1:ed:80:b3:00:aa:95:28:72:c5:1a:
1a:89:46:32:ff:fd:8a:60:26:2b:f5:3b:f3:35:14:
b9:36:06:11:9d:30:ed:ff:3b:68:48:13:53:19:6a:
86:b8:03:7c:de:b3:4a:e3:10:7c:5f:63:0b:0f:4b:
98:67:1f:82:83:18:b2:5e:7b:c6:51:1f:9e:74:1c:
d2:8e:1c:ca:e7:a8:f6:2b:78:03:12:97:12:2c:6d:
a8:42:d1:54:b5:c9:e1:ed:25:91:87:b6:2d:05:50:
89:8b:c0:a5:ec:f1:82:e4:ae:28:b2:82:12:1c:ea:
da:98:97:06:c4:d4:da:da:08:e3:8e:5d:65:51:be:
dd:b7:84:30:43:7c:9c:c4:1e:a8:9c:f8:4b:bc:ef:
a9:8a:90:34:87:63:8a:51:61:03:6f:a0:55:41:5e:
c8:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:B4:89:3D:D7:9D:6A:67:01:C5:35:FC:4D:26:22:14:E4:A6:C7:6F
X509v3 Authority Key Identifier:
keyid:46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/ZbSJPdedamcBxTX8TSYiFOSmx28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.48.0/24
185.244.51.0/24
193.39.171.0/24
Signature Algorithm: sha256WithRSAEncryption
32:62:1b:aa:e4:10:6c:34:bc:42:6e:ef:d3:9e:eb:05:6c:fd:
d0:57:88:10:2c:c6:49:13:29:10:55:e7:f3:b1:5c:b2:00:35:
98:43:c4:eb:27:df:09:f7:a8:83:20:1d:3e:43:71:f6:34:2d:
c3:5e:5f:5c:de:77:fd:73:30:c8:47:0f:57:99:5d:bd:69:03:
8d:bd:55:da:5c:bb:d5:42:8c:1a:3f:5f:1a:c8:95:f1:af:98:
78:2a:72:d4:ad:bf:7a:a3:5a:0a:55:ea:a5:22:a4:27:fd:78:
14:ad:e2:37:29:58:b9:d7:71:94:aa:25:74:33:2a:9c:1e:47:
19:58:dd:5c:a3:cc:25:d7:a9:8b:e9:21:3d:84:87:e3:c3:1f:
e4:06:d0:05:80:d3:a7:40:db:9b:3d:a3:37:e1:69:43:13:2b:
15:a6:57:70:17:9c:45:cb:a8:82:42:2b:fc:45:3c:a8:29:11:
10:b2:e3:2e:4d:06:31:ae:ca:e4:26:a7:ed:85:fc:96:87:78:
3a:e6:46:73:e9:7b:51:50:12:f2:f9:da:28:64:5b:43:93:0e:
31:bf:78:a3:3d:18:75:99:60:9a:31:be:00:d4:45:86:6c:47:
06:19:65:b7:e6:fc:1f:8a:60:55:f4:90:30:f6:59:4e:3d:08:
c0:45:0f:0d
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEBUWYaDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NjVlYmE1YzFhODBmODZhNDU4OTI3OGVkZDkzMDRiM2Y1MTY5ZjgzMB4XDTIyMDEw
MTExNTg0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjViNDg5M2RkNzlk
NmE2NzAxYzUzNWZjNGQyNjIyMTRlNGE2Yzc2ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK2LYiZHzAx34XIKuuTWNDkU+5NyYkNn1y4uSAQ9gxOJTGYN
XOY/o0S5541tl42jgMHlExCbppJS0DNq4bbpI/iZQmUhDFUD6ZCfJWFRfNYDkMXH
IktRexWoAot9pMHtgLMAqpUocsUaGolGMv/9imAmK/U78zUUuTYGEZ0w7f87aEgT
UxlqhrgDfN6zSuMQfF9jCw9LmGcfgoMYsl57xlEfnnQc0o4cyueo9it4AxKXEixt
qELRVLXJ4e0lkYe2LQVQiYvApezxguSuKLKCEhzq2piXBsTU2toI445dZVG+3beE
MEN8nMQeqJz4S7zvqYqQNIdjilFhA2+gVUFeyCUCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBRltIk9151qZwHFNfxNJiIU5KbHbzAfBgNVHSMEGDAWgBRGXrpcGoD4akWJ
J47dkwSz9RafgzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JsNjZYQnFBLUdwRmlTZU8zWk1Fc19VV240TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTIvYzEyYTdiLTVjYWYtNGU3Yy05NzBkLTVjNDc2ZTMzMjVmNS8x
L1piU0pQZGVkYW1jQnhUWDhUU1lpRk9TbXgyOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTIv
YzEyYTdiLTVjYWYtNGU3Yy05NzBkLTVjNDc2ZTMzMjVmNS8xL1JsNjZYQnFBLUdw
RmlTZU8zWk1Fc19VV240TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEALnvMAMEALn0MwMEAMEnqzANBgkq
hkiG9w0BAQsFAAOCAQEAMmIbquQQbDS8Qm7v057rBWz90FeIECzGSRMpEFXn87Fc
sgA1mEPE6yffCfeogyAdPkNx9jQtw15fXN53/XMwyEcPV5ldvWkDjb1V2ly71UKM
Gj9fGsiV8a+YeCpy1K2/eqNaClXqpSKkJ/14FK3iNylYuddxlKoldDMqnB5HGVjd
XKPMJdepi+khPYSH48Mf5AbQBYDTp0Dbmz2jN+FpQxMrFaZXcBecRcuogkIr/EU8
qCkRELLjLk0GMa7K5Can7YX8lod4OuZGc+l7UVAS8vnaKGRbQ5MOMb94oz0YdZlg
mjG+ANRFhmxHBhllt+b8H4pgVfSQMPZZTj0IwEUPDQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:19 2023 by rpki-client on console-ams.rpki-client.org