Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/zfYWAu2gZZVPq2rsr-FWl8clMaU.roa
File: zfYWAu2gZZVPq2rsr-FWl8clMaU.roa (raw, json)
Hash identifier: 15NLe137eBiaS0rkNxuKpob2So7T8gE8UzPVIUsAe5o=
Subject key identifier: CD:F6:16:02:ED:A0:65:95:4F:AB:6A:EC:AF:E1:56:97:C7:25:31:A5
Certificate issuer: /CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Certificate serial: 1520AED8
Authority key identifier: 35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/zfYWAu2gZZVPq2rsr-FWl8clMaU.roa
Signing time: Sat 01 Jan 2022 09:58:13 +0000
ROA not before: Sat 01 Jan 2022 09:58:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49434
IP address blocks: 212.7.223.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 354463448 (0x1520aed8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Validity
Not Before: Jan 1 09:58:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cdf61602eda065954fab6aecafe15697c72531a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:e8:41:83:dc:27:ee:3a:09:87:5c:b3:66:91:
67:b5:26:33:0a:94:8e:c2:cb:2a:cd:41:de:71:ab:
74:07:1e:3c:34:31:e2:69:15:53:e2:28:fa:c0:ad:
34:10:5a:ea:df:b8:46:d7:1b:81:1b:7c:13:7e:81:
70:d7:bc:f5:41:f1:0e:aa:31:c6:a2:24:d6:91:1b:
26:bf:d0:d3:78:41:cc:c2:df:a6:c2:a4:c7:48:02:
de:6f:d8:fd:4b:8e:0f:2c:2c:a1:7e:36:60:58:ad:
5b:ad:3a:a7:cf:8f:8f:64:7f:8e:4f:df:71:dc:ed:
3c:96:db:b6:23:dd:6b:bd:d7:5f:6d:b4:0e:a4:a7:
5b:9e:58:9c:79:cf:01:85:ec:2e:25:c9:1a:68:e5:
ef:fd:b9:64:fa:a4:4b:8d:03:68:a2:02:95:c4:ea:
20:d7:c7:0e:ad:39:ac:74:af:e5:6a:11:8f:7d:43:
94:24:b7:1b:cd:f3:08:8c:68:e9:a8:03:9d:8a:5d:
85:d9:14:82:ce:9d:d5:26:d8:0d:a6:d3:58:8c:7b:
05:f9:e6:8a:39:4d:52:bb:ff:e1:b1:bc:38:71:2b:
53:d3:2e:c6:1b:1c:83:70:89:e7:b5:d5:b6:51:10:
09:38:a6:a1:d5:93:2d:83:ac:60:91:a7:b3:01:42:
58:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:F6:16:02:ED:A0:65:95:4F:AB:6A:EC:AF:E1:56:97:C7:25:31:A5
X509v3 Authority Key Identifier:
keyid:35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/zfYWAu2gZZVPq2rsr-FWl8clMaU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.7.223.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:6f:51:73:e0:95:57:3c:85:04:7a:ae:82:3e:91:27:d2:70:
b2:a2:fa:dd:6e:fa:b7:3f:db:bf:24:cc:88:b2:49:e2:c1:22:
a9:18:66:ac:a1:87:ae:87:7f:e1:95:f8:f8:d4:b0:f2:03:a8:
6c:7d:ff:ab:2f:0f:52:9f:db:7e:c0:cd:be:5e:91:31:2c:c1:
89:04:97:49:51:f8:db:31:a4:24:da:51:bc:57:98:68:8d:a7:
3a:a1:2a:bf:87:17:8d:d1:14:09:18:b4:7b:02:3b:9a:2d:12:
4a:d4:4a:dd:ad:f3:5f:e9:19:c7:c5:f8:e4:c7:66:03:44:5b:
ca:97:91:fd:6b:d2:3e:aa:32:a8:b5:b1:c8:2d:71:37:60:c2:
5e:f5:e8:e7:b2:86:86:52:e6:1b:9e:8f:c3:69:6e:b2:ad:a7:
91:f7:bf:57:83:bc:e1:5a:b1:94:bb:52:39:b4:93:63:ef:7c:
19:0a:32:bd:39:fd:fc:9b:89:9a:00:5a:1a:31:a3:c6:e6:78:
b3:b7:64:c2:1c:76:69:c0:0d:41:e8:53:70:3a:6c:fd:be:d3:
4c:de:69:73:58:1f:29:f9:a8:30:62:c0:16:85:a3:69:95:26:
17:1a:8d:6d:76:7f:90:0d:77:ec:20:85:f1:30:d6:b5:15:b2:
51:28:0a:df
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFSCu2DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTFhMmZkNmY1ZTVhZjg3ZDVjZWEwOTUwNjZmYmNjM2QzZTU0NmE0MB4XDTIyMDEw
MTA5NTgxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2RmNjE2MDJlZGEw
NjU5NTRmYWI2YWVjYWZlMTU2OTdjNzI1MzFhNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJjoQYPcJ+46CYdcs2aRZ7UmMwqUjsLLKs1B3nGrdAcePDQx
4mkVU+Io+sCtNBBa6t+4RtcbgRt8E36BcNe89UHxDqoxxqIk1pEbJr/Q03hBzMLf
psKkx0gC3m/Y/UuODywsoX42YFitW606p8+Pj2R/jk/fcdztPJbbtiPda73XX220
DqSnW55YnHnPAYXsLiXJGmjl7/25ZPqkS40DaKIClcTqINfHDq05rHSv5WoRj31D
lCS3G83zCIxo6agDnYpdhdkUgs6d1SbYDabTWIx7BfnmijlNUrv/4bG8OHErU9Mu
xhscg3CJ57XVtlEQCTimodWTLYOsYJGnswFCWH8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTN9hYC7aBllU+rauyv4VaXxyUxpTAfBgNVHSMEGDAWgBQ1Gi/W9eWvh9XO
oJUGb7zD0+VGpDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05Sb3YxdlhscjRmVnpxQ1ZCbS04dzlQbFJxUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvY2RkZGQ1LTgxN2EtNDExMy04YjgyLTIzMDQ5ZTRkMmYxMi8x
L3pmWVdBdTJnWlpWUHEycnNyLUZXbDhjbE1hVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
Y2RkZGQ1LTgxN2EtNDExMy04YjgyLTIzMDQ5ZTRkMmYxMi8xL05Sb3YxdlhscjRm
VnpxQ1ZCbS04dzlQbFJxUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANQH3zANBgkqhkiG9w0BAQsFAAOC
AQEALG9Rc+CVVzyFBHqugj6RJ9JwsqL63W76tz/bvyTMiLJJ4sEiqRhmrKGHrod/
4ZX4+NSw8gOobH3/qy8PUp/bfsDNvl6RMSzBiQSXSVH42zGkJNpRvFeYaI2nOqEq
v4cXjdEUCRi0ewI7mi0SStRK3a3zX+kZx8X45MdmA0RbypeR/WvSPqoyqLWxyC1x
N2DCXvXo57KGhlLmG56Pw2lusq2nkfe/V4O84VqxlLtSObSTY+98GQoyvTn9/JuJ
mgBaGjGjxuZ4s7dkwhx2acANQehTcDps/b7TTN5pc1gfKfmoMGLAFoWjaZUmFxqN
bXZ/kA137CCF8TDWtRWyUSgK3w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:12 2024 by rpki-client on console-ams.rpki-client.org