Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Z9gcs6IWzC59SI_tqfwx6HzogRc.roa
File: Z9gcs6IWzC59SI_tqfwx6HzogRc.roa (raw, json)
Hash identifier: 0IeQ3VWa/L66q+btp2FfkGP+r8JKHdsO/0bnlU7ss5o=
Subject key identifier: 67:D8:1C:B3:A2:16:CC:2E:7D:48:8F:ED:A9:FC:31:E8:7C:E8:81:17
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 1C6F1622
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Z9gcs6IWzC59SI_tqfwx6HzogRc.roa
Signing time: Sat 01 Jan 2022 01:02:36 +0000
ROA not before: Sat 01 Jan 2022 01:02:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49849
IP address blocks: 94.156.108.0/24 maxlen: 24
94.156.110.0/24 maxlen: 24
94.156.108.0/22 maxlen: 22
94.156.111.0/24 maxlen: 24
94.156.109.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 477042210 (0x1c6f1622)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 1 01:02:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=67d81cb3a216cc2e7d488feda9fc31e87ce88117
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:fb:af:e3:51:e1:6f:db:ce:35:b8:b3:a9:d8:
c1:60:04:06:34:5c:4b:a1:29:ac:26:0a:24:cf:5a:
46:ac:ba:9f:50:5f:58:8e:7f:19:39:52:64:c0:67:
04:cc:ee:43:cf:31:44:7e:10:1a:62:88:8d:7a:25:
1e:53:b8:62:44:c5:72:6a:42:f7:70:bc:72:fb:58:
f4:76:b5:af:1d:f1:34:b3:ac:fc:6e:0e:d0:57:c2:
34:f7:7d:4b:54:cf:63:80:20:01:be:64:b7:a3:45:
a2:db:2f:ab:bd:c6:5d:6d:7b:40:a2:27:01:b3:49:
b6:3f:9e:bc:06:76:85:84:7b:a8:ff:e2:e4:f1:57:
99:82:8f:ed:ef:72:65:b4:3e:25:4d:49:7e:1c:6f:
fd:30:be:63:77:10:d3:75:1f:e4:8f:3a:16:ce:68:
8a:0f:99:98:78:8b:11:3d:ac:6a:34:cc:7c:7a:a9:
4e:b9:64:9d:15:94:57:48:2c:b8:6a:a6:4f:1e:5a:
42:e2:00:18:8d:5d:11:39:ea:22:4d:f0:84:94:0a:
a7:08:ba:49:d9:1c:ff:ac:8d:a2:10:a2:13:8d:05:
ec:28:ae:c5:29:e5:25:0a:07:c4:0e:33:13:a7:f7:
44:fd:fd:39:72:a2:25:fb:19:dc:74:5e:27:11:01:
85:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:D8:1C:B3:A2:16:CC:2E:7D:48:8F:ED:A9:FC:31:E8:7C:E8:81:17
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Z9gcs6IWzC59SI_tqfwx6HzogRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.156.108.0/22
Signature Algorithm: sha256WithRSAEncryption
01:a5:8e:c1:63:fd:11:61:9f:45:ac:3c:45:c3:dd:9c:2a:54:
56:e0:f5:20:8b:3b:eb:f7:6c:4b:6e:b6:33:00:74:7e:bd:3f:
41:66:5d:c6:13:06:d7:4a:6f:16:1f:51:34:a8:c4:f5:f1:07:
59:b8:e2:fc:2f:89:66:da:61:29:70:3f:5a:12:28:62:db:e9:
b7:55:e0:14:ba:67:84:1d:c0:13:ab:26:26:45:bf:89:5a:d3:
02:cc:52:09:1c:95:db:15:a8:04:be:e6:1c:c8:1b:a5:5d:eb:
89:63:5f:6d:e9:61:21:8c:7b:64:08:a6:83:4a:cc:27:88:15:
e5:e8:1a:f0:b0:27:06:3d:84:64:53:66:8e:d0:7f:f5:26:76:
c5:79:de:c2:a5:92:24:18:8f:94:dc:30:d3:20:27:5d:b9:56:
40:02:16:d4:d6:b8:46:6a:2d:47:88:3c:cc:17:41:b3:81:fa:
07:df:e8:2e:a0:53:17:20:7f:25:cd:e1:de:c5:38:07:9e:b4:
4a:d5:cc:d7:a7:25:a6:9c:7e:0a:1d:07:48:4d:f2:2b:4f:45:
23:0a:00:f2:46:1e:89:b1:81:ea:87:62:12:e8:b8:6a:c9:1f:
5d:13:82:ad:27:3c:01:8b:f4:79:78:8f:b5:ff:d5:38:e9:8d:
b7:37:ae:9b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEHG8WIjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDEw
MTAxMDIzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjdkODFjYjNhMjE2
Y2MyZTdkNDg4ZmVkYTlmYzMxZTg3Y2U4ODExNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANf7r+NR4W/bzjW4s6nYwWAEBjRcS6EprCYKJM9aRqy6n1Bf
WI5/GTlSZMBnBMzuQ88xRH4QGmKIjXolHlO4YkTFcmpC93C8cvtY9Ha1rx3xNLOs
/G4O0FfCNPd9S1TPY4AgAb5kt6NFotsvq73GXW17QKInAbNJtj+evAZ2hYR7qP/i
5PFXmYKP7e9yZbQ+JU1Jfhxv/TC+Y3cQ03Uf5I86Fs5oig+ZmHiLET2sajTMfHqp
TrlknRWUV0gsuGqmTx5aQuIAGI1dETnqIk3whJQKpwi6Sdkc/6yNohCiE40F7Ciu
xSnlJQoHxA4zE6f3RP39OXKiJfsZ3HReJxEBhbUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRn2ByzohbMLn1Ij+2p/DHofOiBFzAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
L1o5Z2NzNklXekM1OVNJX3RxZnd4Nkh6b2dSYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAl6cbDANBgkqhkiG9w0BAQsFAAOC
AQEAAaWOwWP9EWGfRaw8RcPdnCpUVuD1IIs76/dsS262MwB0fr0/QWZdxhMG10pv
Fh9RNKjE9fEHWbji/C+JZtphKXA/WhIoYtvpt1XgFLpnhB3AE6smJkW/iVrTAsxS
CRyV2xWoBL7mHMgbpV3riWNfbelhIYx7ZAimg0rMJ4gV5ega8LAnBj2EZFNmjtB/
9SZ2xXnewqWSJBiPlNww0yAnXblWQAIW1Na4RmotR4g8zBdBs4H6B9/oLqBTFyB/
Jc3h3sU4B560StXM16clppx+Ch0HSE3yK09FIwoA8kYeibGB6odiEui4askfXROC
rSc8AYv0eXiPtf/VOOmNtzeumw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:44 2023 by rpki-client on console-fra.rpki-client.org