Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ZwyCC5pvAuE66XMAW1GFLLQ5hdM.roa
File: ZwyCC5pvAuE66XMAW1GFLLQ5hdM.roa (raw, json)
Hash identifier: 5LBrMGCZZdISnpi8MyLgKGpEaXYgY15IMSi0hHy8V08=
Subject key identifier: 67:0C:82:0B:9A:6F:02:E1:3A:E9:73:00:5B:51:85:2C:B4:39:85:D3
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018340CF1B093005E46F64A638C6BBCDC9C2
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ZwyCC5pvAuE66XMAW1GFLLQ5hdM.roa
Signing time: Thu 15 Sep 2022 11:00:58 +0000
ROA not before: Thu 15 Sep 2022 11:00:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50225
IP address blocks: 84.21.173.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
194.55.226.0/24 maxlen: 24
84.54.48.0/24 maxlen: 24
194.55.227.0/24 maxlen: 24
193.37.43.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:40:cf:1b:09:30:05:e4:6f:64:a6:38:c6:bb:cd:c9:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 15 11:00:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=670c820b9a6f02e13ae973005b51852cb43985d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:c1:c5:51:20:9e:eb:2b:30:f2:fe:3d:25:2c:
d4:c3:24:4d:9f:8c:41:9d:fe:1d:59:ca:eb:f2:6d:
01:08:d7:9e:9c:f5:df:c3:0a:a6:01:5e:da:f5:1d:
0b:b0:aa:6f:c1:25:2c:d7:e8:6b:a5:bd:e8:51:c9:
1d:36:4c:54:05:df:92:63:bd:34:9e:41:84:eb:b8:
54:39:68:07:ad:ab:ec:2d:1e:9a:c6:da:a3:e8:e7:
0b:ea:6d:64:b7:75:1a:94:90:7b:d2:23:65:f6:d3:
36:69:a8:7a:1e:e1:3e:a1:a9:a5:03:85:f0:6e:3f:
88:02:b4:f5:d4:84:e5:c0:be:77:1f:2a:d2:7f:14:
58:73:5b:70:6d:71:0a:a7:6a:5b:08:09:7e:30:1e:
05:a0:63:5a:a1:d5:76:f6:b1:97:fd:2b:18:4c:db:
99:a8:83:1e:8a:a7:1b:2c:34:36:fb:d0:ce:e1:5b:
0a:c2:21:e2:ab:09:ba:a5:f9:d8:3a:12:e3:c1:38:
e6:d4:22:03:4a:59:7b:33:c5:3e:8b:86:77:39:aa:
ca:24:d6:c4:0e:86:0c:3b:ff:5f:42:9a:5b:68:bf:
17:a1:ba:2c:59:6e:c4:94:1d:8d:49:82:fe:07:6b:
83:cd:d6:60:b5:ad:d5:28:bd:98:a6:f4:86:5c:29:
fd:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:0C:82:0B:9A:6F:02:E1:3A:E9:73:00:5B:51:85:2C:B4:39:85:D3
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ZwyCC5pvAuE66XMAW1GFLLQ5hdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.21.173.0/24
84.54.48.0/24
87.121.221.0/24
193.37.43.0/24
194.55.224.0/22
Signature Algorithm: sha256WithRSAEncryption
78:54:c2:47:de:cc:b8:af:39:5b:52:46:5f:1c:70:ec:fc:f0:
c0:6a:c9:45:12:9f:0c:a7:4d:b3:4a:a7:3b:d9:e5:fc:d4:24:
76:a0:0d:59:fe:df:9f:3b:bb:fc:53:b9:d6:a8:b8:70:d1:b0:
20:ae:a8:2f:b8:47:03:61:1c:bf:b1:b9:3c:65:58:08:60:db:
5c:ac:b6:85:38:f4:7c:5a:8e:3e:3c:24:ec:00:48:23:27:96:
8d:d8:26:62:3c:bc:7c:0e:ac:7f:d4:97:de:9a:90:69:e8:c0:
99:85:3b:f0:66:09:cd:66:b4:a2:b4:32:b9:b5:2e:b5:e7:2a:
eb:75:c8:f1:17:f6:20:cb:ed:35:d2:36:45:8a:5d:b7:b2:4c:
4d:f1:26:91:00:12:ec:dc:f7:4d:66:33:8a:a7:d3:54:8e:71:
d1:c5:69:ed:af:1e:a5:e3:72:a9:18:21:30:6f:95:d5:27:dd:
d1:c0:78:6a:8d:28:ce:d9:e8:ee:39:e0:36:b2:0d:96:15:57:
ff:bd:0a:03:22:4a:35:37:57:85:fb:98:e4:4e:73:31:7b:1e:
d1:87:3b:03:b7:47:19:89:14:56:62:13:e6:6f:01:5e:38:63:
c2:a4:aa:80:e8:4e:f5:12:6e:fc:12:cb:b1:cf:a9:f9:21:c5:
92:c1:7c:b0
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYNAzxsJMAXkb2SmOMa7zcnCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIwOTE1MTEwMDU4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzBjODIwYjlhNmYwMmUxM2FlOTczMDA1YjUxODUyY2I0Mzk4NWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8HFUSCe6ysw8v49JSzUwyRNn4xB
nf4dWcrr8m0BCNeenPXfwwqmAV7a9R0LsKpvwSUs1+hrpb3oUckdNkxUBd+SY700
nkGE67hUOWgHravsLR6axtqj6OcL6m1kt3UalJB70iNl9tM2aah6HuE+oamlA4Xw
bj+IArT11ITlwL53HyrSfxRYc1twbXEKp2pbCAl+MB4FoGNaodV29rGX/SsYTNuZ
qIMeiqcbLDQ2+9DO4VsKwiHiqwm6pfnYOhLjwTjm1CIDSll7M8U+i4Z3OarKJNbE
DoYMO/9fQppbaL8XobosWW7ElB2NSYL+B2uDzdZgta3VKL2YpvSGXCn9iQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGcMgguabwLhOulzAFtRhSy0OYXTMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWnd5Q0M1cHZBdUU2NlhNQVcxR0ZMTFE1aGRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVBWtAwQA
VDYwAwQAV3ndAwQAwSUrAwQCwjfgMA0GCSqGSIb3DQEBCwUAA4IBAQB4VMJH3sy4
rzlbUkZfHHDs/PDAaslFEp8Mp02zSqc72eX81CR2oA1Z/t+fO7v8U7nWqLhw0bAg
rqgvuEcDYRy/sbk8ZVgIYNtcrLaFOPR8Wo4+PCTsAEgjJ5aN2CZiPLx8Dqx/1Jfe
mpBp6MCZhTvwZgnNZrSitDK5tS615yrrdcjxF/Ygy+010jZFil23skxN8SaRABLs
3PdNZjOKp9NUjnHRxWntrx6l43KpGCEwb5XVJ93RwHhqjSjO2ejuOeA2sg2WFVf/
vQoDIko1N1eF+5jkTnMxex7RhzsDt0cZiRRWYhPmbwFeOGPCpKqA6E71Em78Esux
z6n5IcWSwXyw
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:38 2023 by rpki-client on console-ams.rpki-client.org