Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ztP2ojo0fZY32UZ9XkR8hhRx1LM.roa
File: ztP2ojo0fZY32UZ9XkR8hhRx1LM.roa (raw, json)
Hash identifier: smkYfoncXSeMjfJ0smlspAQhuho/0hwP6MYFXFhIGT8=
Subject key identifier: CE:D3:F6:A2:3A:34:7D:96:37:D9:46:7D:5E:44:7C:86:14:71:D4:B3
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018A73A875B255B19632449945A627BFADAD
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ztP2ojo0fZY32UZ9XkR8hhRx1LM.roa
Signing time: Fri 08 Sep 2023 07:18:54 +0000
ROA not before: Fri 08 Sep 2023 07:18:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201021
IP address blocks: 194.49.86.0/24 maxlen: 24
45.151.91.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:73:a8:75:b2:55:b1:96:32:44:99:45:a6:27:bf:ad:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 8 07:18:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ced3f6a23a347d9637d9467d5e447c861471d4b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:c0:ba:c9:f4:f7:c5:f6:73:87:f8:f0:7f:41:
04:bc:d9:24:36:02:af:a2:30:9a:8b:cc:c3:cb:e9:
9a:73:31:55:20:85:65:33:e0:35:42:82:62:7d:5c:
a8:2d:d7:48:0b:8f:4a:c7:41:0d:0a:d1:f9:12:d9:
e3:c2:8f:27:40:35:9a:4d:75:d2:41:c5:0d:f2:3d:
29:91:13:56:ec:e3:74:85:3b:2e:61:94:b7:3c:bc:
b0:e9:47:e3:8c:75:f1:96:fb:eb:4a:64:b0:e4:8a:
52:15:a7:1a:97:1e:07:57:a1:5f:aa:67:e8:16:da:
44:bf:80:3f:d1:81:b1:61:73:8c:da:4d:59:e5:19:
68:38:74:78:f4:ef:39:48:e1:28:18:0f:b9:1b:64:
a4:27:da:fa:fc:8d:b7:89:84:bc:07:fa:bc:a0:72:
e4:96:15:53:5f:c5:7b:c1:bf:53:1e:58:49:54:a4:
8a:20:4c:1b:95:85:c1:ed:cd:9c:67:a4:95:93:d7:
54:78:c8:58:38:1a:b7:0c:bc:43:db:ca:ca:b0:bb:
38:96:55:00:bf:e5:4b:9b:b6:6b:f3:d5:6c:5e:fa:
64:8d:84:2a:93:5e:07:0a:7e:dd:a1:c7:98:ca:dc:
89:bf:f8:9d:ae:91:b9:ca:b0:ce:0a:21:ef:07:4f:
85:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:D3:F6:A2:3A:34:7D:96:37:D9:46:7D:5E:44:7C:86:14:71:D4:B3
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ztP2ojo0fZY32UZ9XkR8hhRx1LM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.91.0/24
194.49.86.0/24
Signature Algorithm: sha256WithRSAEncryption
77:ab:66:c6:af:5a:ba:0c:6c:48:0b:e4:e3:f6:b0:cf:1f:e8:
bc:d5:11:f0:84:b8:48:02:c8:74:b7:bb:78:bd:c2:67:dd:94:
16:2c:a7:2b:e6:c7:c1:a1:84:70:d9:e7:a8:3f:f2:53:5a:25:
19:51:c1:44:4c:b7:66:0e:24:dd:62:df:fc:36:05:d5:e2:84:
93:9e:44:62:bc:08:bc:f5:75:8b:6b:90:6b:d2:a7:8f:c5:5a:
1b:a9:43:b1:6b:19:26:dd:78:3b:78:5c:3b:57:06:f4:f9:b9:
a6:48:9f:54:f4:d5:b6:1c:c5:72:8d:fc:7b:29:dd:00:1d:54:
c6:90:33:da:2a:73:61:9a:4a:6b:fe:4f:14:1e:71:1a:49:03:
ee:18:64:3d:b1:ac:a8:04:4b:d6:88:fc:e6:75:c4:7b:5e:39:
aa:8c:4e:81:01:1d:39:2a:40:37:8f:06:85:1b:20:70:7f:86:
d1:c6:09:a3:eb:da:e3:6a:45:56:1f:31:f3:7f:0b:e2:9d:22:
75:3a:9d:7c:53:01:d4:19:e9:3c:34:ab:25:de:d1:7f:ae:da:
68:f5:5d:7a:a2:12:08:a9:06:24:7a:82:da:e8:8b:8c:d3:ab:
0f:bd:1d:fe:b9:eb:07:b9:bd:85:ed:3e:9a:70:92:d5:da:cf:
ef:92:f8:c7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYpzqHWyVbGWMkSZRaYnv62tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwOTA4MDcxODU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWQzZjZhMjNhMzQ3ZDk2MzdkOTQ2N2Q1ZTQ0N2M4NjE0NzFkNGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMC6yfT3xfZzh/jwf0EEvNkkNgKv
ojCai8zDy+maczFVIIVlM+A1QoJifVyoLddIC49Kx0ENCtH5Etnjwo8nQDWaTXXS
QcUN8j0pkRNW7ON0hTsuYZS3PLyw6UfjjHXxlvvrSmSw5IpSFacalx4HV6Ffqmfo
FtpEv4A/0YGxYXOM2k1Z5RloOHR49O85SOEoGA+5G2SkJ9r6/I23iYS8B/q8oHLk
lhVTX8V7wb9THlhJVKSKIEwblYXB7c2cZ6SVk9dUeMhYOBq3DLxD28rKsLs4llUA
v+VLm7Zr89VsXvpkjYQqk14HCn7doceYytyJv/idrpG5yrDOCiHvB0+FaQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM7T9qI6NH2WN9lGfV5EfIYUcdSzMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvenRQMm9qbzBmWlkzMlVaOVhrUjhoaFJ4MUxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZdbAwQA
wjFWMA0GCSqGSIb3DQEBCwUAA4IBAQB3q2bGr1q6DGxIC+Tj9rDPH+i81RHwhLhI
Ash0t7t4vcJn3ZQWLKcr5sfBoYRw2eeoP/JTWiUZUcFETLdmDiTdYt/8NgXV4oST
nkRivAi89XWLa5Br0qePxVobqUOxaxkm3Xg7eFw7Vwb0+bmmSJ9U9NW2HMVyjfx7
Kd0AHVTGkDPaKnNhmkpr/k8UHnEaSQPuGGQ9sayoBEvWiPzmdcR7XjmqjE6BAR05
KkA3jwaFGyBwf4bRxgmj69rjakVWHzHzfwvinSJ1Op18UwHUGek8NKsl3tF/rtpo
9V16ohIIqQYkeoLa6IuM06sPvR3+uesHub2F7T6acJLV2s/vkvjH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:22 2024 by rpki-client on console-fra.rpki-client.org