Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/zvw03lf49pJwWa3Rkmv93nncIpE.roa
File: zvw03lf49pJwWa3Rkmv93nncIpE.roa (raw, json)
Hash identifier: gjSOZ7Gd358Kz0UqkhkGjZOzrJAQJ0oxIrGucc6ufok=
Subject key identifier: CE:FC:34:DE:57:F8:F6:92:70:59:AD:D1:92:6B:FD:DE:79:DC:22:91
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018800E8B184E66244FE0DE8B41D53008CF2
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/zvw03lf49pJwWa3Rkmv93nncIpE.roa
Signing time: Tue 09 May 2023 14:27:09 +0000
ROA not before: Tue 09 May 2023 14:27:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199605
IP address blocks: 81.161.230.0/24 maxlen: 24
45.9.156.0/24 maxlen: 24
45.129.84.0/24 maxlen: 24
45.129.86.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:00:e8:b1:84:e6:62:44:fe:0d:e8:b4:1d:53:00:8c:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 9 14:27:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cefc34de57f8f6927059add1926bfdde79dc2291
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:22:8b:07:ff:b3:16:cd:88:c6:b6:9b:6c:02:
46:36:9f:2c:1a:04:08:4a:b7:f0:7b:2d:2e:e2:a8:
36:cf:70:f4:59:08:6a:80:42:12:f9:36:3a:5b:62:
b1:dd:0e:b8:56:9f:4c:2d:5c:34:3d:9c:3b:4e:20:
40:fd:d2:d3:11:58:22:4e:3a:89:39:f6:6e:d5:40:
aa:25:76:4f:45:62:2b:2f:89:46:d7:3a:b6:7f:47:
4c:8a:ab:ff:6a:48:36:83:21:9d:4f:2b:c1:34:0a:
31:b7:8a:bb:de:54:27:93:72:0c:9e:62:39:c0:be:
54:66:bf:66:0c:fb:33:51:e0:3b:7c:48:7f:52:f6:
c2:b6:8a:30:59:ba:45:0b:86:65:e2:79:55:50:3e:
97:63:21:a8:80:18:39:28:1b:a8:95:1d:89:59:23:
0b:29:88:55:32:c3:2e:e7:fb:82:b2:46:41:2d:96:
e5:a0:dc:d5:69:ba:2e:b3:d5:93:56:dd:5c:e7:53:
fe:bc:15:82:ae:40:8d:0e:21:89:bc:9e:47:d7:1c:
14:d8:8e:eb:08:ab:3a:6c:c8:01:6e:7c:5c:f9:1a:
e5:c9:9e:e0:38:3b:e3:61:1a:e4:48:b9:54:fc:ca:
c9:91:62:94:9f:4d:1e:ba:c0:6d:8e:bd:55:31:5b:
2d:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:FC:34:DE:57:F8:F6:92:70:59:AD:D1:92:6B:FD:DE:79:DC:22:91
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/zvw03lf49pJwWa3Rkmv93nncIpE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.156.0/24
45.129.84.0/24
45.129.86.0/24
81.161.230.0/24
Signature Algorithm: sha256WithRSAEncryption
03:31:d4:d4:ed:eb:e4:6a:80:9e:d3:ed:2a:4e:7e:da:9c:2c:
14:a7:c3:e9:1a:44:c1:e1:6d:62:75:b4:5b:3d:d6:b6:35:77:
75:70:e9:90:91:8a:9c:ec:7b:2c:b5:df:a1:e2:ab:17:ff:6e:
fb:99:a7:3e:80:62:25:94:73:ab:fe:20:da:38:84:6b:59:d0:
54:8e:22:9d:48:e2:f6:4f:b6:d4:5f:31:f9:f7:9e:85:26:44:
fa:cd:a0:ea:6b:81:ab:c0:f9:56:7c:e6:89:4a:e3:88:81:cb:
53:54:e7:22:2f:a6:57:c8:6d:f3:8e:b3:8f:7b:a0:38:f0:67:
ce:af:fd:08:02:32:78:c8:00:7c:c1:e4:49:d5:8c:4a:ad:a5:
ea:ea:b3:3c:36:ed:a2:bb:71:4e:b2:e1:f4:c5:71:01:9b:68:
c4:49:1d:be:1e:79:da:e8:f6:16:3c:c5:20:5e:a0:ad:25:c3:
33:37:eb:e4:44:a6:f3:56:f6:fd:57:b9:cc:2e:cc:29:9d:ea:
7b:e0:78:86:83:e1:38:85:34:d6:14:2f:b2:df:e2:b8:d7:e3:
7b:24:8a:f9:4a:87:4e:7b:b6:a0:82:44:fd:63:34:b2:6a:6c:
b0:63:a7:36:60:1c:a8:01:d5:70:e0:54:03:dd:f1:e0:3a:61:
d3:e3:ea:91
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYgA6LGE5mJE/g3otB1TAIzyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTA5MTQyNzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWZjMzRkZTU3ZjhmNjkyNzA1OWFkZDE5MjZiZmRkZTc5ZGMyMjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6iKLB/+zFs2IxrabbAJGNp8sGgQI
Srfwey0u4qg2z3D0WQhqgEIS+TY6W2Kx3Q64Vp9MLVw0PZw7TiBA/dLTEVgiTjqJ
OfZu1UCqJXZPRWIrL4lG1zq2f0dMiqv/akg2gyGdTyvBNAoxt4q73lQnk3IMnmI5
wL5UZr9mDPszUeA7fEh/UvbCtoowWbpFC4Zl4nlVUD6XYyGogBg5KBuolR2JWSML
KYhVMsMu5/uCskZBLZbloNzVabous9WTVt1c51P+vBWCrkCNDiGJvJ5H1xwU2I7r
CKs6bMgBbnxc+RrlyZ7gODvjYRrkSLlU/MrJkWKUn00eusBtjr1VMVsthQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFM78NN5X+PaScFmt0ZJr/d553CKRMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvenZ3MDNsZjQ5cEp3V2EzUmttdjkzbm5jSXBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALQmcAwQA
LYFUAwQALYFWAwQAUaHmMA0GCSqGSIb3DQEBCwUAA4IBAQADMdTU7evkaoCe0+0q
Tn7anCwUp8PpGkTB4W1idbRbPda2NXd1cOmQkYqc7Hsstd+h4qsX/277mac+gGIl
lHOr/iDaOIRrWdBUjiKdSOL2T7bUXzH5956FJkT6zaDqa4GrwPlWfOaJSuOIgctT
VOciL6ZXyG3zjrOPe6A48GfOr/0IAjJ4yAB8weRJ1YxKraXq6rM8Nu2iu3FOsuH0
xXEBm2jESR2+Hnna6PYWPMUgXqCtJcMzN+vkRKbzVvb9V7nMLswpnep74HiGg+E4
hTTWFC+y3+K41+N7JIr5SodOe7aggkT9YzSyamywY6c2YByoAdVw4FQD3fHgOmHT
4+qR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:22 2024 by rpki-client on console-fra.rpki-client.org