Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/032276-25dc-4c30-8a7b-95a33e12a3ad/1/zGaHFsBhwXS10MTbpTeuH9XkcUE.roa
File: zGaHFsBhwXS10MTbpTeuH9XkcUE.roa (raw, json)
Hash identifier: r8goNZoYZpaxGal4/vv1drgv/QmF0e+TQJiXtACF3Nw=
Subject key identifier: CC:66:87:16:C0:61:C1:74:B5:D0:C4:DB:A5:37:AE:1F:D5:E4:71:41
Certificate issuer: /CN=2841262acd62c90e68081a6f777375df2c3713c2
Certificate serial: 38438F86
Authority key identifier: 28:41:26:2A:CD:62:C9:0E:68:08:1A:6F:77:73:75:DF:2C:37:13:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KEEmKs1iyQ5oCBpvd3N13yw3E8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/032276-25dc-4c30-8a7b-95a33e12a3ad/1/zGaHFsBhwXS10MTbpTeuH9XkcUE.roa
Signing time: Sat 01 Jan 2022 03:59:14 +0000
ROA not before: Sat 01 Jan 2022 03:59:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 33868
IP address blocks: 88.151.136.0/21 maxlen: 21
193.23.54.0/24 maxlen: 24
91.207.186.0/23 maxlen: 24
2a02:848::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 943951750 (0x38438f86)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2841262acd62c90e68081a6f777375df2c3713c2
Validity
Not Before: Jan 1 03:59:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cc668716c061c174b5d0c4dba537ae1fd5e47141
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:a5:7e:d5:cf:d9:c4:14:f2:69:88:63:1d:29:
d0:7d:52:c2:e4:69:6d:c5:e7:63:f0:f4:b2:c1:66:
e7:25:67:df:b7:04:f8:b5:41:52:2e:4e:75:c8:dc:
6b:6d:50:5b:5c:be:86:65:2f:1e:64:fa:43:7a:98:
95:93:cb:51:f4:58:f1:e9:40:0b:f9:ff:ab:81:99:
d5:c1:2a:9c:c7:7d:48:2a:77:be:fa:fd:44:0a:57:
07:dc:d7:21:c3:38:44:b9:f8:7d:6e:16:db:01:1e:
6a:dc:54:1f:f8:1e:ee:21:5e:48:e8:06:a0:52:d5:
4f:f0:cb:1b:89:44:0c:61:49:43:ec:c3:56:04:af:
b5:06:41:cf:c7:30:c7:b7:da:b2:f3:80:78:3a:11:
15:a7:11:2a:98:cd:f4:a1:fd:46:e9:94:48:b7:94:
69:54:14:09:dc:05:cf:6c:6f:39:39:d0:75:bc:b4:
c3:22:7b:83:28:45:5a:ae:a3:2d:fb:90:5f:45:8b:
74:eb:cf:d1:c4:41:cc:f1:68:71:8c:6f:ce:44:62:
03:77:70:82:0a:29:95:ff:59:c2:58:2f:8d:99:1c:
af:0d:b3:07:95:c1:e5:34:f1:6e:de:ee:42:79:18:
46:f0:5e:bc:03:f9:26:c3:71:5f:ec:fe:fa:82:85:
ce:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:66:87:16:C0:61:C1:74:B5:D0:C4:DB:A5:37:AE:1F:D5:E4:71:41
X509v3 Authority Key Identifier:
keyid:28:41:26:2A:CD:62:C9:0E:68:08:1A:6F:77:73:75:DF:2C:37:13:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KEEmKs1iyQ5oCBpvd3N13yw3E8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/032276-25dc-4c30-8a7b-95a33e12a3ad/1/zGaHFsBhwXS10MTbpTeuH9XkcUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/032276-25dc-4c30-8a7b-95a33e12a3ad/1/KEEmKs1iyQ5oCBpvd3N13yw3E8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.151.136.0/21
91.207.186.0/23
193.23.54.0/24
IPv6:
2a02:848::/32
Signature Algorithm: sha256WithRSAEncryption
82:db:90:f7:56:ea:b5:65:a8:95:b8:39:d7:f4:8a:92:13:62:
b9:65:70:a7:a0:ae:2f:95:02:5c:c9:f3:e4:8f:0c:b7:f6:d1:
01:f3:94:29:6c:26:10:96:a5:62:15:ae:8f:7c:bc:cd:86:31:
fb:14:fc:97:0a:a0:65:6f:ed:e6:1b:77:5a:59:a4:d9:ae:c3:
59:72:93:d3:04:e6:be:cb:7b:bc:d5:f8:cf:ca:6d:ad:81:18:
18:1b:51:52:dc:f2:d0:58:c8:26:0a:a5:a4:cc:9e:a4:38:68:
ed:ef:f4:c1:89:ba:b6:21:25:76:f8:04:2a:f7:24:dd:02:2c:
f9:85:39:f0:0d:48:6b:cd:3a:02:25:2d:9c:c2:20:5b:da:9f:
27:2e:1c:7f:2d:f0:3e:57:6b:65:b1:55:c0:b6:3b:40:44:53:
c0:d1:0f:0d:93:b3:6b:31:f3:7e:86:56:55:1f:0e:1b:4e:8e:
f5:c3:67:1e:86:41:b1:c5:77:13:67:a1:69:34:60:52:3a:e5:
dc:aa:81:f3:3b:93:16:51:ac:c2:7c:e3:9b:17:1d:39:f4:6d:
01:75:99:74:e6:2f:a9:06:f4:b0:ef:5a:b3:95:d1:4c:0e:a9:
cd:85:42:e3:a6:83:fe:70:ba:9d:1d:e8:4e:7f:f1:f9:54:77:
6e:0b:2b:04
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEOEOPhjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ODQxMjYyYWNkNjJjOTBlNjgwODFhNmY3NzczNzVkZjJjMzcxM2MyMB4XDTIyMDEw
MTAzNTkxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2M2Njg3MTZjMDYx
YzE3NGI1ZDBjNGRiYTUzN2FlMWZkNWU0NzE0MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIilftXP2cQU8mmIYx0p0H1SwuRpbcXnY/D0ssFm5yVn37cE
+LVBUi5Odcjca21QW1y+hmUvHmT6Q3qYlZPLUfRY8elAC/n/q4GZ1cEqnMd9SCp3
vvr9RApXB9zXIcM4RLn4fW4W2wEeatxUH/ge7iFeSOgGoFLVT/DLG4lEDGFJQ+zD
VgSvtQZBz8cwx7fasvOAeDoRFacRKpjN9KH9RumUSLeUaVQUCdwFz2xvOTnQdby0
wyJ7gyhFWq6jLfuQX0WLdOvP0cRBzPFocYxvzkRiA3dwggoplf9ZwlgvjZkcrw2z
B5XB5TTxbt7uQnkYRvBevAP5JsNxX+z++oKFzscCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBTMZocWwGHBdLXQxNulN64f1eRxQTAfBgNVHSMEGDAWgBQoQSYqzWLJDmgI
Gm93c3XfLDcTwjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tFRW1LczFpeVE1b0NCcHZkM04xM3l3M0U4SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDYvMDMyMjc2LTI1ZGMtNGMzMC04YTdiLTk1YTMzZTEyYTNhZC8x
L3pHYUhGc0Jod1hTMTBNVGJwVGV1SDlYa2NVRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDYv
MDMyMjc2LTI1ZGMtNGMzMC04YTdiLTk1YTMzZTEyYTNhZC8xL0tFRW1LczFpeVE1
b0NCcHZkM04xM3l3M0U4SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEA1iXiAMEAVvPugMEAMEXNjANBAIA
AjAHAwUAKgIISDANBgkqhkiG9w0BAQsFAAOCAQEAgtuQ91bqtWWolbg51/SKkhNi
uWVwp6CuL5UCXMnz5I8Mt/bRAfOUKWwmEJalYhWuj3y8zYYx+xT8lwqgZW/t5ht3
Wlmk2a7DWXKT0wTmvst7vNX4z8ptrYEYGBtRUtzy0FjIJgqlpMyepDho7e/0wYm6
tiEldvgEKvck3QIs+YU58A1Ia806AiUtnMIgW9qfJy4cfy3wPldrZbFVwLY7QERT
wNEPDZOzazHzfoZWVR8OG06O9cNnHoZBscV3E2ehaTRgUjrl3KqB8zuTFlGswnzj
mxcdOfRtAXWZdOYvqQb0sO9as5XRTA6pzYVC46aD/nC6nR3oTn/x+VR3bgsrBA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:41 2024 by rpki-client on console-fra.rpki-client.org