Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/ad6f5f-53b5-4e07-94b4-70f94d5ee5fc/1/ZkVlP7IBlOMpeiIdAMdtnB20Vq0.roa
File: ZkVlP7IBlOMpeiIdAMdtnB20Vq0.roa (raw, json)
Hash identifier: 68fkAzRlXeOZd6vovIeb6B1q0syKVvemBkDE5dWfVfc=
Subject key identifier: 66:45:65:3F:B2:01:94:E3:29:7A:22:1D:00:C7:6D:9C:1D:B4:56:AD
Certificate issuer: /CN=f4e018fddfd422517c3069e75658657b40e73601
Certificate serial: 1659E519
Authority key identifier: F4:E0:18:FD:DF:D4:22:51:7C:30:69:E7:56:58:65:7B:40:E7:36:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9OAY_d_UIlF8MGnnVlhle0DnNgE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/ad6f5f-53b5-4e07-94b4-70f94d5ee5fc/1/ZkVlP7IBlOMpeiIdAMdtnB20Vq0.roa
Signing time: Sat 01 Jan 2022 10:01:21 +0000
ROA not before: Sat 01 Jan 2022 10:01:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34037
IP address blocks: 195.191.141.0/24 maxlen: 24
195.191.177.0/24 maxlen: 24
141.136.32.0/24 maxlen: 24
141.136.37.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 374990105 (0x1659e519)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4e018fddfd422517c3069e75658657b40e73601
Validity
Not Before: Jan 1 10:01:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6645653fb20194e3297a221d00c76d9c1db456ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:28:31:e0:88:4a:fc:82:de:07:bd:d6:18:6b:
6b:91:bf:4a:8d:91:ed:84:5b:d2:d4:60:43:89:6a:
92:6c:77:a9:44:88:93:b6:ff:4c:e4:21:af:8a:82:
17:98:12:64:9f:9c:3b:fc:9b:e7:4a:ed:18:0b:ea:
b0:d1:44:dd:5c:44:99:3f:a4:a3:a4:3a:9e:5c:2c:
09:63:3a:3e:d9:2d:0c:52:31:c3:ba:cf:a2:91:31:
10:a5:d9:ad:eb:b5:ff:04:d1:4e:06:32:5b:e7:5d:
02:49:58:a6:09:eb:86:b9:5c:c2:ac:0e:64:17:2a:
d4:63:c8:b4:82:aa:3e:4c:a1:e0:67:bf:d2:34:3c:
d8:52:2b:b1:ac:65:08:64:0e:f5:36:ea:bc:08:36:
30:25:06:14:64:67:05:b6:5f:8a:b8:1e:f7:d6:e3:
58:b3:96:31:a3:14:56:b0:66:7f:c8:4b:31:85:37:
61:a3:0a:f0:27:a0:aa:9b:27:94:0b:08:7c:5a:6f:
75:99:fc:65:cd:8c:d3:64:64:91:1c:21:ec:69:4f:
c8:01:bc:75:ff:1d:56:93:eb:8f:4c:c4:03:e2:3a:
48:3d:97:99:49:9f:f7:21:37:78:cb:14:59:48:bf:
a1:dd:fe:a0:35:2d:50:6f:7a:a8:7a:6d:49:fb:a8:
2a:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:45:65:3F:B2:01:94:E3:29:7A:22:1D:00:C7:6D:9C:1D:B4:56:AD
X509v3 Authority Key Identifier:
keyid:F4:E0:18:FD:DF:D4:22:51:7C:30:69:E7:56:58:65:7B:40:E7:36:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9OAY_d_UIlF8MGnnVlhle0DnNgE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ad6f5f-53b5-4e07-94b4-70f94d5ee5fc/1/ZkVlP7IBlOMpeiIdAMdtnB20Vq0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ad6f5f-53b5-4e07-94b4-70f94d5ee5fc/1/9OAY_d_UIlF8MGnnVlhle0DnNgE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.136.32.0/24
141.136.37.0/24
195.191.141.0/24
195.191.177.0/24
Signature Algorithm: sha256WithRSAEncryption
68:fd:00:84:69:49:cd:24:67:7a:43:e3:6c:42:15:b9:c2:bb:
e0:9b:0c:c3:02:54:82:e5:d2:06:76:2a:15:12:3f:49:63:52:
a6:1a:03:6d:dd:ff:78:71:af:6d:04:99:08:c1:35:71:9b:55:
0a:b9:4e:99:6a:14:3e:64:81:fc:eb:a4:42:a8:4b:72:b2:69:
c0:40:36:cc:a9:00:10:57:d8:48:5d:02:62:df:14:91:6d:bb:
aa:bf:7d:8e:34:c5:35:ec:d0:a0:43:2b:d5:ac:4c:93:42:65:
67:15:08:1a:2e:83:e8:28:21:a8:40:5d:3f:41:5e:30:39:92:
6d:be:bb:d8:6f:5e:aa:5f:63:0e:c7:ba:71:f8:31:3f:2c:c5:
26:21:2d:87:86:30:d9:a0:25:04:3f:57:68:b1:b4:ee:26:71:
f4:c8:39:e9:61:c2:ce:ff:bc:65:53:61:00:87:ae:b8:47:87:
e2:fc:60:64:d7:bb:cf:5f:d7:a0:52:96:bf:e8:a9:ea:34:39:
15:ec:8c:09:e7:b8:1e:ce:6c:aa:0b:69:3d:93:2a:d8:ac:d6:
84:ce:19:5a:24:cd:5b:1e:27:97:15:c4:43:c3:05:0d:39:23:
55:33:34:d7:a4:26:b5:39:0a:4d:d0:06:bc:39:9e:12:e6:b7:
1b:e6:19:86
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEFlnlGTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NGUwMThmZGRmZDQyMjUxN2MzMDY5ZTc1NjU4NjU3YjQwZTczNjAxMB4XDTIyMDEw
MTEwMDEyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjY0NTY1M2ZiMjAx
OTRlMzI5N2EyMjFkMDBjNzZkOWMxZGI0NTZhZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKEoMeCISvyC3ge91hhra5G/So2R7YRb0tRgQ4lqkmx3qUSI
k7b/TOQhr4qCF5gSZJ+cO/yb50rtGAvqsNFE3VxEmT+ko6Q6nlwsCWM6PtktDFIx
w7rPopExEKXZreu1/wTRTgYyW+ddAklYpgnrhrlcwqwOZBcq1GPItIKqPkyh4Ge/
0jQ82FIrsaxlCGQO9TbqvAg2MCUGFGRnBbZfirge99bjWLOWMaMUVrBmf8hLMYU3
YaMK8CegqpsnlAsIfFpvdZn8Zc2M02RkkRwh7GlPyAG8df8dVpPrj0zEA+I6SD2X
mUmf9yE3eMsUWUi/od3+oDUtUG96qHptSfuoKhkCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBRmRWU/sgGU4yl6Ih0Ax22cHbRWrTAfBgNVHSMEGDAWgBT04Bj939QiUXww
aedWWGV7QOc2ATAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlPQVlfZF9VSWxGOE1Hbm5WbGhsZTBEbk5nRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTIvYWQ2ZjVmLTUzYjUtNGUwNy05NGI0LTcwZjk0ZDVlZTVmYy8x
L1prVmxQN0lCbE9NcGVpSWRBTWR0bkIyMFZxMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTIv
YWQ2ZjVmLTUzYjUtNGUwNy05NGI0LTcwZjk0ZDVlZTVmYy8xLzlPQVlfZF9VSWxG
OE1Hbm5WbGhsZTBEbk5nRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAI2IIAMEAI2IJQMEAMO/jQMEAMO/
sTANBgkqhkiG9w0BAQsFAAOCAQEAaP0AhGlJzSRnekPjbEIVucK74JsMwwJUguXS
BnYqFRI/SWNSphoDbd3/eHGvbQSZCME1cZtVCrlOmWoUPmSB/OukQqhLcrJpwEA2
zKkAEFfYSF0CYt8UkW27qr99jjTFNezQoEMr1axMk0JlZxUIGi6D6CghqEBdP0Fe
MDmSbb672G9eql9jDse6cfgxPyzFJiEth4Yw2aAlBD9XaLG07iZx9Mg56WHCzv+8
ZVNhAIeuuEeH4vxgZNe7z1/XoFKWv+ip6jQ5FeyMCee4Hs5sqgtpPZMq2KzWhM4Z
WiTNWx4nlxXEQ8MFDTkjVTM016QmtTkKTdAGvDmeEua3G+YZhg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:52 2024 by rpki-client on console-fra.rpki-client.org