Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/Z2GMkO7o4JZSfdHFoDLFq4EYKl4.roa
File: Z2GMkO7o4JZSfdHFoDLFq4EYKl4.roa (raw, json)
Hash identifier: zosew5ZHNdXw4QQKTYVp2jB/5z2ZbilWRxzyywiVtM8=
Subject key identifier: 67:61:8C:90:EE:E8:E0:96:52:7D:D1:C5:A0:32:C5:AB:81:18:2A:5E
Certificate issuer: /CN=9e55320077696944b1613c2e8c9c606a1e06eb79
Certificate serial: 0A96F1D3
Authority key identifier: 9E:55:32:00:77:69:69:44:B1:61:3C:2E:8C:9C:60:6A:1E:06:EB:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nlUyAHdpaUSxYTwujJxgah4G63k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/Z2GMkO7o4JZSfdHFoDLFq4EYKl4.roa
Signing time: Wed 16 Feb 2022 12:53:32 +0000
ROA not before: Wed 16 Feb 2022 12:53:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208972
IP address blocks: 5.182.247.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 177664467 (0xa96f1d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e55320077696944b1613c2e8c9c606a1e06eb79
Validity
Not Before: Feb 16 12:53:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=67618c90eee8e096527dd1c5a032c5ab81182a5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:53:fd:4c:51:1c:26:0d:16:d4:4f:6f:40:a9:
06:c0:3c:1a:9a:e4:5a:1e:04:53:72:c9:69:10:57:
d2:08:5f:9a:54:55:b4:0c:cd:94:b2:e1:a5:82:e7:
b4:36:9a:03:98:b6:ae:84:bf:b4:5b:61:e1:3d:97:
6c:db:0e:88:b0:5f:3e:33:6a:93:67:15:d4:92:de:
a2:04:fc:3b:ee:f2:5d:78:fa:4a:ae:1c:9a:b9:40:
69:79:1d:a3:a1:6a:10:b8:75:c1:3f:1d:c0:dd:fe:
75:4d:b3:27:75:f4:f3:b0:5d:f9:2d:f9:3c:17:81:
39:95:9b:a4:15:7f:a9:aa:d2:e5:80:8a:e6:59:5e:
31:13:5a:e1:1d:9f:b6:c7:d9:95:6f:3f:ea:e8:e3:
d9:bf:2a:23:f3:f4:3d:a6:28:5f:c8:1b:35:c0:25:
f2:4e:af:d1:e6:d0:4f:a5:d3:ea:b9:77:55:90:59:
ef:06:77:8a:82:d7:e2:1b:2b:73:5a:67:61:35:33:
63:f8:44:f6:f3:bb:86:0a:b8:bc:5d:88:ae:88:82:
70:85:56:39:a9:77:e2:8a:85:c8:d1:1b:fc:49:c0:
49:44:af:c2:b3:5b:e9:0b:06:b2:f0:75:42:a5:37:
8a:13:0d:75:ca:92:99:91:28:fb:35:e1:dc:ff:9f:
a8:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:61:8C:90:EE:E8:E0:96:52:7D:D1:C5:A0:32:C5:AB:81:18:2A:5E
X509v3 Authority Key Identifier:
keyid:9E:55:32:00:77:69:69:44:B1:61:3C:2E:8C:9C:60:6A:1E:06:EB:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nlUyAHdpaUSxYTwujJxgah4G63k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/Z2GMkO7o4JZSfdHFoDLFq4EYKl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/nlUyAHdpaUSxYTwujJxgah4G63k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.247.0/24
Signature Algorithm: sha256WithRSAEncryption
53:8b:93:a3:79:9d:3c:61:6e:67:e1:21:16:06:82:39:2f:78:
a6:59:22:65:ad:81:fa:c4:2c:82:0e:b5:a7:4d:3d:66:97:c5:
48:b5:e5:5c:0a:37:43:b6:88:27:ea:96:a0:dd:63:fb:70:f1:
1f:18:d8:be:1c:de:b3:e4:c3:c1:2f:ef:fc:e9:9e:0e:40:e2:
94:2c:1c:b4:38:1d:20:c8:34:07:c1:80:a1:f4:8e:e5:87:ee:
cd:69:f4:0f:67:65:6c:45:aa:18:a3:58:03:e2:7e:7a:78:54:
00:d1:12:f6:75:ff:96:6b:a7:ab:75:17:3d:68:15:d7:ff:bf:
b8:4d:e7:dc:a5:50:0b:3c:5b:ec:19:ee:dd:c3:e5:b3:64:eb:
06:12:dc:7c:e3:97:98:9a:85:c6:ac:b8:82:7b:e8:76:bb:81:
10:8d:a2:0f:76:50:3f:41:ef:a7:33:ee:1f:fa:ea:70:5c:65:
f6:28:4f:1c:f8:03:37:6d:f9:c9:b4:d5:aa:e4:8b:45:4d:72:
ab:8f:de:c9:5a:2d:d8:9c:01:ef:d6:f9:15:cc:cf:03:5e:a1:
51:30:e8:04:97:3c:95:fe:56:3e:55:fb:0c:8d:a2:3d:04:97:
00:af:75:26:91:cd:dc:be:38:76:14:56:7a:1d:79:f9:c5:a8:
51:37:de:f7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECpbx0zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZTU1MzIwMDc3Njk2OTQ0YjE2MTNjMmU4YzljNjA2YTFlMDZlYjc5MB4XDTIyMDIx
NjEyNTMzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjc2MThjOTBlZWU4
ZTA5NjUyN2RkMWM1YTAzMmM1YWI4MTE4MmE1ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKRT/UxRHCYNFtRPb0CpBsA8GprkWh4EU3LJaRBX0ghfmlRV
tAzNlLLhpYLntDaaA5i2roS/tFth4T2XbNsOiLBfPjNqk2cV1JLeogT8O+7yXXj6
Sq4cmrlAaXkdo6FqELh1wT8dwN3+dU2zJ3X087Bd+S35PBeBOZWbpBV/qarS5YCK
5lleMRNa4R2ftsfZlW8/6ujj2b8qI/P0PaYoX8gbNcAl8k6v0ebQT6XT6rl3VZBZ
7wZ3ioLX4hsrc1pnYTUzY/hE9vO7hgq4vF2IroiCcIVWOal34oqFyNEb/EnASUSv
wrNb6QsGsvB1QqU3ihMNdcqSmZEo+zXh3P+fqPsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRnYYyQ7ujgllJ90cWgMsWrgRgqXjAfBgNVHSMEGDAWgBSeVTIAd2lpRLFh
PC6MnGBqHgbreTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25sVXlBSGRwYVVTeFlUd3VqSnhnYWg0RzYzay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTgvMjYwYjYxLWEzNDgtNGQ0Ny05MmY2LTFlMGU4YjkwOWUzNC8x
L1oyR01rTzdvNEpaU2ZkSEZvRExGcTRFWUtsNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgv
MjYwYjYxLWEzNDgtNGQ0Ny05MmY2LTFlMGU4YjkwOWUzNC8xL25sVXlBSGRwYVVT
eFlUd3VqSnhnYWg0RzYzay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAW29zANBgkqhkiG9w0BAQsFAAOC
AQEAU4uTo3mdPGFuZ+EhFgaCOS94plkiZa2B+sQsgg61p009ZpfFSLXlXAo3Q7aI
J+qWoN1j+3DxHxjYvhzes+TDwS/v/OmeDkDilCwctDgdIMg0B8GAofSO5YfuzWn0
D2dlbEWqGKNYA+J+enhUANES9nX/lmunq3UXPWgV1/+/uE3n3KVQCzxb7Bnu3cPl
s2TrBhLcfOOXmJqFxqy4gnvodruBEI2iD3ZQP0HvpzPuH/rqcFxl9ihPHPgDN235
ybTVquSLRU1yq4/eyVot2JwB79b5FczPA16hUTDoBJc8lf5WPlX7DI2iPQSXAK91
JpHN3L44dhRWeh15+cWoUTfe9w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:43 2024 by rpki-client on console-ams.rpki-client.org