Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/6703ca-ced4-4207-ab05-4a6f55771bd1/1/zwP6FmG4eI1_7DhfJGV7RCKrC7o.roa
File: zwP6FmG4eI1_7DhfJGV7RCKrC7o.roa (raw, json)
Hash identifier: loZSyRdVnjell6CWl2IboMFutyBveAqMKgcc5n0yq/A=
Subject key identifier: CF:03:FA:16:61:B8:78:8D:7F:EC:38:5F:24:65:7B:44:22:AB:0B:BA
Certificate issuer: /CN=bab453d97ba2f4a045843e6b4a953b3e5106eaf2
Certificate serial: 01856D9D3E3CC65E6457DD740C7C981550D5
Authority key identifier: BA:B4:53:D9:7B:A2:F4:A0:45:84:3E:6B:4A:95:3B:3E:51:06:EA:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/urRT2Xui9KBFhD5rSpU7PlEG6vI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/6703ca-ced4-4207-ab05-4a6f55771bd1/1/zwP6FmG4eI1_7DhfJGV7RCKrC7o.roa
Signing time: Sun 01 Jan 2023 13:54:59 +0000
ROA not before: Sun 01 Jan 2023 13:54:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29385
IP address blocks: 213.206.32.0/19 maxlen: 19
185.4.160.0/22 maxlen: 22
94.230.224.0/20 maxlen: 20
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:9d:3e:3c:c6:5e:64:57:dd:74:0c:7c:98:15:50:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bab453d97ba2f4a045843e6b4a953b3e5106eaf2
Validity
Not Before: Jan 1 13:54:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf03fa1661b8788d7fec385f24657b4422ab0bba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:77:06:ef:1b:27:a7:01:70:7d:19:51:14:bb:
ef:a2:bf:3f:77:80:fe:6d:f8:2d:71:1c:72:be:6f:
ef:61:5b:c7:0b:71:e4:9b:18:ad:7e:4d:1c:87:86:
b8:a5:e6:7a:24:68:ee:d8:45:7c:10:e1:4f:34:5a:
5c:ff:47:4f:6b:17:89:4a:c6:ea:b8:00:79:14:7b:
48:1a:39:bf:54:ff:a6:08:09:8f:f9:8c:b2:03:50:
81:c6:75:32:dc:c2:20:2a:31:60:48:ba:09:ee:68:
e7:6c:ce:5a:5a:e5:ae:27:7c:45:72:e6:16:78:fc:
cf:fd:9a:7c:18:3c:91:55:20:91:4d:ac:84:3c:6f:
cb:2b:5b:10:98:40:68:84:17:72:55:ad:1e:bd:23:
28:59:1d:94:93:bd:20:f2:db:a8:5e:80:e0:8b:2f:
d4:c7:1f:f4:cf:ad:26:23:26:11:06:87:34:b1:f1:
6e:be:0b:f7:49:de:78:9b:9a:b9:86:a2:95:19:80:
63:d0:c0:ca:58:a9:f0:7f:34:21:05:2e:f2:7c:cd:
e6:b7:c7:fd:26:7d:b8:be:f5:22:a7:e8:69:0d:6c:
b6:29:93:4f:e5:21:d1:bc:da:e2:67:f3:a1:0c:69:
8c:82:f6:ad:36:d1:0f:90:9e:7a:8c:7f:28:f1:ec:
af:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:03:FA:16:61:B8:78:8D:7F:EC:38:5F:24:65:7B:44:22:AB:0B:BA
X509v3 Authority Key Identifier:
keyid:BA:B4:53:D9:7B:A2:F4:A0:45:84:3E:6B:4A:95:3B:3E:51:06:EA:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/urRT2Xui9KBFhD5rSpU7PlEG6vI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/6703ca-ced4-4207-ab05-4a6f55771bd1/1/zwP6FmG4eI1_7DhfJGV7RCKrC7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/6703ca-ced4-4207-ab05-4a6f55771bd1/1/urRT2Xui9KBFhD5rSpU7PlEG6vI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.230.224.0/20
185.4.160.0/22
213.206.32.0/19
Signature Algorithm: sha256WithRSAEncryption
85:34:5f:dd:5a:17:9a:d9:5a:6b:37:cf:47:04:ba:7f:e4:62:
d5:d6:9c:59:af:58:9b:9d:67:ea:d4:3d:1b:1e:a0:fa:06:c4:
56:8f:89:f6:b8:c2:f1:0c:b7:2c:d2:32:7f:49:f4:e6:b6:27:
ec:07:34:7c:91:2d:78:38:b5:7b:49:03:e6:ee:d3:4d:9a:b3:
b2:1d:c1:9d:30:20:bf:e3:ac:a6:14:ef:dc:29:af:b5:1e:95:
7d:c5:98:07:a5:89:d6:9c:d7:8d:9b:34:d5:86:f6:62:32:1f:
a3:0d:fa:db:b2:c1:29:92:88:84:f0:82:aa:15:85:a1:df:04:
95:ea:a2:d7:8e:d4:de:ff:65:12:a6:c5:75:34:da:3a:23:68:
9d:d9:73:33:b7:bc:40:2b:34:6f:36:0f:4f:4a:47:cf:b8:ec:
d7:3c:6b:c8:e0:cf:46:3a:c3:60:59:f1:d7:e2:2c:cc:39:7e:
a7:0a:c8:f4:34:09:23:f7:f1:93:b2:07:38:8d:d7:8d:77:79:
df:34:5e:c8:2f:e0:bf:a2:f9:bf:24:53:ba:e9:35:03:6c:1a:
d2:1f:af:16:05:9f:c3:7a:9c:54:94:7e:1c:bd:5d:f1:98:f5:
5d:5a:bd:d8:7b:a1:80:9c:dc:be:63:48:e2:38:c5:62:7d:8d:
26:77:c7:28
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVtnT48xl5kV910DHyYFVDVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYjQ1M2Q5N2JhMmY0YTA0NTg0M2U2YjRhOTUzYjNlNTEw
NmVhZjIwHhcNMjMwMTAxMTM1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjAzZmExNjYxYjg3ODhkN2ZlYzM4NWYyNDY1N2I0NDIyYWIwYmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqncG7xsnpwFwfRlRFLvvor8/d4D+
bfgtcRxyvm/vYVvHC3Hkmxitfk0ch4a4peZ6JGju2EV8EOFPNFpc/0dPaxeJSsbq
uAB5FHtIGjm/VP+mCAmP+YyyA1CBxnUy3MIgKjFgSLoJ7mjnbM5aWuWuJ3xFcuYW
ePzP/Zp8GDyRVSCRTayEPG/LK1sQmEBohBdyVa0evSMoWR2Uk70g8tuoXoDgiy/U
xx/0z60mIyYRBoc0sfFuvgv3Sd54m5q5hqKVGYBj0MDKWKnwfzQhBS7yfM3mt8f9
Jn24vvUip+hpDWy2KZNP5SHRvNriZ/OhDGmMgvatNtEPkJ56jH8o8eyvsQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM8D+hZhuHiNf+w4XyRle0Qiqwu6MB8GA1UdIwQY
MBaAFLq0U9l7ovSgRYQ+a0qVOz5RBuryMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXJSVDJYdWk5S0JGaEQ1clNwVTdQbEVHNnZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS82NzAzY2EtY2VkNC00MjA3LWFiMDUt
NGE2ZjU1NzcxYmQxLzEvendQNkZtRzRlSTFfN0RoZkpHVjdSQ0tyQzdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS82NzAzY2EtY2VkNC00MjA3LWFiMDUtNGE2ZjU1NzcxYmQx
LzEvdXJSVDJYdWk5S0JGaEQ1clNwVTdQbEVHNnZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEXubgAwQC
uQSgAwQF1c4gMA0GCSqGSIb3DQEBCwUAA4IBAQCFNF/dWhea2VprN89HBLp/5GLV
1pxZr1ibnWfq1D0bHqD6BsRWj4n2uMLxDLcs0jJ/SfTmtifsBzR8kS14OLV7SQPm
7tNNmrOyHcGdMCC/46ymFO/cKa+1HpV9xZgHpYnWnNeNmzTVhvZiMh+jDfrbssEp
koiE8IKqFYWh3wSV6qLXjtTe/2USpsV1NNo6I2id2XMzt7xAKzRvNg9PSkfPuOzX
PGvI4M9GOsNgWfHX4izMOX6nCsj0NAkj9/GTsgc4jdeNd3nfNF7IL+C/ovm/JFO6
6TUDbBrSH68WBZ/DepxUlH4cvV3xmPVdWr3Ye6GAnNy+Y0jiOMVifY0md8co
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:37 2024 by rpki-client on console-ams.rpki-client.org