Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/59d808-154f-42ae-af8f-790244508df4/1/kzYlG4F19AgCaDAQevjXjiTq5wk.roa
File: kzYlG4F19AgCaDAQevjXjiTq5wk.roa (raw, json)
Hash identifier: qVUAPH6QO0vpQeJPxc9L0yU6KQyyovIPqF7dNqkLa+k=
Subject key identifier: 93:36:25:1B:81:75:F4:08:02:68:30:10:7A:F8:D7:8E:24:EA:E7:09
Certificate issuer: /CN=27516d20ebefd12f072d413c4d2606bdb258691a
Certificate serial: 018CC5DC376E72BB0247DB967ED9438D10B4
Authority key identifier: 27:51:6D:20:EB:EF:D1:2F:07:2D:41:3C:4D:26:06:BD:B2:58:69:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J1FtIOvv0S8HLUE8TSYGvbJYaRo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/59d808-154f-42ae-af8f-790244508df4/1/kzYlG4F19AgCaDAQevjXjiTq5wk.roa
Signing time: Mon 01 Jan 2024 16:29:52 +0000
ROA not before: Mon 01 Jan 2024 16:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35575
IP address blocks: 185.190.44.0/24 maxlen: 24
185.190.46.0/24 maxlen: 24
185.190.45.0/24 maxlen: 24
185.190.47.0/24 maxlen: 24
193.238.68.0/22 maxlen: 22
195.66.31.0/24 maxlen: 24
195.66.27.0/24 maxlen: 24
195.66.28.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:37:6e:72:bb:02:47:db:96:7e:d9:43:8d:10:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27516d20ebefd12f072d413c4d2606bdb258691a
Validity
Not Before: Jan 1 16:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9336251b8175f408026830107af8d78e24eae709
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:a1:8b:6a:2b:7a:07:70:0e:d6:cb:52:7d:ed:
1d:6e:00:24:ff:d4:ad:74:87:c8:ed:61:d8:8c:8e:
8d:db:11:ea:d3:a5:9a:23:92:8d:35:9e:52:37:3c:
17:4e:75:b2:98:01:dd:f1:ed:12:31:7c:f2:ec:86:
92:58:4e:68:ae:d3:11:e9:13:09:09:3f:a3:e1:99:
79:fe:50:bf:21:6a:dc:f9:b0:10:4a:06:8d:34:eb:
e9:50:3f:cb:47:0c:f3:d3:48:3c:54:6d:15:de:f1:
d2:39:08:51:1e:24:e6:cf:11:49:4e:d2:31:b7:94:
15:a1:0c:81:39:48:4f:bd:27:8f:01:2d:20:86:06:
71:5b:25:e5:d4:df:e9:03:c9:dc:0e:18:70:8f:80:
cb:b8:5f:95:40:0d:b4:8a:4c:f5:f8:8c:00:6b:5b:
d9:9e:a2:0b:06:a0:7e:34:08:67:28:a2:91:70:81:
c3:27:09:08:cd:95:14:17:e3:85:65:13:6b:15:c0:
f1:3a:f8:e5:02:7a:11:c7:63:b4:b4:4c:ca:d9:f6:
c3:a9:f9:19:75:ee:dc:1f:f9:06:e6:f7:c8:e2:8f:
19:7c:2d:7c:b5:54:ec:ab:6e:76:33:63:5e:a5:42:
6b:12:e4:e3:47:b5:08:f8:0b:dc:ed:3a:b7:fd:16:
b1:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:36:25:1B:81:75:F4:08:02:68:30:10:7A:F8:D7:8E:24:EA:E7:09
X509v3 Authority Key Identifier:
keyid:27:51:6D:20:EB:EF:D1:2F:07:2D:41:3C:4D:26:06:BD:B2:58:69:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J1FtIOvv0S8HLUE8TSYGvbJYaRo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/59d808-154f-42ae-af8f-790244508df4/1/kzYlG4F19AgCaDAQevjXjiTq5wk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/59d808-154f-42ae-af8f-790244508df4/1/J1FtIOvv0S8HLUE8TSYGvbJYaRo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.190.44.0/22
193.238.68.0/22
195.66.27.0-195.66.28.255
195.66.31.0/24
Signature Algorithm: sha256WithRSAEncryption
20:fb:75:60:12:ce:c0:fe:22:7b:ea:2a:3f:dd:84:37:6f:7c:
7b:31:8d:d8:28:45:8b:31:ec:1c:19:76:f8:fe:29:fb:bb:64:
6b:07:50:75:ce:2b:ca:66:b6:1b:47:c7:11:76:cb:68:14:13:
e9:01:42:6f:15:bf:43:4d:aa:64:a9:85:be:c7:da:f7:11:2f:
17:30:5f:83:7a:88:19:ce:29:de:85:16:b7:ba:94:0a:a9:7d:
bb:26:84:1a:dc:d6:d5:37:bf:39:35:29:1d:06:df:fb:d4:a8:
39:67:e0:a2:52:ed:0b:98:6b:d5:34:52:ab:1d:c7:b6:48:12:
d0:72:e8:0e:e5:5b:4c:27:47:24:6c:17:1a:ba:15:f0:5b:01:
ff:cc:b3:9b:2f:10:a7:a8:f7:9e:90:8d:68:dd:51:c8:42:b4:
58:42:fb:e6:97:04:9c:ae:c9:14:6e:34:55:86:0b:39:f2:0a:
05:f1:1a:f5:a2:c9:e7:f7:85:3d:34:c5:e0:dd:1f:fc:f3:7c:
94:04:18:7f:62:c5:1a:bc:19:1b:50:29:6b:c6:b7:98:46:b3:
1b:83:58:ec:65:b7:bd:ba:a1:28:f0:38:6a:3a:a5:d1:3a:84:
a1:0f:78:9c:c4:a3:72:67:ed:f6:ac:be:d4:c5:62:64:fd:b9:
a0:f2:15:e0
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzF3DducrsCR9uWftlDjRC0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3NTE2ZDIwZWJlZmQxMmYwNzJkNDEzYzRkMjYwNmJkYjI1
ODY5MWEwHhcNMjQwMTAxMTYyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzM2MjUxYjgxNzVmNDA4MDI2ODMwMTA3YWY4ZDc4ZTI0ZWFlNzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhaGLait6B3AO1stSfe0dbgAk/9St
dIfI7WHYjI6N2xHq06WaI5KNNZ5SNzwXTnWymAHd8e0SMXzy7IaSWE5ortMR6RMJ
CT+j4Zl5/lC/IWrc+bAQSgaNNOvpUD/LRwzz00g8VG0V3vHSOQhRHiTmzxFJTtIx
t5QVoQyBOUhPvSePAS0ghgZxWyXl1N/pA8ncDhhwj4DLuF+VQA20ikz1+IwAa1vZ
nqILBqB+NAhnKKKRcIHDJwkIzZUUF+OFZRNrFcDxOvjlAnoRx2O0tEzK2fbDqfkZ
de7cH/kG5vfI4o8ZfC18tVTsq252M2NepUJrEuTjR7UI+Avc7Tq3/RaxDwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJM2JRuBdfQIAmgwEHr4144k6ucJMB8GA1UdIwQY
MBaAFCdRbSDr79EvBy1BPE0mBr2yWGkaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjFGdElPdnYwUzhITFVFOFRTWUd2YkpZYVJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy81OWQ4MDgtMTU0Zi00MmFlLWFmOGYt
NzkwMjQ0NTA4ZGY0LzEva3pZbEc0RjE5QWdDYURBUWV2alhqaVRxNXdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy81OWQ4MDgtMTU0Zi00MmFlLWFmOGYtNzkwMjQ0NTA4ZGY0
LzEvSjFGdElPdnYwUzhITFVFOFRTWUd2YkpZYVJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCub4sAwQC
we5EMAwDBADDQhsDBADDQhwDBADDQh8wDQYJKoZIhvcNAQELBQADggEBACD7dWAS
zsD+InvqKj/dhDdvfHsxjdgoRYsx7BwZdvj+Kfu7ZGsHUHXOK8pmthtHxxF2y2gU
E+kBQm8Vv0NNqmSphb7H2vcRLxcwX4N6iBnOKd6FFre6lAqpfbsmhBrc1tU3vzk1
KR0G3/vUqDln4KJS7QuYa9U0Uqsdx7ZIEtBy6A7lW0wnRyRsFxq6FfBbAf/Ms5sv
EKeo956QjWjdUchCtFhC++aXBJyuyRRuNFWGCznyCgXxGvWiyef3hT00xeDdH/zz
fJQEGH9ixRq8GRtQKWvGt5hGsxuDWOxlt726oSjwOGo6pdE6hKEPeJzEo3Jn7fas
vtTFYmT9uaDyFeA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:59 2024 by rpki-client on console-ams.rpki-client.org