Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/ecec37-30b8-4e19-bbb2-f67e175d4ba7/1/Z0k_xMyOTaXHl26y_cOr1GTYgVo.roa
File: Z0k_xMyOTaXHl26y_cOr1GTYgVo.roa (raw, json)
Hash identifier: 062uMDkIx7eLqfnlXKkNoncVaqSMjNBFrsqOc97nQy0=
Subject key identifier: 67:49:3F:C4:CC:8E:4D:A5:C7:97:6E:B2:FD:C3:AB:D4:64:D8:81:5A
Certificate issuer: /CN=61544481d3be7fca5e80a564ad93c1b8a2f636f8
Certificate serial: 018D8430EE5DFBB6FABA468291058DD08B52
Authority key identifier: 61:54:44:81:D3:BE:7F:CA:5E:80:A5:64:AD:93:C1:B8:A2:F6:36:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YVREgdO-f8pegKVkrZPBuKL2Nvg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/ecec37-30b8-4e19-bbb2-f67e175d4ba7/1/Z0k_xMyOTaXHl26y_cOr1GTYgVo.roa
Signing time: Wed 07 Feb 2024 15:30:15 +0000
ROA not before: Wed 07 Feb 2024 15:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48031
IP address blocks: 84.246.106.0/24 maxlen: 24
91.190.153.0/24 maxlen: 24
91.246.34.0/24 maxlen: 24
176.97.208.0/24 maxlen: 24
212.52.26.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:84:30:ee:5d:fb:b6:fa:ba:46:82:91:05:8d:d0:8b:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61544481d3be7fca5e80a564ad93c1b8a2f636f8
Validity
Not Before: Feb 7 15:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67493fc4cc8e4da5c7976eb2fdc3abd464d8815a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d7:d4:e0:b8:e3:56:54:58:f2:69:54:f3:23:
a0:e5:9b:8a:ee:b1:90:b0:6c:26:c9:30:ed:bc:f6:
01:de:95:33:22:4a:13:a0:95:7e:67:5d:56:d1:fa:
cb:e8:ba:2b:67:57:6d:dc:b7:ac:e0:06:9d:b9:33:
1f:93:85:f4:ad:b5:78:0b:cb:41:ed:a8:5c:ae:65:
b2:b1:76:d5:4d:07:d0:93:2b:12:99:97:13:4b:c2:
9e:73:1f:67:29:6e:3d:0c:db:46:0d:33:9e:7a:f7:
87:57:a7:21:77:c5:5f:17:44:f4:6f:6a:93:38:8c:
7d:56:1e:9c:6b:e7:ef:05:49:79:9d:b3:6e:20:01:
2f:0e:5b:cf:f6:9e:ef:05:44:04:9e:ad:62:e8:31:
7d:1c:c4:0f:20:77:56:f5:da:3a:9b:92:7b:62:d0:
af:65:da:c4:13:8a:a8:3b:1b:14:10:76:ac:0f:3a:
91:52:a0:b6:b0:4c:11:8f:6e:97:e7:0b:aa:77:ac:
18:ec:3f:e6:6d:42:6b:10:4f:ef:df:89:f5:82:93:
d0:bb:3a:84:16:5e:32:5f:41:a0:42:64:2e:83:ff:
22:96:d5:26:6f:23:7c:63:fc:ac:12:ee:ac:fd:a0:
6d:17:29:d9:37:aa:5f:da:a3:02:d8:ad:7b:63:3a:
35:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:49:3F:C4:CC:8E:4D:A5:C7:97:6E:B2:FD:C3:AB:D4:64:D8:81:5A
X509v3 Authority Key Identifier:
keyid:61:54:44:81:D3:BE:7F:CA:5E:80:A5:64:AD:93:C1:B8:A2:F6:36:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YVREgdO-f8pegKVkrZPBuKL2Nvg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/ecec37-30b8-4e19-bbb2-f67e175d4ba7/1/Z0k_xMyOTaXHl26y_cOr1GTYgVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/ecec37-30b8-4e19-bbb2-f67e175d4ba7/1/YVREgdO-f8pegKVkrZPBuKL2Nvg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.246.106.0/24
91.190.153.0/24
91.246.34.0/24
176.97.208.0/24
212.52.26.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:d2:b2:33:29:4f:d6:e5:b5:2a:ff:0e:3a:d0:ab:b2:e1:01:
1c:dd:3b:01:9a:d4:e3:3f:8a:11:0f:2f:fc:df:47:da:0d:8c:
4f:a9:f8:7d:37:21:5d:8f:5a:35:ae:9d:03:53:94:81:9b:a9:
48:7d:e6:0e:2e:61:be:b8:54:e2:7e:74:ef:77:9d:d2:c0:24:
32:f2:ba:5c:68:4e:f8:1f:4d:f1:cc:b2:6e:6b:da:b3:43:17:
7a:df:30:be:6c:87:04:7c:e5:0d:95:6d:ab:c0:ce:82:5f:62:
66:51:f7:5d:e2:56:c3:6d:d0:8b:62:da:f0:da:4e:05:6e:66:
7b:9c:fc:0b:31:f9:33:1f:3c:0d:24:09:ea:ee:62:bf:b2:9f:
db:f4:a6:e0:a9:e3:ab:dc:0b:df:5a:e4:b7:2f:83:74:a3:86:
40:75:8d:aa:df:23:87:a6:83:95:b4:a7:bf:d2:36:9e:b9:10:
68:70:92:16:37:48:c8:42:8c:29:b9:f7:39:ea:7f:ba:52:d9:
ce:5a:3e:96:dd:49:e7:fe:c1:95:50:35:c9:ac:95:33:08:af:
b4:5d:30:8f:e3:29:1d:60:b7:9b:22:26:a4:b7:74:cb:70:69:
41:ae:3b:77:c2:a1:1d:d0:26:4a:f2:b2:a8:dc:f8:31:f3:cd:
ad:10:95:60
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY2EMO5d+7b6ukaCkQWN0ItSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxNTQ0NDgxZDNiZTdmY2E1ZTgwYTU2NGFkOTNjMWI4YTJm
NjM2ZjgwHhcNMjQwMjA3MTUzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzQ5M2ZjNGNjOGU0ZGE1Yzc5NzZlYjJmZGMzYWJkNDY0ZDg4MTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNfU4LjjVlRY8mlU8yOg5ZuK7rGQ
sGwmyTDtvPYB3pUzIkoToJV+Z11W0frL6LorZ1dt3Les4AaduTMfk4X0rbV4C8tB
7ahcrmWysXbVTQfQkysSmZcTS8Kecx9nKW49DNtGDTOeeveHV6chd8VfF0T0b2qT
OIx9Vh6ca+fvBUl5nbNuIAEvDlvP9p7vBUQEnq1i6DF9HMQPIHdW9do6m5J7YtCv
ZdrEE4qoOxsUEHasDzqRUqC2sEwRj26X5wuqd6wY7D/mbUJrEE/v34n1gpPQuzqE
Fl4yX0GgQmQug/8iltUmbyN8Y/ysEu6s/aBtFynZN6pf2qMC2K17Yzo1MQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGdJP8TMjk2lx5dusv3Dq9Rk2IFaMB8GA1UdIwQY
MBaAFGFURIHTvn/KXoClZK2Twbii9jb4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVZSRWdkTy1mOHBlZ0tWa3JaUEJ1S0wyTnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9lY2VjMzctMzBiOC00ZTE5LWJiYjIt
ZjY3ZTE3NWQ0YmE3LzEvWjBrX3hNeU9UYVhIbDI2eV9jT3IxR1RZZ1ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9lY2VjMzctMzBiOC00ZTE5LWJiYjItZjY3ZTE3NWQ0YmE3
LzEvWVZSRWdkTy1mOHBlZ0tWa3JaUEJ1S0wyTnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVPZqAwQA
W76ZAwQAW/YiAwQAsGHQAwQA1DQaMA0GCSqGSIb3DQEBCwUAA4IBAQAd0rIzKU/W
5bUq/w460Kuy4QEc3TsBmtTjP4oRDy/830faDYxPqfh9NyFdj1o1rp0DU5SBm6lI
feYOLmG+uFTifnTvd53SwCQy8rpcaE74H03xzLJua9qzQxd63zC+bIcEfOUNlW2r
wM6CX2JmUfdd4lbDbdCLYtrw2k4FbmZ7nPwLMfkzHzwNJAnq7mK/sp/b9KbgqeOr
3AvfWuS3L4N0o4ZAdY2q3yOHpoOVtKe/0jaeuRBocJIWN0jIQowpufc56n+6UtnO
Wj6W3Unn/sGVUDXJrJUzCK+0XTCP4ykdYLebIiakt3TLcGlBrjt3wqEd0CZK8rKo
3Pgx882tEJVg
-----END CERTIFICATE-----
Generated at Mon Mar 11 20:50:31 2024 by rpki-client on console-ams.rpki-client.org