Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/0ee78b-815c-4995-82e1-c80c288ebeea/1/TLZJf8G9xTrHypIQRQLwdu3NrLs.roa
File: TLZJf8G9xTrHypIQRQLwdu3NrLs.roa (raw, json)
Hash identifier: W9hI2wskCSv4wbfGz6rf0r0gaPcryMpccHsKStqsTgU=
Subject key identifier: 4C:B6:49:7F:C1:BD:C5:3A:C7:CA:92:10:45:02:F0:76:ED:CD:AC:BB
Certificate issuer: /CN=7cd6c0236ff4d6050906957ffd380b3879e6ed6e
Certificate serial: 019146B45D8E2C67564DC421CEFDD34886C0
Authority key identifier: 7C:D6:C0:23:6F:F4:D6:05:09:06:95:7F:FD:38:0B:38:79:E6:ED:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fNbAI2_01gUJBpV__TgLOHnm7W4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/0ee78b-815c-4995-82e1-c80c288ebeea/1/TLZJf8G9xTrHypIQRQLwdu3NrLs.roa
Signing time: Mon 12 Aug 2024 13:08:31 +0000
ROA not before: Mon 12 Aug 2024 13:08:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205131
IP address blocks: 194.54.159.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:46:b4:5d:8e:2c:67:56:4d:c4:21:ce:fd:d3:48:86:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7cd6c0236ff4d6050906957ffd380b3879e6ed6e
Validity
Not Before: Aug 12 13:08:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4cb6497fc1bdc53ac7ca92104502f076edcdacbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:88:23:68:27:03:d4:ca:42:d1:1c:c2:fc:56:
91:2b:9d:92:40:35:83:85:57:2d:9e:04:4a:96:ad:
86:f6:3c:29:f0:54:d0:be:5c:55:ea:4b:ee:78:1b:
2d:27:d6:0f:54:b6:ba:d1:24:a6:ae:8c:bd:4d:c1:
d0:34:cd:dc:20:cc:d3:60:fc:5b:4d:5b:2b:96:7b:
4a:c6:19:67:36:4b:5b:0d:70:7e:d4:62:42:f6:42:
43:c9:3a:05:cb:f4:df:f5:b9:07:72:40:13:2c:73:
b1:0f:75:5a:a2:da:0b:49:07:3a:d9:6c:ba:7a:70:
1f:85:c1:c4:f6:72:33:d9:53:11:a6:53:5e:73:bd:
b3:1d:b0:4c:42:10:c8:ec:2e:47:9d:c5:de:e9:6f:
5e:09:60:1c:70:fb:bf:a6:62:73:c5:c4:db:eb:71:
12:cc:08:6e:00:88:ba:72:42:b3:80:28:aa:b4:f0:
40:ed:75:24:f5:f5:c8:ca:ac:3c:40:d2:9d:83:88:
03:1e:7f:75:69:cc:85:bd:92:01:29:d3:66:c7:32:
50:6b:55:57:1e:cf:a3:62:ac:af:ca:c7:53:24:12:
6d:e5:72:3f:91:11:59:3d:d4:5e:d2:d8:c3:10:ec:
9b:3e:09:97:8d:c9:af:3a:23:45:7c:8a:10:50:b8:
35:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:B6:49:7F:C1:BD:C5:3A:C7:CA:92:10:45:02:F0:76:ED:CD:AC:BB
X509v3 Authority Key Identifier:
keyid:7C:D6:C0:23:6F:F4:D6:05:09:06:95:7F:FD:38:0B:38:79:E6:ED:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fNbAI2_01gUJBpV__TgLOHnm7W4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0ee78b-815c-4995-82e1-c80c288ebeea/1/TLZJf8G9xTrHypIQRQLwdu3NrLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0ee78b-815c-4995-82e1-c80c288ebeea/1/fNbAI2_01gUJBpV__TgLOHnm7W4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.54.159.0/24
Signature Algorithm: sha256WithRSAEncryption
60:62:f8:29:58:51:83:f4:65:01:0a:b0:18:78:89:ad:3b:f8:
e5:05:b2:51:ed:8f:62:46:90:cf:ab:dc:1d:4b:42:33:ce:29:
d1:22:87:08:33:f9:09:42:09:df:6e:38:ba:27:a7:6c:5b:eb:
be:e8:b7:e7:73:05:12:68:ee:03:e3:32:49:b2:57:5e:28:4c:
c2:9b:61:6c:ef:6d:f4:cc:73:3c:44:dd:24:01:f2:f3:bb:35:
58:e4:79:61:1d:0f:84:a9:5e:72:82:8e:79:53:73:bb:a3:17:
44:a2:14:b2:1d:58:15:21:f9:eb:d4:84:12:70:3d:74:29:e1:
1d:4c:80:6a:c3:6b:8a:ff:7e:70:a7:db:88:84:fc:e8:bc:d4:
78:de:2b:fb:62:03:67:da:ca:1c:de:c2:14:71:d4:80:48:b9:
c4:18:03:14:58:81:c9:c1:98:6c:4f:c5:fb:15:e7:ef:eb:ab:
40:b8:03:8e:b7:3b:a3:56:73:15:79:20:97:b9:35:4c:63:75:
ef:08:5c:83:0e:93:ad:3d:51:2c:fd:28:61:8c:cc:64:57:c6:
2b:ef:95:ba:6d:d5:00:bd:80:ef:b8:3f:7c:cf:0c:59:c3:6f:
dc:5a:ee:c1:a7:45:75:dc:1d:cb:f6:a6:64:79:c2:77:a3:31:
31:e0:76:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZFGtF2OLGdWTcQhzv3TSIbAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjZDZjMDIzNmZmNGQ2MDUwOTA2OTU3ZmZkMzgwYjM4Nzll
NmVkNmUwHhcNMjQwODEyMTMwODMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2I2NDk3ZmMxYmRjNTNhYzdjYTkyMTA0NTAyZjA3NmVkY2RhY2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3IgjaCcD1MpC0RzC/FaRK52SQDWD
hVctngRKlq2G9jwp8FTQvlxV6kvueBstJ9YPVLa60SSmroy9TcHQNM3cIMzTYPxb
TVsrlntKxhlnNktbDXB+1GJC9kJDyToFy/Tf9bkHckATLHOxD3VaotoLSQc62Wy6
enAfhcHE9nIz2VMRplNec72zHbBMQhDI7C5HncXe6W9eCWAccPu/pmJzxcTb63ES
zAhuAIi6ckKzgCiqtPBA7XUk9fXIyqw8QNKdg4gDHn91acyFvZIBKdNmxzJQa1VX
Hs+jYqyvysdTJBJt5XI/kRFZPdRe0tjDEOybPgmXjcmvOiNFfIoQULg1HQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEy2SX/BvcU6x8qSEEUC8Hbtzay7MB8GA1UdIwQY
MBaAFHzWwCNv9NYFCQaVf/04Czh55u1uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZk5iQUkyXzAxZ1VKQnBWX19UZ0xPSG5tN1c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8wZWU3OGItODE1Yy00OTk1LTgyZTEt
YzgwYzI4OGViZWVhLzEvVExaSmY4Rzl4VHJIeXBJUVJRTHdkdTNOckxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8wZWU3OGItODE1Yy00OTk1LTgyZTEtYzgwYzI4OGViZWVh
LzEvZk5iQUkyXzAxZ1VKQnBWX19UZ0xPSG5tN1c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjafMA0G
CSqGSIb3DQEBCwUAA4IBAQBgYvgpWFGD9GUBCrAYeImtO/jlBbJR7Y9iRpDPq9wd
S0IzzinRIocIM/kJQgnfbji6J6dsW+u+6LfncwUSaO4D4zJJsldeKEzCm2Fs7230
zHM8RN0kAfLzuzVY5HlhHQ+EqV5ygo55U3O7oxdEohSyHVgVIfnr1IQScD10KeEd
TIBqw2uK/35wp9uIhPzovNR43iv7YgNn2soc3sIUcdSASLnEGAMUWIHJwZhsT8X7
Fefv66tAuAOOtzujVnMVeSCXuTVMY3XvCFyDDpOtPVEs/ShhjMxkV8Yr75W6bdUA
vYDvuD98zwxZw2/cWu7Bp0V13B3L9qZkecJ3ozEx4HbT
-----END CERTIFICATE-----
Generated at Wed Aug 14 12:20:47 2024 by rpki-client on console-ams.rpki-client.org