Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/ZZvxeSB_kSGt9wEy15nZeDpWpas.roa
File: ZZvxeSB_kSGt9wEy15nZeDpWpas.roa (raw, json)
Hash identifier: 1EO8Rds1abqy8BNYtUs4TofOeParWlSX/HpIqOBPhiE=
Subject key identifier: 65:9B:F1:79:20:7F:91:21:AD:F7:01:32:D7:99:D9:78:3A:56:A5:AB
Certificate issuer: /CN=6cb0dec13df205a66ec5227925b8f56bdb09f499
Certificate serial: 0186E02F40938A32C37943610D4B19B40472
Authority key identifier: 6C:B0:DE:C1:3D:F2:05:A6:6E:C5:22:79:25:B8:F5:6B:DB:09:F4:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bLDewT3yBaZuxSJ5Jbj1a9sJ9Jk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/ZZvxeSB_kSGt9wEy15nZeDpWpas.roa
Signing time: Tue 14 Mar 2023 12:53:58 +0000
ROA not before: Tue 14 Mar 2023 12:53:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49571
IP address blocks: 188.72.11.0/24 maxlen: 24
188.72.15.0/24 maxlen: 24
188.72.16.0/24 maxlen: 24
188.72.12.0/24 maxlen: 24
188.72.17.0/24 maxlen: 24
188.72.21.0/24 maxlen: 24
188.72.22.0/24 maxlen: 24
188.72.23.0/24 maxlen: 24
188.72.18.0/24 maxlen: 24
188.72.20.0/24 maxlen: 24
188.72.31.0/24 maxlen: 24
188.72.29.0/24 maxlen: 24
188.72.30.0/24 maxlen: 24
185.72.254.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e0:2f:40:93:8a:32:c3:79:43:61:0d:4b:19:b4:04:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cb0dec13df205a66ec5227925b8f56bdb09f499
Validity
Not Before: Mar 14 12:53:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=659bf179207f9121adf70132d799d9783a56a5ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:15:44:b1:13:00:5b:5a:7d:6a:12:c4:b2:96:
85:d9:23:d0:ac:bd:7f:ad:3d:17:fa:36:02:e2:15:
0e:a3:76:55:25:44:00:f4:8c:bc:0f:4b:fe:1a:0e:
63:46:9e:a2:db:04:9c:e7:09:6e:41:f5:8f:70:b3:
20:7b:3e:61:1a:78:44:da:b7:43:00:55:09:d5:e4:
f2:a7:ad:de:32:ea:28:fd:bb:06:34:98:4c:c7:fe:
2e:ea:f4:ac:c6:b2:67:3c:48:f1:ba:fc:31:15:c1:
57:6a:62:cb:25:7a:3e:37:73:53:cf:0d:7c:c3:af:
b6:33:3d:f6:fe:0d:ee:f6:11:a6:3e:28:4e:4a:41:
9b:a8:a1:42:4e:58:7d:22:f2:9a:ab:62:55:84:5e:
3c:01:9e:55:29:35:e5:68:72:8e:95:88:fc:a6:76:
a8:d5:36:f0:d6:4d:57:c5:ae:79:f8:a2:7d:ef:8a:
d3:57:dd:db:2a:9b:b9:82:f6:5c:60:5a:dc:fb:ad:
aa:80:05:69:c9:a7:2f:1d:2f:f4:d1:d6:65:41:61:
e5:52:9c:bc:85:c6:ff:93:a1:bd:e7:bb:30:32:6c:
7c:dd:d5:24:89:08:cf:29:1d:1c:be:18:74:7b:cd:
8b:7d:6b:4b:34:cf:6a:b0:73:bc:f1:ae:36:99:86:
ad:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:9B:F1:79:20:7F:91:21:AD:F7:01:32:D7:99:D9:78:3A:56:A5:AB
X509v3 Authority Key Identifier:
keyid:6C:B0:DE:C1:3D:F2:05:A6:6E:C5:22:79:25:B8:F5:6B:DB:09:F4:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bLDewT3yBaZuxSJ5Jbj1a9sJ9Jk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/ZZvxeSB_kSGt9wEy15nZeDpWpas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/bLDewT3yBaZuxSJ5Jbj1a9sJ9Jk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.254.0/24
188.72.11.0-188.72.12.255
188.72.15.0-188.72.18.255
188.72.20.0/22
188.72.29.0-188.72.31.255
Signature Algorithm: sha256WithRSAEncryption
81:45:11:b1:8c:61:2a:07:e7:f4:bf:fb:57:0a:32:3b:2e:5f:
bf:7f:1e:df:5c:e5:f2:40:bd:d5:b8:91:9f:05:8e:f7:26:f6:
fc:f7:af:0e:cf:b7:ee:be:7f:e8:c0:78:17:3b:51:0b:dd:d6:
5d:11:32:2b:3d:18:27:2b:4b:f0:9a:7d:bb:6d:06:64:8b:ae:
8b:79:99:0e:3e:d8:cc:76:3e:c6:f4:1b:3a:6e:5e:80:f0:0c:
f5:39:62:52:37:ab:84:c4:b0:a9:e3:4c:4f:ca:b7:ab:de:09:
bb:24:e9:78:36:40:8a:4b:f4:6a:d6:42:8f:d3:c0:ca:3b:5a:
49:ce:24:36:a7:a5:fd:dc:ab:62:83:52:d7:99:df:b5:b8:3b:
bc:c9:2b:98:2b:35:c4:99:07:51:d8:91:49:68:78:63:fe:eb:
40:62:03:b4:03:d5:e9:3b:f5:86:0e:b1:1a:25:05:77:bd:ed:
96:62:1f:4c:5a:af:87:c3:45:1c:c9:43:ee:97:d7:e9:ad:f5:
00:12:6b:16:bf:dc:12:d3:e2:67:9e:8b:78:d8:24:f1:ca:86:
5e:ca:9a:d1:1b:48:a3:fc:ca:90:0b:2d:3f:7e:4d:26:d9:c0:
f4:ee:b4:bb:10:1d:5c:19:ff:15:3d:b1:f1:59:80:4a:08:f9:
7b:4d:2a:1d
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYbgL0CTijLDeUNhDUsZtARyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYjBkZWMxM2RmMjA1YTY2ZWM1MjI3OTI1YjhmNTZiZGIw
OWY0OTkwHhcNMjMwMzE0MTI1MzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTliZjE3OTIwN2Y5MTIxYWRmNzAxMzJkNzk5ZDk3ODNhNTZhNWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2BVEsRMAW1p9ahLEspaF2SPQrL1/
rT0X+jYC4hUOo3ZVJUQA9Iy8D0v+Gg5jRp6i2wSc5wluQfWPcLMgez5hGnhE2rdD
AFUJ1eTyp63eMuoo/bsGNJhMx/4u6vSsxrJnPEjxuvwxFcFXamLLJXo+N3NTzw18
w6+2Mz32/g3u9hGmPihOSkGbqKFCTlh9IvKaq2JVhF48AZ5VKTXlaHKOlYj8pnao
1Tbw1k1Xxa55+KJ974rTV93bKpu5gvZcYFrc+62qgAVpyacvHS/00dZlQWHlUpy8
hcb/k6G957swMmx83dUkiQjPKR0cvhh0e82LfWtLNM9qsHO88a42mYatDwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFGWb8Xkgf5EhrfcBMteZ2Xg6VqWrMB8GA1UdIwQY
MBaAFGyw3sE98gWmbsUieSW49WvbCfSZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkxEZXdUM3lCYVp1eFNKNUpiajFhOXNKOUprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9jYTQ2ZmMtMzg0Ny00ZjFkLTljZTQt
NTJiOWU2YTE2MzUwLzEvWlp2eGVTQl9rU0d0OXdFeTE1blplRHBXcGFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9jYTQ2ZmMtMzg0Ny00ZjFkLTljZTQtNTJiOWU2YTE2MzUw
LzEvYkxEZXdUM3lCYVp1eFNKNUpiajFhOXNKOUprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAuUj+MAwD
BAC8SAsDBAC8SAwwDAMEALxIDwMEALxIEgMEArxIFDAMAwQAvEgdAwQFvEgAMA0G
CSqGSIb3DQEBCwUAA4IBAQCBRRGxjGEqB+f0v/tXCjI7Ll+/fx7fXOXyQL3VuJGf
BY73Jvb8968Oz7fuvn/owHgXO1EL3dZdETIrPRgnK0vwmn27bQZki66LeZkOPtjM
dj7G9Bs6bl6A8Az1OWJSN6uExLCp40xPyrer3gm7JOl4NkCKS/Rq1kKP08DKO1pJ
ziQ2p6X93Ktig1LXmd+1uDu8ySuYKzXEmQdR2JFJaHhj/utAYgO0A9XpO/WGDrEa
JQV3ve2WYh9MWq+Hw0UcyUPul9fprfUAEmsWv9wS0+Jnnot42CTxyoZeyprRG0ij
/MqQCy0/fk0m2cD07rS7EB1cGf8VPbHxWYBKCPl7TSod
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:45 2023 by rpki-client on console-fra.rpki-client.org