Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/DIarDk94i8SM0dshia_zrmbkLns.roa
File: DIarDk94i8SM0dshia_zrmbkLns.roa (raw, json)
Hash identifier: z2zAu0xl3FW+PzqrjJeaZHktnxXWwsFXUGFqmlvbs+0=
Subject key identifier: 0C:86:AB:0E:4F:78:8B:C4:8C:D1:DB:21:89:AF:F3:AE:66:E4:2E:7B
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018A1971D7F4F48DF2E08E6C1C39783A9FA5
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/DIarDk94i8SM0dshia_zrmbkLns.roa
Signing time: Mon 21 Aug 2023 18:53:25 +0000
ROA not before: Mon 21 Aug 2023 18:53:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206005
IP address blocks: 185.15.137.0/24 maxlen: 24
89.40.35.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:19:71:d7:f4:f4:8d:f2:e0:8e:6c:1c:39:78:3a:9f:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Aug 21 18:53:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c86ab0e4f788bc48cd1db2189aff3ae66e42e7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:a5:ef:c9:cc:82:11:2c:b3:3d:5f:d5:d6:c2:
cb:c5:a6:23:5f:32:63:aa:17:18:00:1c:c4:4f:11:
ca:fe:7f:0b:a9:38:74:80:3c:cc:2b:0d:e0:3a:ef:
5a:46:eb:97:e0:39:1f:a3:16:6c:cc:1f:da:6e:86:
66:2d:f3:1f:93:4b:89:28:ae:56:34:6b:e2:f7:af:
14:49:15:4d:07:6f:cc:5f:61:4f:21:bb:d1:78:09:
b8:7e:49:d0:c1:82:d7:bd:a7:cc:b8:67:ae:7d:5e:
1a:3b:5a:20:71:40:fd:0d:db:e0:5f:bd:f9:92:43:
58:9e:11:3f:78:5f:8e:e9:53:34:1d:51:35:74:b7:
2c:d5:4c:ff:39:6a:9e:9f:59:04:b7:aa:c7:5e:e9:
f9:5e:1f:54:f5:80:c6:b5:21:65:16:50:93:f6:45:
00:0b:da:d1:eb:bf:ce:a6:3a:4c:34:fe:ac:69:31:
be:cc:a7:4c:b2:0c:1b:b2:c9:a8:b6:d3:36:3d:43:
c6:73:ad:fe:d7:17:43:59:5a:ba:dc:f8:de:a1:27:
fa:cd:dd:10:70:bd:7b:69:b1:81:ce:8d:82:48:e9:
c9:aa:c6:47:d3:85:2e:65:a8:6f:9c:c2:13:93:64:
6b:e7:5c:23:7e:a9:09:23:80:ae:79:43:c7:99:8e:
77:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:86:AB:0E:4F:78:8B:C4:8C:D1:DB:21:89:AF:F3:AE:66:E4:2E:7B
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/DIarDk94i8SM0dshia_zrmbkLns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.35.0/24
185.15.137.0/24
Signature Algorithm: sha256WithRSAEncryption
15:d0:10:77:90:03:ad:fc:ce:e5:0e:7d:53:5b:8e:24:ad:ad:
5f:ad:61:78:3f:11:42:e8:99:c2:d5:48:4f:7a:1c:48:f5:4f:
6f:7e:e0:2d:95:94:51:7d:b7:ab:8d:12:84:d0:5e:02:f4:4d:
7e:dc:22:64:24:c8:d2:e4:56:68:a3:08:bc:dc:da:3a:16:26:
25:b1:52:9e:4e:21:91:91:9f:5f:0e:86:d0:fd:06:4d:31:bb:
4b:3b:c5:3d:76:25:48:b0:20:45:4f:30:3b:d2:cc:c1:22:62:
5d:98:e2:cb:de:35:71:fe:e1:55:35:aa:9b:df:73:1f:03:67:
a9:a3:56:16:25:0a:38:15:8d:28:73:bb:dd:98:de:54:c2:d7:
62:1d:72:fd:aa:46:75:bd:81:7d:ce:1a:76:01:e8:b2:5a:d7:
7c:0d:24:02:c1:97:94:ba:56:e2:85:55:13:f1:62:a2:2b:f3:
cf:a1:04:62:0a:5c:ca:f6:c0:05:30:48:1f:02:43:9b:0a:0a:
86:81:ca:bc:72:40:10:eb:30:e7:34:3a:0a:11:c5:9f:bb:84:
76:20:83:70:f7:61:fa:db:bb:c4:6e:9f:e3:2c:29:e5:d2:57:
c5:82:d8:28:30:e5:14:a9:2f:b1:3f:6e:3c:fb:48:e5:09:8d:
8a:44:e4:03
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYoZcdf09I3y4I5sHDl4Op+lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwODIxMTg1MzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzg2YWIwZTRmNzg4YmM0OGNkMWRiMjE4OWFmZjNhZTY2ZTQyZTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqXvycyCESyzPV/V1sLLxaYjXzJj
qhcYABzETxHK/n8LqTh0gDzMKw3gOu9aRuuX4DkfoxZszB/aboZmLfMfk0uJKK5W
NGvi968USRVNB2/MX2FPIbvReAm4fknQwYLXvafMuGeufV4aO1ogcUD9DdvgX735
kkNYnhE/eF+O6VM0HVE1dLcs1Uz/OWqen1kEt6rHXun5Xh9U9YDGtSFlFlCT9kUA
C9rR67/OpjpMNP6saTG+zKdMsgwbssmottM2PUPGc63+1xdDWVq63PjeoSf6zd0Q
cL17abGBzo2CSOnJqsZH04UuZahvnMITk2Rr51wjfqkJI4CueUPHmY53UwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAyGqw5PeIvEjNHbIYmv865m5C57MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvRElhckRrOTRpOFNNMGRzaGlhX3pybWJrTG5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSgjAwQA
uQ+JMA0GCSqGSIb3DQEBCwUAA4IBAQAV0BB3kAOt/M7lDn1TW44kra1frWF4PxFC
6JnC1UhPehxI9U9vfuAtlZRRfberjRKE0F4C9E1+3CJkJMjS5FZoowi83No6FiYl
sVKeTiGRkZ9fDobQ/QZNMbtLO8U9diVIsCBFTzA70szBImJdmOLL3jVx/uFVNaqb
33MfA2epo1YWJQo4FY0oc7vdmN5UwtdiHXL9qkZ1vYF9zhp2AeiyWtd8DSQCwZeU
ulbihVUT8WKiK/PPoQRiClzK9sAFMEgfAkObCgqGgcq8ckAQ6zDnNDoKEcWfu4R2
IINw92H627vEbp/jLCnl0lfFgtgoMOUUqS+xP248+0jlCY2KROQD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:41 2024 by rpki-client on console-fra.rpki-client.org