Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/zwYh8DT4eC3-Mbmulj5JpG0Fyac.roa
File: zwYh8DT4eC3-Mbmulj5JpG0Fyac.roa (raw, json)
Hash identifier: U7rcNVpihzDGRtUBwFWS41IewUuESoUdcTL+rJZNpxA=
Subject key identifier: CF:06:21:F0:34:F8:78:2D:FE:31:B9:AE:96:3E:49:A4:6D:05:C9:A7
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 0190A19E44AC8F97D51A17F41A3D536DDB0B
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/zwYh8DT4eC3-Mbmulj5JpG0Fyac.roa
Signing time: Thu 11 Jul 2024 11:47:02 +0000
ROA not before: Thu 11 Jul 2024 11:47:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49006
IP address blocks: 85.159.117.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a1:9e:44:ac:8f:97:d5:1a:17:f4:1a:3d:53:6d:db:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jul 11 11:47:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf0621f034f8782dfe31b9ae963e49a46d05c9a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:51:e0:d2:0e:8f:ae:59:0f:5a:e8:2d:4d:d4:
cc:b5:a7:92:3a:e7:7e:5d:3c:29:84:e2:c9:20:d5:
51:44:5c:d9:c0:5a:df:72:74:75:43:2f:12:c9:1b:
fd:95:e4:3b:c3:72:c7:c4:21:fd:a1:1a:75:da:1c:
88:7c:3f:48:ea:08:76:15:5d:28:81:52:92:a0:9e:
7e:ff:3a:e9:f0:25:80:37:5e:4d:e6:8a:5c:27:e1:
34:f3:96:8e:2c:e3:e8:1e:b4:cc:eb:43:49:ac:44:
ca:e3:d9:33:a5:68:ed:e4:d7:cb:6f:59:51:28:f6:
b6:67:6a:18:9f:49:e1:a2:84:cb:88:c4:72:5b:33:
c2:7e:bc:9b:79:2c:dd:a5:ff:b4:99:39:49:06:15:
73:16:b5:fa:42:04:0d:c1:53:9b:eb:61:6c:2c:c6:
12:10:d2:af:c3:9f:95:5e:d3:b8:5b:86:4c:99:76:
21:3a:54:66:68:14:38:cf:7e:8e:cf:91:6c:64:c0:
87:25:15:60:5b:65:bb:e3:a1:b1:fc:cc:3e:4d:05:
31:93:53:a3:57:db:06:a6:72:ed:f8:e9:38:c2:54:
1d:14:dc:15:33:f9:c5:25:c7:10:a7:60:9f:75:37:
c8:23:15:b9:f1:fb:b4:ce:00:ae:36:96:dd:6d:87:
92:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:06:21:F0:34:F8:78:2D:FE:31:B9:AE:96:3E:49:A4:6D:05:C9:A7
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/zwYh8DT4eC3-Mbmulj5JpG0Fyac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.159.117.0/24
Signature Algorithm: sha256WithRSAEncryption
26:e9:a9:c7:2a:61:b7:06:4c:f4:8a:1c:5f:d0:35:62:63:77:
35:6f:a6:1e:cd:62:8b:bb:19:f1:0d:b0:0b:eb:cb:e9:35:44:
99:7b:e9:7c:b7:d6:b7:a7:96:31:b2:2e:b5:61:a4:39:a6:39:
6c:78:51:15:76:14:8c:07:ad:93:60:8a:08:0e:49:d1:46:d8:
32:72:b4:bc:60:ad:48:96:bb:93:30:c0:b3:5f:ab:9f:fb:f1:
bf:1a:c7:2b:2a:3e:ea:3a:cd:94:1e:aa:6b:97:c8:10:8e:63:
56:48:3a:94:9d:48:19:da:39:e7:9b:1e:e0:7d:be:ce:da:a6:
be:e0:a3:f4:bc:cb:50:c8:79:74:ab:78:ac:57:b3:34:7b:29:
b0:26:48:d5:de:7f:4f:d6:6b:a2:0e:2b:7c:83:f9:0c:50:2d:
85:52:18:4f:6c:19:c9:eb:f2:14:48:19:c8:5f:dc:75:44:a4:
18:3d:07:5e:a2:81:d4:db:f0:4e:f0:59:7f:20:66:36:dd:6a:
bc:8c:de:68:c7:3c:81:53:38:f6:ed:7c:41:7a:1c:f4:f2:ef:
87:bc:26:0c:f3:4e:09:76:ca:14:28:12:18:c3:b5:17:c7:a7:
3b:d6:e8:23:16:ed:94:f3:56:6c:99:e5:8c:a9:fa:8d:59:ad:
12:1c:c2:c3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZChnkSsj5fVGhf0Gj1TbdsLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwNzExMTE0NzAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjA2MjFmMDM0Zjg3ODJkZmUzMWI5YWU5NjNlNDlhNDZkMDVjOWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8FHg0g6PrlkPWugtTdTMtaeSOud+
XTwphOLJINVRRFzZwFrfcnR1Qy8SyRv9leQ7w3LHxCH9oRp12hyIfD9I6gh2FV0o
gVKSoJ5+/zrp8CWAN15N5opcJ+E085aOLOPoHrTM60NJrETK49kzpWjt5NfLb1lR
KPa2Z2oYn0nhooTLiMRyWzPCfrybeSzdpf+0mTlJBhVzFrX6QgQNwVOb62FsLMYS
ENKvw5+VXtO4W4ZMmXYhOlRmaBQ4z36Oz5FsZMCHJRVgW2W746Gx/Mw+TQUxk1Oj
V9sGpnLt+Ok4wlQdFNwVM/nFJccQp2CfdTfIIxW58fu0zgCuNpbdbYeS/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM8GIfA0+Hgt/jG5rpY+SaRtBcmnMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvendZaDhEVDRlQzMtTWJtdWxqNUpwRzBGeWFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVZ91MA0G
CSqGSIb3DQEBCwUAA4IBAQAm6anHKmG3Bkz0ihxf0DViY3c1b6YezWKLuxnxDbAL
68vpNUSZe+l8t9a3p5Yxsi61YaQ5pjlseFEVdhSMB62TYIoIDknRRtgycrS8YK1I
lruTMMCzX6uf+/G/GscrKj7qOs2UHqprl8gQjmNWSDqUnUgZ2jnnmx7gfb7O2qa+
4KP0vMtQyHl0q3isV7M0eymwJkjV3n9P1muiDit8g/kMUC2FUhhPbBnJ6/IUSBnI
X9x1RKQYPQdeooHU2/BO8Fl/IGY23Wq8jN5oxzyBUzj27XxBehz08u+HvCYM804J
dsoUKBIYw7UXx6c71ugjFu2U81ZsmeWMqfqNWa0SHMLD
-----END CERTIFICATE-----
Generated at Tue Nov 19 17:32:29 2024 by rpki-client on console-fra.rpki-client.org