Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/zAEQeiYg1HBoKoy2Hkn1nyQ56FQ.roa
File: zAEQeiYg1HBoKoy2Hkn1nyQ56FQ.roa (raw, json)
Hash identifier: Z2kNJaPF7q/KHJfI43DKxnwQ3k1HOa+Gh41OHp2F+XA=
Subject key identifier: CC:01:10:7A:26:20:D4:70:68:2A:8C:B6:1E:49:F5:9F:24:39:E8:54
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 018CC64ADEBCE673349E7A08A7EAA523A718
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/zAEQeiYg1HBoKoy2Hkn1nyQ56FQ.roa
Signing time: Mon 01 Jan 2024 18:30:44 +0000
ROA not before: Mon 01 Jan 2024 18:30:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 266820
IP address blocks: 149.154.184.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:de:bc:e6:73:34:9e:7a:08:a7:ea:a5:23:a7:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Jan 1 18:30:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cc01107a2620d470682a8cb61e49f59f2439e854
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ae:97:02:bb:9f:40:2c:5a:8d:20:20:b4:ba:
0b:fd:33:4b:c3:ad:4d:99:97:ce:42:94:5f:df:e4:
be:55:94:16:d9:cb:af:82:32:2c:a0:9b:37:11:38:
b5:fb:19:5d:e9:e1:33:34:4f:65:a3:ac:0f:64:f8:
e9:d0:9d:bc:97:e3:ed:3b:32:db:85:53:ce:1b:42:
57:e0:83:cd:7e:aa:20:0f:0b:10:7b:25:97:d2:75:
d9:c0:5b:64:a9:f0:33:d5:a3:64:25:1c:f6:93:d1:
82:37:f6:aa:5a:9c:94:44:70:86:a2:7e:cb:4a:31:
86:40:dc:ac:a0:13:e1:df:81:b0:76:57:c6:b9:a9:
ed:2c:78:6a:ed:48:4a:10:9d:0d:85:f2:59:f7:c9:
87:9d:1e:68:c8:10:de:34:79:88:4b:bd:5f:e3:0a:
bc:46:65:c3:6e:f3:c0:42:3a:0e:a5:64:83:1d:2c:
29:12:0e:d1:b1:81:e1:24:e2:6d:69:b9:91:b2:b1:
1c:ed:7c:f1:06:37:bd:4d:3c:b3:a1:0a:5e:76:58:
7d:5d:3c:b3:b8:82:c2:d1:7f:fa:04:4e:4c:70:76:
10:5a:d0:9a:3c:48:cb:99:c1:7d:13:18:a7:c1:96:
5a:d1:d0:3b:cd:f5:f8:50:02:bb:49:d0:31:52:99:
33:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:01:10:7A:26:20:D4:70:68:2A:8C:B6:1E:49:F5:9F:24:39:E8:54
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/zAEQeiYg1HBoKoy2Hkn1nyQ56FQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.154.184.0/22
Signature Algorithm: sha256WithRSAEncryption
03:e7:5e:4b:43:e9:24:da:6d:20:2c:7d:bc:19:e0:ec:94:70:
ce:bc:ba:72:09:19:f7:49:c8:3a:cf:48:8a:d6:dd:68:98:72:
82:d1:e9:65:28:2d:50:67:87:8b:4f:14:a5:80:4e:34:f4:f3:
8b:a7:2c:c4:29:67:b2:c8:56:0e:b9:a5:bd:15:65:19:96:8e:
d2:8d:40:77:5a:73:f5:20:b2:cc:d2:d4:fe:c0:49:db:60:87:
c0:5f:ec:41:a7:31:70:82:38:3f:99:5c:60:df:b6:25:9d:08:
a8:08:88:7c:4e:17:16:21:bb:8a:79:92:96:c6:28:30:62:b5:
01:1b:40:00:3d:55:ad:18:aa:e6:e6:0d:74:22:f4:c0:40:b1:
c8:d9:5d:0c:1a:fa:dc:33:5b:4a:11:b3:59:d2:01:12:cf:ef:
68:1e:c4:d6:7a:08:67:ef:61:2d:25:9f:aa:b3:d0:93:71:9f:
3c:35:ab:15:9d:48:a9:d6:a7:4d:b0:50:10:b7:86:9a:3a:75:
2b:bb:1b:50:35:c5:dd:13:98:be:f7:49:da:28:f7:1a:58:4c:
00:57:61:88:3e:36:48:26:bf:a2:df:74:99:22:20:d5:4a:af:
88:de:e9:08:0b:9c:46:5b:e5:a9:77:6d:82:61:52:32:64:fe:
23:c5:03:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSt685nM0nnoIp+qlI6cYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjQwMTAxMTgzMDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzAxMTA3YTI2MjBkNDcwNjgyYThjYjYxZTQ5ZjU5ZjI0MzllODU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmK6XArufQCxajSAgtLoL/TNLw61N
mZfOQpRf3+S+VZQW2cuvgjIsoJs3ETi1+xld6eEzNE9lo6wPZPjp0J28l+PtOzLb
hVPOG0JX4IPNfqogDwsQeyWX0nXZwFtkqfAz1aNkJRz2k9GCN/aqWpyURHCGon7L
SjGGQNysoBPh34GwdlfGuantLHhq7UhKEJ0NhfJZ98mHnR5oyBDeNHmIS71f4wq8
RmXDbvPAQjoOpWSDHSwpEg7RsYHhJOJtabmRsrEc7XzxBje9TTyzoQpedlh9XTyz
uILC0X/6BE5McHYQWtCaPEjLmcF9ExinwZZa0dA7zfX4UAK7SdAxUpkzMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMwBEHomINRwaCqMth5J9Z8kOehUMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvekFFUWVpWWcxSEJvS295MkhrbjFueVE1NkZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQClZq4MA0G
CSqGSIb3DQEBCwUAA4IBAQAD515LQ+kk2m0gLH28GeDslHDOvLpyCRn3Scg6z0iK
1t1omHKC0ellKC1QZ4eLTxSlgE409POLpyzEKWeyyFYOuaW9FWUZlo7SjUB3WnP1
ILLM0tT+wEnbYIfAX+xBpzFwgjg/mVxg37YlnQioCIh8ThcWIbuKeZKWxigwYrUB
G0AAPVWtGKrm5g10IvTAQLHI2V0MGvrcM1tKEbNZ0gESz+9oHsTWeghn72EtJZ+q
s9CTcZ88NasVnUip1qdNsFAQt4aaOnUruxtQNcXdE5i+90naKPcaWEwAV2GIPjZI
Jr+i33SZIiDVSq+I3ukIC5xGW+Wpd22CYVIyZP4jxQM4
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:35:33 2025 by rpki-client