Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/776681-b5ee-430f-8693-101abd7391a6/1/4ZvT80mbAh7fLnCYU0EwUAXgo2g.roa
File: 4ZvT80mbAh7fLnCYU0EwUAXgo2g.roa (raw, json)
Hash identifier: 7GlDrCCgssoLmk6D9uLTYf75ZjQMKtUM9VYxa1i8MOE=
Subject key identifier: E1:9B:D3:F3:49:9B:02:1E:DF:2E:70:98:53:41:30:50:05:E0:A3:68
Certificate issuer: /CN=8bb1308c6a977d5cb903bf25a96308b0e8ce3b46
Certificate serial: 06ED6F2D
Authority key identifier: 8B:B1:30:8C:6A:97:7D:5C:B9:03:BF:25:A9:63:08:B0:E8:CE:3B:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i7EwjGqXfVy5A78lqWMIsOjOO0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/776681-b5ee-430f-8693-101abd7391a6/1/4ZvT80mbAh7fLnCYU0EwUAXgo2g.roa
Signing time: Sat 01 Jan 2022 12:02:04 +0000
ROA not before: Sat 01 Jan 2022 12:02:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34984
IP address blocks: 194.0.207.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116223789 (0x6ed6f2d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bb1308c6a977d5cb903bf25a96308b0e8ce3b46
Validity
Not Before: Jan 1 12:02:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e19bd3f3499b021edf2e70985341305005e0a368
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:bf:d9:43:8c:36:8c:37:74:dd:94:63:e8:7b:
35:88:aa:a0:8e:70:43:0c:7b:2b:da:58:42:6d:c1:
08:c0:30:fc:b7:ac:f5:e2:d8:09:3a:c5:60:1d:0f:
67:62:76:d7:11:0e:af:91:48:75:7e:80:de:88:16:
ca:ca:65:d9:12:b7:33:25:1f:cc:2d:d3:16:06:3e:
e9:20:0d:19:f8:8f:e7:43:ba:28:8f:18:ba:34:a2:
a4:e4:60:f7:83:1a:d5:53:35:b2:b5:65:a2:68:e5:
02:b6:81:3f:60:80:ba:69:7d:08:28:b7:b2:47:c5:
e8:a1:9b:36:7a:f9:72:d6:25:9b:35:5b:02:23:8a:
9c:e9:ba:32:86:00:eb:3d:cb:85:bb:8a:f5:27:1a:
e0:19:29:66:a8:97:07:44:06:ec:32:8c:f6:49:81:
b8:09:98:4b:57:f8:99:9c:6b:c3:32:00:f0:d3:7d:
a3:1c:75:09:b6:0d:37:4c:d5:a9:c6:52:ca:7f:6c:
81:e4:2d:b5:68:32:76:5e:fd:d0:0a:39:92:e1:be:
21:a8:75:6e:97:84:0b:39:59:5f:03:f8:5d:0a:12:
06:3e:e9:55:aa:ec:17:3e:a4:fb:39:f5:9e:3a:43:
3b:db:f8:ff:98:dc:6b:de:9d:ae:33:00:1c:24:46:
b3:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:9B:D3:F3:49:9B:02:1E:DF:2E:70:98:53:41:30:50:05:E0:A3:68
X509v3 Authority Key Identifier:
keyid:8B:B1:30:8C:6A:97:7D:5C:B9:03:BF:25:A9:63:08:B0:E8:CE:3B:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i7EwjGqXfVy5A78lqWMIsOjOO0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/776681-b5ee-430f-8693-101abd7391a6/1/4ZvT80mbAh7fLnCYU0EwUAXgo2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/776681-b5ee-430f-8693-101abd7391a6/1/i7EwjGqXfVy5A78lqWMIsOjOO0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.207.0/24
Signature Algorithm: sha256WithRSAEncryption
78:0c:14:7b:06:d9:a1:46:6c:7d:db:9e:d0:a3:85:60:a5:b6:
39:79:2a:75:4a:98:86:77:ea:39:d3:95:4e:72:b7:5e:60:a9:
21:21:b3:1a:51:66:ab:38:5c:98:88:32:75:47:f6:33:ec:9c:
1a:cd:2f:2f:2e:2b:43:e1:1f:f3:57:90:50:9c:11:d9:ee:a1:
21:06:0b:48:8a:03:a4:45:ac:e8:7f:96:49:be:a4:56:9d:7d:
6c:64:82:ee:ec:5c:8c:25:6c:80:b7:26:08:cb:5a:38:1d:2a:
ee:80:86:da:ba:85:b3:50:59:2f:37:4c:29:8e:ee:f0:bc:23:
e3:ba:92:02:7b:75:f1:57:1a:44:28:f2:8a:bc:2b:f5:a1:84:
20:f2:4f:1e:54:42:ee:34:11:fd:05:22:c6:6e:ba:0d:6f:8f:
92:4c:37:b2:ec:23:41:f6:12:ce:60:3d:fa:a4:55:d1:7c:5d:
ee:21:24:a3:6e:43:64:26:2d:91:ac:a1:b3:97:e2:39:cd:54:
ff:d4:7f:f9:6e:6b:e7:90:98:89:e4:3f:6b:47:cd:53:27:71:
8d:e6:f1:7a:96:48:b0:e7:f2:82:4d:02:83:1c:9a:f5:d0:7d:
eb:77:6b:eb:c0:99:dd:f2:66:a8:d1:bd:c1:97:49:2b:22:eb:
3b:06:a3:f1
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBu1vLTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmIxMzA4YzZhOTc3ZDVjYjkwM2JmMjVhOTYzMDhiMGU4Y2UzYjQ2MB4XDTIyMDEw
MTEyMDIwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTE5YmQzZjM0OTli
MDIxZWRmMmU3MDk4NTM0MTMwNTAwNWUwYTM2ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMW/2UOMNow3dN2UY+h7NYiqoI5wQwx7K9pYQm3BCMAw/Les
9eLYCTrFYB0PZ2J21xEOr5FIdX6A3ogWyspl2RK3MyUfzC3TFgY+6SANGfiP50O6
KI8YujSipORg94Ma1VM1srVlomjlAraBP2CAuml9CCi3skfF6KGbNnr5ctYlmzVb
AiOKnOm6MoYA6z3LhbuK9Sca4BkpZqiXB0QG7DKM9kmBuAmYS1f4mZxrwzIA8NN9
oxx1CbYNN0zVqcZSyn9sgeQttWgydl790Ao5kuG+Iah1bpeECzlZXwP4XQoSBj7p
VarsFz6k+zn1njpDO9v4/5jca96drjMAHCRGs9cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBThm9PzSZsCHt8ucJhTQTBQBeCjaDAfBgNVHSMEGDAWgBSLsTCMapd9XLkD
vyWpYwiw6M47RjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k3RXdqR3FYZlZ5NUE3OGxxV01Jc09qT08wWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzMvNzc2NjgxLWI1ZWUtNDMwZi04NjkzLTEwMWFiZDczOTFhNi8x
LzRadlQ4MG1iQWg3ZkxuQ1lVMEV3VUFYZ28yZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzMv
Nzc2NjgxLWI1ZWUtNDMwZi04NjkzLTEwMWFiZDczOTFhNi8xL2k3RXdqR3FYZlZ5
NUE3OGxxV01Jc09qT08wWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIAzzANBgkqhkiG9w0BAQsFAAOC
AQEAeAwUewbZoUZsfdue0KOFYKW2OXkqdUqYhnfqOdOVTnK3XmCpISGzGlFmqzhc
mIgydUf2M+ycGs0vLy4rQ+Ef81eQUJwR2e6hIQYLSIoDpEWs6H+WSb6kVp19bGSC
7uxcjCVsgLcmCMtaOB0q7oCG2rqFs1BZLzdMKY7u8Lwj47qSAnt18VcaRCjyirwr
9aGEIPJPHlRC7jQR/QUixm66DW+Pkkw3suwjQfYSzmA9+qRV0Xxd7iEko25DZCYt
kayhs5fiOc1U/9R/+W5r55CYieQ/a0fNUydxjebxepZIsOfygk0Cgxya9dB963dr
68CZ3fJmqNG9wZdJKyLrOwaj8Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:51 2024 by rpki-client on console-fra.rpki-client.org