Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/776681-b5ee-430f-8693-101abd7391a6/1/zdBt-_5CzSMdFb1iZqllagjj_aQ.roa
File: zdBt-_5CzSMdFb1iZqllagjj_aQ.roa (raw, json)
Hash identifier: rYX3hvmvrdsq8S2JvHoexUIDUyekLMEFOtviNLm8ljE=
Subject key identifier: CD:D0:6D:FB:FE:42:CD:23:1D:15:BD:62:66:A9:65:6A:08:E3:FD:A4
Certificate issuer: /CN=8bb1308c6a977d5cb903bf25a96308b0e8ce3b46
Certificate serial: 01856DE647387F7C61DEA4241EA7D823C7EC
Authority key identifier: 8B:B1:30:8C:6A:97:7D:5C:B9:03:BF:25:A9:63:08:B0:E8:CE:3B:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i7EwjGqXfVy5A78lqWMIsOjOO0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/776681-b5ee-430f-8693-101abd7391a6/1/zdBt-_5CzSMdFb1iZqllagjj_aQ.roa
Signing time: Sun 01 Jan 2023 15:14:46 +0000
ROA not before: Sun 01 Jan 2023 15:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34984
IP address blocks: 194.0.207.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:e6:47:38:7f:7c:61:de:a4:24:1e:a7:d8:23:c7:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bb1308c6a977d5cb903bf25a96308b0e8ce3b46
Validity
Not Before: Jan 1 15:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cdd06dfbfe42cd231d15bd6266a9656a08e3fda4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:cc:2f:1e:c9:fd:09:c4:60:25:4a:b1:12:55:
12:aa:78:67:db:69:aa:db:ef:bd:41:88:5e:e6:93:
0b:29:6a:37:68:70:ca:51:5d:8b:08:7d:c5:55:54:
82:6a:99:11:c4:6e:43:83:10:a7:c6:4d:60:35:2c:
38:a8:4e:ab:88:c4:ad:03:bf:9b:c1:98:61:a2:0b:
17:60:94:21:82:a9:c5:89:14:50:fa:73:da:27:d3:
a4:d9:84:bd:0a:f5:e0:ef:49:5b:47:9c:f8:3b:ec:
4e:24:bc:16:14:48:e0:42:7f:39:75:c0:81:71:62:
b4:2d:8c:71:c1:89:17:18:6e:14:b2:af:8e:1a:00:
05:d1:13:b7:07:d5:9b:78:dd:46:45:9e:c6:e7:23:
bb:b5:71:b0:35:e2:8a:9b:ac:b3:90:01:89:ff:ca:
a5:1b:92:e9:f7:cf:8d:10:3d:7f:64:fb:24:67:d9:
68:37:d8:5b:42:09:48:84:1d:9e:55:33:4a:82:b8:
f0:d8:5d:ba:ae:e6:bc:39:01:d6:58:03:12:fa:f7:
9c:9f:7f:b6:9d:52:c2:a7:ca:7b:46:d7:5e:42:8c:
97:57:07:8c:b6:f9:15:bc:8e:67:67:2a:f9:77:a1:
ea:89:63:60:52:53:79:9a:21:c6:7d:a9:27:19:8d:
b3:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:D0:6D:FB:FE:42:CD:23:1D:15:BD:62:66:A9:65:6A:08:E3:FD:A4
X509v3 Authority Key Identifier:
keyid:8B:B1:30:8C:6A:97:7D:5C:B9:03:BF:25:A9:63:08:B0:E8:CE:3B:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i7EwjGqXfVy5A78lqWMIsOjOO0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/776681-b5ee-430f-8693-101abd7391a6/1/zdBt-_5CzSMdFb1iZqllagjj_aQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/776681-b5ee-430f-8693-101abd7391a6/1/i7EwjGqXfVy5A78lqWMIsOjOO0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.207.0/24
Signature Algorithm: sha256WithRSAEncryption
43:45:d7:d8:e9:d0:97:3c:cd:2e:0b:58:f5:4a:f3:94:b5:c1:
40:73:79:52:9a:ee:b3:74:2e:14:77:e0:8b:35:98:89:23:63:
3b:77:b1:29:aa:58:73:2a:59:a4:40:c6:d6:dd:f4:af:da:6f:
16:ac:08:61:d4:0c:f3:e6:c5:4e:52:1b:0f:91:3b:0b:98:46:
49:e5:41:09:c0:07:a6:ef:e6:46:6d:70:67:33:72:c2:4f:24:
e3:b2:ac:7a:33:f7:7d:2e:9d:3d:c6:2c:c0:4c:5f:4d:ad:37:
28:a6:71:fe:3e:95:8d:56:35:5e:9e:1e:bd:0d:b1:5e:ff:bf:
b1:64:7f:d3:d1:db:44:ce:ea:24:05:12:63:e1:f4:7d:dc:5c:
e4:ba:b7:a5:12:c3:33:13:ed:cc:68:94:0e:9d:47:52:2f:16:
79:64:7f:b0:04:3f:d5:db:cc:38:cc:18:00:ee:94:e6:72:99:
73:a5:bb:5b:97:48:20:64:28:2c:6a:4a:df:af:c4:80:25:74:
db:3f:b7:73:10:ec:75:3c:ba:26:fa:45:02:1e:32:68:5e:bb:
30:51:54:c7:cc:7a:03:d0:69:c3:fd:10:9d:fb:d4:aa:87:11:
2d:7d:82:68:4f:97:e9:74:99:93:ed:21:d0:e3:f4:22:d4:fa:
20:84:44:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt5kc4f3xh3qQkHqfYI8fsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYjEzMDhjNmE5NzdkNWNiOTAzYmYyNWE5NjMwOGIwZThj
ZTNiNDYwHhcNMjMwMTAxMTUxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGQwNmRmYmZlNDJjZDIzMWQxNWJkNjI2NmE5NjU2YTA4ZTNmZGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlswvHsn9CcRgJUqxElUSqnhn22mq
2++9QYhe5pMLKWo3aHDKUV2LCH3FVVSCapkRxG5DgxCnxk1gNSw4qE6riMStA7+b
wZhhogsXYJQhgqnFiRRQ+nPaJ9Ok2YS9CvXg70lbR5z4O+xOJLwWFEjgQn85dcCB
cWK0LYxxwYkXGG4Usq+OGgAF0RO3B9WbeN1GRZ7G5yO7tXGwNeKKm6yzkAGJ/8ql
G5Lp98+NED1/ZPskZ9loN9hbQglIhB2eVTNKgrjw2F26rua8OQHWWAMS+vecn3+2
nVLCp8p7RtdeQoyXVweMtvkVvI5nZyr5d6HqiWNgUlN5miHGfaknGY2zGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM3Qbfv+Qs0jHRW9YmapZWoI4/2kMB8GA1UdIwQY
MBaAFIuxMIxql31cuQO/JaljCLDozjtGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTdFd2pHcVhmVnk1QTc4bHFXTUlzT2pPTzBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy83NzY2ODEtYjVlZS00MzBmLTg2OTMt
MTAxYWJkNzM5MWE2LzEvemRCdC1fNUN6U01kRmIxaVpxbGxhZ2pqX2FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy83NzY2ODEtYjVlZS00MzBmLTg2OTMtMTAxYWJkNzM5MWE2
LzEvaTdFd2pHcVhmVnk1QTc4bHFXTUlzT2pPTzBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgDPMA0G
CSqGSIb3DQEBCwUAA4IBAQBDRdfY6dCXPM0uC1j1SvOUtcFAc3lSmu6zdC4Ud+CL
NZiJI2M7d7EpqlhzKlmkQMbW3fSv2m8WrAhh1Azz5sVOUhsPkTsLmEZJ5UEJwAem
7+ZGbXBnM3LCTyTjsqx6M/d9Lp09xizATF9NrTcopnH+PpWNVjVenh69DbFe/7+x
ZH/T0dtEzuokBRJj4fR93FzkurelEsMzE+3MaJQOnUdSLxZ5ZH+wBD/V28w4zBgA
7pTmcplzpbtbl0ggZCgsakrfr8SAJXTbP7dzEOx1PLom+kUCHjJoXrswUVTHzHoD
0GnD/RCd+9SqhxEtfYJoT5fpdJmT7SHQ4/Qi1PoghERS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:51 2024 by rpki-client on console-fra.rpki-client.org