Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/DvfybI1n8psibbJaQ8WGIo_Vuh4.roa
File: DvfybI1n8psibbJaQ8WGIo_Vuh4.roa (raw, json)
Hash identifier: Rf/JZ3xAaBmQJwuxYQzFRTh5ivUyn0NbOB4jeeR8nM4=
Subject key identifier: 0E:F7:F2:6C:8D:67:F2:9B:22:6D:B2:5A:43:C5:86:22:8F:D5:BA:1E
Certificate issuer: /CN=cddbefba8fe3c1f668c8444384fe4a3a9f4d87f1
Certificate serial: 018D13D7EE16CD757775124C3DBF726A2413
Authority key identifier: CD:DB:EF:BA:8F:E3:C1:F6:68:C8:44:43:84:FE:4A:3A:9F:4D:87:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zdvvuo_jwfZoyERDhP5KOp9Nh_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/DvfybI1n8psibbJaQ8WGIo_Vuh4.roa
Signing time: Tue 16 Jan 2024 19:55:34 +0000
ROA not before: Tue 16 Jan 2024 19:55:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 176.56.37.0/24 maxlen: 24
193.17.88.0/24 maxlen: 24
195.96.148.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:13:d7:ee:16:cd:75:77:75:12:4c:3d:bf:72:6a:24:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cddbefba8fe3c1f668c8444384fe4a3a9f4d87f1
Validity
Not Before: Jan 16 19:55:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ef7f26c8d67f29b226db25a43c586228fd5ba1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:b8:24:d4:ad:9e:25:02:59:73:08:0c:ee:48:
f1:32:18:36:4c:f6:f2:14:dd:26:0b:54:dc:76:f1:
d6:11:74:47:c0:7d:f7:e1:1b:8f:63:16:53:06:a4:
23:0a:8d:21:fb:ee:05:eb:dd:ff:91:cd:be:5b:cb:
d8:b7:95:d7:87:d2:0f:d3:a9:da:9c:77:4f:1b:fb:
6b:bf:78:a3:fd:b9:1d:3c:f2:15:ad:9f:eb:a0:d6:
5e:2e:ad:5c:32:11:0e:0e:28:f7:ff:ba:89:ed:9c:
55:21:07:35:d8:1d:57:89:d9:ea:a3:9d:c7:5e:c2:
fa:36:7b:0e:ad:53:02:10:85:4c:fc:ed:c7:db:89:
65:9a:74:34:9d:35:5c:64:f3:86:77:55:c9:bb:70:
ef:25:a8:3b:d8:3f:72:cc:33:98:b2:16:b0:ac:c2:
c9:e0:24:e8:cb:ae:c3:84:6f:11:2e:fb:2d:7e:af:
61:64:ca:c1:8e:8c:94:4f:2d:51:ab:a2:a3:c6:51:
49:80:40:91:f0:39:bc:a7:00:1d:6c:5a:1d:d2:a8:
61:2c:a7:bd:ae:49:f1:4f:fd:ee:a0:7f:a0:8c:01:
be:4e:2a:be:74:12:5f:5c:37:7d:52:19:0a:9a:9e:
c4:e6:3a:44:a7:36:3a:11:be:ea:a3:e5:50:99:5e:
bd:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:F7:F2:6C:8D:67:F2:9B:22:6D:B2:5A:43:C5:86:22:8F:D5:BA:1E
X509v3 Authority Key Identifier:
keyid:CD:DB:EF:BA:8F:E3:C1:F6:68:C8:44:43:84:FE:4A:3A:9F:4D:87:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zdvvuo_jwfZoyERDhP5KOp9Nh_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/DvfybI1n8psibbJaQ8WGIo_Vuh4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/zdvvuo_jwfZoyERDhP5KOp9Nh_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.56.37.0/24
193.17.88.0/24
195.96.148.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:6f:75:d7:ae:7d:a6:11:ce:1f:7b:97:6f:04:4b:ed:e2:ce:
2c:5c:93:50:14:94:a7:19:3b:29:f8:6a:45:b2:b6:50:8b:4f:
e6:ba:50:ee:e3:40:7b:7b:37:1c:d7:45:58:19:26:e4:00:b8:
72:a6:43:0b:8f:13:e8:36:01:bf:bb:25:75:a7:eb:45:59:5f:
0b:fb:05:ff:98:e5:90:08:b3:45:23:a9:57:0e:85:07:c7:17:
02:12:e5:47:06:32:7b:70:fd:54:d7:1e:c9:3d:d6:53:1b:53:
b5:d3:d8:ab:1b:3d:7d:24:bd:b6:68:4c:ec:cb:25:92:02:6c:
20:07:1f:51:8c:44:c1:62:f6:4f:75:9e:44:dd:da:ad:f9:d0:
db:93:88:04:ac:65:59:66:1d:4d:98:02:1c:98:30:9d:60:e1:
e6:70:88:1d:27:67:d0:88:d8:2a:34:92:00:8c:39:1e:e2:11:
90:76:2e:6d:e4:a7:42:98:09:fe:61:4c:b6:0d:8d:3e:29:a8:
b0:73:6d:7a:0e:4a:aa:fd:23:e2:37:c5:be:0f:2b:2b:eb:0f:
2b:1f:77:58:7e:09:25:04:51:41:77:e6:69:2c:77:61:42:a4:
55:19:41:36:a4:a5:cf:80:a9:13:72:f9:f8:b4:64:f3:59:86:
53:6a:ca:3a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY0T1+4WzXV3dRJMPb9yaiQTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZGJlZmJhOGZlM2MxZjY2OGM4NDQ0Mzg0ZmU0YTNhOWY0
ZDg3ZjEwHhcNMjQwMTE2MTk1NTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWY3ZjI2YzhkNjdmMjliMjI2ZGIyNWE0M2M1ODYyMjhmZDViYTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLgk1K2eJQJZcwgM7kjxMhg2TPby
FN0mC1TcdvHWEXRHwH334RuPYxZTBqQjCo0h++4F693/kc2+W8vYt5XXh9IP06na
nHdPG/trv3ij/bkdPPIVrZ/roNZeLq1cMhEODij3/7qJ7ZxVIQc12B1Xidnqo53H
XsL6NnsOrVMCEIVM/O3H24llmnQ0nTVcZPOGd1XJu3DvJag72D9yzDOYshawrMLJ
4CToy67DhG8RLvstfq9hZMrBjoyUTy1Rq6KjxlFJgECR8Dm8pwAdbFod0qhhLKe9
rknxT/3uoH+gjAG+Tiq+dBJfXDd9UhkKmp7E5jpEpzY6Eb7qo+VQmV69eQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFA738myNZ/KbIm2yWkPFhiKP1boeMB8GA1UdIwQY
MBaAFM3b77qP48H2aMhEQ4T+SjqfTYfxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemR2dnVvX2p3ZlpveUVSRGhQNUtPcDlOaF9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC80ZTUyZjEtMTNiMi00NWRmLThhNDMt
MWEzOWU2YTZkZTkzLzEvRHZmeWJJMW44cHNpYmJKYVE4V0dJb19WdWg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC80ZTUyZjEtMTNiMi00NWRmLThhNDMtMWEzOWU2YTZkZTkz
LzEvemR2dnVvX2p3ZlpveUVSRGhQNUtPcDlOaF9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAsDglAwQA
wRFYAwQAw2CUMA0GCSqGSIb3DQEBCwUAA4IBAQAKb3XXrn2mEc4fe5dvBEvt4s4s
XJNQFJSnGTsp+GpFsrZQi0/mulDu40B7ezcc10VYGSbkALhypkMLjxPoNgG/uyV1
p+tFWV8L+wX/mOWQCLNFI6lXDoUHxxcCEuVHBjJ7cP1U1x7JPdZTG1O109irGz19
JL22aEzsyyWSAmwgBx9RjETBYvZPdZ5E3dqt+dDbk4gErGVZZh1NmAIcmDCdYOHm
cIgdJ2fQiNgqNJIAjDke4hGQdi5t5KdCmAn+YUy2DY0+Kaiwc216Dkqq/SPiN8W+
Dysr6w8rH3dYfgklBFFBd+ZpLHdhQqRVGUE2pKXPgKkTcvn4tGTzWYZTaso6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:57 2024 by rpki-client on console-fra.rpki-client.org