Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/EwEvfhW8dmB1bL9iQQ4yFL5ZBKw.roa
File: EwEvfhW8dmB1bL9iQQ4yFL5ZBKw.roa (raw, json)
Hash identifier: sn7TJ4/86q0wvK0bvhbVswtANDP+5DXijeRhW3OTchw=
Subject key identifier: 13:01:2F:7E:15:BC:76:60:75:6C:BF:62:41:0E:32:14:BE:59:04:AC
Certificate issuer: /CN=cddbefba8fe3c1f668c8444384fe4a3a9f4d87f1
Certificate serial: 018EC83FF8F148E89EB9D66750951305044D
Authority key identifier: CD:DB:EF:BA:8F:E3:C1:F6:68:C8:44:43:84:FE:4A:3A:9F:4D:87:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zdvvuo_jwfZoyERDhP5KOp9Nh_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/EwEvfhW8dmB1bL9iQQ4yFL5ZBKw.roa
Signing time: Wed 10 Apr 2024 13:43:39 +0000
ROA not before: Wed 10 Apr 2024 13:43:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 176.56.37.0/24 maxlen: 24
195.96.148.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c8:3f:f8:f1:48:e8:9e:b9:d6:67:50:95:13:05:04:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cddbefba8fe3c1f668c8444384fe4a3a9f4d87f1
Validity
Not Before: Apr 10 13:43:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=13012f7e15bc7660756cbf62410e3214be5904ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:72:b0:1c:92:06:2e:ac:9f:61:43:0a:77:42:
06:70:66:47:8f:60:d8:f1:54:4b:e5:c1:5f:16:0f:
b6:c4:e8:e7:f4:f9:ce:f0:9d:a6:d8:e7:46:9e:15:
39:d5:a0:63:91:b2:dc:d5:a8:cb:4e:fb:c2:d8:26:
91:14:e3:4b:b5:61:49:fe:46:d6:fb:3f:8a:89:85:
40:ec:b7:ff:c2:af:6c:c0:a2:53:23:4b:6f:b6:82:
9f:66:2f:49:d9:22:fc:b0:6c:c1:c4:78:a7:c4:b2:
cd:44:90:1e:34:cd:e2:0a:37:d9:f6:e2:81:77:d7:
93:c1:76:5a:91:9b:20:67:78:bc:b8:39:ec:e3:30:
be:b4:f8:f4:3a:ce:04:e1:a6:41:01:a9:60:a3:aa:
c0:51:ec:93:8e:f0:a1:fc:b8:5e:31:f8:dc:7b:95:
58:e7:bb:2b:54:6e:a2:e1:13:29:06:cf:d0:96:df:
f0:65:a8:5a:61:c4:b1:8e:06:fd:58:45:b3:6d:34:
5b:7c:a4:aa:d7:d0:d7:88:c2:75:cf:fc:fd:94:46:
62:4e:7e:3f:7e:26:f2:62:ac:3b:34:6b:7b:16:ee:
ef:5b:7e:9f:08:79:07:ee:d1:8e:20:de:d4:fe:80:
23:23:cb:eb:6a:f8:91:fa:0b:89:ca:92:6c:7d:12:
ba:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:01:2F:7E:15:BC:76:60:75:6C:BF:62:41:0E:32:14:BE:59:04:AC
X509v3 Authority Key Identifier:
keyid:CD:DB:EF:BA:8F:E3:C1:F6:68:C8:44:43:84:FE:4A:3A:9F:4D:87:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zdvvuo_jwfZoyERDhP5KOp9Nh_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/EwEvfhW8dmB1bL9iQQ4yFL5ZBKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/zdvvuo_jwfZoyERDhP5KOp9Nh_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.56.37.0/24
195.96.148.0/24
Signature Algorithm: sha256WithRSAEncryption
03:52:49:21:01:6a:a2:d3:43:30:ac:2b:f5:91:8b:ab:90:a5:
78:d3:b5:4c:4b:5f:8a:24:58:a7:3c:97:a4:19:06:b6:57:73:
91:6b:3d:23:07:78:86:e4:ea:27:69:27:6b:95:1e:0f:72:bc:
0a:3b:27:52:72:9d:99:c7:62:f7:7f:82:b2:cf:33:f6:75:53:
71:bf:62:e0:b5:91:01:e8:e4:9e:d8:63:e2:18:2a:e1:21:33:
d0:dc:c5:c0:fc:fa:11:1d:15:af:77:04:67:aa:1e:72:6f:f0:
f6:c3:bb:1e:88:86:2a:6d:45:ef:65:e3:55:ee:e5:62:25:0d:
66:2f:db:7a:c7:ca:c5:cd:87:12:f2:6b:80:9e:be:1d:4b:e2:
0a:35:d0:b7:4c:cd:02:9f:89:3a:51:ed:ad:81:14:10:a2:80:
ea:73:a3:35:44:a6:e4:51:9e:61:b4:64:3d:a4:f9:5c:58:e1:
53:e4:db:47:da:57:1c:60:de:e3:9a:3f:c1:59:f9:9b:38:01:
1a:23:0f:be:c3:14:62:e0:86:a9:ff:53:37:43:de:12:dd:73:
15:a5:8a:b8:b1:a1:41:e9:a1:ea:5f:92:6d:99:e6:c2:6e:ac:
31:b3:42:94:19:d9:c3:8e:91:c4:ee:b7:c4:bb:00:3f:dd:18:
0e:09:b3:98
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY7IP/jxSOieudZnUJUTBQRNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZGJlZmJhOGZlM2MxZjY2OGM4NDQ0Mzg0ZmU0YTNhOWY0
ZDg3ZjEwHhcNMjQwNDEwMTM0MzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzAxMmY3ZTE1YmM3NjYwNzU2Y2JmNjI0MTBlMzIxNGJlNTkwNGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXKwHJIGLqyfYUMKd0IGcGZHj2DY
8VRL5cFfFg+2xOjn9PnO8J2m2OdGnhU51aBjkbLc1ajLTvvC2CaRFONLtWFJ/kbW
+z+KiYVA7Lf/wq9swKJTI0tvtoKfZi9J2SL8sGzBxHinxLLNRJAeNM3iCjfZ9uKB
d9eTwXZakZsgZ3i8uDns4zC+tPj0Os4E4aZBAalgo6rAUeyTjvCh/LheMfjce5VY
57srVG6i4RMpBs/Qlt/wZahaYcSxjgb9WEWzbTRbfKSq19DXiMJ1z/z9lEZiTn4/
fibyYqw7NGt7Fu7vW36fCHkH7tGOIN7U/oAjI8vraviR+guJypJsfRK6GQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBMBL34VvHZgdWy/YkEOMhS+WQSsMB8GA1UdIwQY
MBaAFM3b77qP48H2aMhEQ4T+SjqfTYfxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemR2dnVvX2p3ZlpveUVSRGhQNUtPcDlOaF9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC80ZTUyZjEtMTNiMi00NWRmLThhNDMt
MWEzOWU2YTZkZTkzLzEvRXdFdmZoVzhkbUIxYkw5aVFRNHlGTDVaQkt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC80ZTUyZjEtMTNiMi00NWRmLThhNDMtMWEzOWU2YTZkZTkz
LzEvemR2dnVvX2p3ZlpveUVSRGhQNUtPcDlOaF9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsDglAwQA
w2CUMA0GCSqGSIb3DQEBCwUAA4IBAQADUkkhAWqi00MwrCv1kYurkKV407VMS1+K
JFinPJekGQa2V3ORaz0jB3iG5OonaSdrlR4PcrwKOydScp2Zx2L3f4KyzzP2dVNx
v2LgtZEB6OSe2GPiGCrhITPQ3MXA/PoRHRWvdwRnqh5yb/D2w7seiIYqbUXvZeNV
7uViJQ1mL9t6x8rFzYcS8muAnr4dS+IKNdC3TM0Cn4k6Ue2tgRQQooDqc6M1RKbk
UZ5htGQ9pPlcWOFT5NtH2lccYN7jmj/BWfmbOAEaIw++wxRi4Iap/1M3Q94S3XMV
pYq4saFB6aHqX5JtmebCbqwxs0KUGdnDjpHE7rfEuwA/3RgOCbOY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:17 2024 by rpki-client on console-ams.rpki-client.org