Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/1b1db0-cee4-441b-93e3-126ce081529a/1/vz-CqWE-ni-JuLlarJFSPKyujI0.roa
File: vz-CqWE-ni-JuLlarJFSPKyujI0.roa (raw, json)
Hash identifier: 3WSBoT7dPgXsTMhyQQIZbX7wxnwpnoj7SjXxKWCIPT8=
Subject key identifier: BF:3F:82:A9:61:3E:9E:2F:89:B8:B9:5A:AC:91:52:3C:AC:AE:8C:8D
Certificate issuer: /CN=6531785b623492ed0c99ed79c7db7404ad4cb171
Certificate serial: 0188BF444CD61E49BB90043A3C08AE2DAE22
Authority key identifier: 65:31:78:5B:62:34:92:ED:0C:99:ED:79:C7:DB:74:04:AD:4C:B1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZTF4W2I0ku0Mme15x9t0BK1MsXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/1b1db0-cee4-441b-93e3-126ce081529a/1/vz-CqWE-ni-JuLlarJFSPKyujI0.roa
Signing time: Thu 15 Jun 2023 13:35:04 +0000
ROA not before: Thu 15 Jun 2023 13:35:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8708
IP address blocks: 185.178.228.0/22 maxlen: 22
185.178.228.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:bf:44:4c:d6:1e:49:bb:90:04:3a:3c:08:ae:2d:ae:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6531785b623492ed0c99ed79c7db7404ad4cb171
Validity
Not Before: Jun 15 13:35:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf3f82a9613e9e2f89b8b95aac91523cacae8c8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:66:ca:97:26:1b:b7:64:3a:d0:1c:e9:5b:c4:
19:d3:e1:6f:82:d3:c0:3e:14:ef:28:bb:d1:4d:ac:
29:19:72:c3:28:c6:37:a4:65:a6:e3:30:b9:58:19:
06:bb:d3:4a:07:03:65:7f:92:4d:73:ea:32:ea:d2:
10:ff:3b:80:2c:f1:ba:d1:b6:2d:5c:db:6e:58:5c:
52:16:e7:32:c0:ca:32:d0:fb:b4:99:87:a7:4a:da:
0e:d3:eb:f9:c0:7c:5b:9c:8b:e1:2f:94:59:9d:20:
53:2b:71:7d:cd:38:9e:c8:63:9c:58:50:13:73:1d:
48:45:64:4f:81:92:c2:21:d3:bd:01:af:5c:6f:14:
ec:e9:0a:ea:78:ce:d8:b2:d1:20:1b:d1:1e:bc:2c:
40:b1:d0:47:c7:ed:68:99:48:a3:d4:e2:c8:87:d8:
4b:3f:64:2e:54:2d:c2:29:fe:8b:f2:69:ad:eb:66:
63:7f:9f:74:a9:a3:6c:69:b7:68:20:61:45:87:f7:
74:68:bc:a1:4e:1c:92:7d:1e:4b:1d:cb:ce:66:07:
18:fa:ba:28:51:a3:8d:95:28:26:6d:a8:14:d2:4b:
1a:2a:f8:b9:db:d4:bd:79:ca:18:c9:55:8f:27:5f:
64:96:56:04:78:d4:f7:9a:11:e3:ab:73:6e:c4:37:
e5:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:3F:82:A9:61:3E:9E:2F:89:B8:B9:5A:AC:91:52:3C:AC:AE:8C:8D
X509v3 Authority Key Identifier:
keyid:65:31:78:5B:62:34:92:ED:0C:99:ED:79:C7:DB:74:04:AD:4C:B1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZTF4W2I0ku0Mme15x9t0BK1MsXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/1b1db0-cee4-441b-93e3-126ce081529a/1/vz-CqWE-ni-JuLlarJFSPKyujI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/1b1db0-cee4-441b-93e3-126ce081529a/1/ZTF4W2I0ku0Mme15x9t0BK1MsXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.178.228.0/22
Signature Algorithm: sha256WithRSAEncryption
05:b5:92:ff:06:fc:ea:4e:fe:2f:a7:26:7a:9c:68:f5:f6:bb:
56:b1:4c:eb:c8:5b:ed:de:07:77:39:a2:2d:d4:cb:7c:9b:ca:
38:16:a5:63:92:c7:ea:af:31:b2:1d:5b:a8:54:a5:1c:79:be:
4e:91:5d:1c:3e:c0:78:3e:9b:d1:61:d8:24:3f:1e:0d:5e:32:
8b:42:9a:d1:a9:cd:28:f4:95:e5:67:ff:38:15:91:97:bc:74:
0c:dc:36:06:e4:35:de:69:80:d5:15:dc:73:f0:43:60:10:27:
da:7b:60:d1:11:e7:81:65:c4:47:ad:b3:7b:a9:be:f1:df:8c:
de:f0:c5:56:1c:05:e4:cc:0d:69:0b:f3:9b:d2:e6:2a:fa:0f:
70:10:95:ed:c8:3a:3c:b7:48:33:a6:2c:6f:16:7d:5f:42:79:
ee:c0:da:68:3e:ca:9c:84:dc:18:49:b9:94:a4:c5:7d:f0:63:
b2:2c:31:eb:78:63:b0:99:47:81:7f:ab:31:56:d9:74:68:b9:
20:c3:46:33:fd:78:d9:ad:ac:93:f4:60:21:91:1d:35:76:ea:
7c:fe:58:ad:40:ff:33:66:a8:f5:e7:48:d4:11:dd:01:72:58:
fe:72:fc:57:ca:ed:0d:34:5d:d8:dd:46:d2:c4:7a:7f:3f:f8:
60:a2:71:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYi/REzWHkm7kAQ6PAiuLa4iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MzE3ODViNjIzNDkyZWQwYzk5ZWQ3OWM3ZGI3NDA0YWQ0
Y2IxNzEwHhcNMjMwNjE1MTMzNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjNmODJhOTYxM2U5ZTJmODliOGI5NWFhYzkxNTIzY2FjYWU4YzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgGbKlyYbt2Q60BzpW8QZ0+FvgtPA
PhTvKLvRTawpGXLDKMY3pGWm4zC5WBkGu9NKBwNlf5JNc+oy6tIQ/zuALPG60bYt
XNtuWFxSFucywMoy0Pu0mYenStoO0+v5wHxbnIvhL5RZnSBTK3F9zTieyGOcWFAT
cx1IRWRPgZLCIdO9Aa9cbxTs6QrqeM7YstEgG9EevCxAsdBHx+1omUij1OLIh9hL
P2QuVC3CKf6L8mmt62Zjf590qaNsabdoIGFFh/d0aLyhThySfR5LHcvOZgcY+roo
UaONlSgmbagU0ksaKvi529S9ecoYyVWPJ19kllYEeNT3mhHjq3NuxDflBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL8/gqlhPp4vibi5WqyRUjysroyNMB8GA1UdIwQY
MBaAFGUxeFtiNJLtDJntecfbdAStTLFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlRGNFcySTBrdTBNbWUxNXg5dDBCSzFNc1hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy8xYjFkYjAtY2VlNC00NDFiLTkzZTMt
MTI2Y2UwODE1MjlhLzEvdnotQ3FXRS1uaS1KdUxsYXJKRlNQS3l1akkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy8xYjFkYjAtY2VlNC00NDFiLTkzZTMtMTI2Y2UwODE1Mjlh
LzEvWlRGNFcySTBrdTBNbWUxNXg5dDBCSzFNc1hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCubLkMA0G
CSqGSIb3DQEBCwUAA4IBAQAFtZL/BvzqTv4vpyZ6nGj19rtWsUzryFvt3gd3OaIt
1Mt8m8o4FqVjksfqrzGyHVuoVKUceb5OkV0cPsB4PpvRYdgkPx4NXjKLQprRqc0o
9JXlZ/84FZGXvHQM3DYG5DXeaYDVFdxz8ENgECfae2DREeeBZcRHrbN7qb7x34ze
8MVWHAXkzA1pC/Ob0uYq+g9wEJXtyDo8t0gzpixvFn1fQnnuwNpoPsqchNwYSbmU
pMV98GOyLDHreGOwmUeBf6sxVtl0aLkgw0Yz/XjZrayT9GAhkR01dup8/litQP8z
Zqj150jUEd0Bclj+cvxXyu0NNF3Y3UbSxHp/P/hgonFT
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:35 2023 by rpki-client on console-ams.rpki-client.org