Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/_ZBeE9RcJgnC5tOGkXdi2m_zW7Q.roa
File: _ZBeE9RcJgnC5tOGkXdi2m_zW7Q.roa (raw, json)
Hash identifier: GJzm3h3a+9o7rArHlBbNPJdYWmdEmM+bqIGO5j9ELmU=
Subject key identifier: FD:90:5E:13:D4:5C:26:09:C2:E6:D3:86:91:77:62:DA:6F:F3:5B:B4
Certificate issuer: /CN=5f51bcd89eb7f5b3ab08806ef51a7c2f6eb98efc
Certificate serial: 01856DD3F68F4D823DC8E7F92DB74B303C77
Authority key identifier: 5F:51:BC:D8:9E:B7:F5:B3:AB:08:80:6E:F5:1A:7C:2F:6E:B9:8E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X1G82J639bOrCIBu9Rp8L265jvw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/_ZBeE9RcJgnC5tOGkXdi2m_zW7Q.roa
Signing time: Sun 01 Jan 2023 14:54:45 +0000
ROA not before: Sun 01 Jan 2023 14:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50259
IP address blocks: 109.95.60.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:d3:f6:8f:4d:82:3d:c8:e7:f9:2d:b7:4b:30:3c:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f51bcd89eb7f5b3ab08806ef51a7c2f6eb98efc
Validity
Not Before: Jan 1 14:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd905e13d45c2609c2e6d386917762da6ff35bb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:dc:da:7b:69:ff:48:ea:c0:5e:a7:62:0c:b9:
20:f8:5b:9d:d0:12:ca:c1:81:86:d4:3d:c3:00:94:
38:01:a1:12:59:f8:8b:d7:a6:0e:9c:a7:25:28:ed:
2e:fe:64:c4:73:25:f5:ae:3c:7c:80:c1:5f:1f:ee:
77:cd:d5:44:d3:bc:96:79:e2:73:12:e3:7a:d2:eb:
53:28:d8:bc:61:6b:2b:5c:90:9b:59:39:62:7f:d9:
c7:94:8c:bc:0a:fc:93:8f:aa:1b:55:1f:4c:2c:24:
35:18:84:f2:99:04:8b:d6:31:2a:47:c3:6c:7d:78:
99:49:5b:3a:e2:21:df:5b:3d:12:44:f0:34:1d:99:
d0:6a:76:66:6e:f2:00:9d:2b:c5:f8:30:e2:2c:40:
09:b4:8c:f8:53:61:b2:ec:76:89:0a:83:51:7f:52:
da:30:e3:00:d3:74:aa:0e:a0:40:3f:66:11:51:82:
fc:c9:bc:1b:a5:1f:b5:cf:d6:eb:d6:86:45:c5:e1:
d5:de:a0:1e:f0:a7:20:15:f1:6e:67:31:61:46:19:
13:c0:21:8a:8a:5e:31:96:b3:23:fa:e3:7c:1b:68:
a5:a5:ed:18:ea:7f:ab:b1:e9:85:51:05:d8:b7:40:
b9:1c:0c:73:17:3e:f1:2a:8c:4a:63:67:53:34:e5:
da:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:90:5E:13:D4:5C:26:09:C2:E6:D3:86:91:77:62:DA:6F:F3:5B:B4
X509v3 Authority Key Identifier:
keyid:5F:51:BC:D8:9E:B7:F5:B3:AB:08:80:6E:F5:1A:7C:2F:6E:B9:8E:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X1G82J639bOrCIBu9Rp8L265jvw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/_ZBeE9RcJgnC5tOGkXdi2m_zW7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/X1G82J639bOrCIBu9Rp8L265jvw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.95.60.0/22
Signature Algorithm: sha256WithRSAEncryption
81:bd:f5:9b:2c:5a:4d:2f:fe:96:03:03:b0:0e:73:96:c1:3b:
58:50:ca:e9:ac:c8:df:c6:7f:01:8d:67:fe:10:25:f9:28:27:
fa:da:d1:c0:67:a9:67:3f:e1:26:27:8a:b1:52:a2:b4:b9:e9:
a8:78:35:cf:23:68:70:3b:3a:0d:a0:f0:c0:6f:88:a1:96:cb:
98:e2:ee:9a:bf:02:1c:c7:2b:1b:b2:33:42:c0:3e:cd:1e:18:
a3:ab:cc:bf:be:f9:31:b2:8b:57:50:67:88:b8:88:13:e4:f1:
22:7d:05:b7:51:89:e4:25:07:28:5a:13:41:58:82:6a:31:e0:
80:3b:82:2c:84:a9:6a:c6:c3:53:5f:72:6d:d1:89:30:18:74:
d8:c7:d8:3d:d8:a0:bd:61:68:e7:37:3c:67:89:60:21:6f:8a:
34:c1:91:90:6a:25:4a:b5:39:7c:7f:75:1a:c5:4f:3b:89:5a:
c0:74:e9:53:9e:37:14:76:5e:55:21:61:b8:05:fc:80:08:51:
c8:f5:52:60:5c:20:86:48:9c:89:47:50:22:c7:1e:a7:c3:b8:
34:e8:b5:2b:44:8f:e9:03:ef:0b:d2:44:9f:97:de:46:f1:c9:
b4:80:be:9d:7e:8e:8e:61:7e:a0:7e:0c:0a:69:6d:bb:9b:ec:
72:66:e4:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt0/aPTYI9yOf5LbdLMDx3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmNTFiY2Q4OWViN2Y1YjNhYjA4ODA2ZWY1MWE3YzJmNmVi
OThlZmMwHhcNMjMwMTAxMTQ1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDkwNWUxM2Q0NWMyNjA5YzJlNmQzODY5MTc3NjJkYTZmZjM1YmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidzae2n/SOrAXqdiDLkg+Fud0BLK
wYGG1D3DAJQ4AaESWfiL16YOnKclKO0u/mTEcyX1rjx8gMFfH+53zdVE07yWeeJz
EuN60utTKNi8YWsrXJCbWTlif9nHlIy8CvyTj6obVR9MLCQ1GITymQSL1jEqR8Ns
fXiZSVs64iHfWz0SRPA0HZnQanZmbvIAnSvF+DDiLEAJtIz4U2Gy7HaJCoNRf1La
MOMA03SqDqBAP2YRUYL8ybwbpR+1z9br1oZFxeHV3qAe8KcgFfFuZzFhRhkTwCGK
il4xlrMj+uN8G2ilpe0Y6n+rsemFUQXYt0C5HAxzFz7xKoxKY2dTNOXahQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP2QXhPUXCYJwubThpF3Ytpv81u0MB8GA1UdIwQY
MBaAFF9RvNiet/WzqwiAbvUafC9uuY78MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDFHODJKNjM5Yk9yQ0lCdTlScDhMMjY1anZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi80MWY2ZjUtY2VmMC00YTU3LThlNDct
MGE4NTk4NjIwOGE5LzEvX1pCZUU5UmNKZ25DNXRPR2tYZGkybV96VzdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi80MWY2ZjUtY2VmMC00YTU3LThlNDctMGE4NTk4NjIwOGE5
LzEvWDFHODJKNjM5Yk9yQ0lCdTlScDhMMjY1anZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCbV88MA0G
CSqGSIb3DQEBCwUAA4IBAQCBvfWbLFpNL/6WAwOwDnOWwTtYUMrprMjfxn8BjWf+
ECX5KCf62tHAZ6lnP+EmJ4qxUqK0uemoeDXPI2hwOzoNoPDAb4ihlsuY4u6avwIc
xysbsjNCwD7NHhijq8y/vvkxsotXUGeIuIgT5PEifQW3UYnkJQcoWhNBWIJqMeCA
O4IshKlqxsNTX3Jt0YkwGHTYx9g92KC9YWjnNzxniWAhb4o0wZGQaiVKtTl8f3Ua
xU87iVrAdOlTnjcUdl5VIWG4BfyACFHI9VJgXCCGSJyJR1Aixx6nw7g06LUrRI/p
A+8L0kSfl95G8cm0gL6dfo6OYX6gfgwKaW27m+xyZuT7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:03 2024 by rpki-client on console-fra.rpki-client.org