Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/1b55cf-be94-49ad-9eb8-9db3d44c6d2f/1/ZnJ-VQHg4efVMLQUwhkD0Nmt0R8.roa
File: ZnJ-VQHg4efVMLQUwhkD0Nmt0R8.roa (raw, json)
Hash identifier: 09IyqXFgWGFx2KSR+QhJQROUO27j23Nd1Xv4L9kmezI=
Subject key identifier: 66:72:7E:55:01:E0:E1:E7:D5:30:B4:14:C2:19:03:D0:D9:AD:D1:1F
Certificate issuer: /CN=f8caa797b900fc355fc2412467751eeb2c1c64be
Certificate serial: 0185D08B237237D7C67F2CA1ED0DC08B81D0
Authority key identifier: F8:CA:A7:97:B9:00:FC:35:5F:C2:41:24:67:75:1E:EB:2C:1C:64:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Mqnl7kA_DVfwkEkZ3Ue6ywcZL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/1b55cf-be94-49ad-9eb8-9db3d44c6d2f/1/ZnJ-VQHg4efVMLQUwhkD0Nmt0R8.roa
Signing time: Fri 20 Jan 2023 18:57:37 +0000
ROA not before: Fri 20 Jan 2023 18:57:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211467
IP address blocks: 193.34.83.0/24 maxlen: 24
185.98.216.0/24 maxlen: 24
185.98.219.0/24 maxlen: 24
185.98.217.0/24 maxlen: 24
185.98.218.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:d0:8b:23:72:37:d7:c6:7f:2c:a1:ed:0d:c0:8b:81:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8caa797b900fc355fc2412467751eeb2c1c64be
Validity
Not Before: Jan 20 18:57:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=66727e5501e0e1e7d530b414c21903d0d9add11f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:20:0a:4e:5c:42:be:e8:bc:10:1b:7f:62:11:
34:8b:ee:14:08:a7:7e:33:f3:93:8c:d4:bf:21:e5:
11:5f:b5:ff:ae:75:41:e8:94:f4:95:0f:2f:f5:65:
27:dc:1e:df:60:af:7a:5c:c1:91:05:f0:1f:6d:2c:
1e:7a:1a:5b:b6:66:db:d2:34:cc:9f:4f:5f:d3:cf:
fb:39:69:14:a0:3b:b0:fc:1e:5c:2c:b5:40:d2:fa:
24:69:dd:b8:20:cd:ae:0f:fb:f0:7b:a4:94:f6:c3:
ae:63:98:c5:05:0f:49:35:31:d4:48:69:f9:94:c4:
d9:62:14:8d:e5:cd:fd:a6:90:f1:bd:3d:17:be:f0:
30:12:d8:cd:ea:ab:59:5b:7c:63:0f:6b:4b:eb:0a:
68:b9:71:e8:66:40:33:5d:74:4b:92:14:7a:fc:6c:
fe:1b:fc:69:5b:a2:a7:ba:8d:e1:65:b1:b5:8d:1e:
7d:35:09:e6:30:b0:3b:0b:27:90:a0:fd:bc:d1:15:
a7:bf:f6:9a:e2:91:46:5f:3f:1b:aa:e9:49:20:4d:
28:f9:43:d2:8c:5b:76:ac:3c:26:32:c0:0c:f2:4b:
b8:02:94:ed:ea:38:af:06:ea:18:31:32:04:7a:74:
04:9e:1f:24:8f:c3:4b:f6:dc:3d:23:2e:dd:3b:52:
d8:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:72:7E:55:01:E0:E1:E7:D5:30:B4:14:C2:19:03:D0:D9:AD:D1:1F
X509v3 Authority Key Identifier:
keyid:F8:CA:A7:97:B9:00:FC:35:5F:C2:41:24:67:75:1E:EB:2C:1C:64:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Mqnl7kA_DVfwkEkZ3Ue6ywcZL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/1b55cf-be94-49ad-9eb8-9db3d44c6d2f/1/ZnJ-VQHg4efVMLQUwhkD0Nmt0R8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/1b55cf-be94-49ad-9eb8-9db3d44c6d2f/1/1-Mqnl7kA_DVfwkEkZ3Ue6ywcZL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.98.216.0/22
193.34.83.0/24
Signature Algorithm: sha256WithRSAEncryption
87:2d:3f:de:17:54:d1:01:f0:b3:0f:7e:0d:15:e4:50:5a:d0:
3e:f7:69:85:fa:d4:84:b3:d2:64:78:26:e8:d1:a8:ed:ac:d3:
71:6d:5b:ba:74:b3:c7:8f:33:74:5e:19:2e:09:2e:10:43:2b:
b2:32:b7:a8:8d:02:c1:75:63:d5:83:cc:1e:e4:ca:e2:5b:5e:
bc:f0:4b:45:2b:45:ee:08:77:a5:a3:5f:a0:bb:91:15:ff:50:
40:f3:31:c5:38:60:ec:d8:95:2a:21:4d:ec:fe:3b:bc:d7:25:
6b:7b:29:88:58:d1:69:49:d9:16:7b:fe:70:35:3b:7c:4a:65:
30:d2:c1:af:7b:f2:9e:96:60:f7:e3:3a:ef:f4:de:4d:23:78:
4c:d3:47:cf:15:c5:d2:f9:b7:ca:1e:77:48:f2:f3:58:22:b3:
9e:09:fa:c5:f4:58:ae:73:21:89:94:14:49:27:04:b5:5b:d9:
36:1f:7f:87:31:4a:d1:da:e7:40:97:e2:5c:1b:ee:d7:75:a5:
ed:ee:84:f9:e9:a9:d9:2f:60:7e:bc:33:6f:02:b8:4f:e7:4a:
56:f6:9b:90:25:fe:16:34:9b:0d:1c:21:d6:0c:49:7d:bc:59:
78:6a:50:ff:c4:59:a7:81:f2:d4:f3:44:28:dc:9b:48:48:c4:
08:b3:e6:40
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYXQiyNyN9fGfyyh7Q3Ai4HQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4Y2FhNzk3YjkwMGZjMzU1ZmMyNDEyNDY3NzUxZWViMmMx
YzY0YmUwHhcNMjMwMTIwMTg1NzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjcyN2U1NTAxZTBlMWU3ZDUzMGI0MTRjMjE5MDNkMGQ5YWRkMTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgCAKTlxCvui8EBt/YhE0i+4UCKd+
M/OTjNS/IeURX7X/rnVB6JT0lQ8v9WUn3B7fYK96XMGRBfAfbSweehpbtmbb0jTM
n09f08/7OWkUoDuw/B5cLLVA0vokad24IM2uD/vwe6SU9sOuY5jFBQ9JNTHUSGn5
lMTZYhSN5c39ppDxvT0XvvAwEtjN6qtZW3xjD2tL6wpouXHoZkAzXXRLkhR6/Gz+
G/xpW6Knuo3hZbG1jR59NQnmMLA7CyeQoP280RWnv/aa4pFGXz8bqulJIE0o+UPS
jFt2rDwmMsAM8ku4ApTt6jivBuoYMTIEenQEnh8kj8NL9tw9Iy7dO1LY3wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGZyflUB4OHn1TC0FMIZA9DZrdEfMB8GA1UdIwQY
MBaAFPjKp5e5APw1X8JBJGd1HussHGS+MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1NcW5sN2tBX0RWZndrRWtaM1VlNnl3Y1pMNC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDcvMWI1NWNmLWJlOTQtNDlhZC05ZWI4
LTlkYjNkNDRjNmQyZi8xL1puSi1WUUhnNGVmVk1MUVV3aGtEME5tdDBSOC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDcvMWI1NWNmLWJlOTQtNDlhZC05ZWI4LTlkYjNkNDRjNmQy
Zi8xLzEtTXFubDdrQV9EVmZ3a0VrWjNVZTZ5d2NaTDQuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAK5YtgD
BADBIlMwDQYJKoZIhvcNAQELBQADggEBAIctP94XVNEB8LMPfg0V5FBa0D73aYX6
1ISz0mR4JujRqO2s03FtW7p0s8ePM3ReGS4JLhBDK7Iyt6iNAsF1Y9WDzB7kyuJb
XrzwS0UrRe4Id6WjX6C7kRX/UEDzMcU4YOzYlSohTez+O7zXJWt7KYhY0WlJ2RZ7
/nA1O3xKZTDSwa978p6WYPfjOu/03k0jeEzTR88VxdL5t8oed0jy81gis54J+sX0
WK5zIYmUFEknBLVb2TYff4cxStHa50CX4lwb7td1pe3uhPnpqdkvYH68M28CuE/n
Slb2m5Al/hY0mw0cIdYMSX28WXhqUP/EWaeB8tTzRCjcm0hIxAiz5kA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:10 2025 by rpki-client