Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/62764b-9aa6-4f12-a71c-6bac34987019/1/Zi4C7Vd9wJO6XT4vx3nwxR39H5U.roa
File: Zi4C7Vd9wJO6XT4vx3nwxR39H5U.roa (raw, json)
Hash identifier: 7opAMWPnle70sMBhRyzX4WfjzB6q0dA7B7ITu22J/ls=
Subject key identifier: 66:2E:02:ED:57:7D:C0:93:BA:5D:3E:2F:C7:79:F0:C5:1D:FD:1F:95
Certificate issuer: /CN=35c96065093998ba42cfba11bf0d17d3ac403d40
Certificate serial: 0186042F81BBA5834BC340E11C938118B636
Authority key identifier: 35:C9:60:65:09:39:98:BA:42:CF:BA:11:BF:0D:17:D3:AC:40:3D:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NclgZQk5mLpCz7oRvw0X06xAPUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/62764b-9aa6-4f12-a71c-6bac34987019/1/Zi4C7Vd9wJO6XT4vx3nwxR39H5U.roa
Signing time: Mon 30 Jan 2023 19:37:47 +0000
ROA not before: Mon 30 Jan 2023 19:37:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5089
IP address blocks: 79.139.52.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:04:2f:81:bb:a5:83:4b:c3:40:e1:1c:93:81:18:b6:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35c96065093998ba42cfba11bf0d17d3ac403d40
Validity
Not Before: Jan 30 19:37:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=662e02ed577dc093ba5d3e2fc779f0c51dfd1f95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:64:ec:e5:b0:d4:50:3f:69:4b:d2:6c:02:46:
48:b2:47:8c:57:7e:f0:3f:1c:10:5e:55:fc:57:60:
eb:9b:80:c3:2b:44:10:32:09:d5:b8:03:3e:9a:51:
54:a4:95:70:e3:20:00:62:66:c7:4c:1d:d0:d4:22:
02:62:66:0f:b8:55:e3:0b:1d:de:e5:9b:26:14:71:
c8:d9:2c:60:54:2f:ac:9f:38:c1:73:4a:b1:b8:68:
a3:2c:7d:4e:dd:36:0a:9d:f5:f6:78:11:04:2e:1f:
84:20:b7:a6:02:80:4b:3c:95:ba:5c:4a:a9:2f:56:
18:a9:27:99:2d:dc:bb:24:34:1f:e0:fe:6b:46:0e:
97:e8:a2:81:1b:80:a5:16:6a:e2:df:46:75:42:37:
96:c1:ff:d4:7a:44:2a:1c:8f:84:f4:b2:41:88:13:
98:1c:ae:f9:0b:ba:eb:c1:a4:03:06:7c:a0:b7:33:
6e:de:06:14:13:77:09:10:61:e0:2b:bb:b2:1a:e9:
28:19:92:f8:87:e2:ce:5a:4e:c1:a8:59:1f:f8:5a:
d2:31:99:79:41:c0:f5:7a:db:74:dd:8e:ab:35:09:
5e:ff:c6:c3:06:9e:34:36:97:8e:16:53:a4:56:d0:
0a:ea:58:92:e7:59:92:9c:7d:d1:7c:1f:3c:e7:d8:
ec:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:2E:02:ED:57:7D:C0:93:BA:5D:3E:2F:C7:79:F0:C5:1D:FD:1F:95
X509v3 Authority Key Identifier:
keyid:35:C9:60:65:09:39:98:BA:42:CF:BA:11:BF:0D:17:D3:AC:40:3D:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NclgZQk5mLpCz7oRvw0X06xAPUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/62764b-9aa6-4f12-a71c-6bac34987019/1/Zi4C7Vd9wJO6XT4vx3nwxR39H5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/62764b-9aa6-4f12-a71c-6bac34987019/1/NclgZQk5mLpCz7oRvw0X06xAPUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.139.52.0/22
Signature Algorithm: sha256WithRSAEncryption
2d:e9:b0:53:b4:f6:cf:2b:ba:b5:ac:7d:cb:ad:b2:13:99:b5:
25:f4:2f:73:4a:5b:60:77:83:30:f5:a3:f9:7a:62:b0:32:7a:
82:83:ea:d2:47:23:e6:17:81:90:16:d6:93:27:b3:77:f5:5c:
bb:94:92:fc:ce:34:cd:13:e7:2b:74:97:5f:b5:3d:d2:e4:a8:
ee:87:02:91:cc:c8:5c:ef:26:ed:01:76:f3:cb:90:f5:ed:eb:
db:1b:55:df:16:30:b6:31:c0:9e:bb:80:63:33:92:af:b3:76:
7e:a5:99:88:a0:15:28:f1:d4:b8:e7:5a:b5:15:f1:43:82:27:
cf:68:01:9e:2a:31:ee:7a:07:00:d0:2f:4b:75:86:c8:bd:f4:
38:c4:c3:ac:7a:61:ff:ad:fa:6a:e0:00:0b:f6:26:25:2e:01:
6e:ad:a8:77:25:ff:c1:de:af:d6:73:fc:a2:c2:6c:e4:7f:f1:
1c:98:d0:d2:e9:d6:b0:8e:40:a9:71:38:f2:d2:19:a7:f9:0f:
0d:6d:a5:27:3e:bc:cf:02:db:9c:30:ff:67:97:94:5a:a1:03:
e3:18:2f:ae:2c:f5:97:26:58:d2:7f:ab:e9:c1:f8:35:a8:20:
41:fb:c8:86:34:ee:86:8e:c6:d6:e5:f4:da:5e:01:75:88:60:
aa:32:13:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYEL4G7pYNLw0DhHJOBGLY2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1Yzk2MDY1MDkzOTk4YmE0MmNmYmExMWJmMGQxN2QzYWM0
MDNkNDAwHhcNMjMwMTMwMTkzNzQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjJlMDJlZDU3N2RjMDkzYmE1ZDNlMmZjNzc5ZjBjNTFkZmQxZjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzmTs5bDUUD9pS9JsAkZIskeMV37w
PxwQXlX8V2Drm4DDK0QQMgnVuAM+mlFUpJVw4yAAYmbHTB3Q1CICYmYPuFXjCx3e
5ZsmFHHI2SxgVC+snzjBc0qxuGijLH1O3TYKnfX2eBEELh+EILemAoBLPJW6XEqp
L1YYqSeZLdy7JDQf4P5rRg6X6KKBG4ClFmri30Z1QjeWwf/UekQqHI+E9LJBiBOY
HK75C7rrwaQDBnygtzNu3gYUE3cJEGHgK7uyGukoGZL4h+LOWk7BqFkf+FrSMZl5
QcD1ett03Y6rNQle/8bDBp40NpeOFlOkVtAK6liS51mSnH3RfB8859jsrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGYuAu1XfcCTul0+L8d58MUd/R+VMB8GA1UdIwQY
MBaAFDXJYGUJOZi6Qs+6Eb8NF9OsQD1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmNsZ1pRazVtTHBDejdvUnZ3MFgwNnhBUFVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi82Mjc2NGItOWFhNi00ZjEyLWE3MWMt
NmJhYzM0OTg3MDE5LzEvWmk0QzdWZDl3Sk82WFQ0dngzbnd4UjM5SDVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi82Mjc2NGItOWFhNi00ZjEyLWE3MWMtNmJhYzM0OTg3MDE5
LzEvTmNsZ1pRazVtTHBDejdvUnZ3MFgwNnhBUFVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCT4s0MA0G
CSqGSIb3DQEBCwUAA4IBAQAt6bBTtPbPK7q1rH3LrbITmbUl9C9zSltgd4Mw9aP5
emKwMnqCg+rSRyPmF4GQFtaTJ7N39Vy7lJL8zjTNE+crdJdftT3S5KjuhwKRzMhc
7ybtAXbzy5D17evbG1XfFjC2McCeu4BjM5Kvs3Z+pZmIoBUo8dS451q1FfFDgifP
aAGeKjHuegcA0C9LdYbIvfQ4xMOsemH/rfpq4AAL9iYlLgFurah3Jf/B3q/Wc/yi
wmzkf/EcmNDS6dawjkCpcTjy0hmn+Q8NbaUnPrzPAtucMP9nl5RaoQPjGC+uLPWX
JljSf6vpwfg1qCBB+8iGNO6GjsbW5fTaXgF1iGCqMhM2
-----END CERTIFICATE-----
Generated at Mon Nov 13 09:13:26 2023 by rpki-client on console-ams.rpki-client.org