Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/40ade0-98da-4aa5-b817-6edc1b225625/1/2rypFZYpMVghOSMgPZfC0DuaHi4.roa
File: 2rypFZYpMVghOSMgPZfC0DuaHi4.roa (raw, json)
Hash identifier: 6r11RRymr+laXazFbwdZm+HpTpY267sioawyvOn+b1k=
Subject key identifier: DA:BC:A9:15:96:29:31:58:21:39:23:20:3D:97:C2:D0:3B:9A:1E:2E
Certificate issuer: /CN=cfcd73f82c260da87386dcf7be26d5c5445526fa
Certificate serial: 01880536FB9FBAED4278F7514C79675D58FA
Authority key identifier: CF:CD:73:F8:2C:26:0D:A8:73:86:DC:F7:BE:26:D5:C5:44:55:26:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z81z-CwmDahzhtz3vibVxURVJvo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/40ade0-98da-4aa5-b817-6edc1b225625/1/2rypFZYpMVghOSMgPZfC0DuaHi4.roa
Signing time: Wed 10 May 2023 10:31:09 +0000
ROA not before: Wed 10 May 2023 10:31:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39154
IP address blocks: 85.158.188.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:05:36:fb:9f:ba:ed:42:78:f7:51:4c:79:67:5d:58:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfcd73f82c260da87386dcf7be26d5c5445526fa
Validity
Not Before: May 10 10:31:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dabca91596293158213923203d97c2d03b9a1e2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:bb:55:27:45:c3:4d:c3:9a:ef:4c:f4:34:e1:
3d:42:98:56:0e:ce:14:18:18:2e:a9:0d:e5:ee:dd:
04:ec:af:e0:c5:59:25:fc:2a:2f:ce:9e:90:ef:c2:
85:a0:29:e1:4f:cd:53:ef:85:37:45:99:07:5a:36:
24:10:36:a2:2d:84:92:94:7b:94:21:91:d8:9b:10:
47:30:18:cf:6d:5e:0c:f3:08:ad:9f:f2:31:4f:05:
0e:09:8a:96:1c:6a:01:f9:68:aa:28:df:ae:bd:67:
81:ce:ce:70:37:07:6a:4e:11:68:19:0a:a0:fd:76:
13:16:38:f6:50:0e:e9:49:0d:b5:22:da:7c:06:c6:
14:25:00:53:79:d1:dc:30:6e:14:21:92:3a:ce:88:
94:b8:ff:21:a4:0a:c0:fd:bb:9a:ee:49:2b:19:77:
20:4c:a1:7c:72:4b:56:4d:c1:00:6a:92:12:f9:8e:
ba:2c:c0:40:04:bc:8b:fe:d1:f0:07:65:05:3c:e2:
2d:69:8c:be:e7:d4:29:ce:47:8f:4e:a1:0d:e8:a8:
14:b5:1f:3b:fe:f8:c9:39:d0:27:b0:90:ce:3e:b9:
71:64:ff:01:15:49:33:1e:6f:2c:c6:f0:06:bf:20:
ec:2e:78:2e:27:f3:23:62:83:af:82:a1:68:a7:9c:
a6:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:BC:A9:15:96:29:31:58:21:39:23:20:3D:97:C2:D0:3B:9A:1E:2E
X509v3 Authority Key Identifier:
keyid:CF:CD:73:F8:2C:26:0D:A8:73:86:DC:F7:BE:26:D5:C5:44:55:26:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z81z-CwmDahzhtz3vibVxURVJvo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/40ade0-98da-4aa5-b817-6edc1b225625/1/2rypFZYpMVghOSMgPZfC0DuaHi4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/40ade0-98da-4aa5-b817-6edc1b225625/1/z81z-CwmDahzhtz3vibVxURVJvo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.188.0/22
Signature Algorithm: sha256WithRSAEncryption
13:85:35:4d:ca:b9:b9:cf:65:e4:23:fb:91:7e:98:97:f3:95:
7b:11:26:6b:59:b6:9c:3d:f6:d6:08:ce:2c:7e:dc:c0:be:1c:
c6:df:08:ae:e6:f3:f2:44:bd:b9:72:1c:a0:64:e2:3e:ea:d5:
3c:6d:0d:21:e8:af:59:7f:b0:38:d3:51:46:46:cf:9f:db:29:
74:9c:50:a6:71:56:3d:47:18:53:ce:8b:b7:02:7e:4d:7b:4d:
8f:26:7d:34:c3:f3:07:9b:62:24:66:08:43:30:73:d2:74:2a:
73:0f:8c:25:2c:8c:d9:ee:d1:57:d4:51:55:90:13:c9:c9:cf:
a5:ec:4b:6b:07:83:2d:61:3b:a6:7e:e4:ab:c2:5e:b3:82:b9:
41:4c:fd:17:7b:32:56:53:7a:c2:64:fb:82:1e:64:e3:97:00:
8d:82:80:5b:bd:91:02:f8:19:d0:ee:7d:a6:83:2a:e3:56:c2:
10:7c:a7:27:c1:10:47:88:d8:76:17:e5:c8:cd:62:b0:91:4d:
11:9b:bd:60:e0:d6:90:5b:b3:11:75:cb:f0:52:eb:45:5f:8d:
77:7e:af:ff:ab:8f:e0:0f:df:9b:ec:89:d9:3c:90:db:09:f3:
49:92:16:16:48:b3:3c:e6:a7:8b:be:e9:83:8a:9c:3d:c5:cc:
4e:99:e5:82
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgFNvufuu1CePdRTHlnXVj6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmY2Q3M2Y4MmMyNjBkYTg3Mzg2ZGNmN2JlMjZkNWM1NDQ1
NTI2ZmEwHhcNMjMwNTEwMTAzMTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWJjYTkxNTk2MjkzMTU4MjEzOTIzMjAzZDk3YzJkMDNiOWExZTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLtVJ0XDTcOa70z0NOE9QphWDs4U
GBguqQ3l7t0E7K/gxVkl/Covzp6Q78KFoCnhT81T74U3RZkHWjYkEDaiLYSSlHuU
IZHYmxBHMBjPbV4M8witn/IxTwUOCYqWHGoB+WiqKN+uvWeBzs5wNwdqThFoGQqg
/XYTFjj2UA7pSQ21Itp8BsYUJQBTedHcMG4UIZI6zoiUuP8hpArA/bua7kkrGXcg
TKF8cktWTcEAapIS+Y66LMBABLyL/tHwB2UFPOItaYy+59QpzkePTqEN6KgUtR87
/vjJOdAnsJDOPrlxZP8BFUkzHm8sxvAGvyDsLnguJ/MjYoOvgqFop5ymNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNq8qRWWKTFYITkjID2XwtA7mh4uMB8GA1UdIwQY
MBaAFM/Nc/gsJg2oc4bc974m1cVEVSb6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejgxei1Dd21EYWh6aHR6M3ZpYlZ4VVJWSnZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy80MGFkZTAtOThkYS00YWE1LWI4MTct
NmVkYzFiMjI1NjI1LzEvMnJ5cEZaWXBNVmdoT1NNZ1BaZkMwRHVhSGk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy80MGFkZTAtOThkYS00YWE1LWI4MTctNmVkYzFiMjI1NjI1
LzEvejgxei1Dd21EYWh6aHR6M3ZpYlZ4VVJWSnZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVZ68MA0G
CSqGSIb3DQEBCwUAA4IBAQAThTVNyrm5z2XkI/uRfpiX85V7ESZrWbacPfbWCM4s
ftzAvhzG3wiu5vPyRL25chygZOI+6tU8bQ0h6K9Zf7A401FGRs+f2yl0nFCmcVY9
RxhTzou3An5Ne02PJn00w/MHm2IkZghDMHPSdCpzD4wlLIzZ7tFX1FFVkBPJyc+l
7EtrB4MtYTumfuSrwl6zgrlBTP0XezJWU3rCZPuCHmTjlwCNgoBbvZEC+BnQ7n2m
gyrjVsIQfKcnwRBHiNh2F+XIzWKwkU0Rm71g4NaQW7MRdcvwUutFX413fq//q4/g
D9+b7InZPJDbCfNJkhYWSLM85qeLvumDipw9xcxOmeWC
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:50 2025 by rpki-client