Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/d5ffe7-3b48-4f80-8d6a-317c2fb0a35b/1/Z_hh1kDh4xcaf_DC9tQosRErLJ8.roa
File: Z_hh1kDh4xcaf_DC9tQosRErLJ8.roa (raw, json)
Hash identifier: l7m1ebxjLz8xbEf7TUnJIm04dNuXPms7chz4wdLgWp4=
Subject key identifier: 67:F8:61:D6:40:E1:E3:17:1A:7F:F0:C2:F6:D4:28:B1:11:2B:2C:9F
Certificate issuer: /CN=51618df006d548d1d87ed6419550662db6fc0606
Certificate serial: 07B98E61
Authority key identifier: 51:61:8D:F0:06:D5:48:D1:D8:7E:D6:41:95:50:66:2D:B6:FC:06:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UWGN8AbVSNHYftZBlVBmLbb8BgY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/d5ffe7-3b48-4f80-8d6a-317c2fb0a35b/1/Z_hh1kDh4xcaf_DC9tQosRErLJ8.roa
Signing time: Sat 01 Jan 2022 10:56:26 +0000
ROA not before: Sat 01 Jan 2022 10:56:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50022
IP address blocks: 213.110.224.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 129601121 (0x7b98e61)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51618df006d548d1d87ed6419550662db6fc0606
Validity
Not Before: Jan 1 10:56:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=67f861d640e1e3171a7ff0c2f6d428b1112b2c9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:df:04:30:e4:f6:56:b6:c9:6b:08:9b:a6:0b:
43:49:0e:bd:f9:8b:d3:05:9c:fe:84:33:5e:3b:4e:
f1:6c:4b:a2:26:a9:cb:b2:64:7b:76:0f:bd:26:5e:
66:7f:d2:27:ed:8b:a4:95:e1:1c:6a:8b:50:ae:e0:
b4:b0:d3:6b:50:4b:72:2a:60:1d:ce:d7:e4:f8:4c:
c5:c3:5e:f1:25:ed:3a:59:87:6b:cd:ab:8c:fb:24:
ec:96:03:95:b9:e7:7c:2e:53:9e:99:e3:a0:71:51:
a9:4c:18:af:fe:2e:0c:b9:fe:29:20:7b:5a:f3:50:
49:72:35:f9:ac:45:a9:d4:64:54:30:10:b9:74:f0:
6b:1b:4d:3e:1a:5c:57:47:96:14:ee:cb:d3:9a:fa:
19:99:9d:b6:2b:76:f3:37:b5:7e:d4:13:17:c9:e8:
dd:10:c8:7f:2b:80:98:2f:85:83:2d:e3:89:0f:6d:
cf:e1:48:c9:8b:b2:e2:90:f1:e8:8c:72:b4:c2:d0:
fd:e0:9f:4b:80:b8:60:ed:46:3a:a4:7d:62:b8:5e:
83:9a:7f:1c:1c:77:91:c0:5f:59:94:bb:25:7b:bc:
46:ef:6b:31:79:b1:2f:26:bb:1f:84:f9:c8:20:01:
1e:3f:84:d4:0c:c1:e4:56:89:0a:1d:54:67:e2:e2:
4b:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:F8:61:D6:40:E1:E3:17:1A:7F:F0:C2:F6:D4:28:B1:11:2B:2C:9F
X509v3 Authority Key Identifier:
keyid:51:61:8D:F0:06:D5:48:D1:D8:7E:D6:41:95:50:66:2D:B6:FC:06:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UWGN8AbVSNHYftZBlVBmLbb8BgY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/d5ffe7-3b48-4f80-8d6a-317c2fb0a35b/1/Z_hh1kDh4xcaf_DC9tQosRErLJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/d5ffe7-3b48-4f80-8d6a-317c2fb0a35b/1/UWGN8AbVSNHYftZBlVBmLbb8BgY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.110.224.0/19
Signature Algorithm: sha256WithRSAEncryption
55:0a:83:3b:eb:6b:19:d2:70:2f:c8:81:08:f1:5f:4e:94:d0:
5f:c0:d9:bd:48:c6:40:2c:00:9e:9a:99:da:53:d2:b0:35:ae:
82:0b:f8:f5:b5:a5:d8:8d:0a:88:a5:ea:a3:44:ce:aa:4a:9c:
7d:34:a6:29:67:05:2e:78:46:75:69:4b:59:fc:a7:64:5a:c8:
3c:b6:9c:a1:3c:9a:e5:f8:82:f4:a8:c9:54:26:1d:ca:70:e8:
6a:44:ba:fe:ca:a9:c5:a2:72:ce:22:93:0f:93:c3:fa:18:99:
e4:8a:81:ee:d9:59:80:86:ff:30:b7:b4:b4:f4:c5:47:fb:e0:
d1:5e:6f:d3:c5:df:6e:2a:d7:32:1a:b7:96:65:c9:00:26:8e:
12:a8:38:7c:71:f5:8a:91:a6:ee:29:19:2e:9d:55:04:de:f1:
23:7f:c2:45:39:9c:24:0c:a7:1b:3a:55:d9:ef:c6:ac:06:6e:
00:7c:82:77:6c:92:c7:8a:91:8f:b2:85:a8:fc:ce:42:f8:ff:
fc:e4:dd:1f:7e:b3:b5:ba:3c:90:61:41:5f:ce:83:3f:a4:3d:
da:2e:bd:f5:71:0a:6a:39:02:b5:bb:3c:3a:33:61:a8:d9:0e:
60:ff:e5:52:cf:99:64:b0:8b:88:01:b2:ff:f8:9d:d2:31:41:
45:89:7a:9a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB7mOYTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MTYxOGRmMDA2ZDU0OGQxZDg3ZWQ2NDE5NTUwNjYyZGI2ZmMwNjA2MB4XDTIyMDEw
MTEwNTYyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjdmODYxZDY0MGUx
ZTMxNzFhN2ZmMGMyZjZkNDI4YjExMTJiMmM5ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN/fBDDk9la2yWsIm6YLQ0kOvfmL0wWc/oQzXjtO8WxLoiap
y7Jke3YPvSZeZn/SJ+2LpJXhHGqLUK7gtLDTa1BLcipgHc7X5PhMxcNe8SXtOlmH
a82rjPsk7JYDlbnnfC5TnpnjoHFRqUwYr/4uDLn+KSB7WvNQSXI1+axFqdRkVDAQ
uXTwaxtNPhpcV0eWFO7L05r6GZmdtit28ze1ftQTF8no3RDIfyuAmC+Fgy3jiQ9t
z+FIyYuy4pDx6IxytMLQ/eCfS4C4YO1GOqR9Yrheg5p/HBx3kcBfWZS7JXu8Ru9r
MXmxLya7H4T5yCABHj+E1AzB5FaJCh1UZ+LiS38CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRn+GHWQOHjFxp/8ML21CixESssnzAfBgNVHSMEGDAWgBRRYY3wBtVI0dh+
1kGVUGYttvwGBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VXR044QWJWU05IWWZ0WkJsVkJtTGJiOEJnWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGUvZDVmZmU3LTNiNDgtNGY4MC04ZDZhLTMxN2MyZmIwYTM1Yi8x
L1pfaGgxa0RoNHhjYWZfREM5dFFvc1JFckxKOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUv
ZDVmZmU3LTNiNDgtNGY4MC04ZDZhLTMxN2MyZmIwYTM1Yi8xL1VXR044QWJWU05I
WWZ0WkJsVkJtTGJiOEJnWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBdVu4DANBgkqhkiG9w0BAQsFAAOC
AQEAVQqDO+trGdJwL8iBCPFfTpTQX8DZvUjGQCwAnpqZ2lPSsDWuggv49bWl2I0K
iKXqo0TOqkqcfTSmKWcFLnhGdWlLWfynZFrIPLacoTya5fiC9KjJVCYdynDoakS6
/sqpxaJyziKTD5PD+hiZ5IqB7tlZgIb/MLe0tPTFR/vg0V5v08XfbirXMhq3lmXJ
ACaOEqg4fHH1ipGm7ikZLp1VBN7xI3/CRTmcJAynGzpV2e/GrAZuAHyCd2ySx4qR
j7KFqPzOQvj//OTdH36ztbo8kGFBX86DP6Q92i699XEKajkCtbs8OjNhqNkOYP/l
Us+ZZLCLiAGy//id0jFBRYl6mg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:58 2024 by rpki-client on console-fra.rpki-client.org