Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/0cOii2q8fgKTTwM6FyQhVVanLps.roa
File: 0cOii2q8fgKTTwM6FyQhVVanLps.roa (raw, json)
Hash identifier: ST0ZYv5Zvrwdq8/AvwxUYahbqM/uV39lRrYSpSPy2MU=
Subject key identifier: D1:C3:A2:8B:6A:BC:7E:02:93:4F:03:3A:17:24:21:55:56:A7:2E:9B
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 01825AFA34D76DCC0849BC45E746D86F42A7
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/0cOii2q8fgKTTwM6FyQhVVanLps.roa
Signing time: Mon 01 Aug 2022 19:55:23 +0000
ROA not before: Mon 01 Aug 2022 19:55:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 185.191.34.0/24 maxlen: 24
185.191.35.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:5a:fa:34:d7:6d:cc:08:49:bc:45:e7:46:d8:6f:42:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Aug 1 19:55:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d1c3a28b6abc7e02934f033a1724215556a72e9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:60:41:a4:5d:2b:b6:59:81:6b:8b:63:37:82:
bd:d9:aa:13:33:27:c9:01:29:9e:99:5a:79:13:6d:
81:83:30:56:94:1a:23:64:44:d1:91:f2:37:26:05:
f6:05:2b:79:92:6d:f8:f5:8e:b6:34:c5:37:fd:5a:
6a:9e:f9:d3:9e:07:d2:43:34:90:7d:f3:41:75:7c:
28:23:f1:c0:b0:26:70:24:99:e4:48:17:0b:bf:91:
e7:23:83:1d:ab:57:d1:85:14:7b:7d:aa:f5:d1:63:
75:fc:37:41:bc:7e:38:e0:11:d2:86:92:61:c7:ed:
5b:70:14:8b:12:01:f8:a6:fb:81:ca:44:29:39:b1:
f7:7d:79:0f:39:e8:c4:fd:1c:75:b3:6a:90:11:c4:
04:a3:ff:86:af:99:01:06:a7:7b:75:74:69:f5:f2:
b5:30:09:ed:36:ea:63:d3:05:8a:05:80:72:a1:1b:
1e:77:13:33:b0:53:01:18:3c:e7:d7:4b:67:7a:0e:
a2:b3:55:d6:4b:52:53:d2:fc:e6:92:06:a2:de:17:
c9:b4:31:05:24:57:cd:63:d3:e3:10:49:ab:53:8f:
54:bb:dc:63:42:1a:3b:46:c7:3b:f8:bd:30:3f:84:
31:38:59:61:42:7f:f6:77:c4:6a:f1:7d:e9:45:a4:
38:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:C3:A2:8B:6A:BC:7E:02:93:4F:03:3A:17:24:21:55:56:A7:2E:9B
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/0cOii2q8fgKTTwM6FyQhVVanLps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.191.34.0/23
Signature Algorithm: sha256WithRSAEncryption
d0:48:87:76:5d:81:76:d7:e4:57:d7:14:1d:71:0b:1e:20:64:
5e:e5:1c:a9:3a:5c:ec:6d:f2:af:35:8c:b1:2a:87:ae:77:8b:
be:ec:3a:46:3c:ce:82:00:43:83:cf:2c:39:69:75:74:db:d3:
ea:1f:35:b5:67:13:39:56:7a:12:c0:51:e5:ce:d4:e9:d0:b2:
42:ba:5f:46:e1:47:7e:f9:cf:ee:b3:68:be:e1:8c:74:bc:0a:
fd:07:cb:94:77:69:a3:9d:a2:e1:4c:18:ac:c0:52:28:9b:c3:
c8:40:1c:e4:20:6d:99:94:4b:c3:93:0b:b5:21:24:90:77:5e:
85:75:9f:82:b5:2d:dd:1d:53:36:89:d9:f6:e3:c2:5e:ee:54:
c4:04:81:fb:17:0b:93:c4:af:d7:1d:c2:9d:7d:56:b3:11:c3:
87:77:a7:7b:90:8f:d4:8e:22:3a:4a:aa:df:28:11:f3:a7:ff:
08:eb:ba:79:99:d1:e2:73:fe:a3:4e:66:42:2e:fa:36:27:13:
07:30:14:16:05:23:2b:e8:f7:ee:19:e3:c5:ad:79:f0:56:a1:
7a:d8:49:ac:8b:e2:51:f6:46:08:d9:e7:22:8c:c3:2e:f6:81:
70:c3:1f:e8:3a:af:78:c7:83:3f:52:84:b1:d0:5d:2f:ee:e9:
fb:25:84:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJa+jTXbcwISbxF50bYb0KnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjIwODAxMTk1NTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWMzYTI4YjZhYmM3ZTAyOTM0ZjAzM2ExNzI0MjE1NTU2YTcyZTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2BBpF0rtlmBa4tjN4K92aoTMyfJ
ASmemVp5E22BgzBWlBojZETRkfI3JgX2BSt5km349Y62NMU3/VpqnvnTngfSQzSQ
ffNBdXwoI/HAsCZwJJnkSBcLv5HnI4Mdq1fRhRR7far10WN1/DdBvH444BHShpJh
x+1bcBSLEgH4pvuBykQpObH3fXkPOejE/Rx1s2qQEcQEo/+Gr5kBBqd7dXRp9fK1
MAntNupj0wWKBYByoRsedxMzsFMBGDzn10tneg6is1XWS1JT0vzmkgai3hfJtDEF
JFfNY9PjEEmrU49Uu9xjQho7Rsc7+L0wP4QxOFlhQn/2d8Rq8X3pRaQ4+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNHDootqvH4Ck08DOhckIVVWpy6bMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvMGNPaWkycThmZ0tUVHdNNkZ5UWhWVmFuTHBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBub8iMA0G
CSqGSIb3DQEBCwUAA4IBAQDQSId2XYF21+RX1xQdcQseIGRe5RypOlzsbfKvNYyx
Koeud4u+7DpGPM6CAEODzyw5aXV029PqHzW1ZxM5VnoSwFHlztTp0LJCul9G4Ud+
+c/us2i+4Yx0vAr9B8uUd2mjnaLhTBiswFIom8PIQBzkIG2ZlEvDkwu1ISSQd16F
dZ+CtS3dHVM2idn248Je7lTEBIH7FwuTxK/XHcKdfVazEcOHd6d7kI/UjiI6Sqrf
KBHzp/8I67p5mdHic/6jTmZCLvo2JxMHMBQWBSMr6PfuGePFrXnwVqF62Emsi+JR
9kYI2ecijMMu9oFwwx/oOq94x4M/UoSx0F0v7un7JYTo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:17 2024 by rpki-client on console-fra.rpki-client.org