Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/4Za99sSy2iVljepXSHjGPkhSGzc.roa
File: 4Za99sSy2iVljepXSHjGPkhSGzc.roa (raw, json)
Hash identifier: FE5vNKmXJi9stcp5d6W2vT8zazhGsiIMseHCJemMp/8=
Subject key identifier: E1:96:BD:F6:C4:B2:DA:25:65:8D:EA:57:48:78:C6:3E:48:52:1B:37
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 018570D553663625EAC2C27233CAD08B0654
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/4Za99sSy2iVljepXSHjGPkhSGzc.roa
Signing time: Mon 02 Jan 2023 04:55:06 +0000
ROA not before: Mon 02 Jan 2023 04:55:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 27176
IP address blocks: 85.31.48.0/22 maxlen: 22
84.54.8.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:53:66:36:25:ea:c2:c2:72:33:ca:d0:8b:06:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 2 04:55:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e196bdf6c4b2da25658dea574878c63e48521b37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:3f:44:02:75:77:a0:11:50:1e:29:93:84:96:
3e:19:84:71:d2:f1:79:de:77:f9:85:ee:36:c2:2f:
d5:a1:7f:b4:53:3c:8d:3c:dc:83:44:48:27:ba:0f:
18:a3:02:8c:9a:cc:f1:7a:dd:f7:d6:78:a4:39:28:
2a:4d:ed:ec:ea:da:bb:e2:9c:40:c3:32:55:84:34:
c5:8e:1b:84:70:48:47:3b:df:e2:31:00:11:b7:04:
c6:d6:78:61:2c:c5:14:92:31:1e:ce:90:d2:b2:f3:
10:be:b9:d6:4d:8a:c5:8c:25:b0:fb:94:d8:ab:aa:
ba:c2:ac:6a:8b:fd:8d:ca:24:1f:85:2c:61:a4:5b:
f7:b7:53:1b:e2:7e:64:53:27:b9:db:61:12:af:18:
c4:73:9e:c2:e9:cd:89:a2:58:0e:b4:f8:ca:92:ba:
ab:ab:85:85:ac:f3:7e:5f:5f:2a:63:d3:c5:46:a5:
ae:22:8b:76:f2:5f:1c:78:b9:44:c8:96:eb:aa:3a:
49:21:bf:7e:63:56:95:e8:fc:ff:92:1c:04:3e:6f:
c9:86:84:41:79:db:ef:5f:cf:03:33:dd:66:cc:14:
69:b1:23:f3:fb:34:ae:4f:0b:d1:5f:57:08:d3:36:
9d:15:58:d9:bb:d8:56:69:96:3b:65:80:4c:df:49:
5a:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:96:BD:F6:C4:B2:DA:25:65:8D:EA:57:48:78:C6:3E:48:52:1B:37
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/4Za99sSy2iVljepXSHjGPkhSGzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.54.8.0/22
85.31.48.0/22
Signature Algorithm: sha256WithRSAEncryption
05:ac:db:f8:d4:01:f1:26:85:5e:5b:b0:80:1a:b7:84:18:35:
ae:de:61:01:26:80:df:8a:4a:e3:17:03:cb:91:7d:95:18:33:
cd:df:00:83:bd:44:fc:52:5d:dc:69:e3:d4:6f:ff:23:1e:0c:
09:22:c6:10:2c:fa:b9:e2:cf:c5:36:47:5d:38:83:6e:fd:f9:
08:77:7e:4f:78:f3:97:97:d0:1a:bd:2f:20:51:a9:4c:56:a0:
fc:40:5b:7e:ac:2e:bf:05:9d:d1:cc:30:25:6f:ff:84:72:80:
4a:3e:eb:22:f5:95:82:02:3e:b8:90:a1:05:f2:65:79:e9:e0:
9a:6e:19:e5:11:de:1d:48:ae:68:5e:1a:f5:11:e1:4a:d5:90:
b6:02:e2:4f:df:83:b0:6a:fa:85:a5:c9:60:4d:1e:59:06:f1:
99:0e:f7:d7:b2:5c:8e:dd:6c:80:db:9e:06:7a:62:be:dd:5a:
4c:78:97:de:83:ce:e1:d9:f2:05:7a:94:1e:1f:bb:b1:79:9e:
0f:f0:b0:72:2b:31:a7:bf:1f:5e:38:ea:92:62:d6:65:6d:bc:
c6:7d:02:ad:81:50:e2:c5:35:4e:3e:0e:3e:28:8a:bc:2e:e6:
93:70:a2:16:5c:3f:9e:59:ee:06:ec:a6:dd:36:f6:1b:60:ef:
db:0d:a5:6d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVw1VNmNiXqwsJyM8rQiwZUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjMwMTAyMDQ1NTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTk2YmRmNmM0YjJkYTI1NjU4ZGVhNTc0ODc4YzYzZTQ4NTIxYjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoj9EAnV3oBFQHimThJY+GYRx0vF5
3nf5he42wi/VoX+0UzyNPNyDREgnug8YowKMmszxet331nikOSgqTe3s6tq74pxA
wzJVhDTFjhuEcEhHO9/iMQARtwTG1nhhLMUUkjEezpDSsvMQvrnWTYrFjCWw+5TY
q6q6wqxqi/2NyiQfhSxhpFv3t1Mb4n5kUye522ESrxjEc57C6c2JolgOtPjKkrqr
q4WFrPN+X18qY9PFRqWuIot28l8ceLlEyJbrqjpJIb9+Y1aV6Pz/khwEPm/JhoRB
edvvX88DM91mzBRpsSPz+zSuTwvRX1cI0zadFVjZu9hWaZY7ZYBM30la/wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOGWvfbEstolZY3qV0h4xj5IUhs3MB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvNFphOTlzU3kyaVZsamVwWFNIakdQa2hTR3pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCVDYIAwQC
VR8wMA0GCSqGSIb3DQEBCwUAA4IBAQAFrNv41AHxJoVeW7CAGreEGDWu3mEBJoDf
ikrjFwPLkX2VGDPN3wCDvUT8Ul3caePUb/8jHgwJIsYQLPq54s/FNkddOINu/fkI
d35PePOXl9AavS8gUalMVqD8QFt+rC6/BZ3RzDAlb/+EcoBKPusi9ZWCAj64kKEF
8mV56eCabhnlEd4dSK5oXhr1EeFK1ZC2AuJP34OwavqFpclgTR5ZBvGZDvfXslyO
3WyA254GemK+3VpMeJfeg87h2fIFepQeH7uxeZ4P8LByKzGnvx9eOOqSYtZlbbzG
fQKtgVDixTVOPg4+KIq8LuaTcKIWXD+eWe4G7KbdNvYbYO/bDaVt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:17 2024 by rpki-client on console-fra.rpki-client.org