Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/80OhFw26NycfOdRGOUQt7M1c7ss.roa
File: 80OhFw26NycfOdRGOUQt7M1c7ss.roa (raw, json)
Hash identifier: V2U6YZWUBudvZpTdbeZJnoNLgc9hYL8Qefh9meF9icc=
Subject key identifier: F3:43:A1:17:0D:BA:37:27:1F:39:D4:46:39:44:2D:EC:CD:5C:EE:CB
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 0182587F34FB4357E97BB16E0FC65EDC30E6
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/80OhFw26NycfOdRGOUQt7M1c7ss.roa
Signing time: Mon 01 Aug 2022 08:21:47 +0000
ROA not before: Mon 01 Aug 2022 08:21:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 185.191.34.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:58:7f:34:fb:43:57:e9:7b:b1:6e:0f:c6:5e:dc:30:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Aug 1 08:21:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f343a1170dba37271f39d44639442deccd5ceecb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:30:b8:38:30:2e:1d:97:d2:98:aa:8f:c5:fe:
89:66:4e:21:5b:6d:8e:8a:01:ad:0a:af:cc:0a:17:
f2:32:30:79:11:17:c7:cd:28:5c:f6:df:8a:c6:3b:
2b:4e:f6:de:66:b3:2e:b0:03:1b:7c:ad:0b:32:8b:
80:39:0a:b6:ad:e0:73:8a:3d:e9:03:f7:77:ec:d6:
4f:ae:85:db:6d:ad:57:22:f8:25:bc:6b:c8:e5:1c:
f1:1f:9c:2a:89:00:a2:1b:5c:df:36:a8:67:cf:dd:
3f:d4:22:e0:f8:ec:09:1e:a2:ed:05:98:b6:8b:6f:
9d:5a:d0:86:22:0c:a9:83:fb:c8:ba:d0:59:5b:62:
8e:03:77:52:55:d0:33:04:c3:e0:97:84:1d:90:b4:
4f:cd:13:f2:c8:8c:a5:33:0f:43:1c:c5:d7:8f:49:
e3:88:e2:4a:d8:c8:70:19:b5:c9:98:af:fd:c1:b8:
ab:40:5d:e6:66:b9:44:0d:9d:9f:4a:c6:ac:bf:5d:
78:97:71:0d:b2:22:9a:7c:a1:fe:98:20:bd:58:d8:
c5:81:25:9f:7b:29:e4:3b:74:ed:13:d9:22:57:e3:
81:b8:35:d8:d3:6f:b9:51:a3:80:bf:2d:b8:36:d1:
36:4e:c3:13:fb:21:ef:1d:c8:b3:3d:23:bf:06:83:
22:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:43:A1:17:0D:BA:37:27:1F:39:D4:46:39:44:2D:EC:CD:5C:EE:CB
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/80OhFw26NycfOdRGOUQt7M1c7ss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.191.34.0/23
Signature Algorithm: sha256WithRSAEncryption
09:f0:10:e4:1d:d2:5e:e8:01:d2:48:34:23:68:53:1e:63:61:
09:7b:51:e4:a1:60:2c:fc:ff:ce:f4:dc:99:0a:72:9f:6d:df:
32:f6:4f:ee:d6:55:d5:b1:cc:95:5a:4c:ce:e3:c5:0d:6c:83:
57:4d:0c:5e:14:4e:28:1d:99:5f:3f:89:2e:1a:b7:91:e4:bb:
3f:65:dd:a4:7e:c9:e3:59:78:4f:54:dd:03:74:1f:3b:73:69:
b2:b7:11:95:d3:fe:78:e1:dd:e1:6a:26:99:89:2a:ea:0e:d9:
2f:eb:59:a1:a6:dc:06:fb:bb:8f:a9:e0:da:8e:9f:85:b7:41:
51:49:3f:bc:4a:e4:08:7f:44:44:c6:d8:87:aa:99:41:25:9f:
42:71:bb:33:bd:b7:36:24:60:88:cb:28:92:71:c9:2c:8b:00:
a6:a5:0e:51:5b:c4:62:2c:9a:06:ec:24:9a:f4:34:3b:32:e5:
3e:a0:bb:42:b9:ec:16:a1:12:39:35:0f:82:fd:7b:62:2d:ed:
6a:7a:bd:0f:90:c4:32:cd:ad:f5:a8:81:f5:d7:7b:63:a0:fd:
27:fb:94:55:1c:3d:6c:d2:f2:12:77:f7:9a:22:50:a9:14:b9:
4d:61:bc:a2:82:0e:56:e5:cd:c6:af:8d:98:c3:92:4e:5e:b5:
c4:fe:e9:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJYfzT7Q1fpe7FuD8Ze3DDmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjIwODAxMDgyMTQ3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzQzYTExNzBkYmEzNzI3MWYzOWQ0NDYzOTQ0MmRlY2NkNWNlZWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDC4ODAuHZfSmKqPxf6JZk4hW22O
igGtCq/MChfyMjB5ERfHzShc9t+KxjsrTvbeZrMusAMbfK0LMouAOQq2reBzij3p
A/d37NZProXbba1XIvglvGvI5RzxH5wqiQCiG1zfNqhnz90/1CLg+OwJHqLtBZi2
i2+dWtCGIgypg/vIutBZW2KOA3dSVdAzBMPgl4QdkLRPzRPyyIylMw9DHMXXj0nj
iOJK2MhwGbXJmK/9wbirQF3mZrlEDZ2fSsasv114l3ENsiKafKH+mCC9WNjFgSWf
eynkO3TtE9kiV+OBuDXY02+5UaOAvy24NtE2TsMT+yHvHcizPSO/BoMiZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPNDoRcNujcnHznURjlELezNXO7LMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvODBPaEZ3MjZOeWNmT2RSR09VUXQ3TTFjN3NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBub8iMA0G
CSqGSIb3DQEBCwUAA4IBAQAJ8BDkHdJe6AHSSDQjaFMeY2EJe1HkoWAs/P/O9NyZ
CnKfbd8y9k/u1lXVscyVWkzO48UNbINXTQxeFE4oHZlfP4kuGreR5Ls/Zd2kfsnj
WXhPVN0DdB87c2mytxGV0/544d3haiaZiSrqDtkv61mhptwG+7uPqeDajp+Ft0FR
ST+8SuQIf0RExtiHqplBJZ9Ccbszvbc2JGCIyyiSccksiwCmpQ5RW8RiLJoG7CSa
9DQ7MuU+oLtCuewWoRI5NQ+C/XtiLe1qer0PkMQyza31qIH113tjoP0n+5RVHD1s
0vISd/eaIlCpFLlNYbyigg5W5c3Gr42Yw5JOXrXE/um6
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:11 2023 by rpki-client on console-fra.rpki-client.org