Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/FOsRmj2UHtEiuHxGhDzYm9IqDKg.roa
File: FOsRmj2UHtEiuHxGhDzYm9IqDKg.roa (raw, json)
Hash identifier: iGSw2N+WWf3IRMfiBEXm1O0rdX0X0xvaEGix7ICIS34=
Subject key identifier: 14:EB:11:9A:3D:94:1E:D1:22:B8:7C:46:84:3C:D8:9B:D2:2A:0C:A8
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 05A0839F
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/FOsRmj2UHtEiuHxGhDzYm9IqDKg.roa
Signing time: Sat 01 Jan 2022 07:57:04 +0000
ROA not before: Sat 01 Jan 2022 07:57:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 174
IP address blocks: 213.166.76.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94405535 (0x5a0839f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 1 07:57:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=14eb119a3d941ed122b87c46843cd89bd22a0ca8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:03:25:7e:45:8a:b3:f6:61:37:da:56:0f:bf:
0b:5b:b4:a1:e7:91:89:08:ef:af:70:54:5f:c9:5c:
09:5b:f7:50:e2:cd:ee:7b:41:15:08:ac:28:ec:1c:
14:6c:eb:3c:04:e5:a1:0d:21:3e:9b:81:ae:10:54:
ab:c6:35:96:ee:ea:b7:2e:7f:35:09:a0:b8:01:21:
4a:74:4c:26:21:49:00:ed:8e:97:63:29:b2:39:f4:
63:ab:38:c5:86:9f:28:ea:c3:b9:f5:76:02:14:82:
f2:fd:de:a7:89:f6:ec:9e:77:b2:b3:c3:63:ef:1b:
8b:da:79:95:40:05:ac:9e:6d:01:34:90:a4:e4:af:
af:6f:05:34:fe:68:4a:e2:69:e3:db:32:b8:5a:6f:
4a:ed:a8:2e:62:6b:ed:ac:eb:a8:d3:10:b5:92:3e:
ad:92:32:d9:d8:61:07:c2:79:f6:9c:a0:17:69:57:
45:6f:de:a8:25:d6:98:7b:62:0d:df:69:8d:8b:7d:
4c:b5:78:72:48:19:1e:27:9c:b4:a4:82:ff:12:25:
fc:9f:b7:38:24:a2:ed:c7:01:3d:c8:a2:b4:1c:d9:
e1:ea:4e:61:12:14:83:54:5c:3b:02:80:44:a0:34:
90:cb:87:7f:dd:c0:a8:1d:c5:d8:fc:34:db:f7:65:
c6:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:EB:11:9A:3D:94:1E:D1:22:B8:7C:46:84:3C:D8:9B:D2:2A:0C:A8
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/FOsRmj2UHtEiuHxGhDzYm9IqDKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.166.76.0/22
Signature Algorithm: sha256WithRSAEncryption
95:fb:4f:f3:87:65:75:51:72:c7:54:4f:82:b2:6b:e8:78:88:
03:81:db:65:fc:6a:3a:78:ef:d7:c3:7c:cf:b0:15:5e:27:d9:
8c:f1:ac:66:17:f9:54:8f:2e:89:72:ae:ce:09:1b:f6:25:be:
3d:13:58:f5:1a:8b:32:21:fd:be:00:e7:c9:b9:7d:68:7e:28:
98:50:60:40:17:89:c1:71:f1:cb:5b:70:c9:a2:ed:63:c9:29:
02:f1:d0:da:fa:e8:e4:62:a2:f1:87:d3:08:50:11:49:6a:1a:
9f:97:1a:42:be:d9:c2:d3:04:21:e8:a9:52:38:b3:79:20:76:
0e:2e:24:57:4a:30:f2:94:75:36:e5:4e:a5:42:48:6d:5a:23:
e3:d6:7a:67:de:1d:ad:26:16:74:d3:49:fc:6e:80:0b:cb:65:
24:28:df:fc:35:73:4b:87:d1:19:fa:e6:cd:d9:83:3d:10:f5:
7a:cc:b5:47:c2:44:2b:c2:f1:db:50:50:f6:62:22:ea:02:09:
5b:31:b8:05:9f:26:06:7f:e4:fc:33:c3:ba:34:9e:20:4c:76:
81:e9:e9:e5:e2:1b:c8:8c:c1:74:6a:fc:10:1a:e9:ae:5e:85:
b8:16:ea:31:5f:bf:ce:87:f5:a3:57:d6:0f:eb:69:94:1a:44:
8b:5a:bf:80
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBaCDnzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Y2Q3NjE1OWJmZDllMzM3NTIzZWU5MzBmM2RmMTExZDZiYWU3MzA2MB4XDTIyMDEw
MTA3NTcwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTRlYjExOWEzZDk0
MWVkMTIyYjg3YzQ2ODQzY2Q4OWJkMjJhMGNhODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOoDJX5FirP2YTfaVg+/C1u0oeeRiQjvr3BUX8lcCVv3UOLN
7ntBFQisKOwcFGzrPATloQ0hPpuBrhBUq8Y1lu7qty5/NQmguAEhSnRMJiFJAO2O
l2Mpsjn0Y6s4xYafKOrDufV2AhSC8v3ep4n27J53srPDY+8bi9p5lUAFrJ5tATSQ
pOSvr28FNP5oSuJp49syuFpvSu2oLmJr7azrqNMQtZI+rZIy2dhhB8J59pygF2lX
RW/eqCXWmHtiDd9pjYt9TLV4ckgZHiectKSC/xIl/J+3OCSi7ccBPciitBzZ4epO
YRIUg1RcOwKARKA0kMuHf93AqB3F2Pw02/dlxhsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQU6xGaPZQe0SK4fEaEPNib0ioMqDAfBgNVHSMEGDAWgBTM12FZv9njN1I+
6TDz3xEda65zBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pOZGhXYl9aNHpkU1B1a3c4OThSSFd1dWN3WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTAvZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8x
L0ZPc1JtajJVSHRFaXVIeEdoRHpZbTlJcURLZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTAv
ZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8xL3pOZGhXYl9aNHpk
U1B1a3c4OThSSFd1dWN3WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtWmTDANBgkqhkiG9w0BAQsFAAOC
AQEAlftP84dldVFyx1RPgrJr6HiIA4HbZfxqOnjv18N8z7AVXifZjPGsZhf5VI8u
iXKuzgkb9iW+PRNY9RqLMiH9vgDnybl9aH4omFBgQBeJwXHxy1twyaLtY8kpAvHQ
2vro5GKi8YfTCFARSWoan5caQr7ZwtMEIeipUjizeSB2Di4kV0ow8pR1NuVOpUJI
bVoj49Z6Z94drSYWdNNJ/G6AC8tlJCjf/DVzS4fRGfrmzdmDPRD1esy1R8JEK8Lx
21BQ9mIi6gIJWzG4BZ8mBn/k/DPDujSeIEx2genp5eIbyIzBdGr8EBrprl6FuBbq
MV+/zof1o1fWD+tplBpEi1q/gA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:46 2024 by rpki-client on console-ams.rpki-client.org