Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/PIZbjB9DHzsyPdqQEJcsiPDgdDg.roa
File: PIZbjB9DHzsyPdqQEJcsiPDgdDg.roa (raw, json)
Hash identifier: vnOFU15Tq7WoblWaggGDAX1JCFfYz4FoUs4bsUFoOJg=
Subject key identifier: 3C:86:5B:8C:1F:43:1F:3B:32:3D:DA:90:10:97:2C:88:F0:E0:74:38
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 05A841D2
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/PIZbjB9DHzsyPdqQEJcsiPDgdDg.roa
Signing time: Sat 01 Jan 2022 07:57:08 +0000
ROA not before: Sat 01 Jan 2022 07:57:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39548
IP address blocks: 185.68.23.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94912978 (0x5a841d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 1 07:57:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3c865b8c1f431f3b323dda9010972c88f0e07438
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:77:e7:90:5b:aa:bf:cf:4d:af:f1:1a:64:3a:
bd:6d:8b:44:fb:62:fe:78:ce:a6:6c:ac:a2:a1:c2:
62:31:d1:02:61:e9:6d:81:4d:94:e9:b5:2c:0a:58:
6c:fc:3d:07:27:fe:0d:83:ca:11:6e:d7:3c:50:6b:
66:ae:3a:ad:5b:21:1e:3c:99:52:59:a3:e8:46:3d:
92:9b:fa:83:38:40:82:55:44:ac:52:06:6b:c6:90:
38:48:1b:ae:05:af:3a:e6:04:ab:12:37:5d:68:8a:
93:bf:cc:10:9b:90:90:a8:e4:54:7e:45:a4:e6:9a:
b0:fb:52:57:99:c9:89:9e:bf:80:3f:b6:05:5a:1b:
7f:ec:8f:11:da:8c:4e:42:42:e2:60:49:eb:f3:21:
b7:1f:47:30:7a:63:86:9e:72:a0:d2:ad:5d:50:96:
f1:b6:f6:ec:de:23:df:20:0c:1f:f7:ad:b9:3e:ba:
92:db:b0:8b:e9:06:ac:9e:b2:91:6f:e6:56:6a:e8:
99:b1:8e:e2:21:8b:54:50:ad:fe:2b:aa:9f:30:99:
1a:70:aa:d2:c8:dc:46:91:a7:85:ec:6f:e7:d5:1f:
78:6b:31:0d:c0:2c:41:71:86:0b:ab:3c:a1:38:b0:
62:23:d8:c6:4c:1c:5f:e2:ef:2d:f5:db:cf:fb:73:
d6:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:86:5B:8C:1F:43:1F:3B:32:3D:DA:90:10:97:2C:88:F0:E0:74:38
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/PIZbjB9DHzsyPdqQEJcsiPDgdDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.23.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:43:25:18:49:37:ad:3c:4b:65:78:4a:b0:47:59:20:da:42:
41:c8:fa:8f:8c:aa:d9:d0:fb:e0:0a:94:d5:7b:e5:9f:57:c9:
5a:6a:7d:08:96:cd:d6:cf:0f:45:40:c8:59:16:85:3c:4d:3d:
d3:27:31:89:80:5b:c5:45:27:75:da:aa:e4:fc:34:00:a1:11:
dd:ac:36:32:3c:9f:5e:49:4d:a8:df:f3:86:de:aa:90:de:e3:
d1:86:13:ef:0e:60:5e:e9:b3:dc:22:a3:dd:2f:5c:a1:b6:56:
fc:03:61:46:17:21:eb:9a:89:26:23:5b:1f:ba:f0:f2:6f:44:
82:ad:61:6c:f8:86:8c:17:38:c3:da:fa:62:c8:2c:67:1e:95:
16:ae:d3:87:e2:29:4d:6e:2c:eb:34:ef:fe:67:d0:6a:f0:aa:
28:8b:2e:4a:42:d0:cb:37:02:18:00:30:ae:ce:30:d2:bc:ca:
94:3f:e2:1c:bf:b5:5b:ae:e6:c5:27:df:b4:8c:0b:73:94:12:
fa:70:ae:f5:2c:0d:54:25:ac:8e:52:54:22:d2:23:be:f5:0d:
3e:f8:74:38:ec:30:33:a6:6d:47:9c:75:0b:6d:77:10:e8:f8:
20:d2:57:78:51:b1:30:28:87:cd:c6:6b:20:60:16:a1:3a:ec:
b0:ba:ff:62
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBahB0jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Y2Q3NjE1OWJmZDllMzM3NTIzZWU5MzBmM2RmMTExZDZiYWU3MzA2MB4XDTIyMDEw
MTA3NTcwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2M4NjViOGMxZjQz
MWYzYjMyM2RkYTkwMTA5NzJjODhmMGUwNzQzODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALF355Bbqr/PTa/xGmQ6vW2LRPti/njOpmysoqHCYjHRAmHp
bYFNlOm1LApYbPw9Byf+DYPKEW7XPFBrZq46rVshHjyZUlmj6EY9kpv6gzhAglVE
rFIGa8aQOEgbrgWvOuYEqxI3XWiKk7/MEJuQkKjkVH5FpOaasPtSV5nJiZ6/gD+2
BVobf+yPEdqMTkJC4mBJ6/Mhtx9HMHpjhp5yoNKtXVCW8bb27N4j3yAMH/etuT66
ktuwi+kGrJ6ykW/mVmrombGO4iGLVFCt/iuqnzCZGnCq0sjcRpGnhexv59UfeGsx
DcAsQXGGC6s8oTiwYiPYxkwcX+LvLfXbz/tz1ncCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ8hluMH0MfOzI92pAQlyyI8OB0ODAfBgNVHSMEGDAWgBTM12FZv9njN1I+
6TDz3xEda65zBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pOZGhXYl9aNHpkU1B1a3c4OThSSFd1dWN3WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTAvZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8x
L1BJWmJqQjlESHpzeVBkcVFFSmNzaVBEZ2REZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTAv
ZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8xL3pOZGhXYl9aNHpk
U1B1a3c4OThSSFd1dWN3WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALlEFzANBgkqhkiG9w0BAQsFAAOC
AQEAikMlGEk3rTxLZXhKsEdZINpCQcj6j4yq2dD74AqU1Xvln1fJWmp9CJbN1s8P
RUDIWRaFPE090ycxiYBbxUUnddqq5Pw0AKER3aw2MjyfXklNqN/zht6qkN7j0YYT
7w5gXumz3CKj3S9cobZW/ANhRhch65qJJiNbH7rw8m9Egq1hbPiGjBc4w9r6Ysgs
Zx6VFq7Th+IpTW4s6zTv/mfQavCqKIsuSkLQyzcCGAAwrs4w0rzKlD/iHL+1W67m
xSfftIwLc5QS+nCu9SwNVCWsjlJUItIjvvUNPvh0OOwwM6ZtR5x1C213EOj4INJX
eFGxMCiHzcZrIGAWoTrssLr/Yg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:46 2024 by rpki-client on console-ams.rpki-client.org