Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/QzJo18yfHCICH81OFJ0oejDsVLc.roa
File: QzJo18yfHCICH81OFJ0oejDsVLc.roa (raw, json)
Hash identifier: VC91B+yYe91DGYDDb7TokSfAN5dALiqXWMttldfffkc=
Subject key identifier: 43:32:68:D7:CC:9F:1C:22:02:1F:CD:4E:14:9D:28:7A:30:EC:54:B7
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 05A263E5
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/QzJo18yfHCICH81OFJ0oejDsVLc.roa
Signing time: Sat 01 Jan 2022 07:57:05 +0000
ROA not before: Sat 01 Jan 2022 07:57:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12722
IP address blocks: 185.21.140.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94528485 (0x5a263e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 1 07:57:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=433268d7cc9f1c22021fcd4e149d287a30ec54b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:3b:44:94:7f:1c:b0:c7:23:37:e3:10:3c:91:
d3:cf:43:dd:db:a0:7d:b4:2e:a7:aa:f7:44:2b:0d:
78:fb:3d:68:52:36:90:77:88:80:3b:76:6c:b5:3c:
50:57:ae:3d:77:d5:56:63:4c:19:ab:18:c4:d7:98:
e8:81:5c:97:cf:7b:dc:8e:9e:22:b2:e2:78:19:28:
c5:04:1c:bf:3e:9e:fa:cf:e2:90:3f:fc:27:6f:d3:
7c:10:15:64:28:de:a2:77:d5:ce:e1:c1:11:10:d3:
8f:a6:33:7d:e5:2f:c6:fd:4f:5f:57:e6:00:cb:f7:
2a:0c:f0:aa:37:c4:3f:61:72:00:28:af:7a:60:a9:
e0:bd:81:e0:09:f8:66:da:ae:91:d9:a5:92:1a:9a:
30:28:89:2e:e5:57:18:d2:ea:a9:92:b1:d8:3d:15:
b4:03:ec:8b:75:6d:b2:07:30:a1:5e:05:27:8f:5f:
9e:b0:29:67:c3:ae:6c:13:14:20:e8:68:7d:a1:27:
25:34:ff:b6:a6:e7:a1:4a:31:b8:db:4b:c1:10:55:
a8:92:75:a4:33:8f:2f:cc:fb:78:11:85:79:29:03:
cc:49:7d:43:c7:cf:83:22:8f:6b:a1:6e:49:ae:73:
2b:0a:10:ea:5a:59:ea:c5:91:a4:07:62:4a:80:50:
1a:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:32:68:D7:CC:9F:1C:22:02:1F:CD:4E:14:9D:28:7A:30:EC:54:B7
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/QzJo18yfHCICH81OFJ0oejDsVLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.140.0/24
Signature Algorithm: sha256WithRSAEncryption
d5:36:11:82:e7:b7:e6:7c:77:fd:66:f4:75:e8:0b:db:f3:c3:
86:b2:05:fa:e9:29:fb:79:ff:89:4a:33:07:9e:a1:53:74:34:
b9:92:78:12:89:82:cb:36:7e:7d:d1:aa:e0:32:80:22:7f:49:
8d:3b:28:b7:11:37:e7:af:1f:6e:e0:cb:a1:eb:7b:7d:62:eb:
5a:a6:ee:36:4b:8c:d5:0c:87:b7:d0:1f:e2:51:44:01:58:64:
93:c2:20:2a:6a:f7:36:37:23:5d:35:a3:1e:26:e6:f5:6e:d9:
fa:be:da:95:69:f7:4e:14:23:52:7c:d1:74:30:37:a2:5e:48:
ba:1a:b0:30:57:c2:9b:88:35:50:ca:9f:11:07:13:77:8b:29:
9a:3c:be:d6:19:b4:7c:6b:cd:b0:a8:db:e8:1c:20:8b:53:5e:
63:87:8a:ca:b0:9c:ed:90:82:d8:84:52:63:fe:a9:88:d6:59:
9b:e9:52:86:da:ca:db:09:84:5d:48:7f:72:27:96:71:ea:65:
49:3d:48:14:02:48:37:c2:41:84:e5:02:c2:a4:b2:dd:b8:92:
7b:9e:0a:9d:f4:9b:ba:12:44:26:09:50:29:28:53:df:9f:28:
6a:39:39:ab:9a:69:1c:46:d9:b3:79:dc:e6:fd:98:50:4d:6a:
f8:a3:cb:1b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBaJj5TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Y2Q3NjE1OWJmZDllMzM3NTIzZWU5MzBmM2RmMTExZDZiYWU3MzA2MB4XDTIyMDEw
MTA3NTcwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDMzMjY4ZDdjYzlm
MWMyMjAyMWZjZDRlMTQ5ZDI4N2EzMGVjNTRiNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKs7RJR/HLDHIzfjEDyR089D3dugfbQup6r3RCsNePs9aFI2
kHeIgDt2bLU8UFeuPXfVVmNMGasYxNeY6IFcl8973I6eIrLieBkoxQQcvz6e+s/i
kD/8J2/TfBAVZCjeonfVzuHBERDTj6YzfeUvxv1PX1fmAMv3KgzwqjfEP2FyACiv
emCp4L2B4An4ZtqukdmlkhqaMCiJLuVXGNLqqZKx2D0VtAPsi3VtsgcwoV4FJ49f
nrApZ8OubBMUIOhofaEnJTT/tqbnoUoxuNtLwRBVqJJ1pDOPL8z7eBGFeSkDzEl9
Q8fPgyKPa6FuSa5zKwoQ6lpZ6sWRpAdiSoBQGpECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRDMmjXzJ8cIgIfzU4UnSh6MOxUtzAfBgNVHSMEGDAWgBTM12FZv9njN1I+
6TDz3xEda65zBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pOZGhXYl9aNHpkU1B1a3c4OThSSFd1dWN3WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTAvZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8x
L1F6Sm8xOHlmSENJQ0g4MU9GSjBvZWpEc1ZMYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTAv
ZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8xL3pOZGhXYl9aNHpk
U1B1a3c4OThSSFd1dWN3WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALkVjDANBgkqhkiG9w0BAQsFAAOC
AQEA1TYRgue35nx3/Wb0degL2/PDhrIF+ukp+3n/iUozB56hU3Q0uZJ4EomCyzZ+
fdGq4DKAIn9JjTsotxE3568fbuDLoet7fWLrWqbuNkuM1QyHt9Af4lFEAVhkk8Ig
Kmr3NjcjXTWjHibm9W7Z+r7alWn3ThQjUnzRdDA3ol5IuhqwMFfCm4g1UMqfEQcT
d4spmjy+1hm0fGvNsKjb6Bwgi1NeY4eKyrCc7ZCC2IRSY/6piNZZm+lShtrK2wmE
XUh/cieWceplST1IFAJIN8JBhOUCwqSy3biSe54KnfSbuhJEJglQKShT358oajk5
q5ppHEbZs3nc5v2YUE1q+KPLGw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:17 2024 by rpki-client on console-fra.rpki-client.org