Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/Yz_kkd04hQ6H8KrafnahtiO42_Y.roa
File: Yz_kkd04hQ6H8KrafnahtiO42_Y.roa (raw, json)
Hash identifier: bSJay04shrjN1kicy5HtxpabTCzWygdi/BEUIkwbt6E=
Subject key identifier: 63:3F:E4:91:DD:38:85:0E:87:F0:AA:DA:7E:76:A1:B6:23:B8:DB:F6
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 018964895A6585455086180BE4FF48D5BE94
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/Yz_kkd04hQ6H8KrafnahtiO42_Y.roa
Signing time: Mon 17 Jul 2023 15:47:50 +0000
ROA not before: Mon 17 Jul 2023 15:47:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48031
IP address blocks: 81.22.45.0/24 maxlen: 24
194.59.246.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:64:89:5a:65:85:45:50:86:18:0b:e4:ff:48:d5:be:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jul 17 15:47:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=633fe491dd38850e87f0aada7e76a1b623b8dbf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:7a:de:57:3f:c0:27:18:a0:0c:28:6d:77:87:
d9:95:b9:28:51:50:ec:4d:da:c3:b1:a8:b4:a8:5b:
6e:74:b6:3f:c3:d5:ae:d2:3d:cb:a7:c9:39:02:77:
ca:67:a6:7c:30:f2:bc:09:c2:2c:de:f4:e5:69:69:
6c:e3:dd:07:3e:9a:25:e5:eb:e8:9d:db:e8:33:b4:
21:d5:af:4d:6d:3c:74:ee:fe:09:34:e3:72:c7:90:
3f:58:37:e9:24:00:fb:ba:0c:73:88:c5:90:c8:d7:
cc:f2:1e:1a:2a:fd:2e:4d:16:25:00:fa:ea:93:8b:
68:3a:e8:33:a1:af:5e:ef:de:ca:70:0c:0e:ab:e2:
1c:63:77:4e:40:e6:3b:b0:35:2e:75:36:37:c4:35:
80:25:b4:11:bd:79:e4:1f:ea:0f:8a:a4:d5:cb:d8:
2d:65:03:63:85:8e:64:b8:f8:4c:3d:85:44:3a:d7:
33:43:1f:ce:d1:c6:1c:0a:b2:72:60:69:4e:bf:f1:
b1:51:77:02:6d:b4:1a:b2:21:0a:6d:0c:34:ad:46:
25:af:ac:e2:7b:f5:b6:c5:cf:94:2e:60:26:36:f8:
49:56:7b:9c:c5:ee:53:6d:94:b2:21:9e:fe:69:91:
91:4c:60:fe:19:f2:87:5e:6a:61:6c:31:31:68:76:
3a:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:3F:E4:91:DD:38:85:0E:87:F0:AA:DA:7E:76:A1:B6:23:B8:DB:F6
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/Yz_kkd04hQ6H8KrafnahtiO42_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.45.0/24
194.59.246.0/24
Signature Algorithm: sha256WithRSAEncryption
87:a9:49:46:ce:97:be:14:88:36:08:93:8e:5f:3b:95:89:62:
83:eb:e8:9d:6b:e3:fa:b3:70:bd:21:db:e1:65:a4:77:da:ac:
53:b2:06:3f:6e:ac:a4:c1:b3:6a:40:72:5c:36:d3:2c:34:ac:
4c:d1:4f:ce:37:ed:f6:a7:6f:9e:c3:c8:44:cf:9d:04:96:67:
83:5d:f5:c8:14:60:0b:1e:0b:e0:83:6c:0d:03:57:ee:30:3c:
2f:0b:aa:65:94:51:02:3d:5a:c4:68:26:39:3e:57:df:ca:48:
95:43:ba:7f:f7:2b:a6:d4:4c:57:21:bd:42:db:5d:1c:e2:ba:
ee:df:5c:78:77:5a:ca:1b:3e:1b:95:ce:db:f6:22:f5:86:60:
04:bc:81:07:ef:e9:c9:56:72:8b:ce:92:65:75:ed:92:e4:a4:
8c:a4:19:3d:39:8b:51:9f:54:8f:19:45:46:5a:34:d3:08:c7:
ff:b5:c7:b2:b8:2d:f4:cd:85:6b:2b:81:9e:95:93:67:e2:e9:
64:7f:23:f4:eb:e0:75:95:97:f2:25:2b:ed:65:fd:b6:91:7f:
ab:86:4d:14:af:31:e6:05:44:af:3c:18:58:b9:6c:6f:ef:74:
cf:5c:c1:0b:84:86:19:df:dd:2b:b9:8e:62:b5:f2:df:ba:ad:
ea:5c:6f:0b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYlkiVplhUVQhhgL5P9I1b6UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjMwNzE3MTU0NzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzNmZTQ5MWRkMzg4NTBlODdmMGFhZGE3ZTc2YTFiNjIzYjhkYmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunreVz/AJxigDChtd4fZlbkoUVDs
TdrDsai0qFtudLY/w9Wu0j3Lp8k5AnfKZ6Z8MPK8CcIs3vTlaWls490HPpol5evo
ndvoM7Qh1a9NbTx07v4JNONyx5A/WDfpJAD7ugxziMWQyNfM8h4aKv0uTRYlAPrq
k4toOugzoa9e797KcAwOq+IcY3dOQOY7sDUudTY3xDWAJbQRvXnkH+oPiqTVy9gt
ZQNjhY5kuPhMPYVEOtczQx/O0cYcCrJyYGlOv/GxUXcCbbQasiEKbQw0rUYlr6zi
e/W2xc+ULmAmNvhJVnucxe5TbZSyIZ7+aZGRTGD+GfKHXmphbDExaHY6cQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGM/5JHdOIUOh/Cq2n52obYjuNv2MB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvWXpfa2tkMDRoUTZIOEtyYWZuYWh0aU80Ml9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAURYtAwQA
wjv2MA0GCSqGSIb3DQEBCwUAA4IBAQCHqUlGzpe+FIg2CJOOXzuViWKD6+ida+P6
s3C9IdvhZaR32qxTsgY/bqykwbNqQHJcNtMsNKxM0U/ON+32p2+ew8hEz50ElmeD
XfXIFGALHgvgg2wNA1fuMDwvC6pllFECPVrEaCY5PlffykiVQ7p/9yum1ExXIb1C
210c4rru31x4d1rKGz4blc7b9iL1hmAEvIEH7+nJVnKLzpJlde2S5KSMpBk9OYtR
n1SPGUVGWjTTCMf/tceyuC30zYVrK4GelZNn4ulkfyP06+B1lZfyJSvtZf22kX+r
hk0UrzHmBUSvPBhYuWxv73TPXMELhIYZ390ruY5itfLfuq3qXG8L
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:17 2024 by rpki-client on console-fra.rpki-client.org