Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/ZJVT2ZmkxDaeYnxzRHe-ZZh2zl8.roa
File: ZJVT2ZmkxDaeYnxzRHe-ZZh2zl8.roa (raw, json)
Hash identifier: bPlWJ1cN6J58X3gIykzxmGJmnUWZyGd7AsGKcjLU1hk=
Subject key identifier: 64:95:53:D9:99:A4:C4:36:9E:62:7C:73:44:77:BE:65:98:76:CE:5F
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 06CBC584
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/ZJVT2ZmkxDaeYnxzRHe-ZZh2zl8.roa
Signing time: Tue 26 Apr 2022 15:52:10 +0000
ROA not before: Tue 26 Apr 2022 15:52:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20688
IP address blocks: 194.35.125.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114017668 (0x6cbc584)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Apr 26 15:52:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=649553d999a4c4369e627c734477be659876ce5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:06:c7:18:7f:20:cc:2a:e9:11:dc:a8:3f:b4:
f3:e0:b0:06:ca:0f:6e:7c:a8:c7:5c:52:9a:63:4c:
44:4b:32:27:ae:b0:18:ad:29:36:85:9a:8b:3e:5c:
5e:6b:9c:f1:52:b1:e3:71:47:e5:8e:0e:d6:9d:b5:
c5:00:a9:d3:cc:8f:d6:dd:31:a3:74:1b:63:62:f8:
69:2e:51:46:e7:31:f0:73:6f:b5:fc:ec:55:bd:42:
61:d2:6d:96:63:1a:31:4d:e1:59:43:c1:26:f5:a6:
23:05:9d:dc:3c:48:dd:22:de:de:52:ae:f8:7b:61:
df:5e:4c:ca:33:a2:fa:48:1d:b4:13:a9:25:f9:05:
b5:94:b8:c2:02:b2:9f:c7:16:d0:a3:bb:dc:9e:f0:
da:a0:08:c7:05:c1:18:41:22:11:e9:24:14:93:88:
40:04:0f:a9:dc:a9:f9:1a:ab:32:f4:8e:58:ee:0b:
e6:96:af:4c:16:57:a0:1b:00:af:ba:34:74:9b:01:
8d:76:1d:70:b4:f5:4a:80:1e:ae:5e:4e:70:9a:8c:
d4:9e:18:a5:1b:59:76:2c:4d:8a:1e:7b:de:b4:d5:
ca:38:f7:a8:f5:39:15:23:da:7d:8a:31:a9:9c:bf:
d7:bb:88:dc:09:ae:60:29:22:9f:70:6c:a8:6f:aa:
26:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:95:53:D9:99:A4:C4:36:9E:62:7C:73:44:77:BE:65:98:76:CE:5F
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/ZJVT2ZmkxDaeYnxzRHe-ZZh2zl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.35.125.0/24
Signature Algorithm: sha256WithRSAEncryption
47:56:f5:cd:ea:d7:3b:1b:66:d0:4d:21:d0:8a:65:2d:5b:f7:
4c:a4:dc:e3:4a:d6:28:9b:e7:47:b7:ad:9b:8b:af:96:35:ec:
3e:4e:82:13:37:3e:83:12:8c:82:a3:3d:b1:e5:cb:7f:30:c6:
18:e1:f5:43:7c:88:dc:53:d2:a1:10:39:55:a1:63:9a:7b:96:
52:9d:d7:e6:16:e4:0a:85:3c:ae:f4:a4:64:ee:6e:02:29:23:
9d:6a:81:33:a8:d7:db:90:ea:da:ee:55:b6:db:7c:f7:35:f2:
4d:4d:bb:db:da:68:0f:ae:5e:be:c6:3f:eb:f2:ce:e6:5e:dd:
4c:db:fe:32:7a:80:6b:61:3c:61:3f:a7:e8:ca:98:2c:63:8f:
3e:48:9a:69:c6:c1:23:ef:35:c1:9d:8a:ab:dd:84:c5:7d:bd:
04:7a:fa:cc:c6:24:af:3c:e0:a2:56:e9:7a:de:8c:33:5f:41:
d8:ee:09:06:92:03:5d:33:7a:8e:01:31:f5:0c:e9:76:2c:6f:
1a:8c:d6:9f:b0:4d:22:72:63:70:e3:22:1e:67:55:5a:56:2f:
66:4d:45:fa:ce:4e:d1:6e:9b:48:e6:fe:a8:34:c5:d4:33:df:
98:ba:61:5a:fe:03:a5:cd:8e:f8:21:c5:31:5d:a9:01:17:c6:
c5:11:fc:1d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBsvFhDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Y2Q3NjE1OWJmZDllMzM3NTIzZWU5MzBmM2RmMTExZDZiYWU3MzA2MB4XDTIyMDQy
NjE1NTIxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjQ5NTUzZDk5OWE0
YzQzNjllNjI3YzczNDQ3N2JlNjU5ODc2Y2U1ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANsGxxh/IMwq6RHcqD+08+CwBsoPbnyox1xSmmNMREsyJ66w
GK0pNoWaiz5cXmuc8VKx43FH5Y4O1p21xQCp08yP1t0xo3QbY2L4aS5RRucx8HNv
tfzsVb1CYdJtlmMaMU3hWUPBJvWmIwWd3DxI3SLe3lKu+Hth315MyjOi+kgdtBOp
JfkFtZS4wgKyn8cW0KO73J7w2qAIxwXBGEEiEekkFJOIQAQPqdyp+RqrMvSOWO4L
5pavTBZXoBsAr7o0dJsBjXYdcLT1SoAerl5OcJqM1J4YpRtZdixNih573rTVyjj3
qPU5FSPafYoxqZy/17uI3AmuYCkin3BsqG+qJgMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRklVPZmaTENp5ifHNEd75lmHbOXzAfBgNVHSMEGDAWgBTM12FZv9njN1I+
6TDz3xEda65zBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pOZGhXYl9aNHpkU1B1a3c4OThSSFd1dWN3WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTAvZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8x
L1pKVlQyWm1reERhZVlueHpSSGUtWlpoMnpsOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTAv
ZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8xL3pOZGhXYl9aNHpk
U1B1a3c4OThSSFd1dWN3WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIjfTANBgkqhkiG9w0BAQsFAAOC
AQEAR1b1zerXOxtm0E0h0IplLVv3TKTc40rWKJvnR7etm4uvljXsPk6CEzc+gxKM
gqM9seXLfzDGGOH1Q3yI3FPSoRA5VaFjmnuWUp3X5hbkCoU8rvSkZO5uAikjnWqB
M6jX25Dq2u5Vttt89zXyTU2729poD65evsY/6/LO5l7dTNv+MnqAa2E8YT+n6MqY
LGOPPkiaacbBI+81wZ2Kq92ExX29BHr6zMYkrzzgolbpet6MM19B2O4JBpIDXTN6
jgEx9QzpdixvGozWn7BNInJjcOMiHmdVWlYvZk1F+s5O0W6bSOb+qDTF1DPfmLph
Wv4Dpc2O+CHFMV2pARfGxRH8HQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:17 2024 by rpki-client on console-fra.rpki-client.org