Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/hzCfKc9xwZQ1d3yM7o8kjMBil-8.roa
File: hzCfKc9xwZQ1d3yM7o8kjMBil-8.roa (raw, json)
Hash identifier: tP8VyDWCB0Mku9nCBDdM+8mEmJqlGxyjHllEGCIp26w=
Subject key identifier: 87:30:9F:29:CF:71:C1:94:35:77:7C:8C:EE:8F:24:8C:C0:62:97:EF
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 05A47181
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/hzCfKc9xwZQ1d3yM7o8kjMBil-8.roa
Signing time: Sat 01 Jan 2022 07:57:07 +0000
ROA not before: Sat 01 Jan 2022 07:57:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 27176
IP address blocks: 85.31.48.0/22 maxlen: 22
84.54.8.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94663041 (0x5a47181)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 1 07:57:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=87309f29cf71c19435777c8cee8f248cc06297ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d6:80:ca:44:8f:24:5f:6f:58:be:e3:6c:b0:
1e:79:81:b0:1b:2e:df:f6:a4:40:d5:40:ac:0b:5c:
69:28:a7:f0:e0:16:6f:a5:b7:b0:62:6f:11:ee:78:
3e:7a:f7:9d:07:f7:8c:6d:0e:8e:69:be:6e:03:1d:
6d:3a:dd:28:3a:7a:68:66:56:07:60:4f:a1:e2:a8:
73:10:8d:ae:52:6e:6f:94:51:17:7a:62:f6:b7:34:
73:57:18:cf:68:aa:2a:ea:97:29:01:f5:db:27:32:
4e:20:f6:57:45:58:4e:e3:54:4b:fa:ed:d7:56:a5:
cd:d1:77:15:5b:80:be:85:c5:3b:d5:61:dd:ee:67:
d0:69:5f:30:26:82:89:d4:0e:8e:29:4d:d2:4d:39:
9f:22:ad:28:06:12:7a:d8:fc:f0:05:48:57:ea:7f:
ca:a6:aa:97:93:76:6f:e8:01:71:d5:61:4f:b7:c0:
8a:d9:a1:2b:13:5b:79:ae:e5:22:92:0c:fd:0d:cb:
41:81:59:ba:34:9c:c1:60:0d:aa:9a:33:99:db:f9:
7b:d4:46:3f:1c:76:92:f9:7d:08:3b:cb:5f:f3:03:
38:cf:88:6e:9a:f5:af:2a:fe:37:d4:28:30:81:fc:
87:4c:81:51:e2:c7:2b:62:b7:32:df:d1:0a:75:43:
67:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:30:9F:29:CF:71:C1:94:35:77:7C:8C:EE:8F:24:8C:C0:62:97:EF
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/hzCfKc9xwZQ1d3yM7o8kjMBil-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.54.8.0/22
85.31.48.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:18:c5:3d:7a:63:30:1e:e4:87:c8:dd:a6:47:d6:5c:7d:1c:
a1:c6:ff:74:e9:f7:6f:e1:ae:71:de:6e:e5:9f:48:ac:b9:ac:
ff:1d:c6:40:3d:4f:7f:ba:ea:08:c3:86:ce:80:60:5b:75:be:
6c:ae:49:c2:9c:db:96:30:5d:cd:70:bd:42:90:04:52:95:0a:
af:62:1c:e1:1f:a5:1d:77:e7:22:0f:ff:d1:71:76:a6:86:37:
4d:18:c9:38:04:99:e6:bb:c6:2d:a1:6d:de:22:c4:74:22:fe:
89:f2:78:83:2e:50:7b:01:e0:ee:65:0c:ba:11:3a:9c:b1:bc:
c8:1d:a4:6d:37:c9:90:0f:3f:f9:b7:04:3e:20:8e:7e:ae:29:
69:b0:14:eb:ad:5d:09:da:49:80:92:ee:f1:b7:bc:b8:78:2c:
04:07:ec:87:98:fb:20:4f:26:b4:bf:11:53:6c:79:9b:8a:96:
d7:4c:9f:bc:c4:7f:10:e8:e5:bc:1d:18:28:bf:19:e1:40:fc:
64:5b:5d:87:d3:73:05:99:b1:cc:7c:74:b3:c7:fd:11:2c:65:
a4:c5:c8:46:95:61:02:32:b9:19:6b:93:2d:f7:da:d6:af:08:
5d:4c:cd:32:05:d2:be:49:65:33:88:bb:f6:24:1b:ec:38:e3:
61:fc:c8:87
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBaRxgTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Y2Q3NjE1OWJmZDllMzM3NTIzZWU5MzBmM2RmMTExZDZiYWU3MzA2MB4XDTIyMDEw
MTA3NTcwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODczMDlmMjljZjcx
YzE5NDM1Nzc3YzhjZWU4ZjI0OGNjMDYyOTdlZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKLWgMpEjyRfb1i+42ywHnmBsBsu3/akQNVArAtcaSin8OAW
b6W3sGJvEe54Pnr3nQf3jG0Ojmm+bgMdbTrdKDp6aGZWB2BPoeKocxCNrlJub5RR
F3pi9rc0c1cYz2iqKuqXKQH12ycyTiD2V0VYTuNUS/rt11alzdF3FVuAvoXFO9Vh
3e5n0GlfMCaCidQOjilN0k05nyKtKAYSetj88AVIV+p/yqaql5N2b+gBcdVhT7fA
itmhKxNbea7lIpIM/Q3LQYFZujScwWANqpozmdv5e9RGPxx2kvl9CDvLX/MDOM+I
bpr1ryr+N9QoMIH8h0yBUeLHK2K3Mt/RCnVDZ3ECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSHMJ8pz3HBlDV3fIzujySMwGKX7zAfBgNVHSMEGDAWgBTM12FZv9njN1I+
6TDz3xEda65zBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pOZGhXYl9aNHpkU1B1a3c4OThSSFd1dWN3WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTAvZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8x
L2h6Q2ZLYzl4d1pRMWQzeU03bzhrak1CaWwtOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTAv
ZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8xL3pOZGhXYl9aNHpk
U1B1a3c4OThSSFd1dWN3WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAlQ2CAMEAlUfMDANBgkqhkiG9w0B
AQsFAAOCAQEAHhjFPXpjMB7kh8jdpkfWXH0cocb/dOn3b+Gucd5u5Z9IrLms/x3G
QD1Pf7rqCMOGzoBgW3W+bK5JwpzbljBdzXC9QpAEUpUKr2Ic4R+lHXfnIg//0XF2
poY3TRjJOASZ5rvGLaFt3iLEdCL+ifJ4gy5QewHg7mUMuhE6nLG8yB2kbTfJkA8/
+bcEPiCOfq4pabAU661dCdpJgJLu8be8uHgsBAfsh5j7IE8mtL8RU2x5m4qW10yf
vMR/EOjlvB0YKL8Z4UD8ZFtdh9NzBZmxzHx0s8f9ESxlpMXIRpVhAjK5GWuTLffa
1q8IXUzNMgXSvkllM4i79iQb7DjjYfzIhw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:46 2024 by rpki-client on console-ams.rpki-client.org