Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/ZtS8Sv_aFG6ZAhU73zycYnShp5s.roa
File: ZtS8Sv_aFG6ZAhU73zycYnShp5s.roa (raw, json)
Hash identifier: IkUisShyCD1pdkri/lTqkXpSuA/RsEOOufxX35hp1s8=
Subject key identifier: 66:D4:BC:4A:FF:DA:14:6E:99:02:15:3B:DF:3C:9C:62:74:A1:A7:9B
Certificate issuer: /CN=7d7b4bcabeb29605ea511de973e4675c4b8a29df
Certificate serial: 01857082B7405BBB85F6FC5B929A2400EEB4
Authority key identifier: 7D:7B:4B:CA:BE:B2:96:05:EA:51:1D:E9:73:E4:67:5C:4B:8A:29:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fXtLyr6ylgXqUR3pc-RnXEuKKd8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/ZtS8Sv_aFG6ZAhU73zycYnShp5s.roa
Signing time: Mon 02 Jan 2023 03:24:52 +0000
ROA not before: Mon 02 Jan 2023 03:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204554
IP address blocks: 85.187.215.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:b7:40:5b:bb:85:f6:fc:5b:92:9a:24:00:ee:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d7b4bcabeb29605ea511de973e4675c4b8a29df
Validity
Not Before: Jan 2 03:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=66d4bc4affda146e9902153bdf3c9c6274a1a79b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:53:71:e7:e2:13:70:62:4e:98:b7:0e:34:25:
fd:cc:82:68:19:05:5b:13:85:dc:10:29:f7:4f:8f:
a1:39:55:54:c3:1d:cf:2a:14:d4:aa:f2:b7:09:88:
b9:57:b4:e5:d8:43:2f:96:c8:3d:90:25:d5:0a:20:
8b:3b:c5:0f:5b:3a:11:fd:e2:3c:ab:48:a7:43:6f:
57:de:88:ea:52:86:9e:4c:3a:45:87:80:a2:00:ca:
fc:35:ea:f0:65:e2:36:f4:e6:b0:c5:a1:fb:79:d6:
58:63:4b:eb:36:a5:9c:3b:02:ae:ad:40:71:b4:04:
1d:8d:26:29:b3:8d:16:d1:78:1a:bf:4b:58:48:93:
cf:a3:f1:f6:d4:c9:cf:5c:36:13:15:c3:62:da:5e:
42:e5:2c:fd:2b:87:f9:3f:5f:27:7b:27:cc:aa:b5:
b3:2f:6c:8f:f3:8a:60:0c:c3:70:b5:f9:12:95:b4:
b7:e6:77:b1:56:6a:29:23:74:3b:7f:3c:8a:af:4e:
98:35:25:d3:81:1f:9e:64:c4:44:d7:08:77:39:4d:
92:fe:f0:aa:80:b4:c4:3b:ef:9c:33:38:5f:72:0c:
f5:37:00:bf:cb:2a:b3:38:7e:81:4c:c2:9e:c9:d1:
14:44:0b:d6:f0:bb:62:c5:7b:05:c9:b6:da:0b:f4:
57:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:D4:BC:4A:FF:DA:14:6E:99:02:15:3B:DF:3C:9C:62:74:A1:A7:9B
X509v3 Authority Key Identifier:
keyid:7D:7B:4B:CA:BE:B2:96:05:EA:51:1D:E9:73:E4:67:5C:4B:8A:29:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fXtLyr6ylgXqUR3pc-RnXEuKKd8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/ZtS8Sv_aFG6ZAhU73zycYnShp5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/fXtLyr6ylgXqUR3pc-RnXEuKKd8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.187.215.0/24
Signature Algorithm: sha256WithRSAEncryption
01:14:a4:52:4e:50:39:b4:80:fd:77:80:f8:81:48:65:d6:15:
58:61:ec:d7:b6:cc:4e:8e:e2:c6:4f:51:71:06:7e:a5:10:3a:
62:fb:3b:d2:17:72:09:b8:f2:b9:02:d3:fa:19:62:8d:ce:7b:
f4:6e:70:23:82:e6:c8:c4:e8:25:f4:da:2a:6b:70:86:9e:d8:
49:9c:38:93:a5:99:c8:09:14:c2:c0:5c:a1:98:2b:62:5c:0c:
29:e0:53:00:60:e8:e5:b3:f8:f9:73:fe:f9:96:77:c9:27:6f:
f3:94:f5:31:93:21:c2:7b:92:2f:6f:49:c0:ec:7f:33:c7:10:
bc:42:8f:e6:2a:ce:39:27:e2:94:b8:a1:a1:b8:96:d3:75:85:
3d:30:a6:1d:c0:59:a9:07:d6:08:4c:7f:24:c1:7f:6e:e7:13:
18:10:39:9d:25:4e:c9:6d:8d:a0:4f:b2:03:ef:fe:b4:79:b4:
92:1e:21:d1:38:f4:30:ae:1c:77:ef:a2:7d:9b:00:0e:ac:fd:
6b:f8:88:f5:28:a6:fe:e0:30:ce:4c:0a:63:af:57:b7:9c:83:
03:3b:63:ae:a0:9c:74:5f:b6:f1:1a:9b:42:85:dc:50:b1:c6:
03:cd:45:7b:a0:cc:ea:02:dc:b9:b3:79:23:29:fc:51:fa:d7:
31:37:ba:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwgrdAW7uF9vxbkpokAO60MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkN2I0YmNhYmViMjk2MDVlYTUxMWRlOTczZTQ2NzVjNGI4
YTI5ZGYwHhcNMjMwMTAyMDMyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmQ0YmM0YWZmZGExNDZlOTkwMjE1M2JkZjNjOWM2Mjc0YTFhNzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1Nx5+ITcGJOmLcONCX9zIJoGQVb
E4XcECn3T4+hOVVUwx3PKhTUqvK3CYi5V7Tl2EMvlsg9kCXVCiCLO8UPWzoR/eI8
q0inQ29X3ojqUoaeTDpFh4CiAMr8NerwZeI29OawxaH7edZYY0vrNqWcOwKurUBx
tAQdjSYps40W0Xgav0tYSJPPo/H21MnPXDYTFcNi2l5C5Sz9K4f5P18neyfMqrWz
L2yP84pgDMNwtfkSlbS35nexVmopI3Q7fzyKr06YNSXTgR+eZMRE1wh3OU2S/vCq
gLTEO++cMzhfcgz1NwC/yyqzOH6BTMKeydEURAvW8LtixXsFybbaC/RX5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGbUvEr/2hRumQIVO988nGJ0oaebMB8GA1UdIwQY
MBaAFH17S8q+spYF6lEd6XPkZ1xLiinfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlh0THlyNnlsZ1hxVVIzcGMtUm5YRXVLS2Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny84ODk3ZmQtMTg2Mi00MzkzLWFhNGIt
NDQ3NjE3YTRhNzQ0LzEvWnRTOFN2X2FGRzZaQWhVNzN6eWNZblNocDVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny84ODk3ZmQtMTg2Mi00MzkzLWFhNGItNDQ3NjE3YTRhNzQ0
LzEvZlh0THlyNnlsZ1hxVVIzcGMtUm5YRXVLS2Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVbvXMA0G
CSqGSIb3DQEBCwUAA4IBAQABFKRSTlA5tID9d4D4gUhl1hVYYezXtsxOjuLGT1Fx
Bn6lEDpi+zvSF3IJuPK5AtP6GWKNznv0bnAjgubIxOgl9Noqa3CGnthJnDiTpZnI
CRTCwFyhmCtiXAwp4FMAYOjls/j5c/75lnfJJ2/zlPUxkyHCe5Ivb0nA7H8zxxC8
Qo/mKs45J+KUuKGhuJbTdYU9MKYdwFmpB9YITH8kwX9u5xMYEDmdJU7JbY2gT7ID
7/60ebSSHiHROPQwrhx376J9mwAOrP1r+Ij1KKb+4DDOTApjr1e3nIMDO2OuoJx0
X7bxGptChdxQscYDzUV7oMzqAty5s3kjKfxR+tcxN7pC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:42 2024 by rpki-client on console-ams.rpki-client.org