Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/EbZ_Jeg1Ce-8qs-ZaB8xBlkHjpU.roa
File: EbZ_Jeg1Ce-8qs-ZaB8xBlkHjpU.roa (raw, json)
Hash identifier: Mq5dzXZp7hKmJwTwppOJ7Cil8T07c6tTtO9rRMD0q9M=
Subject key identifier: 11:B6:7F:25:E8:35:09:EF:BC:AA:CF:99:68:1F:31:06:59:07:8E:95
Certificate issuer: /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Certificate serial: 01828B9CC4AAC3CF5A7E7AC9E59E39BFF9CE
Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/EbZ_Jeg1Ce-8qs-ZaB8xBlkHjpU.roa
Signing time: Thu 11 Aug 2022 06:34:43 +0000
ROA not before: Thu 11 Aug 2022 06:34:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200309
IP address blocks: 147.234.35.0/24 maxlen: 24
147.234.40.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:8b:9c:c4:aa:c3:cf:5a:7e:7a:c9:e5:9e:39:bf:f9:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Validity
Not Before: Aug 11 06:34:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=11b67f25e83509efbcaacf99681f310659078e95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:cb:01:97:81:c1:c7:1a:77:03:75:d5:be:b3:
96:21:36:d7:3b:a9:0c:3d:47:65:99:de:6b:aa:90:
89:db:e2:12:8d:c5:bd:af:d9:c2:0b:98:a2:fc:7c:
34:60:c7:c1:c8:69:c1:58:d3:6b:2a:11:9b:3c:46:
af:16:5b:72:39:f9:00:58:a4:08:57:f2:96:6f:c4:
15:a6:30:56:a9:b4:34:f1:ea:31:5e:34:61:93:2d:
2f:db:a1:38:59:e9:bf:a1:83:cc:cf:aa:09:29:48:
e8:47:a2:9b:ff:ba:d7:29:90:36:aa:a0:4a:45:e1:
f1:59:f7:44:c5:dc:c8:f7:05:e9:78:85:7f:75:a7:
f4:27:86:af:07:db:11:23:c5:f2:5a:b5:38:4e:d6:
d5:7b:da:33:ac:14:5a:fd:bd:5f:2b:09:d1:f8:1a:
5a:00:c7:c6:bc:f2:e9:08:c7:81:c5:51:37:ad:11:
5d:bf:26:c6:e9:0f:53:69:08:98:98:75:fa:f1:56:
f7:95:f1:b7:b0:72:c6:c8:b0:e6:b7:11:2e:cf:14:
00:71:3b:03:da:fd:b3:ce:db:c8:bf:36:99:ae:a7:
ac:ec:1e:8d:dd:55:38:46:a5:c2:9d:c5:6f:a1:11:
74:35:d2:04:9c:0f:48:8d:d5:5c:15:99:08:47:61:
13:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:B6:7F:25:E8:35:09:EF:BC:AA:CF:99:68:1F:31:06:59:07:8E:95
X509v3 Authority Key Identifier:
keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/EbZ_Jeg1Ce-8qs-ZaB8xBlkHjpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.234.35.0/24
147.234.40.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:d0:84:dd:60:b8:ee:25:ed:fb:f9:d5:72:d8:7a:ae:aa:83:
14:2b:94:24:06:ab:73:03:3b:aa:1e:c4:2c:01:67:e2:36:e9:
af:42:27:7a:d0:53:33:9f:2b:4c:43:9a:07:e2:ad:d7:5b:52:
71:0e:66:17:88:50:a8:09:72:5b:a4:48:c2:2c:4d:bb:aa:6f:
65:01:cd:8a:86:74:fd:ce:33:e6:5a:91:d5:ca:18:a1:a7:e0:
87:f7:f8:29:0d:39:6a:06:d1:61:81:d3:c0:ab:66:d3:74:eb:
f0:e2:2b:62:5c:56:07:ba:cb:f5:12:32:cf:74:74:cb:c2:04:
7e:93:54:a7:74:3e:b2:89:97:73:2b:bf:b4:5f:e4:24:19:1e:
e3:a2:8e:3e:92:35:66:dc:d8:a2:c0:1c:06:77:3d:63:f8:56:
77:19:d2:56:0c:9b:a1:e3:30:06:ae:17:7b:60:f0:fa:5c:74:
f3:1c:d5:b2:ba:d6:cf:a3:79:64:51:80:eb:4e:ad:2f:91:07:
27:b7:85:94:af:f9:de:27:21:62:58:a0:7e:03:c8:eb:c2:cf:
c4:e5:78:1e:5d:5e:eb:c9:97:d4:b7:77:a5:83:11:3f:c3:49:
e3:ed:29:e0:13:2c:c9:f1:82:3f:64:62:45:22:87:cf:4b:b9:
d6:48:5b:a1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYKLnMSqw89afnrJ5Z45v/nOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmFkNzRlN2Y2YzA5NDlhMjczNmE1NzQ3ODQ5NmQ3ZDhi
NDUwZTYwHhcNMjIwODExMDYzNDQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWI2N2YyNWU4MzUwOWVmYmNhYWNmOTk2ODFmMzEwNjU5MDc4ZTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlssBl4HBxxp3A3XVvrOWITbXO6kM
PUdlmd5rqpCJ2+ISjcW9r9nCC5ii/Hw0YMfByGnBWNNrKhGbPEavFltyOfkAWKQI
V/KWb8QVpjBWqbQ08eoxXjRhky0v26E4Wem/oYPMz6oJKUjoR6Kb/7rXKZA2qqBK
ReHxWfdExdzI9wXpeIV/daf0J4avB9sRI8XyWrU4TtbVe9ozrBRa/b1fKwnR+Bpa
AMfGvPLpCMeBxVE3rRFdvybG6Q9TaQiYmHX68Vb3lfG3sHLGyLDmtxEuzxQAcTsD
2v2zztvIvzaZrqes7B6N3VU4RqXCncVvoRF0NdIEnA9IjdVcFZkIR2ETxQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBG2fyXoNQnvvKrPmWgfMQZZB46VMB8GA1UdIwQY
MBaAFCG6105/bAlJonNqV0eEltfYtFDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQt
NDQzMzIyOWE4NDczLzEvRWJaX0plZzFDZS04cXMtWmFCOHhCbGtIanBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQtNDQzMzIyOWE4NDcz
LzEvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAk+ojAwQA
k+ooMA0GCSqGSIb3DQEBCwUAA4IBAQCg0ITdYLjuJe37+dVy2HquqoMUK5QkBqtz
AzuqHsQsAWfiNumvQid60FMznytMQ5oH4q3XW1JxDmYXiFCoCXJbpEjCLE27qm9l
Ac2KhnT9zjPmWpHVyhihp+CH9/gpDTlqBtFhgdPAq2bTdOvw4itiXFYHusv1EjLP
dHTLwgR+k1SndD6yiZdzK7+0X+QkGR7joo4+kjVm3NiiwBwGdz1j+FZ3GdJWDJuh
4zAGrhd7YPD6XHTzHNWyutbPo3lkUYDrTq0vkQcnt4WUr/neJyFiWKB+A8jrws/E
5XgeXV7ryZfUt3elgxE/w0nj7SngEyzJ8YI/ZGJFIofPS7nWSFuh
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:56:56 2023 by rpki-client on console-fra.rpki-client.org