Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/NZg_ZYniUUYVr2jx1oNihoS3KUc.roa
File: NZg_ZYniUUYVr2jx1oNihoS3KUc.roa (raw, json)
Hash identifier: iuM2tVUGrBDulRO2yohieO61TC7/DrOWsu1GJhT29yE=
Subject key identifier: 35:98:3F:65:89:E2:51:46:15:AF:68:F1:D6:83:62:86:84:B7:29:47
Certificate issuer: /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial: 0182125BD8C8E160CF51D31099707172F857
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/NZg_ZYniUUYVr2jx1oNihoS3KUc.roa
Signing time: Mon 18 Jul 2022 17:29:45 +0000
ROA not before: Mon 18 Jul 2022 17:29:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 194.15.152.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:12:5b:d8:c8:e1:60:cf:51:d3:10:99:70:71:72:f8:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Validity
Not Before: Jul 18 17:29:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=35983f6589e2514615af68f1d683628684b72947
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:7c:54:01:75:8b:21:4f:b3:84:76:e4:79:5f:
bd:f5:7d:03:5a:a8:47:f6:1a:43:55:e5:6d:f2:aa:
05:35:bc:2a:5e:6e:8b:4d:b3:bc:c8:40:a2:0e:7f:
96:cb:47:f0:69:9e:ca:58:22:80:74:89:a7:ea:6c:
47:75:78:81:a0:ae:fb:ce:5c:93:f4:78:4e:7a:78:
f7:fd:2c:6c:e3:02:5b:85:bd:af:cb:d4:42:e8:e3:
dc:8b:49:e9:53:a8:33:d4:c5:8f:7a:1a:6b:2d:62:
a7:37:6e:83:3e:42:ad:78:dd:e2:1e:f3:dd:c2:20:
4b:37:d2:81:50:ce:dc:d6:5a:30:9e:b9:0b:a2:c1:
51:bf:c2:3c:9e:a8:ad:85:65:87:63:62:a7:e2:e1:
ae:f9:3a:5a:f9:cc:a5:1c:65:26:2f:bb:b4:36:4f:
cf:86:ca:ff:47:52:58:d0:d3:3f:91:96:99:04:ae:
0d:be:b4:f0:bb:5e:6e:7b:f7:b5:7c:d0:39:a8:86:
5a:db:48:87:57:81:7e:80:62:8d:a5:43:ed:e5:9e:
ae:29:9b:98:6c:d6:ad:61:5c:71:0c:a8:97:f8:ca:
45:63:99:86:37:3f:38:b5:48:8c:fa:7d:26:5b:0e:
f8:7b:1f:72:d3:74:2e:40:11:92:76:9f:72:23:b1:
fd:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:98:3F:65:89:E2:51:46:15:AF:68:F1:D6:83:62:86:84:B7:29:47
X509v3 Authority Key Identifier:
keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/NZg_ZYniUUYVr2jx1oNihoS3KUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.15.152.0/22
Signature Algorithm: sha256WithRSAEncryption
99:fb:65:a5:60:18:0a:1e:01:14:8f:c7:a5:7d:c3:ef:64:7b:
ef:3a:4a:10:a2:8c:9e:c0:9e:60:07:08:42:71:e0:5d:bd:8f:
98:34:a0:b4:38:37:99:62:94:1c:12:35:d6:0c:61:6f:c5:9d:
3f:4d:4f:ae:52:d5:6a:77:74:93:3f:bb:4f:c9:da:da:09:d8:
f4:26:1f:7f:14:6d:62:7d:4d:12:ac:6f:a5:e6:b5:f2:3d:20:
ea:3a:7c:ea:d6:a8:84:31:42:8d:7e:26:c2:ac:0c:4e:62:3d:
7d:b6:d6:dd:59:ee:d9:3f:d2:ee:53:5d:64:ab:ae:b9:64:66:
ea:41:ec:38:7d:49:59:4d:7f:74:fc:1e:e6:1e:6a:b9:5a:75:
20:c0:f6:1b:50:c9:b5:5e:c2:36:65:e6:38:af:7c:40:f8:3d:
cf:c3:b1:76:85:7a:dd:f0:52:36:2e:91:d0:b6:95:26:ba:14:
c8:cf:f8:a0:04:6c:fb:4f:de:a1:da:3b:2d:fc:75:f5:0e:54:
89:b6:2b:e8:5d:bc:af:fb:c7:3d:04:90:a0:c5:ce:ac:4c:6e:
b8:02:22:36:5d:86:d5:00:7b:48:87:cd:1e:82:46:ba:34:ef:
e8:fb:12:2e:1d:df:95:f5:07:65:51:46:49:52:7b:dc:a9:4a:
5a:93:4d:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYISW9jI4WDPUdMQmXBxcvhXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGVkOTQyZTVjNzQyZTc3YmZiOWJlYjk1NGY4NzI1MzRm
NTI4NDgwHhcNMjIwNzE4MTcyOTQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTk4M2Y2NTg5ZTI1MTQ2MTVhZjY4ZjFkNjgzNjI4Njg0YjcyOTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHxUAXWLIU+zhHbkeV+99X0DWqhH
9hpDVeVt8qoFNbwqXm6LTbO8yECiDn+Wy0fwaZ7KWCKAdImn6mxHdXiBoK77zlyT
9HhOenj3/Sxs4wJbhb2vy9RC6OPci0npU6gz1MWPehprLWKnN26DPkKteN3iHvPd
wiBLN9KBUM7c1lownrkLosFRv8I8nqithWWHY2Kn4uGu+Tpa+cylHGUmL7u0Nk/P
hsr/R1JY0NM/kZaZBK4NvrTwu15ue/e1fNA5qIZa20iHV4F+gGKNpUPt5Z6uKZuY
bNatYVxxDKiX+MpFY5mGNz84tUiM+n0mWw74ex9y03QuQBGSdp9yI7H9sQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDWYP2WJ4lFGFa9o8daDYoaEtylHMB8GA1UdIwQY
MBaAFDxO2ULlx0Lne/ub65VPhyU09ShIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2Et
NzczNDRiY2M5MTkxLzEvTlpnX1pZbmlVVVlWcjJqeDFvTmlob1MzS1VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2EtNzczNDRiY2M5MTkx
LzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwg+YMA0G
CSqGSIb3DQEBCwUAA4IBAQCZ+2WlYBgKHgEUj8elfcPvZHvvOkoQooyewJ5gBwhC
ceBdvY+YNKC0ODeZYpQcEjXWDGFvxZ0/TU+uUtVqd3STP7tPydraCdj0Jh9/FG1i
fU0SrG+l5rXyPSDqOnzq1qiEMUKNfibCrAxOYj19ttbdWe7ZP9LuU11kq665ZGbq
Qew4fUlZTX90/B7mHmq5WnUgwPYbUMm1XsI2ZeY4r3xA+D3Pw7F2hXrd8FI2LpHQ
tpUmuhTIz/igBGz7T96h2jst/HX1DlSJtivoXbyv+8c9BJCgxc6sTG64AiI2XYbV
AHtIh80egka6NO/o+xIuHd+V9QdlUUZJUnvcqUpak00X
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:04 2024 by rpki-client on console-fra.rpki-client.org