Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/ZFYmRj4X8KxfyrfXV6U704g9vmM.roa
File: ZFYmRj4X8KxfyrfXV6U704g9vmM.roa (raw, json)
Hash identifier: cZ1jUSzzBzCrwN2Pq71pW4U2atfw4FQl/FY0xcEnW7g=
Subject key identifier: 64:56:26:46:3E:17:F0:AC:5F:CA:B7:D7:57:A5:3B:D3:88:3D:BE:63
Certificate issuer: /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial: 035AA483
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/ZFYmRj4X8KxfyrfXV6U704g9vmM.roa
Signing time: Thu 23 Jun 2022 14:33:30 +0000
ROA not before: Thu 23 Jun 2022 14:33:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210538
IP address blocks: 194.15.154.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56272003 (0x35aa483)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Validity
Not Before: Jun 23 14:33:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=645626463e17f0ac5fcab7d757a53bd3883dbe63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:fa:24:ca:1b:a2:e0:aa:6d:a6:0f:cd:48:fc:
22:10:67:ac:69:0f:60:ea:9e:35:09:2d:bd:ec:cd:
40:d9:3c:e1:da:e1:85:2e:d7:e3:b2:a9:8e:03:13:
bb:ea:3b:0b:f5:a8:4c:2c:ac:67:ea:5b:33:8a:19:
a3:02:96:9e:6e:a2:f1:e5:cb:d9:71:fd:af:b2:7a:
a8:01:f5:4c:46:4c:c0:66:eb:8c:c8:31:8f:4a:f6:
37:ec:78:99:4e:b5:95:21:9c:1c:a4:45:62:b4:98:
34:2a:70:85:e8:ff:8b:b3:8b:da:82:5f:f5:74:75:
b9:a9:97:88:50:70:bf:cc:e8:11:0a:e6:b6:15:13:
b4:58:52:14:00:67:89:67:2c:57:1f:e6:fc:cb:5c:
36:ee:60:66:02:1b:32:44:fe:d3:12:2c:b6:30:18:
90:51:30:00:89:b4:b0:4c:45:24:5c:d4:a8:c4:3a:
c0:ae:d7:81:24:1c:23:de:71:e0:f4:71:b3:a0:81:
7c:5f:65:dc:f9:1e:bf:50:c6:bc:a2:5b:75:5b:a1:
31:5e:ff:03:88:a0:07:84:25:d6:c0:02:b4:aa:ed:
95:4e:8d:f1:b9:59:89:9f:0d:3a:f5:6a:aa:83:68:
0e:66:4f:7c:d7:0b:9c:86:c3:92:2a:d6:20:58:76:
76:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:56:26:46:3E:17:F0:AC:5F:CA:B7:D7:57:A5:3B:D3:88:3D:BE:63
X509v3 Authority Key Identifier:
keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/ZFYmRj4X8KxfyrfXV6U704g9vmM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.15.154.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:7e:e2:d2:6a:46:40:73:7b:0f:7c:3b:47:fa:fe:07:5d:92:
03:fd:7e:2a:45:74:ea:28:83:bf:9a:61:c9:c7:b1:9e:8d:ca:
4d:6e:10:b7:be:7d:e6:a2:17:ce:52:76:d3:37:b8:4d:c2:19:
5c:56:08:6b:da:62:58:8a:14:ea:b4:99:68:e3:75:7f:79:63:
81:c6:5a:58:db:8d:7c:fa:c1:f7:6d:2c:d7:65:c4:c4:81:fa:
56:25:43:9d:19:66:40:2e:3a:54:70:14:98:24:6d:62:8f:37:
60:1b:d1:91:db:24:35:f9:91:f2:eb:f9:36:31:3b:45:ec:55:
19:6f:9b:fa:d6:6c:5a:62:be:97:2f:4c:dc:71:39:77:58:02:
0a:1c:8b:d1:27:4e:b1:fd:24:d9:23:68:96:6b:0a:d8:95:86:
fc:3a:04:e2:9f:5d:30:23:91:c1:fd:ed:f3:b9:73:40:13:ab:
1c:19:a4:ae:80:37:16:32:3b:77:28:3a:b2:dd:12:d5:d5:cf:
20:05:95:f5:6b:5f:8e:1a:4e:ee:35:09:4b:e7:14:84:cf:66:
f6:1e:31:be:e4:b2:20:a4:fb:0d:67:da:b1:cc:d1:fb:46:d2:
76:0f:25:c9:37:45:53:79:bb:53:91:1b:38:09:c3:ff:de:93:
0c:19:aa:7b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA1qkgzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YzRlZDk0MmU1Yzc0MmU3N2JmYjliZWI5NTRmODcyNTM0ZjUyODQ4MB4XDTIyMDYy
MzE0MzMzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjQ1NjI2NDYzZTE3
ZjBhYzVmY2FiN2Q3NTdhNTNiZDM4ODNkYmU2MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL76JMobouCqbaYPzUj8IhBnrGkPYOqeNQktvezNQNk84drh
hS7X47KpjgMTu+o7C/WoTCysZ+pbM4oZowKWnm6i8eXL2XH9r7J6qAH1TEZMwGbr
jMgxj0r2N+x4mU61lSGcHKRFYrSYNCpwhej/i7OL2oJf9XR1uamXiFBwv8zoEQrm
thUTtFhSFABniWcsVx/m/MtcNu5gZgIbMkT+0xIstjAYkFEwAIm0sExFJFzUqMQ6
wK7XgSQcI95x4PRxs6CBfF9l3Pkev1DGvKJbdVuhMV7/A4igB4Ql1sACtKrtlU6N
8blZiZ8NOvVqqoNoDmZPfNcLnIbDkirWIFh2dscCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRkViZGPhfwrF/Kt9dXpTvTiD2+YzAfBgNVHSMEGDAWgBQ8TtlC5cdC53v7
m+uVT4clNPUoSDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BFN1pRdVhIUXVkNy01dnJsVS1ISlRUMUtFZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjYvMWJiNDVhLTU1MWMtNDk2Ny05NWNhLTc3MzQ0YmNjOTE5MS8x
L1pGWW1SajRYOEt4ZnlyZlhWNlU3MDRnOXZtTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjYv
MWJiNDVhLTU1MWMtNDk2Ny05NWNhLTc3MzQ0YmNjOTE5MS8xL1BFN1pRdVhIUXVk
Ny01dnJsVS1ISlRUMUtFZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIPmjANBgkqhkiG9w0BAQsFAAOC
AQEADn7i0mpGQHN7D3w7R/r+B12SA/1+KkV06iiDv5phycexno3KTW4Qt7595qIX
zlJ20ze4TcIZXFYIa9piWIoU6rSZaON1f3ljgcZaWNuNfPrB920s12XExIH6ViVD
nRlmQC46VHAUmCRtYo83YBvRkdskNfmR8uv5NjE7RexVGW+b+tZsWmK+ly9M3HE5
d1gCChyL0SdOsf0k2SNolmsK2JWG/DoE4p9dMCORwf3t87lzQBOrHBmkroA3FjI7
dyg6st0S1dXPIAWV9WtfjhpO7jUJS+cUhM9m9h4xvuSyIKT7DWfasczR+0bSdg8l
yTdFU3m7U5EbOAnD/96TDBmqew==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:09 2024 by rpki-client on console-ams.rpki-client.org