Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/RZ6GAii_V06egUE18PJYhJ4QGxs.roa
File: RZ6GAii_V06egUE18PJYhJ4QGxs.roa (raw, json)
Hash identifier: wLz2fo9whB2Wle4mCCXT8+6qCOQTTK7Rfooh0pt9KH0=
Subject key identifier: 45:9E:86:02:28:BF:57:4E:9E:81:41:35:F0:F2:58:84:9E:10:1B:1B
Certificate issuer: /CN=73c69d04583500c5ef81136831237593e0bb86ce
Certificate serial: 018CC34892889C5DD10CEA654BE8943DB30E
Authority key identifier: 73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/RZ6GAii_V06egUE18PJYhJ4QGxs.roa
Signing time: Mon 01 Jan 2024 04:29:22 +0000
ROA not before: Mon 01 Jan 2024 04:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 149020
IP address blocks: 194.5.98.0/24 maxlen: 24
194.5.97.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:92:88:9c:5d:d1:0c:ea:65:4b:e8:94:3d:b3:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73c69d04583500c5ef81136831237593e0bb86ce
Validity
Not Before: Jan 1 04:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=459e860228bf574e9e814135f0f258849e101b1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:09:12:33:cd:d1:3e:a4:fe:6a:ed:61:58:a9:
95:72:90:9b:b3:5e:c2:b2:81:d7:17:10:51:57:7f:
2f:b4:7d:1a:f1:a9:55:37:bf:19:4a:4a:01:25:b0:
44:07:fb:be:38:e1:98:d8:4a:1e:8a:61:51:e9:18:
04:b0:56:a8:e4:17:01:eb:cf:10:eb:c6:21:7f:8b:
cc:97:b2:23:fe:fd:8e:e4:1d:bd:06:9c:a1:2d:5c:
84:96:fb:00:c9:54:ae:d6:2a:ed:71:2e:1f:da:3e:
0b:c5:4e:54:c5:37:73:d6:3a:5b:64:21:ce:f9:f0:
2d:89:ee:b6:12:a6:4c:1d:69:97:a2:5e:ca:37:a3:
c1:3f:4b:6e:84:ce:a3:6e:76:06:74:7a:e3:da:68:
fe:b8:1d:37:ed:07:02:af:fd:5f:82:b4:ab:48:3a:
35:3a:59:68:1e:65:9a:6b:76:f0:3d:d0:a5:d2:a5:
91:af:3a:16:3b:e3:6d:69:8b:8f:96:eb:f1:6b:67:
74:94:81:a5:f4:ac:24:82:b0:a2:d8:43:83:e7:02:
75:6c:7f:12:4c:17:bb:db:37:ff:c7:49:cb:87:ce:
ec:a5:13:82:9f:e8:7e:da:29:51:49:e8:66:b5:74:
94:c8:3f:19:37:6a:77:9a:ec:6c:b2:a2:bc:09:11:
36:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:9E:86:02:28:BF:57:4E:9E:81:41:35:F0:F2:58:84:9E:10:1B:1B
X509v3 Authority Key Identifier:
keyid:73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/RZ6GAii_V06egUE18PJYhJ4QGxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/c8adBFg1AMXvgRNoMSN1k-C7hs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.5.97.0-194.5.98.255
Signature Algorithm: sha256WithRSAEncryption
49:2c:03:41:3e:8d:7d:9d:10:0c:b8:69:d6:86:4d:4e:80:88:
22:b8:01:6b:61:34:e4:61:b0:69:85:53:f8:61:47:5b:c4:3d:
11:09:b1:c5:87:cf:36:95:a5:d6:fe:46:a0:77:0b:cc:03:7b:
bb:ec:22:98:9e:ce:ed:0c:e7:03:d7:e2:98:80:04:9f:b3:b6:
14:64:87:87:47:13:35:0b:61:90:c4:05:84:fc:f2:cc:d6:07:
3f:b6:b9:8b:93:d2:ed:82:ba:8b:d9:c0:c8:f9:b4:0c:44:a9:
20:87:93:de:89:93:f3:64:0f:40:bc:76:db:3a:ee:be:9b:8a:
6e:ea:96:23:e4:63:f1:61:a1:c6:2a:23:95:21:a7:e7:3a:b9:
7f:15:00:17:bd:0e:c7:ad:3a:08:e5:2a:cf:e0:cd:2a:99:6b:
72:9f:7e:30:5c:3d:2d:e3:52:59:f4:f2:4c:ce:bb:13:8a:4e:
75:ce:ac:55:7f:c6:8c:4a:9c:f9:fb:fc:19:21:aa:83:1a:19:
5e:c7:86:f6:d1:0c:74:93:9a:12:64:3b:97:a5:d7:53:05:b0:
48:ac:21:e3:36:64:bc:76:62:20:c5:6f:fc:08:a5:dc:65:6c:
4b:be:91:69:ae:fb:44:cc:a5:74:6c:f9:14:a7:c2:b9:1e:b8:
fb:43:11:bb
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzDSJKInF3RDOplS+iUPbMOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczYzY5ZDA0NTgzNTAwYzVlZjgxMTM2ODMxMjM3NTkzZTBi
Yjg2Y2UwHhcNMjQwMTAxMDQyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTllODYwMjI4YmY1NzRlOWU4MTQxMzVmMGYyNTg4NDllMTAxYjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngkSM83RPqT+au1hWKmVcpCbs17C
soHXFxBRV38vtH0a8alVN78ZSkoBJbBEB/u+OOGY2EoeimFR6RgEsFao5BcB688Q
68Yhf4vMl7Ij/v2O5B29BpyhLVyElvsAyVSu1irtcS4f2j4LxU5UxTdz1jpbZCHO
+fAtie62EqZMHWmXol7KN6PBP0tuhM6jbnYGdHrj2mj+uB037QcCr/1fgrSrSDo1
OlloHmWaa3bwPdCl0qWRrzoWO+NtaYuPluvxa2d0lIGl9KwkgrCi2EOD5wJ1bH8S
TBe72zf/x0nLh87spROCn+h+2ilRSehmtXSUyD8ZN2p3muxssqK8CRE2kwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFEWehgIov1dOnoFBNfDyWISeEBsbMB8GA1UdIwQY
MBaAFHPGnQRYNQDF74ETaDEjdZPgu4bOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzhhZEJGZzFBTVh2Z1JOb01TTjFrLUM3aHM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82ZjZjZTItZTZlZS00ZTJhLTkwNWQt
ZjljYjBhN2IyMDZjLzEvUlo2R0FpaV9WMDZlZ1VFMThQSlloSjRRR3hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82ZjZjZTItZTZlZS00ZTJhLTkwNWQtZjljYjBhN2IyMDZj
LzEvYzhhZEJGZzFBTVh2Z1JOb01TTjFrLUM3aHM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADCBWED
BADCBWIwDQYJKoZIhvcNAQELBQADggEBAEksA0E+jX2dEAy4adaGTU6AiCK4AWth
NORhsGmFU/hhR1vEPREJscWHzzaVpdb+RqB3C8wDe7vsIpiezu0M5wPX4piABJ+z
thRkh4dHEzULYZDEBYT88szWBz+2uYuT0u2CuovZwMj5tAxEqSCHk96Jk/NkD0C8
dts67r6bim7qliPkY/FhocYqI5Uhp+c6uX8VABe9DsetOgjlKs/gzSqZa3KffjBc
PS3jUln08kzOuxOKTnXOrFV/xoxKnPn7/BkhqoMaGV7HhvbRDHSTmhJkO5el11MF
sEisIeM2ZLx2YiDFb/wIpdxlbEu+kWmu+0TMpXRs+RSnwrkeuPtDEbs=
-----END CERTIFICATE-----
Generated at Tue Aug 20 17:10:13 2024 by rpki-client on console-ams.rpki-client.org