Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/BZS84xpuijpf5ht4_1ZoldUPbr4.roa
File: BZS84xpuijpf5ht4_1ZoldUPbr4.roa (raw, json)
Hash identifier: ypYDO4h4CIBrq1G2GH33j3iRUk+BqoFp0avQjZDk7r8=
Subject key identifier: 05:94:BC:E3:1A:6E:8A:3A:5F:E6:1B:78:FF:56:68:95:D5:0F:6E:BE
Certificate issuer: /CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Certificate serial: 01857042ACCD8CC6C6F31F13817DEC1663E5
Authority key identifier: A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/BZS84xpuijpf5ht4_1ZoldUPbr4.roa
Signing time: Mon 02 Jan 2023 02:14:55 +0000
ROA not before: Mon 02 Jan 2023 02:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211560
IP address blocks: 193.53.40.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:ac:cd:8c:c6:c6:f3:1f:13:81:7d:ec:16:63:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Validity
Not Before: Jan 2 02:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0594bce31a6e8a3a5fe61b78ff566895d50f6ebe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:29:da:3a:19:0c:b1:8d:44:f7:e6:c6:dc:5a:
b2:04:56:f7:2f:ba:70:49:df:41:7d:b7:da:bf:41:
89:8f:85:01:98:b1:f3:88:8c:9a:54:96:f7:d6:eb:
05:08:4e:b5:b8:c3:ce:4a:a5:6f:3d:e4:4a:64:68:
93:f4:42:64:31:07:04:27:d3:10:9a:60:b6:e1:87:
3d:6d:8e:a0:1c:90:89:3b:cd:16:3d:6d:13:14:dc:
55:f3:af:5c:66:15:82:c6:0d:75:cf:54:59:ee:62:
37:36:8e:46:9e:12:b8:c7:f5:63:d7:68:0d:a5:dc:
dc:f2:43:14:80:c2:af:62:37:cd:8a:f2:54:21:62:
d6:54:b6:97:19:31:9c:87:c3:9b:1c:9c:33:e6:26:
18:4c:1f:20:52:b4:9f:f6:fb:41:f0:38:f0:82:cc:
89:76:01:72:4b:ea:30:e5:65:8a:05:0d:85:06:1a:
14:79:86:a2:57:4e:30:44:fe:e0:e7:cd:39:05:7e:
28:e5:76:8c:7e:e8:1a:40:1f:b7:45:f2:c6:63:90:
20:b4:8a:aa:17:83:8d:f7:0c:50:5b:be:81:c6:94:
a5:95:65:86:e0:0e:90:a8:5d:86:fb:a1:b6:d3:67:
24:3f:8b:1f:a8:09:e6:1f:3b:ce:05:2b:25:b4:4e:
53:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:94:BC:E3:1A:6E:8A:3A:5F:E6:1B:78:FF:56:68:95:D5:0F:6E:BE
X509v3 Authority Key Identifier:
keyid:A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/BZS84xpuijpf5ht4_1ZoldUPbr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p_0_iTNdz4KGZrKPrYrpk71EiHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.53.40.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:5f:8e:fb:62:1d:94:d4:10:38:5e:8a:6a:c8:47:4c:9c:02:
07:1e:68:3e:5f:6d:54:a5:a3:97:37:03:5f:f6:24:0f:7f:82:
4c:af:d5:36:12:4a:ea:15:eb:04:d4:59:a5:2d:42:96:10:2e:
db:d2:d7:ab:e4:9e:d2:51:10:cd:4d:ea:f8:7f:db:18:67:81:
01:9a:51:bd:b9:21:24:35:25:f0:6a:12:91:54:68:1f:2e:6b:
42:d6:0f:1b:73:ae:d2:c6:e5:31:a3:6e:c8:5f:97:79:0b:06:
08:a3:3d:47:26:33:d3:0c:23:17:16:18:02:b4:c5:e6:80:67:
50:05:c9:22:5d:7c:30:4f:bb:71:cf:c4:c5:5b:52:ea:01:7d:
ff:16:87:d6:64:9f:32:94:16:43:8f:a6:56:fb:1c:b4:36:39:
87:23:61:c3:16:30:44:07:32:6b:34:14:6a:21:17:36:94:e4:
cb:63:64:9e:63:4d:67:cf:79:4a:38:59:39:9f:6e:c8:d9:d6:
30:94:fb:b2:bb:1b:d2:9e:62:15:7e:a0:0a:29:0b:d3:c7:38:
55:a9:9e:40:bc:fd:30:43:4e:16:e6:0b:2e:a9:e6:05:8d:17:
55:a7:27:a4:03:57:79:50:82:0c:2b:43:73:93:58:a8:80:ee:
db:e0:cd:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwQqzNjMbG8x8TgX3sFmPlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZmQzZjg5MzM1ZGNmODI4NjY2YjI4ZmFkOGFlOTkzYmQ0
NDg4NzgwHhcNMjMwMTAyMDIxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTk0YmNlMzFhNmU4YTNhNWZlNjFiNzhmZjU2Njg5NWQ1MGY2ZWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiinaOhkMsY1E9+bG3FqyBFb3L7pw
Sd9Bfbfav0GJj4UBmLHziIyaVJb31usFCE61uMPOSqVvPeRKZGiT9EJkMQcEJ9MQ
mmC24Yc9bY6gHJCJO80WPW0TFNxV869cZhWCxg11z1RZ7mI3No5GnhK4x/Vj12gN
pdzc8kMUgMKvYjfNivJUIWLWVLaXGTGch8ObHJwz5iYYTB8gUrSf9vtB8DjwgsyJ
dgFyS+ow5WWKBQ2FBhoUeYaiV04wRP7g5805BX4o5XaMfugaQB+3RfLGY5AgtIqq
F4ON9wxQW76BxpSllWWG4A6QqF2G+6G202ckP4sfqAnmHzvOBSsltE5TYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAWUvOMaboo6X+YbeP9WaJXVD26+MB8GA1UdIwQY
MBaAFKf9P4kzXc+Chmayj62K6ZO9RIh4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTIt
YzBiMWFkNDM1Yjk1LzEvQlpTODR4cHVpanBmNWh0NF8xWm9sZFVQYnI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTItYzBiMWFkNDM1Yjk1
LzEvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwTUoMA0G
CSqGSIb3DQEBCwUAA4IBAQBaX477Yh2U1BA4XopqyEdMnAIHHmg+X21UpaOXNwNf
9iQPf4JMr9U2EkrqFesE1FmlLUKWEC7b0ter5J7SURDNTer4f9sYZ4EBmlG9uSEk
NSXwahKRVGgfLmtC1g8bc67SxuUxo27IX5d5CwYIoz1HJjPTDCMXFhgCtMXmgGdQ
BckiXXwwT7txz8TFW1LqAX3/FofWZJ8ylBZDj6ZW+xy0NjmHI2HDFjBEBzJrNBRq
IRc2lOTLY2SeY01nz3lKOFk5n27I2dYwlPuyuxvSnmIVfqAKKQvTxzhVqZ5AvP0w
Q04W5gsuqeYFjRdVpyekA1d5UIIMK0Nzk1iogO7b4M04
-----END CERTIFICATE-----
Generated at Sun Apr 20 00:12:04 2025 by rpki-client