Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/zjl17RxPzCdFQZVC9zbV6W6haVg.roa
File: zjl17RxPzCdFQZVC9zbV6W6haVg.roa (raw, json)
Hash identifier: EC5bNWn4W/TMEuFniq+lPx46kA8lgd8DCzfH00D61Nk=
Subject key identifier: CE:39:75:ED:1C:4F:CC:27:45:41:95:42:F7:36:D5:E9:6E:A1:69:58
Certificate issuer: /CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Certificate serial: 3DC95D
Authority key identifier: A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/zjl17RxPzCdFQZVC9zbV6W6haVg.roa
Signing time: Sat 02 Apr 2022 08:23:08 +0000
ROA not before: Sat 02 Apr 2022 08:23:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35543
IP address blocks: 193.53.81.0/24 maxlen: 24
193.53.35.0/24 maxlen: 24
2a12:a4c1::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4049245 (0x3dc95d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Validity
Not Before: Apr 2 08:23:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ce3975ed1c4fcc2745419542f736d5e96ea16958
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:18:a3:0d:33:30:e2:b5:7d:ea:83:0c:c0:8b:
82:16:c7:33:71:af:24:52:cc:06:3d:b6:11:cf:82:
ea:65:77:b4:6b:d6:10:17:b3:9f:08:2c:9e:ed:f0:
af:47:ea:73:b8:03:b5:f9:5d:7d:ac:eb:8d:9c:9a:
e6:0b:90:52:3f:13:f7:a4:1e:b9:be:93:7f:cc:06:
99:a4:f1:d2:a9:a1:e9:f4:a4:8f:52:5f:c4:a4:c5:
5e:5f:d0:c3:1a:3c:9f:17:eb:90:6b:8e:f7:27:fa:
d5:96:50:ea:19:69:cc:61:2f:88:fc:b5:cf:45:b0:
51:06:78:cf:ae:9a:c7:99:79:6e:5a:5a:fd:3d:2f:
e7:de:a9:56:29:0b:bd:b5:b3:42:60:7f:4a:8c:91:
e3:e2:7d:42:66:4e:02:4d:71:14:70:2f:48:55:0f:
f0:52:de:31:92:58:5d:a8:00:af:ca:79:cc:a2:b6:
17:c0:c1:34:bb:d6:c4:ba:2f:39:b5:85:59:b7:55:
6a:d6:30:e5:80:19:02:63:e6:f9:3a:f4:d3:8e:7d:
70:91:6b:bc:ce:0b:77:d3:52:53:75:13:14:4f:8a:
bd:c3:f9:e0:30:67:18:72:d1:f8:d2:e7:a3:bf:c9:
d2:55:2d:64:22:74:a6:8e:b9:1e:7d:86:32:fe:5d:
84:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:39:75:ED:1C:4F:CC:27:45:41:95:42:F7:36:D5:E9:6E:A1:69:58
X509v3 Authority Key Identifier:
keyid:A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/zjl17RxPzCdFQZVC9zbV6W6haVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p_0_iTNdz4KGZrKPrYrpk71EiHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.53.35.0/24
193.53.81.0/24
IPv6:
2a12:a4c1::/32
Signature Algorithm: sha256WithRSAEncryption
6b:79:a8:04:a2:8a:73:21:a9:a1:f3:0b:b3:c3:19:7a:fe:43:
b8:96:0e:ba:45:c8:cc:84:3e:0e:75:42:e6:2b:bc:90:c6:9e:
87:50:c2:48:59:17:b6:37:be:73:dc:1f:7c:3c:5f:69:68:10:
10:8e:b2:e7:55:ef:e2:ba:82:c3:27:c5:4b:8c:89:bd:bb:d0:
0b:db:61:e5:bd:5c:74:96:37:2e:e4:33:19:b5:30:0e:b1:e6:
47:83:e1:2c:22:d3:03:78:5f:b5:54:55:b8:b4:45:a2:b8:8b:
5b:82:95:93:23:dc:8b:d6:11:0e:15:88:27:f7:be:e9:22:75:
e0:42:65:b6:5f:d1:66:b5:ad:3a:5d:87:0b:39:6f:17:2d:82:
d1:ae:4a:e0:b8:84:e5:a7:f3:df:73:3f:16:6e:f7:b4:18:b2:
33:db:3c:f8:86:59:b5:ba:3c:c7:e9:b7:5b:c1:05:8d:06:f0:
db:d9:e8:99:ab:75:23:9b:1d:a7:20:58:75:d3:2c:4c:06:0c:
04:ab:58:b7:01:44:4b:42:b7:b0:f6:47:65:40:15:59:b6:36:
0a:c0:f5:87:a7:5d:09:92:7f:19:d6:35:ba:92:b9:9c:4a:9a:
de:58:a9:b5:25:66:6e:42:cd:6a:bb:27:f0:c6:50:4a:db:bf:
ef:d3:ce:88
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIDPcldMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE3
ZmQzZjg5MzM1ZGNmODI4NjY2YjI4ZmFkOGFlOTkzYmQ0NDg4NzgwHhcNMjIwNDAy
MDgyMzA4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhjZTM5NzVlZDFjNGZj
YzI3NDU0MTk1NDJmNzM2ZDVlOTZlYTE2OTU4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA4RijDTMw4rV96oMMwIuCFsczca8kUswGPbYRz4LqZXe0a9YQ
F7OfCCye7fCvR+pzuAO1+V19rOuNnJrmC5BSPxP3pB65vpN/zAaZpPHSqaHp9KSP
Ul/EpMVeX9DDGjyfF+uQa473J/rVllDqGWnMYS+I/LXPRbBRBnjPrprHmXluWlr9
PS/n3qlWKQu9tbNCYH9KjJHj4n1CZk4CTXEUcC9IVQ/wUt4xklhdqACvynnMorYX
wME0u9bEui85tYVZt1Vq1jDlgBkCY+b5OvTTjn1wkWu8zgt301JTdRMUT4q9w/ng
MGcYctH40uejv8nSVS1kInSmjrkefYYy/l2EOQIDAQABo4ICHjCCAhowHQYDVR0O
BBYEFM45de0cT8wnRUGVQvc21eluoWlYMB8GA1UdIwQYMBaAFKf9P4kzXc+Chmay
j62K6ZO9RIh4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
cF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTItYzBiMWFkNDM1Yjk1LzEv
empsMTdSeFB6Q2RGUVpWQzl6YlY2VzZoYVZnLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8z
ODhmZDgtYzgxZi00ZTcxLWFmNTItYzBiMWFkNDM1Yjk1LzEvcF8wX2lUTmR6NEtH
WnJLUHJZcnBrNzFFaUhnLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQG
CCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAwTUjAwQAwTVRMA0EAgACMAcDBQAq
EqTBMA0GCSqGSIb3DQEBCwUAA4IBAQBreagEoopzIamh8wuzwxl6/kO4lg66RcjM
hD4OdULmK7yQxp6HUMJIWRe2N75z3B98PF9paBAQjrLnVe/iuoLDJ8VLjIm9u9AL
22HlvVx0ljcu5DMZtTAOseZHg+EsItMDeF+1VFW4tEWiuItbgpWTI9yL1hEOFYgn
977pInXgQmW2X9Fmta06XYcLOW8XLYLRrkrguITlp/Pfcz8Wbve0GLIz2zz4hlm1
ujzH6bdbwQWNBvDb2eiZq3Ujmx2nIFh10yxMBgwEq1i3AURLQrew9kdlQBVZtjYK
wPWHp10Jkn8Z1jW6krmcSpreWKm1JWZuQs1quyfwxlBK27/v086I
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:19:56 2025 by rpki-client