Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/dz5thYJS-nLabOQoffSQycPQZf8.roa
File: dz5thYJS-nLabOQoffSQycPQZf8.roa (raw, json)
Hash identifier: KkbUiW43d7PZA9ZjJv1RSS0IEsLdMv7wf9AdyAnBptM=
Subject key identifier: 77:3E:6D:85:82:52:FA:72:DA:6C:E4:28:7D:F4:90:C9:C3:D0:65:FF
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 01896478EF7D23008C7FAFCD8AA4B1D8F468
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/dz5thYJS-nLabOQoffSQycPQZf8.roa
Signing time: Mon 17 Jul 2023 15:29:54 +0000
ROA not before: Mon 17 Jul 2023 15:29:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48031
IP address blocks: 213.166.82.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:64:78:ef:7d:23:00:8c:7f:af:cd:8a:a4:b1:d8:f4:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Jul 17 15:29:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=773e6d858252fa72da6ce4287df490c9c3d065ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:5f:19:b1:63:2a:23:42:da:38:9d:b0:83:42:
6d:68:8a:7c:6e:bd:4d:4c:30:11:02:dd:81:c8:20:
9e:0c:2b:34:2f:83:f7:f8:e6:d7:72:86:10:88:28:
ee:4d:e6:c8:3a:4d:b3:66:b2:9c:b4:35:55:f9:70:
9d:b6:37:33:00:d8:62:69:3b:fc:94:7f:82:73:2f:
93:17:50:3e:f3:0a:93:61:d2:bb:27:4c:9a:6d:89:
e9:a4:19:22:57:d4:f0:8f:9f:12:97:90:0f:0c:4e:
27:33:df:be:96:c2:95:bc:22:b9:9f:01:72:13:f5:
eb:10:6e:0c:1a:f0:b0:56:d1:d9:8c:8f:db:1e:45:
c1:64:93:f0:ef:7c:14:ba:44:4a:48:1e:6a:14:03:
fc:f2:07:91:16:3f:cc:05:ec:81:30:5b:81:70:6d:
8a:d7:0b:97:83:f1:14:42:df:5d:82:e0:3a:3f:99:
77:1a:96:da:30:37:0b:34:ce:78:af:61:40:ac:ac:
19:ea:32:73:d6:e4:f0:a2:5d:18:d9:72:f4:9d:ca:
b3:3f:52:30:48:92:32:7a:38:82:6a:09:03:aa:ed:
1c:e6:92:bf:f1:ef:15:de:36:3d:8a:6d:7b:41:e1:
b5:33:e7:12:81:80:73:c6:a0:1f:6d:27:70:85:9d:
10:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:3E:6D:85:82:52:FA:72:DA:6C:E4:28:7D:F4:90:C9:C3:D0:65:FF
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/dz5thYJS-nLabOQoffSQycPQZf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.166.82.0/24
Signature Algorithm: sha256WithRSAEncryption
66:0f:b4:d5:e6:2a:4c:cb:69:c9:40:30:8d:39:0c:db:db:bb:
dc:cd:c0:53:c8:5a:6d:f0:b3:77:ab:71:26:ab:9f:2c:66:02:
6c:0a:2b:aa:16:31:8a:2d:3d:3a:1c:48:04:04:72:20:3e:10:
d9:e6:32:ef:17:45:b5:db:97:25:a2:67:08:d1:05:36:39:ff:
a1:dd:9e:5d:02:75:6f:0a:75:19:4a:8c:73:63:e2:34:5e:80:
47:87:98:d1:8f:9a:a3:35:59:19:7b:36:cc:45:b0:1a:6f:45:
25:43:83:72:3f:bb:4a:63:70:c6:3b:3d:59:7e:00:d9:89:25:
3c:72:01:94:4a:90:85:2c:a2:45:eb:e1:86:0c:57:f0:9a:c8:
ca:4c:16:97:57:c2:af:39:ef:80:d0:34:a0:66:01:60:0d:f6:
16:a2:e8:a7:ff:ec:1e:f9:f9:96:41:9a:a4:d2:8e:ae:08:e4:
68:86:8e:38:b5:8b:72:9e:f4:ab:95:fb:f1:11:fb:e5:63:2a:
23:61:de:d5:f3:27:a8:53:4f:75:81:d9:0e:ac:b7:85:9d:eb:
d7:13:27:ca:53:21:94:8f:1d:32:09:7d:a8:d8:04:84:6c:9a:
11:58:01:f9:0e:94:66:01:24:5f:e7:31:10:79:99:0b:73:66:
6a:78:7a:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlkeO99IwCMf6/NiqSx2PRoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjMwNzE3MTUyOTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzNlNmQ4NTgyNTJmYTcyZGE2Y2U0Mjg3ZGY0OTBjOWMzZDA2NWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtV8ZsWMqI0LaOJ2wg0JtaIp8br1N
TDARAt2ByCCeDCs0L4P3+ObXcoYQiCjuTebIOk2zZrKctDVV+XCdtjczANhiaTv8
lH+Ccy+TF1A+8wqTYdK7J0yabYnppBkiV9Twj58Sl5APDE4nM9++lsKVvCK5nwFy
E/XrEG4MGvCwVtHZjI/bHkXBZJPw73wUukRKSB5qFAP88geRFj/MBeyBMFuBcG2K
1wuXg/EUQt9dguA6P5l3GpbaMDcLNM54r2FArKwZ6jJz1uTwol0Y2XL0ncqzP1Iw
SJIyejiCagkDqu0c5pK/8e8V3jY9im17QeG1M+cSgYBzxqAfbSdwhZ0QWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHc+bYWCUvpy2mzkKH30kMnD0GX/MB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvZHo1dGhZSlMtbkxhYk9Rb2ZmU1F5Y1BRWmY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1aZSMA0G
CSqGSIb3DQEBCwUAA4IBAQBmD7TV5ipMy2nJQDCNOQzb27vczcBTyFpt8LN3q3Em
q58sZgJsCiuqFjGKLT06HEgEBHIgPhDZ5jLvF0W125clomcI0QU2Of+h3Z5dAnVv
CnUZSoxzY+I0XoBHh5jRj5qjNVkZezbMRbAab0UlQ4NyP7tKY3DGOz1ZfgDZiSU8
cgGUSpCFLKJF6+GGDFfwmsjKTBaXV8KvOe+A0DSgZgFgDfYWouin/+we+fmWQZqk
0o6uCORoho44tYtynvSrlfvxEfvlYyojYd7V8yeoU091gdkOrLeFnevXEyfKUyGU
jx0yCX2o2ASEbJoRWAH5DpRmASRf5zEQeZkLc2ZqeHo2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:47 2024 by rpki-client on console-fra.rpki-client.org