Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/z-CFvsuBupYDF_EmLLz5hwJ7GXY.roa
File: z-CFvsuBupYDF_EmLLz5hwJ7GXY.roa (raw, json)
Hash identifier: wue54TIhBD8bDpk+keB7Dwrcrs5s4jeBlhcqjd0IBeM=
Subject key identifier: CF:E0:85:BE:CB:81:BA:96:03:17:F1:26:2C:BC:F9:87:02:7B:19:76
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 01856F1DC052BE89EB6D7905DD8F030A7568
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/z-CFvsuBupYDF_EmLLz5hwJ7GXY.roa
Signing time: Sun 01 Jan 2023 20:54:58 +0000
ROA not before: Sun 01 Jan 2023 20:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50756
IP address blocks: 194.76.18.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:c0:52:be:89:eb:6d:79:05:dd:8f:03:0a:75:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Jan 1 20:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cfe085becb81ba960317f1262cbcf987027b1976
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:46:d4:23:7c:37:9a:00:9d:0b:c5:71:3d:19:
f0:a4:75:ea:0d:49:82:04:7c:38:88:7b:c4:c5:6e:
da:85:90:d3:68:14:b9:9f:09:f4:92:6c:d3:02:76:
12:cc:b4:58:d7:4c:cc:a3:02:47:84:54:5c:2b:62:
21:65:34:d4:fb:34:62:dc:c2:61:19:24:5a:80:3f:
2e:ad:2b:30:55:9a:fd:a5:a9:a6:dc:19:af:5c:e6:
b8:79:c5:61:a3:10:c1:08:2e:a2:34:29:54:fd:2f:
f2:75:9f:e7:81:bb:e4:2d:33:f1:1a:a3:50:2d:d9:
2e:d2:8c:a9:76:97:43:b2:f5:83:02:f5:1c:dd:ba:
90:de:87:da:30:86:a6:b2:3e:97:a1:bd:e7:9a:66:
e2:86:e5:ac:0b:44:b5:9e:e5:64:35:88:67:53:14:
bc:cb:08:a7:6d:88:47:bf:ac:83:24:1c:83:21:c4:
28:e3:65:86:3f:74:26:7f:20:ad:82:02:fc:e0:a3:
95:fa:24:33:ee:f1:ef:5f:ab:80:9b:d4:c5:5d:4d:
a0:db:74:5c:15:74:a3:b5:04:9a:a9:b9:85:a4:37:
a3:63:df:23:12:90:26:69:97:78:d1:c7:03:fb:04:
7c:b3:07:38:41:22:78:2f:de:8d:6f:f3:72:12:ae:
52:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:E0:85:BE:CB:81:BA:96:03:17:F1:26:2C:BC:F9:87:02:7B:19:76
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/z-CFvsuBupYDF_EmLLz5hwJ7GXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.76.18.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:76:29:2a:8c:d5:93:20:fc:db:65:12:55:da:05:20:2c:f9:
5e:0b:8b:a9:e0:e9:6e:67:4d:3c:b5:11:82:ae:1d:7f:ae:2c:
80:a8:3a:ae:f5:3f:08:d4:e4:e0:54:3b:2e:d1:1c:c6:61:c7:
c3:e7:2e:cc:28:e7:78:f7:1c:32:27:74:5d:20:38:27:27:2a:
67:54:31:b4:42:11:a2:ad:5a:ed:fe:53:da:c8:74:22:bc:ed:
88:7c:7b:c0:eb:38:8c:43:56:d8:bb:d5:be:aa:b2:24:f1:53:
a8:cd:26:28:35:9f:01:3d:16:f1:f7:af:80:b7:92:50:32:22:
b9:37:15:f6:c3:14:ac:16:73:f5:cc:39:f5:a0:04:a4:99:1f:
6f:f8:ed:5a:58:1a:84:c7:70:e1:61:1f:ea:af:5d:4e:19:0d:
1f:de:1f:33:87:ac:49:1b:6a:a1:6a:ea:83:49:62:c0:db:ef:
8b:ba:d7:71:da:aa:58:67:55:2b:bf:1a:eb:0a:51:73:6b:b8:
76:60:ef:c8:52:19:73:40:2a:d7:d6:cb:81:16:52:da:e4:56:
b4:9e:70:da:40:05:35:48:4e:1b:ff:d2:18:67:56:da:93:44:
cf:e5:c7:4c:0f:eb:5b:d2:69:8e:fc:35:d7:d9:5d:78:e6:9c:
21:51:16:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvHcBSvonrbXkF3Y8DCnVoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjMwMTAxMjA1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmUwODViZWNiODFiYTk2MDMxN2YxMjYyY2JjZjk4NzAyN2IxOTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0bUI3w3mgCdC8VxPRnwpHXqDUmC
BHw4iHvExW7ahZDTaBS5nwn0kmzTAnYSzLRY10zMowJHhFRcK2IhZTTU+zRi3MJh
GSRagD8urSswVZr9pamm3BmvXOa4ecVhoxDBCC6iNClU/S/ydZ/ngbvkLTPxGqNQ
Ldku0oypdpdDsvWDAvUc3bqQ3ofaMIamsj6Xob3nmmbihuWsC0S1nuVkNYhnUxS8
ywinbYhHv6yDJByDIcQo42WGP3QmfyCtggL84KOV+iQz7vHvX6uAm9TFXU2g23Rc
FXSjtQSaqbmFpDejY98jEpAmaZd40ccD+wR8swc4QSJ4L96Nb/NyEq5SKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM/ghb7LgbqWAxfxJiy8+YcCexl2MB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvei1DRnZzdUJ1cFlERl9FbUxMejVod0o3R1hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwkwSMA0G
CSqGSIb3DQEBCwUAA4IBAQCgdikqjNWTIPzbZRJV2gUgLPleC4up4OluZ008tRGC
rh1/riyAqDqu9T8I1OTgVDsu0RzGYcfD5y7MKOd49xwyJ3RdIDgnJypnVDG0QhGi
rVrt/lPayHQivO2IfHvA6ziMQ1bYu9W+qrIk8VOozSYoNZ8BPRbx96+At5JQMiK5
NxX2wxSsFnP1zDn1oASkmR9v+O1aWBqEx3DhYR/qr11OGQ0f3h8zh6xJG2qhauqD
SWLA2++Lutdx2qpYZ1UrvxrrClFza7h2YO/IUhlzQCrX1suBFlLa5Fa0nnDaQAU1
SE4b/9IYZ1bak0TP5cdMD+tb0mmO/DXX2V145pwhURat
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:47 2024 by rpki-client on console-fra.rpki-client.org