Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/zb1HcF4dqwrgoquBAbMPkHZDRFc.roa
File: zb1HcF4dqwrgoquBAbMPkHZDRFc.roa (raw, json)
Hash identifier: Y0/djvwwrzzI585bkiPD05vv/SpthOcg8cvMp7fYU4A=
Subject key identifier: CD:BD:47:70:5E:1D:AB:0A:E0:A2:AB:81:01:B3:0F:90:76:43:44:57
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 04609E3A
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/zb1HcF4dqwrgoquBAbMPkHZDRFc.roa
Signing time: Wed 16 Mar 2022 16:21:11 +0000
ROA not before: Wed 16 Mar 2022 16:21:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62240
IP address blocks: 193.32.164.0/24 maxlen: 24
193.32.166.0/24 maxlen: 24
193.32.165.0/24 maxlen: 24
193.32.167.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73440826 (0x4609e3a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Mar 16 16:21:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cdbd47705e1dab0ae0a2ab8101b30f9076434457
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:4d:ef:04:5b:35:02:81:24:6d:0c:5e:a1:59:
0e:ec:70:04:d2:ff:27:d3:9d:a8:f4:f7:0f:fc:4c:
9f:51:d0:cd:96:ec:a9:f0:29:19:0a:68:ff:24:86:
98:b2:1c:e7:7d:85:ef:e0:cd:4f:08:f7:31:c0:bf:
5c:ab:76:90:1f:f1:03:b0:9d:ed:15:b4:72:87:48:
0c:46:86:dc:27:7d:5a:e5:6b:04:09:d5:34:64:b1:
dd:06:51:79:8b:41:56:a4:bc:14:50:7c:de:63:b6:
c5:dd:86:c8:d1:26:c7:94:66:19:ce:7b:c7:82:95:
28:43:5a:dd:68:e3:ad:54:ce:ef:b5:32:7a:db:28:
e5:32:7c:4b:65:94:c5:72:a8:d6:57:be:6b:1d:91:
d9:47:b6:6a:c4:77:ae:15:1a:6d:1f:d0:93:dc:d5:
0f:d1:6e:ed:66:dd:74:0d:da:8c:b5:98:3d:44:62:
9f:72:0e:7f:34:74:2f:cc:cf:58:da:5c:76:bc:16:
14:02:94:15:e9:b2:69:e3:dd:0f:c7:49:16:07:51:
8b:0a:3a:8b:76:0e:6e:db:27:1c:6b:99:bf:46:33:
b8:96:02:e3:33:25:c1:e8:b9:a4:97:7e:c1:66:2d:
78:97:4f:54:70:4a:a2:7f:e3:47:84:6a:e9:f6:f2:
55:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:BD:47:70:5E:1D:AB:0A:E0:A2:AB:81:01:B3:0F:90:76:43:44:57
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/zb1HcF4dqwrgoquBAbMPkHZDRFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.32.164.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:60:3b:89:70:7a:4a:8b:52:3a:e2:bd:73:24:06:8c:a4:61:
a0:0a:fb:83:93:8c:92:90:e6:36:f7:29:54:6b:23:5a:f3:2b:
aa:a9:0e:d3:7f:66:60:a1:95:f6:ad:8e:ba:da:3b:63:e0:7a:
84:b0:5a:d6:a2:a6:af:e8:0c:fe:79:00:30:0c:a6:14:e3:2a:
ae:57:e6:d3:c8:48:f1:7c:01:e7:da:dd:27:98:cf:dd:1a:7e:
de:c2:33:d5:5a:dc:f3:97:58:2c:ac:fa:e6:58:59:e1:3f:94:
b4:1a:3b:eb:fc:20:00:28:7f:84:04:f5:07:41:bf:a7:cf:3a:
06:bb:54:ff:b0:85:f5:5e:5b:30:a5:bb:45:28:fd:10:b4:14:
c5:60:d7:79:0b:0f:0b:19:83:29:8b:8a:c5:c8:25:b9:e9:f0:
db:24:54:bf:e0:7e:aa:51:49:2a:e5:bd:ce:25:b7:cf:eb:49:
d0:ea:1f:b4:df:44:da:e5:c4:df:00:6f:44:f9:c4:48:9a:5f:
f1:f3:dc:b9:f6:38:8d:75:03:4e:4e:a6:c7:48:54:28:ff:d2:
fc:f0:bc:a4:ef:5d:95:5c:c5:50:65:6d:e3:23:f1:7f:c8:43:
21:21:6b:e9:5f:9e:f2:e5:10:1d:9c:66:72:c4:3f:a9:f4:50:
37:bd:6f:40
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBGCeOjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZGEzOTQxYzI3Y2ZlNWMyMzRjNGJmMjIxZWNiMmE1NzliMmRlYWFiMB4XDTIyMDMx
NjE2MjExMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2RiZDQ3NzA1ZTFk
YWIwYWUwYTJhYjgxMDFiMzBmOTA3NjQzNDQ1NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIVN7wRbNQKBJG0MXqFZDuxwBNL/J9OdqPT3D/xMn1HQzZbs
qfApGQpo/ySGmLIc532F7+DNTwj3McC/XKt2kB/xA7Cd7RW0codIDEaG3Cd9WuVr
BAnVNGSx3QZReYtBVqS8FFB83mO2xd2GyNEmx5RmGc57x4KVKENa3WjjrVTO77Uy
etso5TJ8S2WUxXKo1le+ax2R2Ue2asR3rhUabR/Qk9zVD9Fu7WbddA3ajLWYPURi
n3IOfzR0L8zPWNpcdrwWFAKUFemyaePdD8dJFgdRiwo6i3YObtsnHGuZv0YzuJYC
4zMlwei5pJd+wWYteJdPVHBKon/jR4Rq6fbyVTECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTNvUdwXh2rCuCiq4EBsw+QdkNEVzAfBgNVHSMEGDAWgBRdo5QcJ8/lwjTE
vyIeyypXmy3qqzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hhT1VIQ2ZQNWNJMHhMOGlIc3NxVjVzdDZxcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODAvMzBlZDNlLWM0YzQtNGRlOC1iNGYxLWYxMWEzOWYyNmMzYi8x
L3piMUhjRjRkcXdyZ29xdUJBYk1Qa0haRFJGYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODAv
MzBlZDNlLWM0YzQtNGRlOC1iNGYxLWYxMWEzOWYyNmMzYi8xL1hhT1VIQ2ZQNWNJ
MHhMOGlIc3NxVjVzdDZxcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsEgpDANBgkqhkiG9w0BAQsFAAOC
AQEAL2A7iXB6SotSOuK9cyQGjKRhoAr7g5OMkpDmNvcpVGsjWvMrqqkO039mYKGV
9q2Outo7Y+B6hLBa1qKmr+gM/nkAMAymFOMqrlfm08hI8XwB59rdJ5jP3Rp+3sIz
1Vrc85dYLKz65lhZ4T+UtBo76/wgACh/hAT1B0G/p886BrtU/7CF9V5bMKW7RSj9
ELQUxWDXeQsPCxmDKYuKxcgluenw2yRUv+B+qlFJKuW9ziW3z+tJ0OoftN9E2uXE
3wBvRPnESJpf8fPcufY4jXUDTk6mx0hUKP/S/PC8pO9dlVzFUGVt4yPxf8hDISFr
6V+e8uUQHZxmcsQ/qfRQN71vQA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:47 2024 by rpki-client on console-fra.rpki-client.org