Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/8d6943-ca75-4372-b77f-5c6502bffa1f/1/ZMf1IHyoNzYnRJAvSGBRccmRYew.roa
File: ZMf1IHyoNzYnRJAvSGBRccmRYew.roa (raw, json)
Hash identifier: rlswCtuv1A21mtzHbvMJ4roDTfEPo3ZFT7vWNd5Fl34=
Subject key identifier: 64:C7:F5:20:7C:A8:37:36:27:44:90:2F:48:60:51:71:C9:91:61:EC
Certificate issuer: /CN=c6d18653fbfb6fd5732dc940c1d65d77ab0bbfa3
Certificate serial: 018573F1B76B98E3B4D2295D140C57D02236
Authority key identifier: C6:D1:86:53:FB:FB:6F:D5:73:2D:C9:40:C1:D6:5D:77:AB:0B:BF:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xtGGU_v7b9VzLclAwdZdd6sLv6M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/8d6943-ca75-4372-b77f-5c6502bffa1f/1/ZMf1IHyoNzYnRJAvSGBRccmRYew.roa
Signing time: Mon 02 Jan 2023 19:24:58 +0000
ROA not before: Mon 02 Jan 2023 19:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61254
IP address blocks: 94.230.186.0/24 maxlen: 24
94.230.186.0/23 maxlen: 23
94.230.187.0/24 maxlen: 24
80.93.251.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:f1:b7:6b:98:e3:b4:d2:29:5d:14:0c:57:d0:22:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6d18653fbfb6fd5732dc940c1d65d77ab0bbfa3
Validity
Not Before: Jan 2 19:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64c7f5207ca837362744902f48605171c99161ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:d3:ee:8a:ca:37:a3:12:50:0a:6e:fb:e9:d1:
90:c2:34:22:b3:67:db:cd:a8:15:e9:12:f5:df:bf:
2a:37:00:fd:f6:1d:6f:22:16:d8:1a:9c:9a:bf:4e:
68:58:3a:78:14:ba:4e:38:b9:a8:57:c0:cb:55:c5:
92:d3:71:dc:26:60:44:b7:ac:14:1c:0e:34:35:53:
fa:73:45:aa:41:ea:c3:6b:9e:17:d5:05:bb:7d:78:
1e:d1:d7:48:26:d2:de:eb:b2:c7:86:ca:7e:90:e3:
a1:58:34:4e:5e:d4:e9:07:19:a6:7a:ad:75:6f:aa:
58:11:0e:8b:95:0d:e3:5c:d8:4b:b8:3b:55:91:69:
2c:65:4b:2a:0d:9d:00:17:31:eb:80:4c:30:d6:eb:
6e:ef:8c:6e:b2:72:98:28:cf:83:54:5a:7c:31:fe:
bb:cc:a8:39:7e:a9:56:c5:0c:57:2f:30:2e:a0:21:
cc:89:9c:10:62:30:3d:fd:17:2a:0f:dd:a1:07:7f:
a3:01:82:42:d9:c6:51:7f:86:77:6c:11:71:c2:f0:
65:51:56:20:97:0d:85:bf:9a:55:41:a4:16:f2:53:
58:2a:87:0b:3e:31:da:6c:1f:38:32:d9:f0:11:16:
8e:d8:44:de:08:52:0d:6b:a2:b9:22:d5:f2:58:43:
a6:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:C7:F5:20:7C:A8:37:36:27:44:90:2F:48:60:51:71:C9:91:61:EC
X509v3 Authority Key Identifier:
keyid:C6:D1:86:53:FB:FB:6F:D5:73:2D:C9:40:C1:D6:5D:77:AB:0B:BF:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xtGGU_v7b9VzLclAwdZdd6sLv6M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/8d6943-ca75-4372-b77f-5c6502bffa1f/1/ZMf1IHyoNzYnRJAvSGBRccmRYew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/8d6943-ca75-4372-b77f-5c6502bffa1f/1/xtGGU_v7b9VzLclAwdZdd6sLv6M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.93.251.0/24
94.230.186.0/23
Signature Algorithm: sha256WithRSAEncryption
39:3c:36:88:b7:73:93:41:1f:b3:82:5c:83:f0:28:73:ff:32:
44:9a:bc:2e:ce:39:78:6a:40:6e:56:0e:ff:4b:44:8a:a1:bd:
64:8f:a8:1c:91:e8:4e:d5:79:0d:6f:f2:b9:4f:53:7a:1f:cf:
04:5a:8e:4c:9e:47:d3:cc:d5:65:52:b1:36:16:e4:86:40:47:
bf:f0:81:88:b8:3c:50:93:4f:6c:c9:ff:c0:8f:ba:6f:cf:0e:
ef:2c:e8:14:8d:87:83:6c:c7:77:77:a1:0a:ba:3a:a9:50:f4:
06:85:08:f6:e2:3e:6e:fe:59:b3:09:64:ff:a0:6a:a9:4e:64:
ed:8c:81:01:f0:00:15:04:24:5c:1f:76:b2:20:48:db:7f:41:
de:25:23:b8:7c:fc:eb:57:60:be:79:37:52:96:5b:50:68:88:
91:7b:4a:ba:5c:9b:6c:dc:58:41:e4:95:70:f8:11:f3:fb:ee:
15:82:52:f2:61:57:a4:75:60:9a:a3:b3:5e:ee:37:3e:87:1e:
10:71:1c:f2:a8:4a:7c:6d:96:2d:c1:de:3d:96:1d:39:12:5d:
1e:5e:08:87:ee:b3:1c:11:06:cf:0f:99:e5:17:0d:44:de:01:
4a:af:cd:32:62:b0:43:55:3a:ef:ab:ef:a6:46:6d:04:21:9c:
d4:ce:ea:5a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVz8bdrmOO00ildFAxX0CI2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ZDE4NjUzZmJmYjZmZDU3MzJkYzk0MGMxZDY1ZDc3YWIw
YmJmYTMwHhcNMjMwMTAyMTkyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGM3ZjUyMDdjYTgzNzM2Mjc0NDkwMmY0ODYwNTE3MWM5OTE2MWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9Puiso3oxJQCm776dGQwjQis2fb
zagV6RL1378qNwD99h1vIhbYGpyav05oWDp4FLpOOLmoV8DLVcWS03HcJmBEt6wU
HA40NVP6c0WqQerDa54X1QW7fXge0ddIJtLe67LHhsp+kOOhWDROXtTpBxmmeq11
b6pYEQ6LlQ3jXNhLuDtVkWksZUsqDZ0AFzHrgEww1utu74xusnKYKM+DVFp8Mf67
zKg5fqlWxQxXLzAuoCHMiZwQYjA9/RcqD92hB3+jAYJC2cZRf4Z3bBFxwvBlUVYg
lw2Fv5pVQaQW8lNYKocLPjHabB84MtnwERaO2ETeCFINa6K5ItXyWEOmOwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGTH9SB8qDc2J0SQL0hgUXHJkWHsMB8GA1UdIwQY
MBaAFMbRhlP7+2/Vcy3JQMHWXXerC7+jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHRHR1VfdjdiOVZ6TGNsQXdkWmRkNnNMdjZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS84ZDY5NDMtY2E3NS00MzcyLWI3N2Yt
NWM2NTAyYmZmYTFmLzEvWk1mMUlIeW9OelluUkpBdlNHQlJjY21SWWV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS84ZDY5NDMtY2E3NS00MzcyLWI3N2YtNWM2NTAyYmZmYTFm
LzEveHRHR1VfdjdiOVZ6TGNsQXdkWmRkNnNMdjZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUF37AwQB
Xua6MA0GCSqGSIb3DQEBCwUAA4IBAQA5PDaIt3OTQR+zglyD8Chz/zJEmrwuzjl4
akBuVg7/S0SKob1kj6gckehO1XkNb/K5T1N6H88EWo5MnkfTzNVlUrE2FuSGQEe/
8IGIuDxQk09syf/Aj7pvzw7vLOgUjYeDbMd3d6EKujqpUPQGhQj24j5u/lmzCWT/
oGqpTmTtjIEB8AAVBCRcH3ayIEjbf0HeJSO4fPzrV2C+eTdSlltQaIiRe0q6XJts
3FhB5JVw+BHz++4VglLyYVekdWCao7Ne7jc+hx4QcRzyqEp8bZYtwd49lh05El0e
XgiH7rMcEQbPD5nlFw1E3gFKr80yYrBDVTrvq++mRm0EIZzUzupa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:02 2024 by rpki-client on console-fra.rpki-client.org