Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/8d6943-ca75-4372-b77f-5c6502bffa1f/1/Z_HzHgzl3J4KebKt7wYg7if0L2k.roa
File: Z_HzHgzl3J4KebKt7wYg7if0L2k.roa (raw, json)
Hash identifier: 5SQNc59RwbA0YGym1toL7Nr1tvT53pWyapNjP043XGs=
Subject key identifier: 67:F1:F3:1E:0C:E5:DC:9E:0A:79:B2:AD:EF:06:20:EE:27:F4:2F:69
Certificate issuer: /CN=c6d18653fbfb6fd5732dc940c1d65d77ab0bbfa3
Certificate serial: 018CC8011E3A574182920D850CFD472C498D
Authority key identifier: C6:D1:86:53:FB:FB:6F:D5:73:2D:C9:40:C1:D6:5D:77:AB:0B:BF:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xtGGU_v7b9VzLclAwdZdd6sLv6M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/8d6943-ca75-4372-b77f-5c6502bffa1f/1/Z_HzHgzl3J4KebKt7wYg7if0L2k.roa
Signing time: Tue 02 Jan 2024 02:29:25 +0000
ROA not before: Tue 02 Jan 2024 02:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31042
IP address blocks: 91.143.208.0/20 maxlen: 24
94.230.176.0/20 maxlen: 24
185.81.60.0/22 maxlen: 24
80.93.224.0/19 maxlen: 24
46.240.128.0/17 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:1e:3a:57:41:82:92:0d:85:0c:fd:47:2c:49:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6d18653fbfb6fd5732dc940c1d65d77ab0bbfa3
Validity
Not Before: Jan 2 02:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67f1f31e0ce5dc9e0a79b2adef0620ee27f42f69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:01:66:92:19:84:bc:0a:6a:00:5a:be:6f:43:
cc:e5:87:e8:49:36:07:a9:07:0b:11:c5:1d:33:c2:
d3:8d:a6:41:b5:33:f6:25:da:1b:87:9f:ad:67:c2:
bb:26:1a:0a:91:3f:4b:55:39:c2:f3:8f:f1:e2:00:
b9:47:ba:2e:d2:b3:ad:6e:2b:d4:d9:ac:e0:74:51:
bc:c4:c0:98:d3:a1:6b:45:32:f3:35:5e:42:38:e6:
61:96:d3:42:34:a8:02:a3:76:3c:ff:d7:d0:0e:a7:
3b:15:2a:ea:b6:eb:d0:24:10:48:72:3d:19:97:f3:
91:f8:5f:70:4e:ca:36:e1:c8:3f:cf:7c:4f:cf:4f:
c5:ce:12:7e:72:34:8e:40:84:b6:9d:42:e5:ef:d7:
3a:ce:c9:85:a7:31:7f:7c:58:5f:4b:c3:2a:0d:24:
51:a0:bd:bc:fd:cb:bf:ed:e8:6c:46:ad:be:db:66:
47:0f:63:8f:3d:a7:f1:f0:1f:ce:62:27:46:8d:5b:
fb:ec:df:f5:25:ea:2e:2d:a6:42:23:a6:88:18:44:
44:d6:b2:74:96:d0:e3:33:35:c1:37:98:58:5a:c3:
2a:ac:b1:d1:23:72:08:2b:2d:ce:98:0f:81:c1:3c:
c9:57:ea:ad:80:20:c8:1b:8a:4c:f7:c8:f4:50:fe:
3f:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:F1:F3:1E:0C:E5:DC:9E:0A:79:B2:AD:EF:06:20:EE:27:F4:2F:69
X509v3 Authority Key Identifier:
keyid:C6:D1:86:53:FB:FB:6F:D5:73:2D:C9:40:C1:D6:5D:77:AB:0B:BF:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xtGGU_v7b9VzLclAwdZdd6sLv6M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/8d6943-ca75-4372-b77f-5c6502bffa1f/1/Z_HzHgzl3J4KebKt7wYg7if0L2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/8d6943-ca75-4372-b77f-5c6502bffa1f/1/xtGGU_v7b9VzLclAwdZdd6sLv6M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.240.128.0/17
80.93.224.0/19
91.143.208.0/20
94.230.176.0/20
185.81.60.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:ff:d9:c3:38:5b:62:ef:16:50:a8:63:ae:c0:6d:d5:61:36:
71:7c:b5:41:f0:d3:14:cc:34:1d:09:d9:b3:72:b0:93:ff:c7:
4e:ed:79:8e:12:b5:81:0c:b0:4b:fb:d2:2d:0a:37:21:dd:b5:
6a:3c:7c:2e:a0:80:9b:ac:00:15:4d:c9:a3:d4:9e:12:a7:62:
ab:1f:0d:0c:b5:e3:85:0e:70:3a:51:bf:d8:73:e7:18:31:9d:
38:96:0d:f4:45:d3:15:84:92:6a:18:a1:29:2c:14:32:ec:50:
6e:47:9d:00:fb:8a:98:40:6d:f4:c1:1a:02:25:22:f7:98:2e:
b4:a6:5c:74:4b:c4:ae:1a:18:b5:9f:6c:f2:59:f2:f3:c5:e7:
0a:1c:96:16:23:d2:8c:b5:52:fd:9e:eb:1f:b8:0e:9d:e0:18:
47:2f:c7:bd:04:0b:49:c2:33:56:80:d2:5b:55:04:97:a7:df:
b1:9e:b1:da:ad:d3:3b:1e:b5:83:b5:86:e3:2b:65:d5:61:c7:
bb:8e:d5:48:78:8b:aa:26:93:6a:4c:44:4c:46:da:03:24:c4:
24:50:aa:6d:a3:ac:9c:3d:27:b3:e1:bb:fa:ad:5b:57:8c:de:
65:dd:49:bd:07:b9:16:02:97:40:59:44:ab:8c:9b:15:e4:72:
ee:84:82:0d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzIAR46V0GCkg2FDP1HLEmNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ZDE4NjUzZmJmYjZmZDU3MzJkYzk0MGMxZDY1ZDc3YWIw
YmJmYTMwHhcNMjQwMTAyMDIyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2YxZjMxZTBjZTVkYzllMGE3OWIyYWRlZjA2MjBlZTI3ZjQyZjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgFmkhmEvApqAFq+b0PM5YfoSTYH
qQcLEcUdM8LTjaZBtTP2Jdobh5+tZ8K7JhoKkT9LVTnC84/x4gC5R7ou0rOtbivU
2azgdFG8xMCY06FrRTLzNV5COOZhltNCNKgCo3Y8/9fQDqc7FSrqtuvQJBBIcj0Z
l/OR+F9wTso24cg/z3xPz0/FzhJ+cjSOQIS2nULl79c6zsmFpzF/fFhfS8MqDSRR
oL28/cu/7ehsRq2+22ZHD2OPPafx8B/OYidGjVv77N/1JeouLaZCI6aIGERE1rJ0
ltDjMzXBN5hYWsMqrLHRI3IIKy3OmA+BwTzJV+qtgCDIG4pM98j0UP4/kQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGfx8x4M5dyeCnmyre8GIO4n9C9pMB8GA1UdIwQY
MBaAFMbRhlP7+2/Vcy3JQMHWXXerC7+jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHRHR1VfdjdiOVZ6TGNsQXdkWmRkNnNMdjZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS84ZDY5NDMtY2E3NS00MzcyLWI3N2Yt
NWM2NTAyYmZmYTFmLzEvWl9IekhnemwzSjRLZWJLdDd3WWc3aWYwTDJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS84ZDY5NDMtY2E3NS00MzcyLWI3N2YtNWM2NTAyYmZmYTFm
LzEveHRHR1VfdjdiOVZ6TGNsQXdkWmRkNnNMdjZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQHLvCAAwQF
UF3gAwQEW4/QAwQEXuawAwQCuVE8MA0GCSqGSIb3DQEBCwUAA4IBAQBL/9nDOFti
7xZQqGOuwG3VYTZxfLVB8NMUzDQdCdmzcrCT/8dO7XmOErWBDLBL+9ItCjch3bVq
PHwuoICbrAAVTcmj1J4Sp2KrHw0MteOFDnA6Ub/Yc+cYMZ04lg30RdMVhJJqGKEp
LBQy7FBuR50A+4qYQG30wRoCJSL3mC60plx0S8SuGhi1n2zyWfLzxecKHJYWI9KM
tVL9nusfuA6d4BhHL8e9BAtJwjNWgNJbVQSXp9+xnrHardM7HrWDtYbjK2XVYce7
jtVIeIuqJpNqTERMRtoDJMQkUKpto6ycPSez4bv6rVtXjN5l3Um9B7kWApdAWUSr
jJsV5HLuhIIN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:02 2024 by rpki-client on console-fra.rpki-client.org