Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/993772-5fba-40bf-b721-6c3950194370/1/zfV2UNXQsfIkEYwNCa9MH55s9K0.roa
File: zfV2UNXQsfIkEYwNCa9MH55s9K0.roa (raw, json)
Hash identifier: uh+HjQKezeZEaw6tbLAmKPUXI7elmY8pMKYYlQilNpI=
Subject key identifier: CD:F5:76:50:D5:D0:B1:F2:24:11:8C:0D:09:AF:4C:1F:9E:6C:F4:AD
Certificate issuer: /CN=8353accb94e10cf8c2c29679067ee39099f404d3
Certificate serial: 03C55FD9
Authority key identifier: 83:53:AC:CB:94:E1:0C:F8:C2:C2:96:79:06:7E:E3:90:99:F4:04:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g1Osy5ThDPjCwpZ5Bn7jkJn0BNM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/993772-5fba-40bf-b721-6c3950194370/1/zfV2UNXQsfIkEYwNCa9MH55s9K0.roa
Signing time: Sat 01 Jan 2022 06:06:27 +0000
ROA not before: Sat 01 Jan 2022 06:06:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44375
IP address blocks: 193.178.200.0/22 maxlen: 22
152.89.44.0/22 maxlen: 22
93.126.0.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63266777 (0x3c55fd9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8353accb94e10cf8c2c29679067ee39099f404d3
Validity
Not Before: Jan 1 06:06:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cdf57650d5d0b1f224118c0d09af4c1f9e6cf4ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:61:f9:e1:c2:76:81:f6:af:d8:e1:c4:19:d6:
f4:68:36:da:5f:7e:12:00:bc:87:97:cd:33:b1:cf:
4a:69:6e:2b:c2:73:93:43:95:30:f0:23:e3:f0:db:
58:9d:42:7c:6a:cb:e7:b8:d9:88:20:a9:77:5a:db:
b2:91:26:f7:eb:39:d0:59:c9:a0:20:42:fe:86:32:
33:a7:31:1a:94:f8:eb:91:a2:a2:1a:fa:6b:07:a1:
a3:42:e1:40:be:df:80:f6:15:6c:7d:75:d8:9a:15:
82:45:4e:a5:03:07:d7:4a:38:1e:cf:c9:cf:ec:33:
45:04:21:ab:52:1a:73:06:6b:7c:ca:21:15:74:33:
1e:a8:88:f7:bb:46:0b:cd:33:e7:69:c6:0b:33:d8:
82:b7:39:db:3a:c1:63:02:03:f5:c3:6f:7d:96:92:
cb:d9:3f:ab:40:b1:59:2c:d3:e6:3f:d7:aa:94:ed:
ae:0c:ba:12:3c:44:ce:ad:f3:6f:f6:b6:68:9f:cf:
80:0f:30:69:90:5b:1f:0c:5f:96:d9:28:f8:4a:d6:
40:44:6a:f6:50:bf:e4:0f:35:78:e5:ac:9f:f2:f9:
9c:03:db:e4:d4:04:f5:9d:9d:63:fc:79:54:e1:ab:
36:b5:5a:a0:5c:f6:5b:b4:f8:6a:e4:cd:44:ac:68:
09:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:F5:76:50:D5:D0:B1:F2:24:11:8C:0D:09:AF:4C:1F:9E:6C:F4:AD
X509v3 Authority Key Identifier:
keyid:83:53:AC:CB:94:E1:0C:F8:C2:C2:96:79:06:7E:E3:90:99:F4:04:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g1Osy5ThDPjCwpZ5Bn7jkJn0BNM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/993772-5fba-40bf-b721-6c3950194370/1/zfV2UNXQsfIkEYwNCa9MH55s9K0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/993772-5fba-40bf-b721-6c3950194370/1/g1Osy5ThDPjCwpZ5Bn7jkJn0BNM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.126.0.0/18
152.89.44.0/22
193.178.200.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:1d:84:f9:70:80:5c:30:c3:5c:9d:82:f1:bc:30:3d:07:6c:
20:2c:8d:a9:6d:cd:83:5c:7c:bb:c5:d2:b5:c2:88:be:2f:ea:
84:e3:da:0b:53:60:1b:cd:98:d8:a4:37:4f:b6:4e:bb:29:5f:
4b:d8:0b:99:59:0b:a8:b3:6b:d4:fd:c9:ab:5a:44:7f:5d:b8:
40:2f:46:62:59:a8:0a:1d:55:bd:d0:ea:bb:57:65:4f:a5:18:
0b:4b:de:89:5c:fc:07:b3:c1:31:ce:6c:a8:55:6f:d3:5b:b8:
07:53:23:72:2f:58:eb:03:93:63:b2:76:26:1f:d4:10:53:e8:
86:64:79:96:24:4f:12:21:8a:fb:d0:da:d1:5b:92:23:6f:17:
8c:7e:55:61:99:71:23:66:2c:69:45:08:81:4d:11:cc:12:d9:
1a:6e:72:f4:e6:ec:b3:f3:d0:92:04:64:ab:7a:de:3d:41:8d:
b9:32:22:d5:b4:f8:07:33:92:c7:82:f1:a7:fe:3c:eb:f0:b0:
01:57:01:7e:a4:6b:b1:e7:2d:61:c3:6c:97:c8:95:54:ee:cf:
76:df:26:75:c4:82:10:e3:3e:2b:75:16:8c:76:d5:7a:29:95:
60:6d:98:59:08:1d:6b:a7:47:e6:2e:0d:01:9f:ce:e4:69:0c:
e4:b4:81:37
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEA8Vf2TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MzUzYWNjYjk0ZTEwY2Y4YzJjMjk2NzkwNjdlZTM5MDk5ZjQwNGQzMB4XDTIyMDEw
MTA2MDYyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2RmNTc2NTBkNWQw
YjFmMjI0MTE4YzBkMDlhZjRjMWY5ZTZjZjRhZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOVh+eHCdoH2r9jhxBnW9Gg22l9+EgC8h5fNM7HPSmluK8Jz
k0OVMPAj4/DbWJ1CfGrL57jZiCCpd1rbspEm9+s50FnJoCBC/oYyM6cxGpT465Gi
ohr6aweho0LhQL7fgPYVbH112JoVgkVOpQMH10o4Hs/Jz+wzRQQhq1IacwZrfMoh
FXQzHqiI97tGC80z52nGCzPYgrc52zrBYwID9cNvfZaSy9k/q0CxWSzT5j/XqpTt
rgy6EjxEzq3zb/a2aJ/PgA8waZBbHwxfltko+ErWQERq9lC/5A81eOWsn/L5nAPb
5NQE9Z2dY/x5VOGrNrVaoFz2W7T4auTNRKxoCSUCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBTN9XZQ1dCx8iQRjA0Jr0wfnmz0rTAfBgNVHSMEGDAWgBSDU6zLlOEM+MLC
lnkGfuOQmfQE0zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2cxT3N5NVRoRFBqQ3dwWjVCbjdqa0puMEJOTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGMvOTkzNzcyLTVmYmEtNDBiZi1iNzIxLTZjMzk1MDE5NDM3MC8x
L3pmVjJVTlhRc2ZJa0VZd05DYTlNSDU1czlLMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGMv
OTkzNzcyLTVmYmEtNDBiZi1iNzIxLTZjMzk1MDE5NDM3MC8xL2cxT3N5NVRoRFBq
Q3dwWjVCbjdqa0puMEJOTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEBl1+AAMEAphZLAMEAsGyyDANBgkq
hkiG9w0BAQsFAAOCAQEAah2E+XCAXDDDXJ2C8bwwPQdsICyNqW3Ng1x8u8XStcKI
vi/qhOPaC1NgG82Y2KQ3T7ZOuylfS9gLmVkLqLNr1P3Jq1pEf124QC9GYlmoCh1V
vdDqu1dlT6UYC0veiVz8B7PBMc5sqFVv01u4B1Mjci9Y6wOTY7J2Jh/UEFPohmR5
liRPEiGK+9Da0VuSI28XjH5VYZlxI2YsaUUIgU0RzBLZGm5y9Obss/PQkgRkq3re
PUGNuTIi1bT4BzOSx4Lxp/486/CwAVcBfqRrsectYcNsl8iVVO7Pdt8mdcSCEOM+
K3UWjHbVeimVYG2YWQgda6dH5i4NAZ/O5GkM5LSBNw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:00 2024 by rpki-client on console-ams.rpki-client.org