Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/ZnIZhfSOkVM_3CiV0gFI1OcGULE.roa
File: ZnIZhfSOkVM_3CiV0gFI1OcGULE.roa (raw, json)
Hash identifier: rHpJwSpJxcvgl0VRJ29WYBtLZ4Ulv0tAk2CGHRVsWjo=
Subject key identifier: 66:72:19:85:F4:8E:91:53:3F:DC:28:95:D2:01:48:D4:E7:06:50:B1
Certificate issuer: /CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Certificate serial: 018CC501264C691868D8BBCCD653EE640960
Authority key identifier: E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/ZnIZhfSOkVM_3CiV0gFI1OcGULE.roa
Signing time: Mon 01 Jan 2024 12:30:36 +0000
ROA not before: Mon 01 Jan 2024 12:30:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212742
IP address blocks: 188.132.216.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:26:4c:69:18:68:d8:bb:cc:d6:53:ee:64:09:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Validity
Not Before: Jan 1 12:30:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66721985f48e91533fdc2895d20148d4e70650b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:75:ca:76:a5:f0:ad:d5:ef:eb:e0:8c:f0:ca:
0c:65:1c:a9:99:77:83:9e:48:61:09:9b:08:fc:c1:
40:ec:be:bc:84:a0:ea:9b:e2:09:28:6c:32:55:35:
ab:1f:dc:c0:2e:53:ed:4e:39:e4:60:d1:99:52:4b:
cf:bb:73:a0:d8:78:44:76:03:c8:6b:9e:cc:ae:2b:
86:ee:67:62:c2:c9:a5:db:5a:68:c4:84:4b:0b:ec:
72:f3:8d:28:3a:c4:6e:7a:0d:7c:7a:23:ec:8c:a7:
d5:61:5d:77:bd:df:a0:39:56:be:bf:8f:7e:12:c0:
30:a7:1e:03:52:0c:92:68:04:50:65:b0:64:cc:d3:
35:ef:81:07:80:42:27:1c:fe:d5:58:3a:96:62:d5:
cd:e3:e9:3c:67:3b:fa:fa:90:4f:5e:59:33:6a:fd:
e8:cd:65:9f:f6:e3:73:96:18:bc:cb:24:a2:e0:d7:
ac:c5:e2:48:14:91:74:05:40:9c:63:c2:f2:81:f5:
cc:25:d6:93:fb:92:d5:93:c0:e3:f5:86:ef:2d:53:
67:3d:e1:9f:22:cc:1a:a3:9a:15:a6:8e:3e:f5:2c:
64:74:31:3b:b9:55:42:a7:24:8d:c7:4d:c6:6c:71:
cf:02:f8:61:2c:95:c7:b9:62:96:de:93:d7:ec:ac:
3c:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:72:19:85:F4:8E:91:53:3F:DC:28:95:D2:01:48:D4:E7:06:50:B1
X509v3 Authority Key Identifier:
keyid:E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/ZnIZhfSOkVM_3CiV0gFI1OcGULE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/5KK46Q0VfqAi-OcAAkqT3DVqUU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.132.216.0/24
Signature Algorithm: sha256WithRSAEncryption
19:48:a1:de:cf:55:ca:b0:a2:e6:8c:73:2a:04:c8:06:69:29:
39:94:41:9e:82:6e:ef:ba:8c:17:fa:26:b3:76:b3:9e:de:d8:
42:06:43:29:c7:bc:69:d9:07:37:4e:ed:91:6b:86:f1:e7:82:
08:09:ef:1c:0c:f8:fe:c1:bc:e1:85:b4:ea:41:b1:58:da:55:
57:91:08:a6:d3:a7:b0:b9:a6:a8:b1:45:3c:03:8b:ef:2b:9e:
68:bb:eb:9a:7b:b7:a0:f9:2c:fc:f9:27:bf:ab:fe:f4:20:37:
d4:d3:5d:17:9f:bc:c0:49:83:b2:ad:64:91:71:b4:8e:55:bb:
1c:fb:d8:70:7c:af:e8:c5:f3:7a:00:c3:10:fd:bf:09:61:b0:
4a:fe:a2:39:4b:e4:e0:38:19:a5:ee:8d:5e:45:cb:90:02:fb:
aa:08:35:c0:c0:21:11:8e:bc:45:51:26:98:02:d9:11:34:1a:
7c:25:b2:24:0e:49:00:7f:cc:a9:ac:1e:5d:46:57:fa:42:a4:
97:d3:22:c4:f3:33:1f:02:e4:3e:5d:16:fc:93:ff:6a:48:29:
aa:03:ef:62:85:ee:2b:d0:46:dd:4b:2b:65:47:27:93:dc:66:
fd:54:82:15:ca:e5:14:94:3f:49:7d:ba:c0:af:52:18:78:0b:
fa:e7:bb:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFASZMaRho2LvM1lPuZAlgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTJiOGU5MGQxNTdlYTAyMmY4ZTcwMDAyNGE5M2RjMzU2
YTUxNGQwHhcNMjQwMTAxMTIzMDM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjcyMTk4NWY0OGU5MTUzM2ZkYzI4OTVkMjAxNDhkNGU3MDY1MGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3XKdqXwrdXv6+CM8MoMZRypmXeD
nkhhCZsI/MFA7L68hKDqm+IJKGwyVTWrH9zALlPtTjnkYNGZUkvPu3Og2HhEdgPI
a57MriuG7mdiwsml21poxIRLC+xy840oOsRueg18eiPsjKfVYV13vd+gOVa+v49+
EsAwpx4DUgySaARQZbBkzNM174EHgEInHP7VWDqWYtXN4+k8Zzv6+pBPXlkzav3o
zWWf9uNzlhi8yySi4NesxeJIFJF0BUCcY8LygfXMJdaT+5LVk8Dj9YbvLVNnPeGf
Iswao5oVpo4+9SxkdDE7uVVCpySNx03GbHHPAvhhLJXHuWKW3pPX7Kw8+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGZyGYX0jpFTP9woldIBSNTnBlCxMB8GA1UdIwQY
MBaAFOSiuOkNFX6gIvjnAAJKk9w1alFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTct
ZGY0YTJlNzYwY2NiLzEvWm5JWmhmU09rVk1fM0NpVjBnRkkxT2NHVUxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTctZGY0YTJlNzYwY2Ni
LzEvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvITYMA0G
CSqGSIb3DQEBCwUAA4IBAQAZSKHez1XKsKLmjHMqBMgGaSk5lEGegm7vuowX+iaz
drOe3thCBkMpx7xp2Qc3Tu2Ra4bx54IICe8cDPj+wbzhhbTqQbFY2lVXkQim06ew
uaaosUU8A4vvK55ou+uae7eg+Sz8+Se/q/70IDfU010Xn7zASYOyrWSRcbSOVbsc
+9hwfK/oxfN6AMMQ/b8JYbBK/qI5S+TgOBml7o1eRcuQAvuqCDXAwCERjrxFUSaY
AtkRNBp8JbIkDkkAf8yprB5dRlf6QqSX0yLE8zMfAuQ+XRb8k/9qSCmqA+9ihe4r
0EbdSytlRyeT3Gb9VIIVyuUUlD9JfbrAr1IYeAv657v3
-----END CERTIFICATE-----
Generated at Wed Feb 14 15:10:46 2024 by rpki-client on console-ams.rpki-client.org