Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/035de6-ea5f-40a6-a673-19c9298ff5d5/1/yD0LpyWNUxHd85hklSKXSfsfHsY.roa
File: yD0LpyWNUxHd85hklSKXSfsfHsY.roa (raw, json)
Hash identifier: v54fdJhsKQyl55fUpWSVdDCiVLlPp5LusUT2liJYJGo=
Subject key identifier: C8:3D:0B:A7:25:8D:53:11:DD:F3:98:64:95:22:97:49:FB:1F:1E:C6
Certificate issuer: /CN=66dfc89c07ae1331bfb37138568ea79a87fecf3b
Certificate serial: 018E48825617D45CDA2B3A8B86AE43E260F0
Authority key identifier: 66:DF:C8:9C:07:AE:13:31:BF:B3:71:38:56:8E:A7:9A:87:FE:CF:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt_InAeuEzG_s3E4Vo6nmof-zzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/035de6-ea5f-40a6-a673-19c9298ff5d5/1/yD0LpyWNUxHd85hklSKXSfsfHsY.roa
Signing time: Sat 16 Mar 2024 18:24:45 +0000
ROA not before: Sat 16 Mar 2024 18:24:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58222
IP address blocks: 45.80.16.0/22 maxlen: 24
91.210.70.0/24 maxlen: 24
185.234.16.0/22 maxlen: 24
2a13:87c0::/29 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:48:82:56:17:d4:5c:da:2b:3a:8b:86:ae:43:e2:60:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66dfc89c07ae1331bfb37138568ea79a87fecf3b
Validity
Not Before: Mar 16 18:24:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c83d0ba7258d5311ddf3986495229749fb1f1ec6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:ab:8e:01:38:56:26:86:b3:1e:4a:68:f2:55:
11:56:a0:a9:7a:ca:c8:1d:b4:ca:53:c0:ce:e4:bb:
05:20:f8:cb:ca:dd:b2:81:f9:88:49:48:52:98:c0:
fc:ad:cf:2d:a6:bc:a5:2c:f6:0d:da:97:9e:ad:bd:
19:e0:09:5b:45:d4:44:8c:db:e5:99:c6:98:ba:fd:
b8:75:85:a4:e5:90:e1:ee:0e:65:9b:5d:33:29:f0:
0d:04:83:c3:c0:81:e6:98:b7:4b:0e:c6:37:54:d8:
61:95:aa:e7:f2:d6:c1:ce:4a:af:3f:36:5c:57:43:
fc:d1:f5:de:27:df:22:5b:47:a8:ff:09:a3:54:d8:
89:f2:58:cc:bc:de:cd:51:c8:f9:ed:80:45:60:ac:
12:f7:d8:10:26:61:f8:66:2c:7e:99:f2:0e:b0:45:
62:a7:3e:31:31:eb:45:49:59:77:67:01:41:d4:7a:
b7:4e:ac:a4:2d:f6:10:94:3e:35:d9:3a:b6:be:0a:
10:29:b0:99:39:a7:3b:d4:98:b7:b5:2d:8a:3d:93:
ad:57:86:99:0b:72:fe:8c:f0:bb:4e:ab:8c:14:20:
6b:b9:76:f6:6a:a7:5c:01:74:4a:da:ac:5a:8b:cf:
44:d4:5b:c2:20:f3:04:b9:0c:c4:c1:fc:7f:b0:ae:
ba:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:3D:0B:A7:25:8D:53:11:DD:F3:98:64:95:22:97:49:FB:1F:1E:C6
X509v3 Authority Key Identifier:
keyid:66:DF:C8:9C:07:AE:13:31:BF:B3:71:38:56:8E:A7:9A:87:FE:CF:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt_InAeuEzG_s3E4Vo6nmof-zzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/035de6-ea5f-40a6-a673-19c9298ff5d5/1/yD0LpyWNUxHd85hklSKXSfsfHsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/035de6-ea5f-40a6-a673-19c9298ff5d5/1/Zt_InAeuEzG_s3E4Vo6nmof-zzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.16.0/22
91.210.70.0/24
185.234.16.0/22
IPv6:
2a13:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
18:b3:92:b5:c0:47:ca:b9:b9:38:dc:b5:ac:62:f5:7b:a8:96:
ed:0e:b0:5b:ef:6a:78:c9:64:c7:5d:b6:d1:05:47:9e:ad:c7:
cf:09:20:ed:65:09:3e:6f:76:8a:d8:fe:ac:51:73:f6:ab:52:
3f:72:2e:88:82:f2:3e:7c:fd:2a:66:aa:ef:8d:5c:c6:0e:92:
87:3e:c7:91:39:a3:a0:ef:3c:11:00:1b:2b:31:45:54:c9:7e:
4d:45:e2:84:28:7b:22:75:0f:7d:3e:72:65:67:3b:b9:41:2c:
82:0c:73:83:fe:3e:e2:93:ea:b1:ce:25:2a:e0:29:17:67:fb:
1a:3f:fc:96:3b:ac:23:77:f6:ee:14:a3:e7:9e:34:5b:01:a3:
31:ee:06:67:86:4b:8c:d7:63:b2:05:9d:53:a2:d5:09:d4:10:
4c:0f:c7:09:28:c5:df:a2:46:6c:7d:34:28:6e:16:28:e5:68:
16:0a:2f:05:a9:09:26:26:30:a9:da:64:2f:90:dd:5b:60:f7:
5c:4e:b1:78:0c:ee:4b:9c:2a:c9:5e:47:61:07:c1:8f:85:55:
4d:e2:38:4c:e8:03:d3:fe:81:db:0a:af:f5:68:34:d8:77:05:
04:4e:2b:40:f8:af:c0:a6:49:41:34:52:45:80:d1:aa:82:9b:
b8:80:ab:b8
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY5IglYX1FzaKzqLhq5D4mDwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGZjODljMDdhZTEzMzFiZmIzNzEzODU2OGVhNzlhODdm
ZWNmM2IwHhcNMjQwMzE2MTgyNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODNkMGJhNzI1OGQ1MzExZGRmMzk4NjQ5NTIyOTc0OWZiMWYxZWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkauOAThWJoazHkpo8lURVqCpesrI
HbTKU8DO5LsFIPjLyt2ygfmISUhSmMD8rc8tprylLPYN2peerb0Z4AlbRdREjNvl
mcaYuv24dYWk5ZDh7g5lm10zKfANBIPDwIHmmLdLDsY3VNhhlarn8tbBzkqvPzZc
V0P80fXeJ98iW0eo/wmjVNiJ8ljMvN7NUcj57YBFYKwS99gQJmH4Zix+mfIOsEVi
pz4xMetFSVl3ZwFB1Hq3TqykLfYQlD412Tq2vgoQKbCZOac71Ji3tS2KPZOtV4aZ
C3L+jPC7TquMFCBruXb2aqdcAXRK2qxai89E1FvCIPMEuQzEwfx/sK663wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFMg9C6cljVMR3fOYZJUil0n7Hx7GMB8GA1UdIwQY
MBaAFGbfyJwHrhMxv7NxOFaOp5qH/s87MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnRfSW5BZXVFekdfczNFNFZvNm5tb2YtenpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8wMzVkZTYtZWE1Zi00MGE2LWE2NzMt
MTljOTI5OGZmNWQ1LzEveUQwTHB5V05VeEhkODVoa2xTS1hTZnNmSHNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi8wMzVkZTYtZWE1Zi00MGE2LWE2NzMtMTljOTI5OGZmNWQ1
LzEvWnRfSW5BZXVFekdfczNFNFZvNm5tb2YtenpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLVAQAwQA
W9JGAwQCueoQMA0EAgACMAcDBQMqE4fAMA0GCSqGSIb3DQEBCwUAA4IBAQAYs5K1
wEfKubk43LWsYvV7qJbtDrBb72p4yWTHXbbRBUeercfPCSDtZQk+b3aK2P6sUXP2
q1I/ci6IgvI+fP0qZqrvjVzGDpKHPseROaOg7zwRABsrMUVUyX5NReKEKHsidQ99
PnJlZzu5QSyCDHOD/j7ik+qxziUq4CkXZ/saP/yWO6wjd/buFKPnnjRbAaMx7gZn
hkuM12OyBZ1TotUJ1BBMD8cJKMXfokZsfTQobhYo5WgWCi8FqQkmJjCp2mQvkN1b
YPdcTrF4DO5LnCrJXkdhB8GPhVVN4jhM6APT/oHbCq/1aDTYdwUETitA+K/ApklB
NFJFgNGqgpu4gKu4
-----END CERTIFICATE-----
Generated at Thu Jul 25 14:55:53 2024 by rpki-client on console-fra.rpki-client.org