Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/8cca33-c2b1-4541-9ef2-aa0eb53e90b9/1/PZkuSY9GS2XDWstrYsMx8uRV6hg.roa
File: PZkuSY9GS2XDWstrYsMx8uRV6hg.roa (raw, json)
Hash identifier: EWBi4VVKM8HjMczY6ZCLh/XeKvryIfS2UzH0b+H8MgI=
Subject key identifier: 3D:99:2E:49:8F:46:4B:65:C3:5A:CB:6B:62:C3:31:F2:E4:55:EA:18
Certificate issuer: /CN=f89e229f860b058d23fd28a2926161b8786330c6
Certificate serial: 0185626556C44B0D855C0194902317560014
Authority key identifier: F8:9E:22:9F:86:0B:05:8D:23:FD:28:A2:92:61:61:B8:78:63:30:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-J4in4YLBY0j_SiikmFhuHhjMMY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/8cca33-c2b1-4541-9ef2-aa0eb53e90b9/1/PZkuSY9GS2XDWstrYsMx8uRV6hg.roa
Signing time: Fri 30 Dec 2022 09:38:06 +0000
ROA not before: Fri 30 Dec 2022 09:38:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58092
IP address blocks: 193.102.77.0/24 maxlen: 24
193.102.78.0/24 maxlen: 24
193.102.79.0/24 maxlen: 24
194.62.20.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:62:65:56:c4:4b:0d:85:5c:01:94:90:23:17:56:00:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f89e229f860b058d23fd28a2926161b8786330c6
Validity
Not Before: Dec 30 09:38:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3d992e498f464b65c35acb6b62c331f2e455ea18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:5f:6a:13:bb:ee:5e:91:2e:55:33:f1:c0:17:
d0:25:64:c0:b5:45:a9:b0:0e:8b:b1:7e:0a:84:e9:
66:22:ff:cc:96:f2:08:df:33:40:b2:17:4e:66:70:
74:19:d4:93:94:1c:51:a1:0b:15:7a:46:bc:01:fe:
1b:dc:e0:42:24:11:98:82:0c:41:c8:96:7e:3a:9c:
11:63:be:6a:7f:22:47:17:cd:cc:6c:5d:1a:6b:33:
e0:e0:6e:48:d5:f3:65:c5:48:9c:b1:64:5f:37:91:
e0:9f:ac:b7:aa:22:43:cf:78:ad:4f:09:de:8a:40:
47:3a:be:b2:42:3f:2a:4c:8b:63:77:5c:62:9d:77:
80:a6:83:fc:62:0c:7b:3b:34:6c:17:77:be:a4:7f:
33:44:63:c9:52:10:97:0b:7b:6f:95:2a:b3:1b:5a:
36:1d:91:49:ff:47:42:c5:b5:e9:4e:9b:72:99:1a:
53:a5:6b:34:dc:d4:43:3b:98:28:d5:0f:38:e3:42:
34:ab:41:e3:57:87:aa:83:00:88:53:9a:b0:d8:5f:
1a:2e:18:04:fb:36:d2:be:b2:df:08:b0:b3:4d:3e:
8d:af:67:56:29:b1:d8:f5:1e:71:70:c4:06:7f:13:
d4:2d:30:a8:d1:17:4e:dc:5c:c0:a7:cb:3a:cb:ca:
6f:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:99:2E:49:8F:46:4B:65:C3:5A:CB:6B:62:C3:31:F2:E4:55:EA:18
X509v3 Authority Key Identifier:
keyid:F8:9E:22:9F:86:0B:05:8D:23:FD:28:A2:92:61:61:B8:78:63:30:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-J4in4YLBY0j_SiikmFhuHhjMMY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/8cca33-c2b1-4541-9ef2-aa0eb53e90b9/1/PZkuSY9GS2XDWstrYsMx8uRV6hg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/8cca33-c2b1-4541-9ef2-aa0eb53e90b9/1/1-J4in4YLBY0j_SiikmFhuHhjMMY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.102.77.0-193.102.79.255
194.62.20.0/24
Signature Algorithm: sha256WithRSAEncryption
94:d7:37:a6:d2:a0:39:8a:27:f9:33:e9:44:5f:1c:28:f2:f2:
df:fa:14:ae:9a:d8:7e:61:71:af:06:90:a5:91:f5:65:12:fb:
57:96:32:72:1a:1f:f2:6d:41:d3:ea:bc:f0:88:67:a2:8a:43:
36:69:7a:4f:04:53:0a:15:a8:26:32:90:06:07:d7:e4:14:f4:
43:01:47:e3:9d:a8:7a:1b:75:a9:10:03:b2:58:18:3c:91:50:
6f:53:85:b4:f8:c5:ad:0a:1f:a8:df:b8:e7:d5:da:90:15:56:
01:b6:54:15:a0:6b:fc:c3:20:bb:61:48:75:16:5d:d9:16:c9:
38:20:1d:0f:25:0c:da:4d:7d:02:f4:dc:bd:27:fd:88:a6:83:
e0:58:a1:20:06:ff:b7:8f:80:d5:57:0c:92:52:76:bc:06:45:
ab:99:fe:67:56:a5:db:8f:71:8a:70:03:a8:78:6f:a1:10:33:
01:f7:01:e3:e4:ef:0a:cc:e9:53:b2:89:d0:47:a9:b8:1a:93:
92:2c:27:16:35:d6:1d:8c:86:35:46:92:e6:8c:46:f4:0c:c6:
aa:ce:3e:04:8c:54:7a:10:1e:76:16:34:36:91:e4:21:9f:9b:
9b:b5:01:18:0f:45:54:03:0e:13:5e:95:b2:80:27:9c:2b:f8:
a6:6e:b5:86
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYViZVbESw2FXAGUkCMXVgAUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4OWUyMjlmODYwYjA1OGQyM2ZkMjhhMjkyNjE2MWI4Nzg2
MzMwYzYwHhcNMjIxMjMwMDkzODA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDk5MmU0OThmNDY0YjY1YzM1YWNiNmI2MmMzMzFmMmU0NTVlYTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1V9qE7vuXpEuVTPxwBfQJWTAtUWp
sA6LsX4KhOlmIv/MlvII3zNAshdOZnB0GdSTlBxRoQsVeka8Af4b3OBCJBGYggxB
yJZ+OpwRY75qfyJHF83MbF0aazPg4G5I1fNlxUicsWRfN5Hgn6y3qiJDz3itTwne
ikBHOr6yQj8qTItjd1xinXeApoP8Ygx7OzRsF3e+pH8zRGPJUhCXC3tvlSqzG1o2
HZFJ/0dCxbXpTptymRpTpWs03NRDO5go1Q8440I0q0HjV4eqgwCIU5qw2F8aLhgE
+zbSvrLfCLCzTT6Nr2dWKbHY9R5xcMQGfxPULTCo0RdO3FzAp8s6y8pvNwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFD2ZLkmPRktlw1rLa2LDMfLkVeoYMB8GA1UdIwQY
MBaAFPieIp+GCwWNI/0oopJhYbh4YzDGMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1KNGluNFlMQlkwal9TaWlrbUZodUhoak1NWS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTQvOGNjYTMzLWMyYjEtNDU0MS05ZWYy
LWFhMGViNTNlOTBiOS8xL1Baa3VTWTlHUzJYRFdzdHJZc014OHVSVjZoZy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTQvOGNjYTMzLWMyYjEtNDU0MS05ZWYyLWFhMGViNTNlOTBi
OS8xLzEtSjRpbjRZTEJZMGpfU2lpa21GaHVIaGpNTVkuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLQYIKwYBBQUHAQcBAf8EHjAcMBoEAgABMBQwDAMEAMFm
TQMEBMFmQAMEAMI+FDANBgkqhkiG9w0BAQsFAAOCAQEAlNc3ptKgOYon+TPpRF8c
KPLy3/oUrprYfmFxrwaQpZH1ZRL7V5Yychof8m1B0+q88IhnoopDNml6TwRTChWo
JjKQBgfX5BT0QwFH452oeht1qRADslgYPJFQb1OFtPjFrQofqN+459XakBVWAbZU
FaBr/MMgu2FIdRZd2RbJOCAdDyUM2k19AvTcvSf9iKaD4FihIAb/t4+A1VcMklJ2
vAZFq5n+Z1al249xinADqHhvoRAzAfcB4+TvCszpU7KJ0EepuBqTkiwnFjXWHYyG
NUaS5oxG9AzGqs4+BIxUehAedhY0NpHkIZ+bm7UBGA9FVAMOE16VsoAnnCv4pm61
hg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:19 2024 by rpki-client on console-fra.rpki-client.org