Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/zVeZo_wxxj_i0EvevMa-3DUfxns.roa
File: zVeZo_wxxj_i0EvevMa-3DUfxns.roa (raw, json)
Hash identifier: +GCZx5E4y3s/QbzoS6zxvhIgBPYxyPLSCCH5Nw5NKHc=
Subject key identifier: CD:57:99:A3:FC:31:C6:3F:E2:D0:4B:DE:BC:C6:BE:DC:35:1F:C6:7B
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 019427B581565DAC7415BD640E9B11A04E5B
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/zVeZo_wxxj_i0EvevMa-3DUfxns.roa
Signing time: Thu 02 Jan 2025 15:49:53 +0000
ROA not before: Thu 02 Jan 2025 15:49:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30058
IP address blocks: 83.147.194.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:81:56:5d:ac:74:15:bd:64:0e:9b:11:a0:4e:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jan 2 15:49:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd5799a3fc31c63fe2d04bdebcc6bedc351fc67b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:59:8a:63:ee:a2:77:dc:10:c8:56:ae:c7:d6:
ac:b4:8b:77:22:c3:50:b8:e0:d7:1e:2d:d7:e6:f2:
35:70:4a:63:fb:b0:e9:99:08:0d:d6:df:0c:98:29:
6c:69:17:e4:ab:04:d4:1d:b5:13:5b:fe:1f:4c:e3:
43:73:3e:81:09:0b:a7:39:2d:32:d6:85:81:6e:c1:
1d:02:3c:13:0b:79:76:41:d7:30:58:60:3f:b2:b9:
ca:a8:5f:96:91:cb:95:44:76:3b:81:ce:f9:3a:15:
ce:d1:55:e6:eb:2f:04:dd:ed:45:05:c2:86:5f:6f:
06:8b:f9:6c:73:9a:d2:46:9b:6c:4d:00:1b:24:de:
2a:4f:35:44:fd:7e:4d:77:8c:89:78:0a:75:f6:c7:
c1:8c:9c:cf:62:03:5d:d4:0f:8c:37:20:69:c5:1b:
a5:58:2b:ca:d8:27:6d:95:1a:5b:18:f6:29:22:9b:
c4:0f:f8:90:4d:3e:98:53:75:9d:e7:0e:76:7e:9c:
65:49:1a:bd:29:f4:dc:02:b3:95:66:31:01:b4:b9:
2f:9b:64:39:6e:a3:52:52:a2:be:e5:1c:75:04:6b:
d0:85:4c:48:96:9c:1a:57:41:2c:cc:77:71:1a:50:
ab:2d:a5:b5:ba:3f:6a:b6:19:b6:68:49:c7:61:20:
15:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:57:99:A3:FC:31:C6:3F:E2:D0:4B:DE:BC:C6:BE:DC:35:1F:C6:7B
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/zVeZo_wxxj_i0EvevMa-3DUfxns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.194.0/24
Signature Algorithm: sha256WithRSAEncryption
79:5f:0a:cf:0a:56:15:06:a1:d7:95:cb:4b:60:50:1b:44:b0:
58:c8:23:80:97:18:03:d1:36:48:66:fc:5a:27:b4:1b:1d:a1:
6b:3e:18:7d:b6:82:e9:3a:c8:79:27:a4:08:12:e3:94:02:4e:
5b:2e:e4:d2:df:e6:e3:1c:4f:75:ba:18:1f:8e:ca:5d:6a:38:
8e:d5:7f:bf:57:31:2b:b2:3f:9d:66:b8:9c:2f:3b:c5:f7:17:
5c:ba:cd:81:2d:f7:d8:3a:fc:b9:ae:6f:21:07:3a:bd:fb:c5:
ca:c7:f6:52:ef:8e:18:8f:00:f3:f1:0c:7d:83:d3:c7:0e:58:
e7:5f:9d:74:bb:c9:32:88:62:3e:72:e1:d1:db:85:6c:2d:32:
05:a7:44:dd:00:b6:e7:1f:f5:4f:6a:2b:d6:dd:94:44:27:25:
68:82:c6:34:6e:1b:1b:2c:b4:a0:31:ca:33:24:28:80:06:88:
d7:b6:3f:93:3a:b6:cc:36:5b:bf:a5:27:67:0d:84:5f:c0:92:
17:4f:b8:a4:e1:0c:9f:f5:cc:5e:48:ec:ee:ab:d8:c0:81:f0:
f8:80:64:b9:23:c6:f9:45:99:81:4c:3d:70:0d:61:99:3c:11:
35:8b:a0:d5:b7:64:ee:2c:56:4c:27:2b:d6:cf:d0:a2:fa:a1:
8c:89:68:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntYFWXax0Fb1kDpsRoE5bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjUwMTAyMTU0OTUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDU3OTlhM2ZjMzFjNjNmZTJkMDRiZGViY2M2YmVkYzM1MWZjNjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFmKY+6id9wQyFaux9astIt3IsNQ
uODXHi3X5vI1cEpj+7DpmQgN1t8MmClsaRfkqwTUHbUTW/4fTONDcz6BCQunOS0y
1oWBbsEdAjwTC3l2QdcwWGA/srnKqF+WkcuVRHY7gc75OhXO0VXm6y8E3e1FBcKG
X28Gi/lsc5rSRptsTQAbJN4qTzVE/X5Nd4yJeAp19sfBjJzPYgNd1A+MNyBpxRul
WCvK2CdtlRpbGPYpIpvED/iQTT6YU3Wd5w52fpxlSRq9KfTcArOVZjEBtLkvm2Q5
bqNSUqK+5Rx1BGvQhUxIlpwaV0EszHdxGlCrLaW1uj9qthm2aEnHYSAVJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM1XmaP8McY/4tBL3rzGvtw1H8Z7MB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvelZlWm9fd3h4al9pMEV2ZXZNYS0zRFVmeG5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAU5PCMA0G
CSqGSIb3DQEBCwUAA4IBAQB5XwrPClYVBqHXlctLYFAbRLBYyCOAlxgD0TZIZvxa
J7QbHaFrPhh9toLpOsh5J6QIEuOUAk5bLuTS3+bjHE91uhgfjspdajiO1X+/VzEr
sj+dZricLzvF9xdcus2BLffYOvy5rm8hBzq9+8XKx/ZS744YjwDz8Qx9g9PHDljn
X510u8kyiGI+cuHR24VsLTIFp0TdALbnH/VPaivW3ZREJyVogsY0bhsbLLSgMcoz
JCiABojXtj+TOrbMNlu/pSdnDYRfwJIXT7ik4Qyf9cxeSOzuq9jAgfD4gGS5I8b5
RZmBTD1wDWGZPBE1i6DVt2TuLFZMJyvWz9Ci+qGMiWgL
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:46:57 2025 by rpki-client