Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Z6zh1h4z9ptJ8PtLfL9XteiRuyg.roa
File: Z6zh1h4z9ptJ8PtLfL9XteiRuyg.roa (raw, json)
Hash identifier: qsGnbyV0E5ZbBllklNMu/hq0CCYjbch75opchRfn1HM=
Subject key identifier: 67:AC:E1:D6:1E:33:F6:9B:49:F0:FB:4B:7C:BF:57:B5:E8:91:BB:28
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 01820AC92404289B4F27668DDDF326986D1D
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Z6zh1h4z9ptJ8PtLfL9XteiRuyg.roa
Signing time: Sun 17 Jul 2022 06:12:10 +0000
ROA not before: Sun 17 Jul 2022 06:12:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204084
IP address blocks: 185.102.137.0/24 maxlen: 24
2a0b:8040::/29 maxlen: 29
2a0b:e9c0::/29 maxlen: 29
2a0f:3380::/29 maxlen: 29
2a0f:2380::/29 maxlen: 29
2a0d:88c0::/29 maxlen: 29
2a03:f7c0::/29 maxlen: 29
2a0b:d900::/29 maxlen: 29
2a0c:5c0::/29 maxlen: 29
2a0f:4580::/29 maxlen: 29
2a0c:7440::/29 maxlen: 29
2a0c:74c0::/29 maxlen: 29
2a0c:5d00::/29 maxlen: 29
2a0f:1180::/29 maxlen: 29
2a0c:7540::/29 maxlen: 29
2a06:ddc0::/29 maxlen: 29
2a0c:65c0::/29 maxlen: 29
2a0c:6980::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:0a:c9:24:04:28:9b:4f:27:66:8d:dd:f3:26:98:6d:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jul 17 06:12:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=67ace1d61e33f69b49f0fb4b7cbf57b5e891bb28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:1a:a8:df:35:e6:3f:57:28:13:64:b1:4f:0a:
78:49:b5:cf:b0:c3:e5:11:b9:c7:2b:13:80:21:a0:
ef:06:08:5f:b0:8e:4f:6b:29:36:03:8b:73:07:f7:
0b:15:b0:8c:87:48:69:c0:51:f3:9c:53:db:31:c8:
bd:f2:34:d8:d3:7c:81:de:0a:bc:df:65:7a:48:eb:
60:fb:07:a7:78:25:00:d5:26:f9:d2:44:e3:a5:c1:
a5:9c:d6:e8:45:28:97:45:3b:d6:26:58:4e:8a:ed:
3b:81:be:89:6d:5b:eb:ec:a2:8a:a8:d0:73:07:ad:
ea:12:c4:04:0d:16:96:66:4e:ba:aa:2d:db:8f:2f:
20:3e:cd:52:03:d5:cf:a6:1b:a5:69:e5:10:45:7c:
4a:3f:c1:8c:28:ad:6f:55:01:2a:70:17:6a:99:c8:
c9:a6:14:40:6e:3d:06:cd:39:ca:2b:1b:26:b3:20:
04:0f:f1:6d:9c:2e:0a:44:be:1f:a0:87:e4:d2:ef:
0e:42:ae:38:7c:9c:04:52:fe:03:a2:a2:ab:63:2e:
bd:27:6d:b3:dd:36:01:9a:01:6d:97:a4:d9:34:26:
59:73:69:eb:36:fe:fe:92:0c:f5:2e:a5:0a:ef:9d:
a7:91:c4:ec:bf:b3:96:34:6a:f3:a0:d3:33:76:1c:
2f:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:AC:E1:D6:1E:33:F6:9B:49:F0:FB:4B:7C:BF:57:B5:E8:91:BB:28
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Z6zh1h4z9ptJ8PtLfL9XteiRuyg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.102.137.0/24
IPv6:
2a03:f7c0::/29
2a06:ddc0::/29
2a0b:8040::/29
2a0b:d900::/29
2a0b:e9c0::/29
2a0c:5c0::/29
2a0c:5d00::/29
2a0c:65c0::/29
2a0c:6980::/29
2a0c:7440::/29
2a0c:74c0::/29
2a0c:7540::/29
2a0d:88c0::/29
2a0f:1180::/29
2a0f:2380::/29
2a0f:3380::/29
2a0f:4580::/29
Signature Algorithm: sha256WithRSAEncryption
73:b3:b1:d6:bc:3a:48:fc:10:4d:e6:de:64:04:89:ca:bf:1d:
78:7e:30:36:45:d7:aa:4c:7c:47:f3:b0:79:cc:6d:a2:b7:dd:
4c:f9:d7:26:a3:84:8d:41:c4:b1:f7:1d:46:6d:65:0a:40:57:
64:f6:41:0d:12:f2:64:5b:80:55:77:54:00:54:a9:6e:05:19:
0f:99:0e:e5:6e:45:52:5f:46:75:14:de:f9:e5:6a:86:ab:f9:
43:d5:58:d3:7f:c9:2a:6c:ac:0d:e7:05:76:bd:2c:0b:20:4f:
32:c5:88:aa:38:8d:0e:5a:d8:4c:5d:4a:35:08:92:79:21:cd:
bb:e2:c8:69:3e:61:00:bb:5e:ff:69:31:58:54:08:8b:ee:c3:
64:23:3b:ea:d5:66:0f:07:95:b9:1c:b5:b0:f8:6e:82:a6:68:
98:57:1f:fc:6e:dc:12:c7:47:63:3f:63:72:c4:4f:92:82:1d:
0c:34:ca:02:1c:87:0b:57:0b:b2:24:ac:14:c8:57:87:3a:41:
fe:a0:24:c3:d2:45:49:2f:4f:2a:23:45:53:ab:d4:f4:9d:2d:
a3:f0:15:a6:36:f9:52:7a:aa:43:9c:36:bc:c5:84:8d:d5:58:
7a:e2:4d:7e:11:44:30:1c:bb:24:1c:d7:e8:23:77:78:00:7a:
2b:99:2e:8d
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgISAYIKySQEKJtPJ2aN3fMmmG0dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjIwNzE3MDYxMjEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2FjZTFkNjFlMzNmNjliNDlmMGZiNGI3Y2JmNTdiNWU4OTFiYjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRqo3zXmP1coE2SxTwp4SbXPsMPl
EbnHKxOAIaDvBghfsI5Payk2A4tzB/cLFbCMh0hpwFHznFPbMci98jTY03yB3gq8
32V6SOtg+weneCUA1Sb50kTjpcGlnNboRSiXRTvWJlhOiu07gb6JbVvr7KKKqNBz
B63qEsQEDRaWZk66qi3bjy8gPs1SA9XPphulaeUQRXxKP8GMKK1vVQEqcBdqmcjJ
phRAbj0GzTnKKxsmsyAED/FtnC4KRL4foIfk0u8OQq44fJwEUv4DoqKrYy69J22z
3TYBmgFtl6TZNCZZc2nrNv7+kgz1LqUK752nkcTsv7OWNGrzoNMzdhwvDQIDAQAB
o4ICizCCAocwHQYDVR0OBBYEFGes4dYeM/abSfD7S3y/V7XokbsoMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvWjZ6aDFoNHo5cHRKOFB0TGZMOVh0ZWlSdXlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGgBggrBgEFBQcBBwEB/wSBkDCBjTAMBAIAATAGAwQAuWaJ
MH0EAgACMHcDBQMqA/fAAwUDKgbdwAMFAyoLgEADBQMqC9kAAwUDKgvpwAMFAyoM
BcADBQMqDF0AAwUDKgxlwAMFAyoMaYADBQMqDHRAAwUDKgx0wAMFAyoMdUADBQMq
DYjAAwUDKg8RgAMFAyoPI4ADBQMqDzOAAwUDKg9FgDANBgkqhkiG9w0BAQsFAAOC
AQEAc7Ox1rw6SPwQTebeZASJyr8deH4wNkXXqkx8R/OwecxtorfdTPnXJqOEjUHE
sfcdRm1lCkBXZPZBDRLyZFuAVXdUAFSpbgUZD5kO5W5FUl9GdRTe+eVqhqv5Q9VY
03/JKmysDecFdr0sCyBPMsWIqjiNDlrYTF1KNQiSeSHNu+LIaT5hALte/2kxWFQI
i+7DZCM76tVmDweVuRy1sPhugqZomFcf/G7cEsdHYz9jcsRPkoIdDDTKAhyHC1cL
siSsFMhXhzpB/qAkw9JFSS9PKiNFU6vU9J0to/AVpjb5UnqqQ5w2vMWEjdVYeuJN
fhFEMBy7JBzX6CN3eAB6K5kujQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:08 2024 by rpki-client on console-fra.rpki-client.org