Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/dc4d04-9674-4dd2-adaa-5757524e986b/1/zDiyAvGQcUEbk0-MpxHp6zSSyD8.roa
File: zDiyAvGQcUEbk0-MpxHp6zSSyD8.roa (raw, json)
Hash identifier: AVIe01amT4KKGSw3uMDeTkpWBiJ9HCASbgN/Hip4IAw=
Subject key identifier: CC:38:B2:02:F1:90:71:41:1B:93:4F:8C:A7:11:E9:EB:34:92:C8:3F
Certificate issuer: /CN=7c8e56e346eba857211fef0f50b14d02ab79dc11
Certificate serial: 01838E596BAE47EB310D0CE8B01BE5C9651E
Authority key identifier: 7C:8E:56:E3:46:EB:A8:57:21:1F:EF:0F:50:B1:4D:02:AB:79:DC:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fI5W40brqFchH-8PULFNAqt53BE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/dc4d04-9674-4dd2-adaa-5757524e986b/1/zDiyAvGQcUEbk0-MpxHp6zSSyD8.roa
Signing time: Fri 30 Sep 2022 12:22:48 +0000
ROA not before: Fri 30 Sep 2022 12:22:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208006
IP address blocks: 185.204.168.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:8e:59:6b:ae:47:eb:31:0d:0c:e8:b0:1b:e5:c9:65:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c8e56e346eba857211fef0f50b14d02ab79dc11
Validity
Not Before: Sep 30 12:22:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cc38b202f19071411b934f8ca711e9eb3492c83f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:31:21:63:b8:96:5a:58:92:cd:d2:fb:6a:c1:
a5:eb:5c:6b:ff:64:bb:01:e5:0c:3f:b3:7f:36:bf:
0e:a8:0a:a8:64:73:a2:93:eb:dc:ac:1e:5b:b2:1f:
ee:9a:7c:67:72:6a:c9:ae:0a:a5:c0:0f:b9:b8:6e:
f8:96:29:b6:72:fc:33:87:db:b3:0c:6b:f5:bc:ff:
3f:b5:d5:2a:c6:09:f6:4d:32:b0:ee:4f:4b:0f:f5:
c4:e5:d9:f1:72:01:a9:b9:bc:57:b7:f2:d0:2b:73:
e8:e7:33:d7:45:49:1a:79:b5:a7:53:90:6a:e1:a7:
57:29:46:d5:b0:5d:4f:0d:17:b8:38:0c:70:03:8c:
c9:d7:de:16:5a:f4:bc:ec:73:20:f7:f9:e6:fd:14:
13:77:2f:52:54:44:4b:4a:d2:7a:7f:6a:cd:00:b1:
39:ed:24:5b:72:f1:f9:50:35:ef:5e:63:14:66:b4:
9e:70:5a:c6:e6:81:93:4c:5b:70:fd:fc:c0:b3:6a:
ec:92:0d:ae:7a:8f:a6:e5:e2:ac:92:14:13:c3:7d:
82:6b:7e:82:2e:81:6c:22:45:10:fc:83:a3:1d:56:
5c:4d:59:1e:e0:af:df:fe:05:d6:36:a7:4c:61:71:
72:e1:0b:44:17:96:ff:d3:84:ce:9d:79:ac:2b:5d:
f0:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:38:B2:02:F1:90:71:41:1B:93:4F:8C:A7:11:E9:EB:34:92:C8:3F
X509v3 Authority Key Identifier:
keyid:7C:8E:56:E3:46:EB:A8:57:21:1F:EF:0F:50:B1:4D:02:AB:79:DC:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fI5W40brqFchH-8PULFNAqt53BE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/dc4d04-9674-4dd2-adaa-5757524e986b/1/zDiyAvGQcUEbk0-MpxHp6zSSyD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/dc4d04-9674-4dd2-adaa-5757524e986b/1/fI5W40brqFchH-8PULFNAqt53BE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.168.0/22
Signature Algorithm: sha256WithRSAEncryption
19:ce:9f:96:19:94:80:cc:c1:8f:3b:10:23:ad:af:b4:bc:37:
77:e0:28:7a:a5:20:ef:9e:8f:ef:5e:4c:04:be:25:f0:7f:62:
af:b4:44:90:e1:d6:f9:be:d2:b9:a7:b8:f0:ec:d5:6f:07:6a:
00:c9:b0:ad:3c:75:89:0b:4e:74:d6:7e:e1:bd:a1:e6:05:e0:
a6:d4:52:b4:31:24:b5:fd:17:28:d8:94:e0:8a:3a:04:ae:4f:
17:89:cd:8d:f6:b1:97:5f:45:28:28:58:d4:2c:c0:9d:3d:5c:
cb:ff:0b:75:45:0a:59:4e:a8:0c:15:9a:bb:c6:1a:a2:36:49:
ce:19:94:5d:f6:da:ad:ec:fc:e4:27:4d:bb:2e:b1:1d:0c:62:
86:20:5c:22:68:ff:60:87:d6:dd:00:31:4f:8b:42:16:d4:69:
b9:a7:b9:df:6d:07:b0:03:42:ca:0c:ac:ac:48:57:0d:08:5f:
b4:94:72:cd:52:f6:59:e5:b8:16:0f:cf:78:ff:15:c4:94:29:
d2:8f:a0:55:24:fb:59:95:ae:07:c5:3b:77:6e:f6:fa:13:74:
7b:39:15:ff:86:3d:4e:3a:8f:27:b5:12:be:77:7d:1b:06:72:
61:58:ca:51:6c:08:4c:66:15:a4:f7:58:d2:7c:4e:ae:1e:5a:
ed:8a:cd:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYOOWWuuR+sxDQzosBvlyWUeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjOGU1NmUzNDZlYmE4NTcyMTFmZWYwZjUwYjE0ZDAyYWI3
OWRjMTEwHhcNMjIwOTMwMTIyMjQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzM4YjIwMmYxOTA3MTQxMWI5MzRmOGNhNzExZTllYjM0OTJjODNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjEhY7iWWliSzdL7asGl61xr/2S7
AeUMP7N/Nr8OqAqoZHOik+vcrB5bsh/umnxncmrJrgqlwA+5uG74lim2cvwzh9uz
DGv1vP8/tdUqxgn2TTKw7k9LD/XE5dnxcgGpubxXt/LQK3Po5zPXRUkaebWnU5Bq
4adXKUbVsF1PDRe4OAxwA4zJ194WWvS87HMg9/nm/RQTdy9SVERLStJ6f2rNALE5
7SRbcvH5UDXvXmMUZrSecFrG5oGTTFtw/fzAs2rskg2ueo+m5eKskhQTw32Ca36C
LoFsIkUQ/IOjHVZcTVke4K/f/gXWNqdMYXFy4QtEF5b/04TOnXmsK13wLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMw4sgLxkHFBG5NPjKcR6es0ksg/MB8GA1UdIwQY
MBaAFHyOVuNG66hXIR/vD1CxTQKredwRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkk1VzQwYnJxRmNoSC04UFVMRk5BcXQ1M0JFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9kYzRkMDQtOTY3NC00ZGQyLWFkYWEt
NTc1NzUyNGU5ODZiLzEvekRpeUF2R1FjVUViazAtTXB4SHA2elNTeUQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9kYzRkMDQtOTY3NC00ZGQyLWFkYWEtNTc1NzUyNGU5ODZi
LzEvZkk1VzQwYnJxRmNoSC04UFVMRk5BcXQ1M0JFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucyoMA0G
CSqGSIb3DQEBCwUAA4IBAQAZzp+WGZSAzMGPOxAjra+0vDd34Ch6pSDvno/vXkwE
viXwf2KvtESQ4db5vtK5p7jw7NVvB2oAybCtPHWJC0501n7hvaHmBeCm1FK0MSS1
/Rco2JTgijoErk8Xic2N9rGXX0UoKFjULMCdPVzL/wt1RQpZTqgMFZq7xhqiNknO
GZRd9tqt7PzkJ027LrEdDGKGIFwiaP9gh9bdADFPi0IW1Gm5p7nfbQewA0LKDKys
SFcNCF+0lHLNUvZZ5bgWD894/xXElCnSj6BVJPtZla4HxTt3bvb6E3R7ORX/hj1O
Oo8ntRK+d30bBnJhWMpRbAhMZhWk91jSfE6uHlrtis0+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:34 2024 by rpki-client on console-fra.rpki-client.org