Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/ZOXKCusPkVJ-ryYPPQoQzMjnREA.roa
File: ZOXKCusPkVJ-ryYPPQoQzMjnREA.roa (raw, json)
Hash identifier: K5Qs7nHYjp/+Fe40dQXpgwaG7i9/EWKITqrrcYxlCCA=
Subject key identifier: 64:E5:CA:0A:EB:0F:91:52:7E:AF:26:0F:3D:0A:10:CC:C8:E7:44:40
Certificate issuer: /CN=c04db7623241d7e6678fc25751fa4e0b6665186b
Certificate serial: 0185708CC7464EAF697241FEEF33541A0F33
Authority key identifier: C0:4D:B7:62:32:41:D7:E6:67:8F:C2:57:51:FA:4E:0B:66:65:18:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wE23YjJB1-Znj8JXUfpOC2ZlGGs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/ZOXKCusPkVJ-ryYPPQoQzMjnREA.roa
Signing time: Mon 02 Jan 2023 03:35:52 +0000
ROA not before: Mon 02 Jan 2023 03:35:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29172
IP address blocks: 176.223.167.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:c7:46:4e:af:69:72:41:fe:ef:33:54:1a:0f:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c04db7623241d7e6678fc25751fa4e0b6665186b
Validity
Not Before: Jan 2 03:35:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64e5ca0aeb0f91527eaf260f3d0a10ccc8e74440
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:43:6e:f5:29:c4:91:4f:d0:e2:dc:a6:32:13:
be:18:66:a0:b9:45:64:04:fb:be:aa:67:f1:6d:9b:
5d:c0:07:51:62:a4:b6:6a:40:00:9f:ed:57:e1:9c:
a1:61:ff:7b:bb:53:4b:c9:5a:0a:28:3f:7f:13:f2:
45:75:f0:34:1a:53:eb:be:a0:e0:39:f0:9a:7b:12:
68:18:1a:58:81:fe:52:a2:36:2b:2f:3a:6c:22:0c:
02:18:d3:8f:9d:23:50:95:4c:9f:4f:2b:58:f7:17:
19:4a:0b:36:83:ec:5b:6c:e3:d0:fd:95:d6:7e:0f:
07:ec:39:db:54:fc:a7:c0:13:1e:51:b8:fc:55:be:
5c:f0:d2:9e:5a:56:16:76:cb:e8:93:c8:3f:e7:e5:
90:ea:0c:ac:e9:4f:22:d1:02:fd:96:d7:d3:93:93:
9f:dc:08:ce:92:fe:4f:cd:8e:59:92:3a:2e:81:76:
af:9e:19:1b:52:05:67:c1:bb:f0:91:19:ff:42:48:
3f:32:27:f6:ca:c8:e1:d1:ec:15:6f:bf:0c:61:8b:
11:19:e3:e9:07:96:7b:d4:ac:0a:0d:08:b9:bc:7d:
c7:96:d3:b0:fa:5e:ca:de:34:28:4e:11:11:02:32:
b8:63:c4:ff:57:83:00:d9:c2:ac:95:34:18:51:58:
d5:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:E5:CA:0A:EB:0F:91:52:7E:AF:26:0F:3D:0A:10:CC:C8:E7:44:40
X509v3 Authority Key Identifier:
keyid:C0:4D:B7:62:32:41:D7:E6:67:8F:C2:57:51:FA:4E:0B:66:65:18:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wE23YjJB1-Znj8JXUfpOC2ZlGGs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/ZOXKCusPkVJ-ryYPPQoQzMjnREA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/wE23YjJB1-Znj8JXUfpOC2ZlGGs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.223.167.0/24
Signature Algorithm: sha256WithRSAEncryption
93:a3:9c:5c:70:9b:02:4e:d5:77:97:e7:cb:2c:a5:02:b5:1f:
64:cd:ab:42:2e:0f:cf:3e:e3:a6:db:13:bc:7c:60:67:5b:06:
72:3e:65:e6:c7:be:79:cf:f5:51:a9:a6:e9:f2:f4:97:5c:04:
e0:d3:98:dd:5e:47:7d:38:e9:cd:7f:6c:2b:af:98:20:83:cd:
d7:e3:8c:dc:86:0c:36:a4:7f:f6:49:bc:6d:42:ed:32:32:70:
6f:07:71:09:5d:16:7d:6d:3b:bc:66:43:c7:25:76:78:5c:c5:
66:48:83:be:1d:63:eb:46:e7:1b:98:de:6a:53:fc:2a:a3:b9:
9b:04:60:cd:f3:59:71:0d:49:93:15:32:bf:bf:1e:3a:21:bb:
58:8c:ad:24:50:80:35:89:c3:a2:6b:2f:ae:c4:4d:d2:6e:65:
08:45:07:ae:b4:b1:2b:d4:2b:80:09:e7:4c:e5:39:55:93:8f:
a4:f1:1d:57:b9:a7:48:1c:65:be:f3:05:76:83:b4:ec:a4:97:
52:07:5c:54:e2:ef:46:48:21:ba:00:e8:0d:b7:c9:cf:b4:40:
35:19:89:c5:b5:2c:96:2a:82:83:e6:36:7f:f2:af:61:94:cb:
ef:e2:71:99:1d:72:30:25:cd:44:cb:c1:72:aa:fe:6c:5f:af:
da:9d:aa:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwjMdGTq9pckH+7zNUGg8zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwNGRiNzYyMzI0MWQ3ZTY2NzhmYzI1NzUxZmE0ZTBiNjY2
NTE4NmIwHhcNMjMwMTAyMDMzNTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGU1Y2EwYWViMGY5MTUyN2VhZjI2MGYzZDBhMTBjY2M4ZTc0NDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkENu9SnEkU/Q4tymMhO+GGaguUVk
BPu+qmfxbZtdwAdRYqS2akAAn+1X4ZyhYf97u1NLyVoKKD9/E/JFdfA0GlPrvqDg
OfCaexJoGBpYgf5SojYrLzpsIgwCGNOPnSNQlUyfTytY9xcZSgs2g+xbbOPQ/ZXW
fg8H7DnbVPynwBMeUbj8Vb5c8NKeWlYWdsvok8g/5+WQ6gys6U8i0QL9ltfTk5Of
3AjOkv5PzY5ZkjougXavnhkbUgVnwbvwkRn/Qkg/Mif2ysjh0ewVb78MYYsRGePp
B5Z71KwKDQi5vH3HltOw+l7K3jQoThERAjK4Y8T/V4MA2cKslTQYUVjV/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGTlygrrD5FSfq8mDz0KEMzI50RAMB8GA1UdIwQY
MBaAFMBNt2IyQdfmZ4/CV1H6TgtmZRhrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0UyM1lqSkIxLVpuajhKWFVmcE9DMlpsR0dzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC82ZTg3NGUtNzNmZS00ZGJiLWI3NGMt
MDQyM2YyNjNmMmNiLzEvWk9YS0N1c1BrVkotcnlZUFBRb1F6TWpuUkVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC82ZTg3NGUtNzNmZS00ZGJiLWI3NGMtMDQyM2YyNjNmMmNi
LzEvd0UyM1lqSkIxLVpuajhKWFVmcE9DMlpsR0dzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsN+nMA0G
CSqGSIb3DQEBCwUAA4IBAQCTo5xccJsCTtV3l+fLLKUCtR9kzatCLg/PPuOm2xO8
fGBnWwZyPmXmx755z/VRqabp8vSXXATg05jdXkd9OOnNf2wrr5ggg83X44zchgw2
pH/2SbxtQu0yMnBvB3EJXRZ9bTu8ZkPHJXZ4XMVmSIO+HWPrRucbmN5qU/wqo7mb
BGDN81lxDUmTFTK/vx46IbtYjK0kUIA1icOiay+uxE3SbmUIRQeutLEr1CuACedM
5TlVk4+k8R1XuadIHGW+8wV2g7TspJdSB1xU4u9GSCG6AOgNt8nPtEA1GYnFtSyW
KoKD5jZ/8q9hlMvv4nGZHXIwJc1Ey8Fyqv5sX6/anaok
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:59 2024 by rpki-client on console-ams.rpki-client.org