Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Zc9MLF2lagoSHrNw56SCag5ViIY.roa
File: Zc9MLF2lagoSHrNw56SCag5ViIY.roa (raw, json)
Hash identifier: +Dcdnmmpc9S9Cb/YSW3TBTaICF5hzWV0Vk3LBDlyd9o=
Subject key identifier: 65:CF:4C:2C:5D:A5:6A:0A:12:1E:B3:70:E7:A4:82:6A:0E:55:88:86
Certificate issuer: /CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Certificate serial: 0186077E23C9A8836CEB80D9A79B4BDC826D
Authority key identifier: 67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Zc9MLF2lagoSHrNw56SCag5ViIY.roa
Signing time: Tue 31 Jan 2023 11:02:32 +0000
ROA not before: Tue 31 Jan 2023 11:02:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34665
IP address blocks: 195.210.9.0/24 maxlen: 24
91.238.96.0/24 maxlen: 24
91.193.110.0/24 maxlen: 24
193.93.61.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:07:7e:23:c9:a8:83:6c:eb:80:d9:a7:9b:4b:dc:82:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Validity
Not Before: Jan 31 11:02:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65cf4c2c5da56a0a121eb370e7a4826a0e558886
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:d0:7e:3d:08:08:d7:c2:a9:a8:4a:c6:69:ca:
12:3e:b3:b9:29:23:36:26:6c:34:5b:8c:24:0a:f3:
24:ca:30:02:b1:f2:1a:41:a8:2f:b1:c2:20:7a:96:
ab:3a:f3:b6:12:be:95:d2:69:83:cd:50:1d:7f:04:
62:ea:bd:5c:a3:8d:cf:59:a2:fa:fb:e5:f9:6e:5e:
fb:1a:04:c3:fc:e5:21:59:b7:7f:c7:9a:bc:de:b2:
07:6a:89:96:9e:f5:9e:3e:83:68:89:29:ee:84:46:
4a:a3:cf:29:b3:2b:0f:1a:32:2d:3d:30:7a:81:11:
02:30:e1:07:79:5c:60:10:a7:db:9c:0f:a4:9c:51:
8a:c4:ba:27:e7:4c:a8:e5:90:bc:0d:5f:4b:d0:c0:
ac:d9:c7:e0:96:8c:27:5e:6f:8a:8d:7b:c0:b8:a2:
4f:2b:61:3d:51:08:a5:c0:da:0e:2a:97:39:4c:7c:
7d:88:a3:33:24:48:b5:71:f2:af:22:76:b9:d9:27:
99:1b:05:31:e8:b7:95:7b:df:b3:77:21:d6:7f:80:
28:eb:c2:cf:79:05:fc:95:e3:d4:82:2e:15:37:08:
10:1f:e3:6b:24:66:40:7c:96:d0:64:c8:5d:1c:d3:
0b:04:f6:d5:05:d0:44:06:db:da:bd:ed:f0:e1:5d:
0d:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:CF:4C:2C:5D:A5:6A:0A:12:1E:B3:70:E7:A4:82:6A:0E:55:88:86
X509v3 Authority Key Identifier:
keyid:67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Zc9MLF2lagoSHrNw56SCag5ViIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.110.0/24
91.238.96.0/24
193.93.61.0/24
195.210.9.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:5f:0a:55:c6:ee:82:11:12:c5:af:fa:2c:a8:b9:22:8e:80:
9b:36:7c:48:e5:e4:3e:ec:e0:71:da:d0:66:29:d8:69:87:e1:
5a:76:fc:50:56:cc:3e:d4:94:06:92:6a:e1:46:28:36:37:fe:
25:1a:23:16:2e:74:6a:94:d9:3f:c4:69:13:6a:58:7e:75:e7:
64:29:cf:ca:73:2b:de:1d:96:92:31:90:49:e6:bb:8c:48:15:
2d:a6:23:73:c2:17:00:fa:32:34:31:44:dd:d9:0c:ec:34:be:
e5:df:81:c3:7e:5c:22:10:8c:ac:f9:ca:fb:98:15:fa:ff:65:
6c:ea:16:c3:1e:65:a9:f8:24:e7:c3:50:71:54:2c:d7:1b:d9:
02:5a:40:57:5f:e2:d5:cc:62:af:83:d4:2f:3f:03:bd:bc:04:
6e:d0:17:d4:c9:8f:1c:16:39:de:00:78:48:10:96:89:7a:df:
77:31:98:47:e9:b8:73:ce:38:93:30:21:97:15:22:87:2b:f7:
2f:d5:9c:41:45:0f:7c:72:ac:be:31:82:85:0a:bc:d0:aa:3c:
92:d3:3a:dd:8a:4a:e9:3b:ab:16:84:e4:19:b4:fd:23:56:d2:
12:d4:d7:27:12:4c:88:2f:15:88:bf:31:ee:9e:3e:2f:48:f1:
ed:c6:25:dc
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYYHfiPJqINs64DZp5tL3IJtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3OTU1YjFhYTFjMDI4NGQyODQzYjk2ZjI2YzVmZTc1MWU2
Njk0NmYwHhcNMjMwMTMxMTEwMjMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWNmNGMyYzVkYTU2YTBhMTIxZWIzNzBlN2E0ODI2YTBlNTU4ODg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAktB+PQgI18KpqErGacoSPrO5KSM2
Jmw0W4wkCvMkyjACsfIaQagvscIgeparOvO2Er6V0mmDzVAdfwRi6r1co43PWaL6
++X5bl77GgTD/OUhWbd/x5q83rIHaomWnvWePoNoiSnuhEZKo88psysPGjItPTB6
gRECMOEHeVxgEKfbnA+knFGKxLon50yo5ZC8DV9L0MCs2cfglownXm+KjXvAuKJP
K2E9UQilwNoOKpc5THx9iKMzJEi1cfKvIna52SeZGwUx6LeVe9+zdyHWf4Ao68LP
eQX8lePUgi4VNwgQH+NrJGZAfJbQZMhdHNMLBPbVBdBEBtvave3w4V0NOQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGXPTCxdpWoKEh6zcOekgmoOVYiGMB8GA1UdIwQY
MBaAFGeVWxqhwChNKEO5bybF/nUeZpRvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDct
MDhhZDk0MTAxZDdlLzEvWmM5TUxGMmxhZ29TSHJOdzU2U0NhZzVWaUlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDctMDhhZDk0MTAxZDdl
LzEvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW8FuAwQA
W+5gAwQAwV09AwQAw9IJMA0GCSqGSIb3DQEBCwUAA4IBAQBqXwpVxu6CERLFr/os
qLkijoCbNnxI5eQ+7OBx2tBmKdhph+FadvxQVsw+1JQGkmrhRig2N/4lGiMWLnRq
lNk/xGkTalh+dedkKc/KcyveHZaSMZBJ5ruMSBUtpiNzwhcA+jI0MUTd2QzsNL7l
34HDflwiEIys+cr7mBX6/2Vs6hbDHmWp+CTnw1BxVCzXG9kCWkBXX+LVzGKvg9Qv
PwO9vARu0BfUyY8cFjneAHhIEJaJet93MZhH6bhzzjiTMCGXFSKHK/cv1ZxBRQ98
cqy+MYKFCrzQqjyS0zrdikrpO6sWhOQZtP0jVtIS1NcnEkyILxWIvzHunj4vSPHt
xiXc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:52 2024 by rpki-client on console-ams.rpki-client.org