Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/833795-4df3-4850-bd99-8e8bac4cf18b/1/Z-1VYndAPLovdmXLX3PhMUNX8MM.roa
File: Z-1VYndAPLovdmXLX3PhMUNX8MM.roa (raw, json)
Hash identifier: terr1m/r+P14azDBcncXCkkfvB8oxaXo2b9i1tIry/c=
Subject key identifier: 67:ED:55:62:77:40:3C:BA:2F:76:65:CB:5F:73:E1:31:43:57:F0:C3
Certificate issuer: /CN=514ab6d16a0b176fd40655e17fbde652bc21d453
Certificate serial: 018804A2133D7C7D54F538029DB9C2B38CB5
Authority key identifier: 51:4A:B6:D1:6A:0B:17:6F:D4:06:55:E1:7F:BD:E6:52:BC:21:D4:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UUq20WoLF2_UBlXhf73mUrwh1FM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/833795-4df3-4850-bd99-8e8bac4cf18b/1/Z-1VYndAPLovdmXLX3PhMUNX8MM.roa
Signing time: Wed 10 May 2023 07:48:30 +0000
ROA not before: Wed 10 May 2023 07:48:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8652
IP address blocks: 195.248.83.0/24 maxlen: 24
195.43.140.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:04:a2:13:3d:7c:7d:54:f5:38:02:9d:b9:c2:b3:8c:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=514ab6d16a0b176fd40655e17fbde652bc21d453
Validity
Not Before: May 10 07:48:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67ed556277403cba2f7665cb5f73e1314357f0c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:03:47:0f:18:fb:79:89:0e:f0:2b:cc:e9:c9:
45:66:67:49:96:d0:9e:d8:b8:e5:9d:e6:8b:fe:15:
09:de:7e:fb:ee:16:f2:76:66:31:8c:a3:19:72:f8:
76:96:b7:d9:7c:d9:39:e6:40:08:f2:ea:54:5d:aa:
20:a0:89:fe:23:29:c2:00:7a:5b:5c:88:7d:9b:79:
bf:0a:27:d0:60:34:42:d8:ab:f5:1f:70:57:1e:35:
29:f7:db:88:58:c6:10:bb:4a:c1:5b:ac:39:e6:7e:
b6:ea:44:cf:76:78:70:dd:37:b9:cf:33:b9:f1:eb:
ba:c7:0a:52:a3:76:d8:db:41:78:31:ff:e7:08:52:
97:ba:bf:3e:c3:4e:18:7d:b3:39:ee:e7:dc:17:5a:
8e:f2:e3:e7:85:eb:8d:d3:71:4f:85:5e:bd:57:bb:
5b:aa:84:54:28:61:0a:cf:53:2a:fc:e8:5b:f7:e0:
a0:7a:23:df:c7:cd:f4:bc:c1:f8:01:04:5a:ae:ce:
65:7c:93:3e:05:62:1f:c8:92:29:8e:68:2c:85:8b:
05:ea:82:67:5e:dc:0e:45:fb:dd:37:28:31:d0:0f:
8e:9a:92:8a:6f:0a:c9:7d:94:82:0c:2e:28:37:b5:
99:e7:dc:de:a0:5f:4b:6f:bb:7d:c0:1a:5f:54:48:
df:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:ED:55:62:77:40:3C:BA:2F:76:65:CB:5F:73:E1:31:43:57:F0:C3
X509v3 Authority Key Identifier:
keyid:51:4A:B6:D1:6A:0B:17:6F:D4:06:55:E1:7F:BD:E6:52:BC:21:D4:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UUq20WoLF2_UBlXhf73mUrwh1FM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/833795-4df3-4850-bd99-8e8bac4cf18b/1/Z-1VYndAPLovdmXLX3PhMUNX8MM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/833795-4df3-4850-bd99-8e8bac4cf18b/1/UUq20WoLF2_UBlXhf73mUrwh1FM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.43.140.0/24
195.248.83.0/24
Signature Algorithm: sha256WithRSAEncryption
17:4d:28:d2:75:7c:2b:90:8b:39:13:bc:2f:55:1e:28:e8:19:
33:73:17:58:af:5c:7d:53:54:0a:96:9d:e3:6f:d7:e8:da:a0:
58:ac:09:9f:98:ad:20:15:b1:f2:b6:c3:d7:5f:fa:74:5b:ba:
f4:22:d3:55:84:11:17:dd:f9:a9:42:73:19:f3:51:33:f1:75:
a7:3f:8d:12:44:4e:4c:dc:d2:e2:ad:59:5d:df:fa:7c:c2:6b:
38:4a:07:8c:12:cb:d5:f3:ae:92:e3:94:7c:d5:08:c7:44:8d:
e5:0c:67:1d:a6:58:ac:3d:c3:cf:c0:c2:58:96:0f:b2:df:ec:
77:cd:3d:fb:f7:bc:4d:02:c2:26:91:91:89:2e:9b:cb:c9:25:
6d:38:be:9b:4f:f2:fa:1d:18:aa:3b:2b:ce:56:f5:86:35:25:
9f:fe:1e:4a:99:2e:61:6e:16:76:0d:0e:11:ce:a6:75:81:42:
66:16:f0:e4:25:ff:e4:2f:aa:83:9c:ee:7d:83:bb:fd:fb:e0:
01:4a:3e:49:da:30:12:cb:2e:28:66:f1:d4:eb:e2:09:14:bc:
cd:90:7e:cc:14:f6:41:cc:fc:8c:54:fd:42:03:65:58:d5:71:
12:9d:e5:29:d3:e5:23:dd:a9:84:64:77:d0:4f:18:fa:df:1b:
ec:32:43:95
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYgEohM9fH1U9TgCnbnCs4y1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxNGFiNmQxNmEwYjE3NmZkNDA2NTVlMTdmYmRlNjUyYmMy
MWQ0NTMwHhcNMjMwNTEwMDc0ODMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2VkNTU2Mjc3NDAzY2JhMmY3NjY1Y2I1ZjczZTEzMTQzNTdmMGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqANHDxj7eYkO8CvM6clFZmdJltCe
2LjlneaL/hUJ3n777hbydmYxjKMZcvh2lrfZfNk55kAI8upUXaogoIn+IynCAHpb
XIh9m3m/CifQYDRC2Kv1H3BXHjUp99uIWMYQu0rBW6w55n626kTPdnhw3Te5zzO5
8eu6xwpSo3bY20F4Mf/nCFKXur8+w04YfbM57ufcF1qO8uPnheuN03FPhV69V7tb
qoRUKGEKz1Mq/Ohb9+CgeiPfx830vMH4AQRars5lfJM+BWIfyJIpjmgshYsF6oJn
XtwORfvdNygx0A+OmpKKbwrJfZSCDC4oN7WZ59zeoF9Lb7t9wBpfVEjfRwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGftVWJ3QDy6L3Zly19z4TFDV/DDMB8GA1UdIwQY
MBaAFFFKttFqCxdv1AZV4X+95lK8IdRTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVVxMjBXb0xGMl9VQmxYaGY3M21VcndoMUZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi84MzM3OTUtNGRmMy00ODUwLWJkOTkt
OGU4YmFjNGNmMThiLzEvWi0xVlluZEFQTG92ZG1YTFgzUGhNVU5YOE1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi84MzM3OTUtNGRmMy00ODUwLWJkOTktOGU4YmFjNGNmMThi
LzEvVVVxMjBXb0xGMl9VQmxYaGY3M21VcndoMUZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwyuMAwQA
w/hTMA0GCSqGSIb3DQEBCwUAA4IBAQAXTSjSdXwrkIs5E7wvVR4o6BkzcxdYr1x9
U1QKlp3jb9fo2qBYrAmfmK0gFbHytsPXX/p0W7r0ItNVhBEX3fmpQnMZ81Ez8XWn
P40SRE5M3NLirVld3/p8wms4SgeMEsvV866S45R81QjHRI3lDGcdplisPcPPwMJY
lg+y3+x3zT3797xNAsImkZGJLpvLySVtOL6bT/L6HRiqOyvOVvWGNSWf/h5KmS5h
bhZ2DQ4RzqZ1gUJmFvDkJf/kL6qDnO59g7v9++ABSj5J2jASyy4oZvHU6+IJFLzN
kH7MFPZBzPyMVP1CA2VY1XESneUp0+Uj3amEZHfQTxj63xvsMkOV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:56 2024 by rpki-client on console-ams.rpki-client.org