Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/46d7af-02fb-45f9-a922-14b38b6e00a7/1/Z8hmElenwqwjTh8V40MOBo0TacU.roa
File: Z8hmElenwqwjTh8V40MOBo0TacU.roa (raw, json)
Hash identifier: 3KbYHkp1ItmCAoPJ8exTPwz+oWVRXP4JiQEf5oFaUlk=
Subject key identifier: 67:C8:66:12:57:A7:C2:AC:23:4E:1F:15:E3:43:0E:06:8D:13:69:C5
Certificate issuer: /CN=f4db95f9d1b5c3ec934ff84d6ff7f01242da842a
Certificate serial: 023EC625
Authority key identifier: F4:DB:95:F9:D1:B5:C3:EC:93:4F:F8:4D:6F:F7:F0:12:42:DA:84:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9NuV-dG1w-yTT_hNb_fwEkLahCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/46d7af-02fb-45f9-a922-14b38b6e00a7/1/Z8hmElenwqwjTh8V40MOBo0TacU.roa
Signing time: Fri 08 Apr 2022 09:51:45 +0000
ROA not before: Fri 08 Apr 2022 09:51:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 174
IP address blocks: 83.171.252.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 37668389 (0x23ec625)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4db95f9d1b5c3ec934ff84d6ff7f01242da842a
Validity
Not Before: Apr 8 09:51:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=67c8661257a7c2ac234e1f15e3430e068d1369c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:f3:52:22:df:06:29:11:c8:6c:45:2b:d4:8d:
64:69:6f:11:68:2a:83:1c:39:2a:a2:92:51:46:1f:
a4:a8:d4:1d:0e:32:d3:73:8c:d6:11:65:59:11:1b:
a6:a3:ce:aa:9c:be:5a:d7:67:8e:f7:42:15:6f:38:
93:12:a1:b8:5b:a3:c1:95:7c:da:72:6b:12:b1:1e:
56:67:05:ea:9b:c4:90:16:c9:a8:e0:b6:36:9a:61:
eb:26:96:2b:6c:ac:cf:cf:52:bd:71:88:33:b1:7f:
bc:16:9c:4c:dc:b7:64:4c:bb:9c:ea:20:86:aa:b4:
ed:7c:c7:db:8c:bf:f0:be:02:09:59:00:1b:cc:2f:
59:2c:bc:6c:f1:80:90:ca:df:9a:9d:af:63:8b:c8:
01:6a:9e:3d:ef:3f:63:b3:bb:89:18:d5:16:24:a0:
bf:01:7d:fd:56:47:43:bf:cd:da:6f:ea:b1:0f:6b:
af:e6:6c:33:66:c7:9e:00:ae:42:ce:e8:66:96:44:
4c:e9:00:90:a5:0f:bc:01:9d:ea:11:8f:76:48:36:
14:f8:03:26:d9:78:79:4b:91:f8:a7:c7:0e:30:34:
a9:5b:b8:c1:0a:44:9a:88:9c:09:7f:a7:ef:b1:0b:
6d:63:35:eb:43:43:5f:22:28:8b:d2:2a:86:39:cf:
40:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:C8:66:12:57:A7:C2:AC:23:4E:1F:15:E3:43:0E:06:8D:13:69:C5
X509v3 Authority Key Identifier:
keyid:F4:DB:95:F9:D1:B5:C3:EC:93:4F:F8:4D:6F:F7:F0:12:42:DA:84:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9NuV-dG1w-yTT_hNb_fwEkLahCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/46d7af-02fb-45f9-a922-14b38b6e00a7/1/Z8hmElenwqwjTh8V40MOBo0TacU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/46d7af-02fb-45f9-a922-14b38b6e00a7/1/9NuV-dG1w-yTT_hNb_fwEkLahCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.171.252.0/23
Signature Algorithm: sha256WithRSAEncryption
8a:51:c7:a0:02:c8:bf:f8:68:76:12:bf:a7:53:1b:84:69:cd:
72:3c:fb:5e:94:46:9b:a7:6f:60:9f:44:ae:7c:53:7a:d7:dc:
5b:05:3b:73:a3:bc:42:90:2d:8c:a1:3a:35:5a:a9:ed:33:df:
f9:a0:42:5f:5b:de:5d:c4:01:e2:5a:ba:03:d1:8b:01:9d:47:
6f:c7:4b:f7:a2:79:ee:28:e5:2a:79:b2:18:ed:da:15:a3:a8:
d4:a5:3e:5c:16:1a:85:50:e2:81:e7:c7:88:85:d1:cb:bc:30:
bd:fe:45:46:01:81:83:86:13:f2:54:9d:8f:5e:36:ce:0b:e6:
95:53:c6:0a:b2:ee:f3:4f:35:2e:ce:4d:25:65:00:79:38:1b:
94:bb:dd:d0:86:9a:35:f3:19:07:b2:30:4e:69:51:6a:2b:a7:
5e:72:c0:8c:05:bc:d2:5c:c4:47:00:88:24:c7:20:99:c7:3b:
6c:51:43:ff:45:ab:f8:df:eb:ae:33:d7:bb:2a:de:35:94:8b:
7b:cc:6c:1f:be:9e:65:46:68:98:07:53:fe:eb:b3:67:86:9c:
e9:09:72:9d:12:0c:db:8d:dd:fb:d2:e8:33:45:84:5b:6f:8d:
e5:b7:45:a2:6f:33:87:12:5f:33:0b:ee:4a:9c:59:08:27:93:
c5:c7:b7:31
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAj7GJTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NGRiOTVmOWQxYjVjM2VjOTM0ZmY4NGQ2ZmY3ZjAxMjQyZGE4NDJhMB4XDTIyMDQw
ODA5NTE0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjdjODY2MTI1N2E3
YzJhYzIzNGUxZjE1ZTM0MzBlMDY4ZDEzNjljNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN7zUiLfBikRyGxFK9SNZGlvEWgqgxw5KqKSUUYfpKjUHQ4y
03OM1hFlWREbpqPOqpy+WtdnjvdCFW84kxKhuFujwZV82nJrErEeVmcF6pvEkBbJ
qOC2Npph6yaWK2ysz89SvXGIM7F/vBacTNy3ZEy7nOoghqq07XzH24y/8L4CCVkA
G8wvWSy8bPGAkMrfmp2vY4vIAWqePe8/Y7O7iRjVFiSgvwF9/VZHQ7/N2m/qsQ9r
r+ZsM2bHngCuQs7oZpZETOkAkKUPvAGd6hGPdkg2FPgDJtl4eUuR+KfHDjA0qVu4
wQpEmoicCX+n77ELbWM160NDXyIoi9IqhjnPQEECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRnyGYSV6fCrCNOHxXjQw4GjRNpxTAfBgNVHSMEGDAWgBT025X50bXD7JNP
+E1v9/ASQtqEKjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlOdVYtZEcxdy15VFRfaE5iX2Z3RWtMYWhDby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjAvNDZkN2FmLTAyZmItNDVmOS1hOTIyLTE0YjM4YjZlMDBhNy8x
L1o4aG1FbGVud3F3alRoOFY0ME1PQm8wVGFjVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjAv
NDZkN2FmLTAyZmItNDVmOS1hOTIyLTE0YjM4YjZlMDBhNy8xLzlOdVYtZEcxdy15
VFRfaE5iX2Z3RWtMYWhDby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVOr/DANBgkqhkiG9w0BAQsFAAOC
AQEAilHHoALIv/hodhK/p1MbhGnNcjz7XpRGm6dvYJ9ErnxTetfcWwU7c6O8QpAt
jKE6NVqp7TPf+aBCX1veXcQB4lq6A9GLAZ1Hb8dL96J57ijlKnmyGO3aFaOo1KU+
XBYahVDigefHiIXRy7wwvf5FRgGBg4YT8lSdj142zgvmlVPGCrLu8081Ls5NJWUA
eTgblLvd0IaaNfMZB7IwTmlRaiunXnLAjAW80lzERwCIJMcgmcc7bFFD/0Wr+N/r
rjPXuyreNZSLe8xsH76eZUZomAdT/uuzZ4ac6QlynRIM243d+9LoM0WEW2+N5bdF
om8zhxJfMwvuSpxZCCeTxce3MQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:03 2023 by rpki-client on console-ams.rpki-client.org