Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/46d7af-02fb-45f9-a922-14b38b6e00a7/1/Zme_z06hNl2Aa13Phr2hHEn0FG4.roa
File: Zme_z06hNl2Aa13Phr2hHEn0FG4.roa (raw, json)
Hash identifier: f7xNZnv6vYS1xGA1IA6H3i1uOWaLKedwIBKREeKV3sA=
Subject key identifier: 66:67:BF:CF:4E:A1:36:5D:80:6B:5D:CF:86:BD:A1:1C:49:F4:14:6E
Certificate issuer: /CN=f4db95f9d1b5c3ec934ff84d6ff7f01242da842a
Certificate serial: 0185737A95D52F59AF256E070326903F2213
Authority key identifier: F4:DB:95:F9:D1:B5:C3:EC:93:4F:F8:4D:6F:F7:F0:12:42:DA:84:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9NuV-dG1w-yTT_hNb_fwEkLahCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/46d7af-02fb-45f9-a922-14b38b6e00a7/1/Zme_z06hNl2Aa13Phr2hHEn0FG4.roa
Signing time: Mon 02 Jan 2023 17:14:51 +0000
ROA not before: Mon 02 Jan 2023 17:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 83.171.252.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:7a:95:d5:2f:59:af:25:6e:07:03:26:90:3f:22:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4db95f9d1b5c3ec934ff84d6ff7f01242da842a
Validity
Not Before: Jan 2 17:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6667bfcf4ea1365d806b5dcf86bda11c49f4146e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:64:b6:75:ff:05:3a:92:1a:cb:b0:b9:a2:88:
b0:25:d3:97:f5:6b:aa:c7:6f:a2:f0:79:83:02:24:
ca:d4:4f:a1:05:7d:df:1a:91:b0:40:8f:d0:e2:fe:
20:67:1b:22:61:3c:e8:f1:eb:d4:ea:08:90:d3:dc:
db:7a:23:07:a4:48:f5:45:0a:53:1d:c8:99:d5:11:
91:e5:c5:0f:68:ff:a4:02:1e:ed:1d:08:2a:db:2c:
28:91:ff:6d:d1:ea:f6:76:73:86:0b:27:3a:6b:a5:
79:48:9c:c2:19:dc:94:a7:45:bb:87:68:89:f3:ae:
f1:1e:21:27:61:57:a6:d4:33:d8:88:0f:d1:61:d5:
df:3a:65:92:3a:f0:5a:eb:d2:cb:2a:84:a1:6d:67:
16:f0:00:9f:0c:47:6c:aa:91:cd:9d:7e:29:e1:44:
df:5b:30:29:7b:a3:25:c8:73:50:7a:03:98:79:1b:
ee:38:a9:22:31:cb:27:e0:4c:fd:ec:e9:e2:ce:6f:
44:ec:d7:be:70:3e:d4:b6:71:79:23:23:00:12:60:
7b:89:48:78:ad:03:74:4a:cb:4a:1a:00:c9:c4:46:
ac:e8:1d:8d:ac:7f:dc:22:1f:c0:9a:22:fd:16:5e:
d0:a5:43:54:ca:d4:b1:51:09:da:03:39:06:10:d0:
7f:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:67:BF:CF:4E:A1:36:5D:80:6B:5D:CF:86:BD:A1:1C:49:F4:14:6E
X509v3 Authority Key Identifier:
keyid:F4:DB:95:F9:D1:B5:C3:EC:93:4F:F8:4D:6F:F7:F0:12:42:DA:84:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9NuV-dG1w-yTT_hNb_fwEkLahCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/46d7af-02fb-45f9-a922-14b38b6e00a7/1/Zme_z06hNl2Aa13Phr2hHEn0FG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/46d7af-02fb-45f9-a922-14b38b6e00a7/1/9NuV-dG1w-yTT_hNb_fwEkLahCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.171.252.0/23
Signature Algorithm: sha256WithRSAEncryption
8b:59:c0:a8:6e:46:96:a5:73:2a:d0:b4:23:97:bc:9d:16:16:
78:30:a9:fa:14:cc:4a:1b:4f:3b:54:88:d3:54:8c:4c:30:b7:
05:6a:c8:fa:23:57:7e:f2:db:59:50:58:09:47:f1:12:be:e9:
c3:5a:5b:08:4d:85:6c:b1:71:91:b4:e8:b2:00:cd:6b:29:fb:
16:b0:ec:f5:6b:5d:96:75:e4:2f:ac:d9:b2:c6:89:65:11:16:
d4:15:6c:50:f3:ec:28:85:85:b5:6d:f1:56:8c:cd:53:17:8d:
13:59:ad:3a:50:dc:19:47:46:1d:0e:b7:57:15:a0:b8:34:86:
dc:79:1b:90:f4:1a:3c:c3:6a:ad:44:22:2c:9e:40:d7:9d:4b:
de:79:83:f5:d1:8b:21:9d:dd:ec:89:89:45:8e:a1:76:00:5b:
12:5c:c0:71:59:8e:5f:eb:96:1d:fd:cf:96:a6:20:cd:96:55:
25:e4:ab:4d:89:27:5e:bd:fd:34:4f:b9:89:7c:32:f9:2c:7f:
da:88:29:32:b7:25:08:be:0f:2c:2d:66:95:74:0b:24:62:cc:
ef:2c:39:57:c3:7a:73:a1:9c:4d:42:4b:54:0f:54:a9:4b:0d:
a8:60:d3:f4:6d:b2:b6:16:1d:cd:54:19:a4:b1:34:10:95:c0:
e8:be:52:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzepXVL1mvJW4HAyaQPyITMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZGI5NWY5ZDFiNWMzZWM5MzRmZjg0ZDZmZjdmMDEyNDJk
YTg0MmEwHhcNMjMwMTAyMTcxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjY3YmZjZjRlYTEzNjVkODA2YjVkY2Y4NmJkYTExYzQ5ZjQxNDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0GS2df8FOpIay7C5ooiwJdOX9Wuq
x2+i8HmDAiTK1E+hBX3fGpGwQI/Q4v4gZxsiYTzo8evU6giQ09zbeiMHpEj1RQpT
HciZ1RGR5cUPaP+kAh7tHQgq2ywokf9t0er2dnOGCyc6a6V5SJzCGdyUp0W7h2iJ
867xHiEnYVem1DPYiA/RYdXfOmWSOvBa69LLKoShbWcW8ACfDEdsqpHNnX4p4UTf
WzApe6MlyHNQegOYeRvuOKkiMcsn4Ez97Onizm9E7Ne+cD7UtnF5IyMAEmB7iUh4
rQN0SstKGgDJxEas6B2NrH/cIh/AmiL9Fl7QpUNUytSxUQnaAzkGENB/dwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGZnv89OoTZdgGtdz4a9oRxJ9BRuMB8GA1UdIwQY
MBaAFPTblfnRtcPsk0/4TW/38BJC2oQqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU51Vi1kRzF3LXlUVF9oTmJfZndFa0xhaENvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC80NmQ3YWYtMDJmYi00NWY5LWE5MjIt
MTRiMzhiNmUwMGE3LzEvWm1lX3owNmhObDJBYTEzUGhyMmhIRW4wRkc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC80NmQ3YWYtMDJmYi00NWY5LWE5MjItMTRiMzhiNmUwMGE3
LzEvOU51Vi1kRzF3LXlUVF9oTmJfZndFa0xhaENvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBU6v8MA0G
CSqGSIb3DQEBCwUAA4IBAQCLWcCobkaWpXMq0LQjl7ydFhZ4MKn6FMxKG087VIjT
VIxMMLcFasj6I1d+8ttZUFgJR/ESvunDWlsITYVssXGRtOiyAM1rKfsWsOz1a12W
deQvrNmyxollERbUFWxQ8+wohYW1bfFWjM1TF40TWa06UNwZR0YdDrdXFaC4NIbc
eRuQ9Bo8w2qtRCIsnkDXnUveeYP10Yshnd3siYlFjqF2AFsSXMBxWY5f65Yd/c+W
piDNllUl5KtNiSdevf00T7mJfDL5LH/aiCkytyUIvg8sLWaVdAskYszvLDlXw3pz
oZxNQktUD1SpSw2oYNP0bbK2Fh3NVBmksTQQlcDovlJU
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:03 2023 by rpki-client on console-ams.rpki-client.org