Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/46d7af-02fb-45f9-a922-14b38b6e00a7/1/zL9ULLiZwfB7VM24rpzkmiwPwm4.roa
File: zL9ULLiZwfB7VM24rpzkmiwPwm4.roa (raw, json)
Hash identifier: 0IDcgRRr1txRbyHvyt1CDHX0GHZIcAQ9xp2H+oIuyGg=
Subject key identifier: CC:BF:54:2C:B8:99:C1:F0:7B:54:CD:B8:AE:9C:E4:9A:2C:0F:C2:6E
Certificate issuer: /CN=f4db95f9d1b5c3ec934ff84d6ff7f01242da842a
Certificate serial: 0185737A96EABD8A17AD24916E3D7EA04B9F
Authority key identifier: F4:DB:95:F9:D1:B5:C3:EC:93:4F:F8:4D:6F:F7:F0:12:42:DA:84:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9NuV-dG1w-yTT_hNb_fwEkLahCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/46d7af-02fb-45f9-a922-14b38b6e00a7/1/zL9ULLiZwfB7VM24rpzkmiwPwm4.roa
Signing time: Mon 02 Jan 2023 17:14:51 +0000
ROA not before: Mon 02 Jan 2023 17:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 188.119.112.0/24 maxlen: 24
188.119.113.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:7a:96:ea:bd:8a:17:ad:24:91:6e:3d:7e:a0:4b:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4db95f9d1b5c3ec934ff84d6ff7f01242da842a
Validity
Not Before: Jan 2 17:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ccbf542cb899c1f07b54cdb8ae9ce49a2c0fc26e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:03:ba:53:5e:76:8f:d5:fe:d3:25:90:5e:dc:
13:a8:d2:92:a7:01:ee:a0:98:2d:3a:ed:4e:c1:4a:
36:eb:d8:77:e6:3a:fa:0d:3b:a7:65:c9:4f:a0:1d:
1a:3a:73:1b:63:1b:cf:93:ab:ad:5c:0a:b5:ed:bc:
bf:0d:e3:ed:2f:b8:2a:cf:41:09:1a:c0:fa:89:48:
99:d3:4a:3a:2e:7f:57:0d:37:3c:40:45:22:50:ba:
3c:7a:3a:73:b3:06:58:0e:6f:06:3f:64:d6:f3:a1:
66:27:8c:40:d9:72:18:ec:4b:36:10:0e:94:90:6d:
0e:0a:b5:93:90:4f:b3:60:24:74:81:a7:72:3a:15:
12:23:8f:0f:b8:c4:a2:75:ee:5a:ff:3d:43:dd:c1:
eb:4d:75:ae:4f:e0:f5:d9:5a:eb:76:ec:81:6e:f4:
50:eb:aa:f9:cb:6f:81:3a:75:ab:8f:2c:61:d6:eb:
d7:29:4b:a2:bb:56:80:8d:94:67:5c:4f:e6:ba:f4:
de:a8:d9:32:cb:31:78:a6:02:b9:3a:b5:3a:87:ab:
91:a4:75:69:5f:f9:4f:e5:15:99:51:8b:c1:b3:81:
89:a8:1a:b6:91:30:43:51:68:4b:9a:84:b1:a6:cd:
d2:ab:93:f9:9c:d0:d7:17:b4:51:00:f4:88:cf:81:
24:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:BF:54:2C:B8:99:C1:F0:7B:54:CD:B8:AE:9C:E4:9A:2C:0F:C2:6E
X509v3 Authority Key Identifier:
keyid:F4:DB:95:F9:D1:B5:C3:EC:93:4F:F8:4D:6F:F7:F0:12:42:DA:84:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9NuV-dG1w-yTT_hNb_fwEkLahCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/46d7af-02fb-45f9-a922-14b38b6e00a7/1/zL9ULLiZwfB7VM24rpzkmiwPwm4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/46d7af-02fb-45f9-a922-14b38b6e00a7/1/9NuV-dG1w-yTT_hNb_fwEkLahCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.119.112.0/23
Signature Algorithm: sha256WithRSAEncryption
22:d4:e5:d9:cc:9f:f9:98:62:bb:00:5b:f7:2f:83:8b:02:66:
88:39:f6:81:94:f8:75:f3:c6:0e:03:40:7a:b7:83:36:4d:a7:
f6:a8:9c:f6:3e:2d:69:71:49:dd:99:ff:14:b4:42:5c:96:f8:
c6:6a:7a:4a:4a:31:b5:54:5c:46:11:ae:d9:09:9f:e8:ec:7d:
00:1e:be:65:6a:c3:ca:a5:7a:9a:22:a5:9d:9f:9c:4f:9a:e3:
d7:0f:e1:18:59:d3:b2:18:d2:23:9d:0c:53:79:a0:83:ab:67:
e8:47:96:2a:93:1c:b6:61:b8:d4:51:2f:7f:ea:c7:1b:49:8f:
66:13:d7:b4:d7:8a:3c:d2:95:9b:cc:8d:19:50:73:a5:4b:23:
7f:de:ff:0f:f2:94:a3:c3:37:a9:fb:41:5d:f2:15:a2:bf:fa:
f5:40:21:7c:b5:f0:fe:42:b9:9e:1f:ec:8d:c3:55:3d:fe:16:
7b:eb:03:1e:f6:6f:ef:1f:b5:e1:ea:ff:0c:60:6d:74:b7:42:
84:85:85:f1:96:eb:95:ad:dd:8d:35:b0:36:56:0e:58:9d:01:
c8:99:ae:7e:0d:86:4c:99:cd:1b:f1:2c:7e:41:19:f3:1d:c3:
0a:89:ef:1b:22:ec:cc:15:d0:03:9b:0b:9f:1b:66:3c:f1:04:
1d:09:05:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzepbqvYoXrSSRbj1+oEufMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZGI5NWY5ZDFiNWMzZWM5MzRmZjg0ZDZmZjdmMDEyNDJk
YTg0MmEwHhcNMjMwMTAyMTcxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2JmNTQyY2I4OTljMWYwN2I1NGNkYjhhZTljZTQ5YTJjMGZjMjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAggO6U152j9X+0yWQXtwTqNKSpwHu
oJgtOu1OwUo269h35jr6DTunZclPoB0aOnMbYxvPk6utXAq17by/DePtL7gqz0EJ
GsD6iUiZ00o6Ln9XDTc8QEUiULo8ejpzswZYDm8GP2TW86FmJ4xA2XIY7Es2EA6U
kG0OCrWTkE+zYCR0gadyOhUSI48PuMSide5a/z1D3cHrTXWuT+D12VrrduyBbvRQ
66r5y2+BOnWrjyxh1uvXKUuiu1aAjZRnXE/muvTeqNkyyzF4pgK5OrU6h6uRpHVp
X/lP5RWZUYvBs4GJqBq2kTBDUWhLmoSxps3Sq5P5nNDXF7RRAPSIz4EkXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMy/VCy4mcHwe1TNuK6c5JosD8JuMB8GA1UdIwQY
MBaAFPTblfnRtcPsk0/4TW/38BJC2oQqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU51Vi1kRzF3LXlUVF9oTmJfZndFa0xhaENvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC80NmQ3YWYtMDJmYi00NWY5LWE5MjIt
MTRiMzhiNmUwMGE3LzEvekw5VUxMaVp3ZkI3Vk0yNHJwemttaXdQd200LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC80NmQ3YWYtMDJmYi00NWY5LWE5MjItMTRiMzhiNmUwMGE3
LzEvOU51Vi1kRzF3LXlUVF9oTmJfZndFa0xhaENvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBvHdwMA0G
CSqGSIb3DQEBCwUAA4IBAQAi1OXZzJ/5mGK7AFv3L4OLAmaIOfaBlPh188YOA0B6
t4M2Taf2qJz2Pi1pcUndmf8UtEJclvjGanpKSjG1VFxGEa7ZCZ/o7H0AHr5lasPK
pXqaIqWdn5xPmuPXD+EYWdOyGNIjnQxTeaCDq2foR5Yqkxy2YbjUUS9/6scbSY9m
E9e014o80pWbzI0ZUHOlSyN/3v8P8pSjwzep+0Fd8hWiv/r1QCF8tfD+QrmeH+yN
w1U9/hZ76wMe9m/vH7Xh6v8MYG10t0KEhYXxluuVrd2NNbA2Vg5YnQHIma5+DYZM
mc0b8Sx+QRnzHcMKie8bIuzMFdADmwufG2Y88QQdCQWh
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:13 2023 by rpki-client on console-fra.rpki-client.org