Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/z_qDSjoUN6MO6TUWCtBuJdP6k_A.roa
File: z_qDSjoUN6MO6TUWCtBuJdP6k_A.roa (raw, json)
Hash identifier: kxF0VQQlYLuiYX5uIqcf6jY51olOHCtjaua2vr2KH0w=
Subject key identifier: CF:FA:83:4A:3A:14:37:A3:0E:E9:35:16:0A:D0:6E:25:D3:FA:93:F0
Certificate issuer: /CN=1045dacc837798c3e6cf31f4d27946a33b0de661
Certificate serial: 29F5B13A
Authority key identifier: 10:45:DA:CC:83:77:98:C3:E6:CF:31:F4:D2:79:46:A3:3B:0D:E6:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EEXazIN3mMPmzzH00nlGozsN5mE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/z_qDSjoUN6MO6TUWCtBuJdP6k_A.roa
Signing time: Sat 01 Jan 2022 13:54:29 +0000
ROA not before: Sat 01 Jan 2022 13:54:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205754
IP address blocks: 95.85.84.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 703967546 (0x29f5b13a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1045dacc837798c3e6cf31f4d27946a33b0de661
Validity
Not Before: Jan 1 13:54:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cffa834a3a1437a30ee935160ad06e25d3fa93f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:0b:de:cd:c6:4d:24:6c:39:4d:91:65:15:d1:
8b:a8:e3:31:1e:69:39:19:ad:d9:4b:3e:ca:dc:19:
85:e9:5c:8d:91:2f:a6:1c:c8:df:d0:f4:e3:0c:e0:
7a:9e:4b:c6:89:1b:c3:0f:af:da:77:5c:66:7c:12:
e8:fc:25:4a:98:7d:31:49:dd:91:ce:cc:b4:fd:b6:
7e:76:08:d0:dd:62:29:b3:18:23:11:4d:d8:ae:90:
01:a9:41:24:e6:8a:75:b1:89:16:20:3c:22:0f:35:
c6:24:40:df:24:c7:54:88:a8:bd:18:10:6f:41:45:
b6:5d:4a:ab:21:43:b0:29:46:91:0c:7e:1f:34:8e:
79:b2:c7:69:4f:e6:4a:c9:97:e2:d1:61:38:b1:b7:
38:29:ab:14:8c:71:88:a7:c8:3f:84:72:d2:e4:a9:
61:7c:e5:52:fe:c9:a2:dc:22:8e:c7:71:1b:36:24:
cd:3b:07:23:15:57:30:5c:5b:f1:26:36:51:11:a9:
71:0a:81:2d:0a:5e:31:dd:fd:44:d1:63:9d:b4:a0:
a1:7c:6a:ec:c0:b6:64:d2:c0:10:b6:43:f2:36:7f:
02:fb:64:3c:ea:bc:75:b0:6c:1e:37:54:9d:49:3f:
e2:37:cc:fd:cc:1e:a4:50:a4:37:47:2f:a9:6a:8b:
8f:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:FA:83:4A:3A:14:37:A3:0E:E9:35:16:0A:D0:6E:25:D3:FA:93:F0
X509v3 Authority Key Identifier:
keyid:10:45:DA:CC:83:77:98:C3:E6:CF:31:F4:D2:79:46:A3:3B:0D:E6:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EEXazIN3mMPmzzH00nlGozsN5mE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/z_qDSjoUN6MO6TUWCtBuJdP6k_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/EEXazIN3mMPmzzH00nlGozsN5mE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.85.84.0/24
Signature Algorithm: sha256WithRSAEncryption
03:5a:3f:03:d3:8b:d0:c7:19:41:b2:ab:b0:57:b6:1f:22:0b:
6c:1d:d0:27:86:54:0f:a3:58:c2:8e:a1:58:74:1a:04:bd:df:
22:89:2a:ab:13:ca:69:44:10:e9:90:17:21:e6:fd:b2:91:c3:
1d:46:ba:5a:1c:f0:f6:c1:df:f5:3b:7e:0e:c7:e8:f5:13:55:
57:b1:00:34:69:18:e2:ce:eb:ac:25:bf:4a:86:83:a5:4b:6f:
dd:1c:69:89:6c:55:cc:e3:d6:6e:f3:e0:a0:b3:31:fe:5b:9a:
00:44:b5:53:51:09:f5:1c:48:56:52:60:00:d8:b9:54:80:01:
cb:d3:5e:91:8f:92:f3:ec:9c:c3:e1:a6:f4:c0:24:dd:5d:76:
ed:81:a2:7b:05:4b:b6:3c:f2:29:2e:f3:b6:5f:7f:e1:33:f6:
98:38:e9:a3:8f:d1:d4:5b:ae:40:e9:f9:a3:88:c3:d0:2d:97:
0b:87:73:9b:36:84:f4:72:b1:44:50:0c:e6:ce:d4:66:03:9c:
31:e0:4c:f6:fb:3e:84:33:eb:5d:60:65:73:53:13:c8:32:76:
f0:04:bd:1a:1f:73:b5:70:54:03:e0:e8:25:f3:b5:dd:b5:ea:
75:b2:f2:34:59:cc:96:cd:50:b6:04:ca:02:b9:8b:ea:0d:be:
db:af:07:30
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEKfWxOjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MDQ1ZGFjYzgzNzc5OGMzZTZjZjMxZjRkMjc5NDZhMzNiMGRlNjYxMB4XDTIyMDEw
MTEzNTQyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2ZmYTgzNGEzYTE0
MzdhMzBlZTkzNTE2MGFkMDZlMjVkM2ZhOTNmMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKkL3s3GTSRsOU2RZRXRi6jjMR5pORmt2Us+ytwZhelcjZEv
phzI39D04wzgep5Lxokbww+v2ndcZnwS6PwlSph9MUndkc7MtP22fnYI0N1iKbMY
IxFN2K6QAalBJOaKdbGJFiA8Ig81xiRA3yTHVIiovRgQb0FFtl1KqyFDsClGkQx+
HzSOebLHaU/mSsmX4tFhOLG3OCmrFIxxiKfIP4Ry0uSpYXzlUv7JotwijsdxGzYk
zTsHIxVXMFxb8SY2URGpcQqBLQpeMd39RNFjnbSgoXxq7MC2ZNLAELZD8jZ/Avtk
POq8dbBsHjdUnUk/4jfM/cwepFCkN0cvqWqLj/MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTP+oNKOhQ3ow7pNRYK0G4l0/qT8DAfBgNVHSMEGDAWgBQQRdrMg3eYw+bP
MfTSeUajOw3mYTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VFWGF6SU4zbU1QbXp6SDAwbmxHb3pzTjVtRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjIvMjY2Y2FmLTNiNDMtNDllMC1iNmUxLTljMTc0ZTUzZTRmZS8x
L3pfcURTam9VTjZNTzZUVVdDdEJ1SmRQNmtfQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjIv
MjY2Y2FmLTNiNDMtNDllMC1iNmUxLTljMTc0ZTUzZTRmZS8xL0VFWGF6SU4zbU1Q
bXp6SDAwbmxHb3pzTjVtRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAF9VVDANBgkqhkiG9w0BAQsFAAOC
AQEAA1o/A9OL0McZQbKrsFe2HyILbB3QJ4ZUD6NYwo6hWHQaBL3fIokqqxPKaUQQ
6ZAXIeb9spHDHUa6Whzw9sHf9Tt+Dsfo9RNVV7EANGkY4s7rrCW/SoaDpUtv3Rxp
iWxVzOPWbvPgoLMx/luaAES1U1EJ9RxIVlJgANi5VIABy9NekY+S8+ycw+Gm9MAk
3V127YGiewVLtjzyKS7ztl9/4TP2mDjpo4/R1FuuQOn5o4jD0C2XC4dzmzaE9HKx
RFAM5s7UZgOcMeBM9vs+hDPrXWBlc1MTyDJ28AS9Gh9ztXBUA+DoJfO13bXqdbLy
NFnMls1QtgTKArmL6g2+268HMA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:19 2023 by rpki-client on console-fra.rpki-client.org