Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/c547b8-99ab-42f1-a6cc-bc665bb21686/1/z1FUC7Mchw4zPmI8pqEtTbiNAgk.roa
File: z1FUC7Mchw4zPmI8pqEtTbiNAgk.roa (raw, json)
Hash identifier: 4WMoBE36KICBcUY5WGXjjKPo2FZfv58ja3qfns/DI70=
Subject key identifier: CF:51:54:0B:B3:1C:87:0E:33:3E:62:3C:A6:A1:2D:4D:B8:8D:02:09
Certificate issuer: /CN=eb554c44046c36439a919738942f31fa756b6911
Certificate serial: 018CC348A0D309C0D0D76B4DC52EAC8FB9A4
Authority key identifier: EB:55:4C:44:04:6C:36:43:9A:91:97:38:94:2F:31:FA:75:6B:69:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/61VMRARsNkOakZc4lC8x-nVraRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/c547b8-99ab-42f1-a6cc-bc665bb21686/1/z1FUC7Mchw4zPmI8pqEtTbiNAgk.roa
Signing time: Mon 01 Jan 2024 04:29:26 +0000
ROA not before: Mon 01 Jan 2024 04:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15682
IP address blocks: 212.74.224.0/21 maxlen: 21
212.74.224.0/19 maxlen: 19
212.74.232.0/21 maxlen: 21
212.74.240.0/21 maxlen: 21
212.74.248.0/21 maxlen: 21
2a01:5f40::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:a0:d3:09:c0:d0:d7:6b:4d:c5:2e:ac:8f:b9:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb554c44046c36439a919738942f31fa756b6911
Validity
Not Before: Jan 1 04:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf51540bb31c870e333e623ca6a12d4db88d0209
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ae:64:24:a3:58:bb:99:e3:65:2e:f5:85:cd:
75:60:a7:bc:45:d0:ac:3c:85:37:f8:3d:1a:e6:0e:
94:8b:cd:af:83:af:d6:6e:97:50:c3:5a:56:15:78:
40:4f:1d:d9:51:74:0e:99:a9:17:c1:0f:1e:2a:5b:
6f:10:4c:75:eb:38:24:f0:d1:f0:b7:ee:f0:51:0f:
1f:73:e6:97:0a:0e:32:fd:05:d5:45:91:91:e7:5f:
02:ad:55:5c:ba:6f:22:1e:56:a8:f4:ce:b8:81:0d:
d3:a6:a7:80:83:25:fc:95:4b:47:cf:d5:e3:a6:dd:
14:ab:d8:14:54:10:95:e9:84:fd:27:d1:58:cc:bb:
0c:56:6e:06:d0:99:06:cd:47:4d:8b:cc:5e:55:ed:
84:9c:dd:3e:07:3c:fb:18:2d:95:79:f4:19:25:6d:
56:3b:0a:39:f5:a9:d1:6c:f9:20:8b:0f:fd:d8:62:
9b:26:2a:b3:47:43:0c:17:eb:c6:37:28:58:b1:78:
08:ca:ef:db:64:c5:ff:1e:48:8c:fd:c6:07:99:90:
01:a4:41:0c:4e:a3:30:e4:6f:91:32:aa:c2:9d:46:
b5:7c:be:ff:0d:9f:98:88:f8:a6:bf:b3:a1:41:79:
3b:8c:60:a2:13:04:71:17:59:86:1f:77:2c:04:9e:
8f:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:51:54:0B:B3:1C:87:0E:33:3E:62:3C:A6:A1:2D:4D:B8:8D:02:09
X509v3 Authority Key Identifier:
keyid:EB:55:4C:44:04:6C:36:43:9A:91:97:38:94:2F:31:FA:75:6B:69:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/61VMRARsNkOakZc4lC8x-nVraRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/c547b8-99ab-42f1-a6cc-bc665bb21686/1/z1FUC7Mchw4zPmI8pqEtTbiNAgk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/c547b8-99ab-42f1-a6cc-bc665bb21686/1/61VMRARsNkOakZc4lC8x-nVraRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.74.224.0/19
IPv6:
2a01:5f40::/32
Signature Algorithm: sha256WithRSAEncryption
6d:46:69:3e:69:e0:bf:4d:6c:e9:e8:9a:05:4d:e6:aa:00:b8:
2a:3f:10:22:41:0f:cc:81:72:09:b0:8a:3c:8d:fc:ec:c4:c5:
c6:4f:6a:e9:fc:1c:4d:2f:7c:f0:bb:76:1a:35:1f:3e:c1:90:
68:7c:2c:f2:6a:db:1d:1f:d2:39:c3:19:54:f3:94:fb:19:24:
10:6a:9b:02:d4:d6:ef:51:c6:1a:b1:37:7d:86:c5:6b:66:a2:
ef:f0:87:b8:c0:44:27:0b:d5:41:b1:11:7c:e5:37:c2:71:fb:
3d:a6:61:d2:fd:c6:2a:fb:38:43:b0:0d:7f:d3:dd:49:49:30:
45:7a:fe:56:eb:99:24:da:b4:be:88:b7:1e:88:62:ed:37:ea:
48:a8:e0:9f:7b:ca:5d:71:1e:a6:23:f6:e2:d5:27:f5:e3:a1:
ef:7a:3f:e6:9b:ff:bf:63:f8:c9:72:1c:ec:86:e7:63:15:af:
47:27:5d:1f:ec:df:e1:f4:f8:2b:43:5f:5f:71:45:0e:e3:ed:
2c:a7:68:52:ac:05:a9:35:a2:75:47:b7:4c:3f:b8:8c:90:d8:
b8:f0:50:a0:26:ca:e6:fd:0d:63:cc:5d:e3:64:3d:ff:c8:f0:
b4:3c:c6:6e:87:07:92:97:95:c6:7c:fa:a4:3f:c7:1f:de:cf:
b1:01:bd:87
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDSKDTCcDQ12tNxS6sj7mkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViNTU0YzQ0MDQ2YzM2NDM5YTkxOTczODk0MmYzMWZhNzU2
YjY5MTEwHhcNMjQwMTAxMDQyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjUxNTQwYmIzMWM4NzBlMzMzZTYyM2NhNmExMmQ0ZGI4OGQwMjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnK5kJKNYu5njZS71hc11YKe8RdCs
PIU3+D0a5g6Ui82vg6/WbpdQw1pWFXhATx3ZUXQOmakXwQ8eKltvEEx16zgk8NHw
t+7wUQ8fc+aXCg4y/QXVRZGR518CrVVcum8iHlao9M64gQ3TpqeAgyX8lUtHz9Xj
pt0Uq9gUVBCV6YT9J9FYzLsMVm4G0JkGzUdNi8xeVe2EnN0+Bzz7GC2VefQZJW1W
Owo59anRbPkgiw/92GKbJiqzR0MMF+vGNyhYsXgIyu/bZMX/HkiM/cYHmZABpEEM
TqMw5G+RMqrCnUa1fL7/DZ+YiPimv7OhQXk7jGCiEwRxF1mGH3csBJ6PMQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFM9RVAuzHIcOMz5iPKahLU24jQIJMB8GA1UdIwQY
MBaAFOtVTEQEbDZDmpGXOJQvMfp1a2kRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjFWTVJBUnNOa09ha1pjNGxDOHgtblZyYVJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS9jNTQ3YjgtOTlhYi00MmYxLWE2Y2Mt
YmM2NjViYjIxNjg2LzEvejFGVUM3TWNodzR6UG1JOHBxRXRUYmlOQWdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS9jNTQ3YjgtOTlhYi00MmYxLWE2Y2MtYmM2NjViYjIxNjg2
LzEvNjFWTVJBUnNOa09ha1pjNGxDOHgtblZyYVJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF1ErgMA0E
AgACMAcDBQAqAV9AMA0GCSqGSIb3DQEBCwUAA4IBAQBtRmk+aeC/TWzp6JoFTeaq
ALgqPxAiQQ/MgXIJsIo8jfzsxMXGT2rp/BxNL3zwu3YaNR8+wZBofCzyatsdH9I5
wxlU85T7GSQQapsC1NbvUcYasTd9hsVrZqLv8Ie4wEQnC9VBsRF85TfCcfs9pmHS
/cYq+zhDsA1/091JSTBFev5W65kk2rS+iLceiGLtN+pIqOCfe8pdcR6mI/bi1Sf1
46Hvej/mm/+/Y/jJchzshudjFa9HJ10f7N/h9PgrQ19fcUUO4+0sp2hSrAWpNaJ1
R7dMP7iMkNi48FCgJsrm/Q1jzF3jZD3/yPC0PMZuhweSl5XGfPqkP8cf3s+xAb2H
-----END CERTIFICATE-----
Generated at Tue Feb 27 00:59:36 2024 by rpki-client on console.sobornost.net