Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/4b128d-ed47-41c1-aaf0-dfe6c5eb1f7c/1/TTHC5Nqh7IXGdHPhN01B4BttNWk.roa
File: TTHC5Nqh7IXGdHPhN01B4BttNWk.roa (raw, json)
Hash identifier: 3JvyYJQD8XyfwsuEqiWqP+Hj2hzGm8vcLm9Ei0oi6RM=
Subject key identifier: 4D:31:C2:E4:DA:A1:EC:85:C6:74:73:E1:37:4D:41:E0:1B:6D:35:69
Certificate issuer: /CN=61658d5efa2a0a3c36c9239374258a98f7fda388
Certificate serial: 03D3FD
Authority key identifier: 61:65:8D:5E:FA:2A:0A:3C:36:C9:23:93:74:25:8A:98:F7:FD:A3:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YWWNXvoqCjw2ySOTdCWKmPf9o4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/4b128d-ed47-41c1-aaf0-dfe6c5eb1f7c/1/TTHC5Nqh7IXGdHPhN01B4BttNWk.roa
Signing time: Thu 03 Mar 2022 10:22:50 +0000
ROA not before: Thu 03 Mar 2022 10:22:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8771
IP address blocks: 213.240.0.0/19 maxlen: 19
109.121.64.0/18 maxlen: 18
213.240.0.0/18 maxlen: 18
213.198.192.0/18 maxlen: 18
213.240.36.0/22 maxlen: 22
194.247.192.0/19 maxlen: 19
213.240.40.0/23 maxlen: 23
213.240.40.0/21 maxlen: 21
78.30.128.0/18 maxlen: 18
213.240.48.0/20 maxlen: 20
2a00:1108::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 250877 (0x3d3fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61658d5efa2a0a3c36c9239374258a98f7fda388
Validity
Not Before: Mar 3 10:22:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4d31c2e4daa1ec85c67473e1374d41e01b6d3569
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:2b:46:8e:04:6b:e0:a7:07:0f:e7:3a:3b:60:
18:b4:03:fd:85:53:ef:82:9d:41:7f:a2:06:84:18:
a3:58:e6:ae:c5:92:37:51:1b:2e:e7:da:b0:0c:d7:
7f:d0:09:f9:05:8d:f1:bf:e3:9c:d5:be:05:17:2b:
ba:f1:68:ef:ff:2d:3c:e6:5f:9f:45:92:35:a0:59:
51:76:a7:37:19:e3:44:f1:28:62:cf:e2:a2:fe:5b:
41:47:f5:bd:64:60:9a:56:c8:15:c2:cf:66:77:0c:
6e:4b:80:92:cb:7d:11:39:54:7a:5b:11:dd:4a:f3:
a0:e9:ed:22:5f:48:2d:3a:fa:30:7c:2d:1f:2d:f5:
cf:c2:7f:00:a2:0b:49:86:19:cb:e4:ef:e2:bc:17:
0e:53:e9:5c:4a:5a:83:b1:dd:04:4e:16:fb:76:61:
bd:f3:b5:3d:b5:05:5e:17:4a:3d:a6:bf:d6:98:ce:
db:61:a6:1a:e6:cf:88:a0:bd:5b:e6:a2:97:d5:35:
9a:05:54:8f:e2:86:0d:f6:79:18:d0:66:eb:95:9b:
75:f4:89:1a:7e:96:67:06:ef:87:e9:cc:36:26:37:
5e:dd:bf:8a:43:21:e8:3f:8e:0e:40:5d:51:dd:fe:
a7:d7:cd:a3:16:79:94:39:f0:53:85:ea:04:c9:07:
b4:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:31:C2:E4:DA:A1:EC:85:C6:74:73:E1:37:4D:41:E0:1B:6D:35:69
X509v3 Authority Key Identifier:
keyid:61:65:8D:5E:FA:2A:0A:3C:36:C9:23:93:74:25:8A:98:F7:FD:A3:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YWWNXvoqCjw2ySOTdCWKmPf9o4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/4b128d-ed47-41c1-aaf0-dfe6c5eb1f7c/1/TTHC5Nqh7IXGdHPhN01B4BttNWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/4b128d-ed47-41c1-aaf0-dfe6c5eb1f7c/1/YWWNXvoqCjw2ySOTdCWKmPf9o4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.30.128.0/18
109.121.64.0/18
194.247.192.0/19
213.198.192.0/18
213.240.0.0/18
IPv6:
2a00:1108::/32
Signature Algorithm: sha256WithRSAEncryption
61:ac:0d:85:15:db:9e:60:3c:15:07:92:3a:65:83:66:e7:b3:
84:07:54:17:2e:18:94:89:6a:2f:cc:29:25:1b:a8:1c:7f:a5:
6f:43:37:c8:94:dc:26:10:a5:1f:e4:54:6b:72:b7:a7:22:1e:
f9:f1:87:b6:ef:86:8c:2f:e4:10:d5:e5:da:2e:50:61:1f:ce:
78:28:26:70:06:ec:af:e5:ba:0b:25:62:ac:77:0f:42:6a:1a:
b6:b0:35:81:5a:78:64:f6:b3:4c:e6:a8:63:3c:11:6f:fc:33:
9a:99:72:1c:80:c9:6e:c8:58:a7:88:f4:0f:21:51:7e:22:36:
d2:d0:e3:ea:67:bf:f7:0f:1e:6d:b5:5c:3f:89:3b:f0:d6:43:
2e:b5:e1:15:9a:bf:74:b3:47:30:9f:de:96:f3:9c:ce:14:f1:
7d:8d:1b:0d:3a:b3:95:1f:f6:d5:45:b1:47:db:90:19:07:26:
cf:81:2d:bd:03:90:e0:c1:5b:19:6f:4f:d3:17:5c:d1:3e:21:
1a:52:16:0b:d7:c7:b7:3b:b7:e7:b3:86:da:f8:69:e9:e9:44:
d3:7f:16:58:e5:8d:ac:ec:84:f4:a4:7b:8d:cb:80:48:a4:4c:
54:03:67:d6:e8:eb:3b:16:4d:d4:90:15:9c:6e:70:fa:8e:34:
79:53:8e:c2
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIDA9P9MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDYx
NjU4ZDVlZmEyYTBhM2MzNmM5MjM5Mzc0MjU4YTk4ZjdmZGEzODgwHhcNMjIwMzAz
MTAyMjUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg0ZDMxYzJlNGRhYTFl
Yzg1YzY3NDczZTEzNzRkNDFlMDFiNmQzNTY5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAtCtGjgRr4KcHD+c6O2AYtAP9hVPvgp1Bf6IGhBijWOauxZI3
URsu59qwDNd/0An5BY3xv+Oc1b4FFyu68Wjv/y085l+fRZI1oFlRdqc3GeNE8Shi
z+Ki/ltBR/W9ZGCaVsgVws9mdwxuS4CSy30ROVR6WxHdSvOg6e0iX0gtOvowfC0f
LfXPwn8AogtJhhnL5O/ivBcOU+lcSlqDsd0EThb7dmG987U9tQVeF0o9pr/WmM7b
YaYa5s+IoL1b5qKX1TWaBVSP4oYN9nkY0GbrlZt19IkafpZnBu+H6cw2Jjde3b+K
QyHoP44OQF1R3f6n182jFnmUOfBTheoEyQe0CwIDAQABo4ICMDCCAiwwHQYDVR0O
BBYEFE0xwuTaoeyFxnRz4TdNQeAbbTVpMB8GA1UdIwQYMBaAFGFljV76Kgo8Nskj
k3Qlipj3/aOIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
WVdXTlh2b3FDancyeVNPVGRDV0ttUGY5bzRnLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8wNS80YjEyOGQtZWQ0Ny00MWMxLWFhZjAtZGZlNmM1ZWIxZjdjLzEv
VFRIQzVOcWg3SVhHZEhQaE4wMUI0QnR0TldrLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS80
YjEyOGQtZWQ0Ny00MWMxLWFhZjAtZGZlNmM1ZWIxZjdjLzEvWVdXTlh2b3FDancy
eVNPVGRDV0ttUGY5bzRnLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEYG
CCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQGTh6AAwQGbXlAAwQFwvfAAwQG1cbA
AwQG1fAAMA0EAgACMAcDBQAqABEIMA0GCSqGSIb3DQEBCwUAA4IBAQBhrA2FFdue
YDwVB5I6ZYNm57OEB1QXLhiUiWovzCklG6gcf6VvQzfIlNwmEKUf5FRrcrenIh75
8Ye274aML+QQ1eXaLlBhH854KCZwBuyv5boLJWKsdw9Cahq2sDWBWnhk9rNM5qhj
PBFv/DOamXIcgMluyFiniPQPIVF+IjbS0OPqZ7/3Dx5ttVw/iTvw1kMuteEVmr90
s0cwn96W85zOFPF9jRsNOrOVH/bVRbFH25AZBybPgS29A5DgwVsZb0/TF1zRPiEa
UhYL18e3O7fns4ba+Gnp6UTTfxZY5Y2s7IT0pHuNy4BIpExUA2fW6Os7Fk3UkBWc
bnD6jjR5U47C
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:09 2024 by rpki-client on console-ams.rpki-client.org