Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-2mIV3Hf11tk8XnvEMPl8NHM9uo.roa
File: 1-2mIV3Hf11tk8XnvEMPl8NHM9uo.roa (raw, json)
Hash identifier: x/tMkVfG5vZ74o3JidzQBrEz36By+WA0p46NZ2CK/IU=
Subject key identifier: FB:69:88:57:71:DF:D7:5B:64:F1:79:EF:10:C3:E5:F0:D1:CC:F6:EA
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 0184DC35428B995D29087BF2262AEEC55B27
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-2mIV3Hf11tk8XnvEMPl8NHM9uo.roa
Signing time: Sun 04 Dec 2022 08:16:28 +0000
ROA not before: Sun 04 Dec 2022 08:16:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12325
IP address blocks: 94.177.28.0/24 maxlen: 24
89.35.124.0/23 maxlen: 24
89.46.42.0/24 maxlen: 24
94.177.145.0/24 maxlen: 24
188.213.212.0/24 maxlen: 24
188.213.216.0/24 maxlen: 24
94.176.213.0/24 maxlen: 24
89.47.36.0/24 maxlen: 24
77.81.65.0/24 maxlen: 24
92.114.32.0/24 maxlen: 24
89.40.222.0/23 maxlen: 24
77.81.88.0/24 maxlen: 24
92.114.54.0/24 maxlen: 24
89.44.105.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:dc:35:42:8b:99:5d:29:08:7b:f2:26:2a:ee:c5:5b:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Dec 4 08:16:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fb69885771dfd75b64f179ef10c3e5f0d1ccf6ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:4e:f9:92:af:4c:4b:22:ed:02:75:53:83:46:
ef:0a:c0:59:93:57:f9:48:18:3a:a7:c0:05:de:d7:
9f:c0:1b:32:15:06:a3:d1:de:1a:52:c3:06:f6:d3:
c1:c0:9a:9b:95:c3:01:84:23:9f:f9:2d:56:d4:be:
79:10:f2:dd:d6:7f:85:ee:62:0e:d5:4a:6b:c4:e0:
fe:53:d6:cb:71:c5:b0:a0:4f:0a:41:91:c9:3b:e0:
e0:8d:2e:bd:f3:18:be:de:23:ef:cb:77:8d:9d:14:
fb:f6:89:02:b9:be:64:3e:d0:62:e5:48:44:1d:a0:
78:c0:77:a1:ec:87:d7:c8:77:6a:99:a8:3e:18:a5:
10:6b:96:0c:de:5a:42:8d:14:02:d1:98:8f:48:d4:
a4:6a:61:29:67:47:67:f4:60:ed:ec:e0:87:9d:91:
54:22:fe:73:e6:16:12:50:6a:42:1a:ef:51:86:f9:
22:89:4f:08:97:75:d8:4b:76:7d:e4:33:04:39:ec:
4d:f3:44:e9:b7:ad:cc:5f:60:5a:21:24:23:82:c7:
c5:6e:fd:ac:41:84:c8:50:94:bc:47:87:8a:94:25:
96:81:2c:1d:97:95:7a:a2:ea:e7:ac:d0:81:af:a3:
bd:70:1c:30:8e:a0:ee:5e:5d:07:a6:8d:d8:82:a9:
f5:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:69:88:57:71:DF:D7:5B:64:F1:79:EF:10:C3:E5:F0:D1:CC:F6:EA
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-2mIV3Hf11tk8XnvEMPl8NHM9uo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.65.0/24
77.81.88.0/24
89.35.124.0/23
89.40.222.0/23
89.44.105.0/24
89.46.42.0/24
89.47.36.0/24
92.114.32.0/24
92.114.54.0/24
94.176.213.0/24
94.177.28.0/24
94.177.145.0/24
188.213.212.0/24
188.213.216.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:67:11:a3:c0:2b:80:e6:42:e6:2e:59:e9:df:01:c3:e8:bf:
11:4d:82:2e:5c:30:0a:c1:e8:af:cd:55:44:8f:54:b2:36:70:
96:c0:90:7d:5c:ae:23:3d:29:a9:ee:c2:2b:8f:0d:68:4a:54:
5d:d3:23:69:d9:fb:46:98:f6:16:d1:25:37:6a:47:f5:a7:86:
92:af:75:f0:32:71:fb:c0:34:b3:00:56:5a:08:51:ef:ef:d1:
6c:22:09:ee:18:64:38:d1:d0:71:ac:ee:f6:e3:4a:91:2b:33:
ad:37:b1:ce:64:01:96:9f:ff:95:85:24:95:6d:3d:f9:f1:0d:
91:b1:2f:f1:7e:9c:45:c9:84:b2:21:96:df:ed:f4:e3:65:c4:
90:32:e9:a7:fb:00:d2:4e:c1:61:47:4a:4f:be:06:78:7c:74:
4d:13:2f:9a:14:d3:69:b7:50:68:2c:13:b8:a7:e3:fa:b9:c1:
12:c7:82:a2:16:52:8e:3e:94:46:30:31:f9:16:e5:62:61:6a:
fc:29:72:fa:5f:40:b6:69:87:a4:9c:5d:5c:d5:5a:9b:62:b8:
9f:d5:20:5e:48:ac:43:d6:33:a9:d4:37:f0:fa:fb:36:5f:65:
0d:11:f7:69:23:0f:e4:aa:49:0e:88:d5:4a:ad:1b:89:7f:8b:
d1:bb:5e:32
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYTcNUKLmV0pCHvyJiruxVsnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjIxMjA0MDgxNjI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjY5ODg1NzcxZGZkNzViNjRmMTc5ZWYxMGMzZTVmMGQxY2NmNmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnE75kq9MSyLtAnVTg0bvCsBZk1f5
SBg6p8AF3tefwBsyFQaj0d4aUsMG9tPBwJqblcMBhCOf+S1W1L55EPLd1n+F7mIO
1UprxOD+U9bLccWwoE8KQZHJO+DgjS698xi+3iPvy3eNnRT79okCub5kPtBi5UhE
HaB4wHeh7IfXyHdqmag+GKUQa5YM3lpCjRQC0ZiPSNSkamEpZ0dn9GDt7OCHnZFU
Iv5z5hYSUGpCGu9RhvkiiU8Il3XYS3Z95DMEOexN80Tpt63MX2BaISQjgsfFbv2s
QYTIUJS8R4eKlCWWgSwdl5V6ournrNCBr6O9cBwwjqDuXl0Hpo3Ygqn1kQIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFPtpiFdx39dbZPF57xDD5fDRzPbqMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY4GCCsGAQUFBwELBIGBMH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xLzEtMm1JVjNIZjExdGs4WG52RU1QbDhOSE05dW8ucm9h
MIGCBgNVHR8EezB5MHegdaBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3Np
dG9yeS9ERUZBVUxULzc4L2RhMzM5OC02Njk4LTQ1ZjItYmFhZS05MmUyNWZlMTYz
MzEvMS8xLU9ZbU5PRzlVVE9wM2tVU3JwakswYklobTFrLmNybDAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQATVFB
AwQATVFYAwQBWSN8AwQBWSjeAwQAWSxpAwQAWS4qAwQAWS8kAwQAXHIgAwQAXHI2
AwQAXrDVAwQAXrEcAwQAXrGRAwQAvNXUAwQAvNXYMA0GCSqGSIb3DQEBCwUAA4IB
AQBuZxGjwCuA5kLmLlnp3wHD6L8RTYIuXDAKweivzVVEj1SyNnCWwJB9XK4jPSmp
7sIrjw1oSlRd0yNp2ftGmPYW0SU3akf1p4aSr3XwMnH7wDSzAFZaCFHv79FsIgnu
GGQ40dBxrO7240qRKzOtN7HOZAGWn/+VhSSVbT358Q2RsS/xfpxFyYSyIZbf7fTj
ZcSQMumn+wDSTsFhR0pPvgZ4fHRNEy+aFNNpt1BoLBO4p+P6ucESx4KiFlKOPpRG
MDH5FuViYWr8KXL6X0C2aYeknF1c1VqbYrif1SBeSKxD1jOp1Dfw+vs2X2UNEfdp
Iw/kqkkOiNVKrRuJf4vRu14y
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:42 2024 by rpki-client on console-fra.rpki-client.org