Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/Vbn7qwnmrvTEsizZk6dJYFHxvv4.roa
File: Vbn7qwnmrvTEsizZk6dJYFHxvv4.roa (raw, json)
Hash identifier: MUJRYjF0p0qkkeA57fFYD/i9itrfp6znri6YMaNqISM=
Subject key identifier: 55:B9:FB:AB:09:E6:AE:F4:C4:B2:2C:D9:93:A7:49:60:51:F1:BE:FE
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 01856FD50F429373DBCE6EA7516A293F62A4
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/Vbn7qwnmrvTEsizZk6dJYFHxvv4.roa
Signing time: Mon 02 Jan 2023 00:15:12 +0000
ROA not before: Mon 02 Jan 2023 00:15:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8708
IP address blocks: 86.105.233.0/24 maxlen: 24
89.40.65.0/24 maxlen: 24
89.43.53.0/24 maxlen: 24
89.43.63.0/24 maxlen: 24
85.204.241.0/24 maxlen: 24
85.204.242.0/24 maxlen: 24
89.36.137.0/24 maxlen: 24
86.106.113.0/24 maxlen: 24
89.46.93.0/24 maxlen: 24
93.114.57.0/24 maxlen: 24
89.34.178.0/24 maxlen: 24
89.38.236.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:0f:42:93:73:db:ce:6e:a7:51:6a:29:3f:62:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 2 00:15:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=55b9fbab09e6aef4c4b22cd993a7496051f1befe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:28:9c:66:db:e7:a3:53:31:fa:06:8b:d8:c2:
ac:69:63:e4:11:17:19:d3:9c:de:fe:a3:30:bd:08:
42:11:39:27:1d:fd:01:cf:11:57:80:c7:71:2b:ba:
c0:e8:40:5e:3a:92:86:c3:c3:e0:32:7c:d8:bd:57:
2c:20:13:0e:5e:a0:9b:ba:f8:89:e3:ec:59:01:17:
de:b1:8a:ae:7c:ff:2c:1c:f6:9d:a6:3a:35:0e:cf:
93:c0:8e:04:6d:00:75:d3:01:12:26:ee:d6:5b:e4:
93:53:fd:e2:b4:c3:b3:06:0f:a0:c1:a6:8d:00:a2:
ef:9a:5a:02:9d:44:bd:ba:e1:68:0d:1d:50:19:ac:
e1:08:d3:ea:3e:fa:b7:c8:e6:93:5a:e5:29:ad:dc:
99:1a:4d:9a:0f:c5:d4:ba:42:44:dc:8d:e9:a8:fe:
ed:27:0b:c4:1d:6b:d1:79:22:c0:6f:e3:31:35:5d:
7e:e3:66:1c:7e:07:6a:80:52:fc:26:9a:d9:83:f1:
c8:f8:19:2f:fe:cc:9a:59:39:c6:c6:f6:d4:ae:96:
bd:04:24:7c:d7:0d:5e:b8:e5:38:10:c7:03:ef:11:
51:74:54:5a:27:06:df:e6:7d:0d:61:99:eb:dc:e1:
d7:9f:12:89:ce:c8:85:d5:4b:79:b8:b5:dc:68:35:
d4:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:B9:FB:AB:09:E6:AE:F4:C4:B2:2C:D9:93:A7:49:60:51:F1:BE:FE
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/Vbn7qwnmrvTEsizZk6dJYFHxvv4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.241.0-85.204.242.255
86.105.233.0/24
86.106.113.0/24
89.34.178.0/24
89.36.137.0/24
89.38.236.0/24
89.40.65.0/24
89.43.53.0/24
89.43.63.0/24
89.46.93.0/24
93.114.57.0/24
Signature Algorithm: sha256WithRSAEncryption
88:45:82:88:f2:b6:d7:ad:10:d9:04:0a:6b:39:5f:02:c7:d9:
fd:21:2f:8c:b3:5d:19:b5:9f:ca:72:8b:4e:d4:27:2b:dd:99:
11:79:fc:01:b6:ae:71:ae:84:e8:37:f2:73:db:65:ec:ae:ad:
ed:e1:7d:4e:63:73:3a:0b:8a:9f:c7:c7:b7:01:10:d7:3f:c1:
40:63:4e:ec:84:04:b9:51:9e:48:95:f1:0c:2b:32:3b:fb:a3:
e3:e2:39:8b:73:83:45:88:c8:4e:1b:8d:94:0e:85:64:00:95:
38:50:7b:b5:b8:dc:c0:44:4d:57:07:72:00:5f:30:5e:c5:8b:
b3:2f:68:e6:19:26:8d:23:91:7c:04:6a:46:a3:e4:8d:2c:2f:
ac:e9:94:1a:fb:f0:79:23:2e:08:e2:6e:3a:11:11:5b:72:17:
77:4a:be:b6:09:f8:57:8e:6f:14:ef:91:4a:1f:11:0b:3d:9b:
df:f5:6f:7a:b6:4c:58:e8:91:f0:5b:4c:8a:57:7f:de:79:f8:
64:64:9e:a9:b2:5b:6b:f2:e3:49:b8:b9:bb:9c:f4:f8:f3:8c:
54:9a:93:89:8c:2f:2f:d0:13:07:37:81:52:00:0d:c6:72:f9:
06:ef:2e:dc:22:ea:72:76:13:b9:69:3d:40:92:48:4d:61:53:
a9:c5:61:d1
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYVv1Q9Ck3Pbzm6nUWopP2KkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjMwMTAyMDAxNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWI5ZmJhYjA5ZTZhZWY0YzRiMjJjZDk5M2E3NDk2MDUxZjFiZWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnyicZtvno1Mx+gaL2MKsaWPkERcZ
05ze/qMwvQhCETknHf0BzxFXgMdxK7rA6EBeOpKGw8PgMnzYvVcsIBMOXqCbuviJ
4+xZARfesYqufP8sHPadpjo1Ds+TwI4EbQB10wESJu7WW+STU/3itMOzBg+gwaaN
AKLvmloCnUS9uuFoDR1QGazhCNPqPvq3yOaTWuUprdyZGk2aD8XUukJE3I3pqP7t
JwvEHWvReSLAb+MxNV1+42YcfgdqgFL8JprZg/HI+Bkv/syaWTnGxvbUrpa9BCR8
1w1euOU4EMcD7xFRdFRaJwbf5n0NYZnr3OHXnxKJzsiF1Ut5uLXcaDXU1QIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFFW5+6sJ5q70xLIs2ZOnSWBR8b7+MB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL1Zibjdxd25tcnZURXNpelprNmRKWUZIeHZ2NC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwYwYIKwYBBQUHAQcBAf8EVDBSMFAEAgABMEowDAMEAFXM
8QMEAFXM8gMEAFZp6QMEAFZqcQMEAFkisgMEAFkkiQMEAFkm7AMEAFkoQQMEAFkr
NQMEAFkrPwMEAFkuXQMEAF1yOTANBgkqhkiG9w0BAQsFAAOCAQEAiEWCiPK2160Q
2QQKazlfAsfZ/SEvjLNdGbWfynKLTtQnK92ZEXn8Abauca6E6Dfyc9tl7K6t7eF9
TmNzOguKn8fHtwEQ1z/BQGNO7IQEuVGeSJXxDCsyO/uj4+I5i3ODRYjIThuNlA6F
ZACVOFB7tbjcwERNVwdyAF8wXsWLsy9o5hkmjSORfARqRqPkjSwvrOmUGvvweSMu
COJuOhERW3IXd0q+tgn4V45vFO+RSh8RCz2b3/VverZMWOiR8FtMild/3nn4ZGSe
qbJba/LjSbi5u5z0+POMVJqTiYwvL9ATBzeBUgANxnL5Bu8u3CLqcnYTuWk9QJJI
TWFTqcVh0Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:42 2024 by rpki-client on console-fra.rpki-client.org