Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/cc8bfa-2b13-4674-a984-a5fdb570fe9a/1/ab36BT_eH-gCKNw0HgpvFGMpEsw.roa
File: ab36BT_eH-gCKNw0HgpvFGMpEsw.roa (raw, json)
Hash identifier: D+pZ60QolVQ1m4b6in7yVrHN6dH8kYh/fIuTj9MXglE=
Subject key identifier: 69:BD:FA:05:3F:DE:1F:E8:02:28:DC:34:1E:0A:6F:14:63:29:12:CC
Certificate issuer: /CN=0620eadb2e1562b4e2e4f480772c36887a777f24
Certificate serial: 316CE1C2
Authority key identifier: 06:20:EA:DB:2E:15:62:B4:E2:E4:F4:80:77:2C:36:88:7A:77:7F:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BiDq2y4VYrTi5PSAdyw2iHp3fyQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/cc8bfa-2b13-4674-a984-a5fdb570fe9a/1/ab36BT_eH-gCKNw0HgpvFGMpEsw.roa
Signing time: Mon 13 Jun 2022 09:48:18 +0000
ROA not before: Mon 13 Jun 2022 09:48:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20649
IP address blocks: 78.111.96.0/24 maxlen: 24
78.111.97.0/24 maxlen: 24
78.111.98.0/24 maxlen: 24
78.111.111.0/24 maxlen: 24
78.111.106.0/24 maxlen: 24
80.93.212.0/24 maxlen: 24
80.93.208.0/24 maxlen: 24
80.93.213.0/24 maxlen: 24
217.195.192.0/24 maxlen: 24
80.93.216.0/24 maxlen: 24
217.195.198.0/24 maxlen: 24
217.195.196.0/24 maxlen: 24
217.195.206.0/24 maxlen: 24
217.195.204.0/24 maxlen: 24
217.195.203.0/24 maxlen: 24
217.195.207.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 829219266 (0x316ce1c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0620eadb2e1562b4e2e4f480772c36887a777f24
Validity
Not Before: Jun 13 09:48:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=69bdfa053fde1fe80228dc341e0a6f14632912cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:bf:2a:eb:84:83:81:47:d6:61:ce:5d:f7:12:
52:7f:bd:6b:ac:f2:3c:87:66:f6:4e:5b:f2:dd:04:
c9:dd:66:7d:81:5a:b0:57:f4:fb:c9:07:c9:95:25:
43:1a:13:eb:0e:20:7a:3c:71:a7:bf:e6:fe:12:f3:
08:e2:42:08:5c:1a:48:ed:5d:ff:e5:ac:9b:35:1f:
a0:45:61:19:85:24:aa:95:dd:76:77:b4:2f:be:94:
36:14:3c:da:2d:01:34:64:79:42:9c:a7:f4:26:34:
1c:ee:06:e0:81:b4:2c:ca:48:16:ab:64:07:d5:32:
20:f5:29:18:af:5c:18:c9:d3:87:fc:b1:43:4c:87:
60:18:f3:ea:b2:22:9c:c8:d6:52:a6:ca:a2:91:2b:
70:8b:4e:75:35:cd:b4:5b:75:5f:a7:b5:7c:48:25:
c6:9c:40:cf:7a:27:b4:ba:92:ab:7d:0b:74:53:49:
dd:c5:a2:c2:97:f9:9f:89:29:b0:ae:36:33:f7:9d:
e0:e1:81:5a:92:23:f6:58:c0:10:89:fd:db:78:e6:
96:34:33:48:38:7f:bd:2d:91:46:d8:80:40:5e:2f:
28:3f:be:0c:30:ab:3f:73:5a:81:d4:cd:5a:df:e1:
22:54:ab:1e:1d:b4:87:23:66:d7:d7:17:ec:6e:59:
d8:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:BD:FA:05:3F:DE:1F:E8:02:28:DC:34:1E:0A:6F:14:63:29:12:CC
X509v3 Authority Key Identifier:
keyid:06:20:EA:DB:2E:15:62:B4:E2:E4:F4:80:77:2C:36:88:7A:77:7F:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BiDq2y4VYrTi5PSAdyw2iHp3fyQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/cc8bfa-2b13-4674-a984-a5fdb570fe9a/1/ab36BT_eH-gCKNw0HgpvFGMpEsw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/cc8bfa-2b13-4674-a984-a5fdb570fe9a/1/BiDq2y4VYrTi5PSAdyw2iHp3fyQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.111.96.0-78.111.98.255
78.111.106.0/24
78.111.111.0/24
80.93.208.0/24
80.93.212.0/23
80.93.216.0/24
217.195.192.0/24
217.195.196.0/24
217.195.198.0/24
217.195.203.0-217.195.204.255
217.195.206.0/23
Signature Algorithm: sha256WithRSAEncryption
2a:c8:44:7b:44:15:bf:f1:0f:8c:15:ad:83:41:79:b5:7d:2d:
39:72:2b:88:f9:d6:3a:9a:5a:8c:f0:4d:73:8e:29:8b:c8:ee:
f0:34:dc:6d:2d:4f:0e:e1:29:95:aa:02:cb:a6:d2:ac:66:4f:
38:d5:d2:48:7f:cc:8f:d5:b6:9c:f8:34:0a:99:b7:e1:d8:93:
0e:1e:a9:4a:c3:53:93:5a:35:25:f1:a9:d8:67:36:4d:16:77:
be:54:d7:c6:ae:df:e6:66:2d:ca:32:4f:2b:89:78:04:33:a8:
ef:fc:c4:6c:1d:5c:08:03:95:ec:a3:13:d0:c0:69:86:2d:c3:
12:4d:60:5a:82:f0:c7:b1:33:57:9e:fd:da:f7:79:3f:42:3f:
a6:c5:0c:b3:58:1d:75:c2:af:58:e1:d2:94:e4:3e:69:ac:42:
d9:c6:93:4b:ca:ae:89:ef:12:0d:e8:0e:eb:d7:1e:43:03:b8:
b2:34:e5:f1:a8:48:45:ba:19:28:32:e5:af:16:62:ca:54:ee:
27:67:7d:b5:5c:da:b6:1f:e9:25:31:7e:83:19:02:ec:9b:70:
8b:3d:d1:57:d6:2c:08:11:59:89:b3:94:7f:4f:ce:e8:86:82:
0f:ed:80:17:d2:df:da:b7:a1:4d:90:e3:82:5a:a6:d1:26:3b:
14:e7:7e:fd
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgIEMWzhwjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NjIwZWFkYjJlMTU2MmI0ZTJlNGY0ODA3NzJjMzY4ODdhNzc3ZjI0MB4XDTIyMDYx
MzA5NDgxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjliZGZhMDUzZmRl
MWZlODAyMjhkYzM0MWUwYTZmMTQ2MzI5MTJjYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANu/KuuEg4FH1mHOXfcSUn+9a6zyPIdm9k5b8t0Eyd1mfYFa
sFf0+8kHyZUlQxoT6w4gejxxp7/m/hLzCOJCCFwaSO1d/+WsmzUfoEVhGYUkqpXd
dne0L76UNhQ82i0BNGR5Qpyn9CY0HO4G4IG0LMpIFqtkB9UyIPUpGK9cGMnTh/yx
Q0yHYBjz6rIinMjWUqbKopErcItOdTXNtFt1X6e1fEglxpxAz3ontLqSq30LdFNJ
3cWiwpf5n4kpsK42M/ed4OGBWpIj9ljAEIn923jmljQzSDh/vS2RRtiAQF4vKD++
DDCrP3NagdTNWt/hIlSrHh20hyNm19cX7G5Z2NECAwEAAaOCAlUwggJRMB0GA1Ud
DgQWBBRpvfoFP94f6AIo3DQeCm8UYykSzDAfBgNVHSMEGDAWgBQGIOrbLhVitOLk
9IB3LDaIend/JDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JpRHEyeTRWWXJUaTVQU0FkeXcyaUhwM2Z5US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDUvY2M4YmZhLTJiMTMtNDY3NC1hOTg0LWE1ZmRiNTcwZmU5YS8x
L2FiMzZCVF9lSC1nQ0tOdzBIZ3B2RkdNcEVzdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDUv
Y2M4YmZhLTJiMTMtNDY3NC1hOTg0LWE1ZmRiNTcwZmU5YS8xL0JpRHEyeTRWWXJU
aTVQU0FkeXcyaUhwM2Z5US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBr
BggrBgEFBQcBBwEB/wRcMFowWAQCAAEwUjAMAwQFTm9gAwQATm9iAwQATm9qAwQA
Tm9vAwQAUF3QAwQBUF3UAwQAUF3YAwQA2cPAAwQA2cPEAwQA2cPGMAwDBADZw8sD
BADZw8wDBAHZw84wDQYJKoZIhvcNAQELBQADggEBACrIRHtEFb/xD4wVrYNBebV9
LTlyK4j51jqaWozwTXOOKYvI7vA03G0tTw7hKZWqAsum0qxmTzjV0kh/zI/Vtpz4
NAqZt+HYkw4eqUrDU5NaNSXxqdhnNk0Wd75U18au3+ZmLcoyTyuJeAQzqO/8xGwd
XAgDleyjE9DAaYYtwxJNYFqC8MexM1ee/dr3eT9CP6bFDLNYHXXCr1jh0pTkPmms
QtnGk0vKronvEg3oDuvXHkMDuLI05fGoSEW6GSgy5a8WYspU7idnfbVc2rYf6SUx
foMZAuybcIs90VfWLAgRWYmzlH9PzuiGgg/tgBfS39q3oU2Q44JaptEmOxTnfv0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:29 2024 by rpki-client on console-fra.rpki-client.org