Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/cc8bfa-2b13-4674-a984-a5fdb570fe9a/1/bsxzByeLHmQPv-Nu6NvIHOhnXvY.roa
File: bsxzByeLHmQPv-Nu6NvIHOhnXvY.roa (raw, json)
Hash identifier: fpZEk6fyh+nbTqQFXF3UhGFH1A9AXrLLTZqKxzwR2VE=
Subject key identifier: 6E:CC:73:07:27:8B:1E:64:0F:BF:E3:6E:E8:DB:C8:1C:E8:67:5E:F6
Certificate issuer: /CN=0620eadb2e1562b4e2e4f480772c36887a777f24
Certificate serial: 3153BEFF
Authority key identifier: 06:20:EA:DB:2E:15:62:B4:E2:E4:F4:80:77:2C:36:88:7A:77:7F:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BiDq2y4VYrTi5PSAdyw2iHp3fyQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/cc8bfa-2b13-4674-a984-a5fdb570fe9a/1/bsxzByeLHmQPv-Nu6NvIHOhnXvY.roa
Signing time: Fri 03 Jun 2022 11:54:20 +0000
ROA not before: Fri 03 Jun 2022 11:54:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20649
IP address blocks: 80.93.212.0/24 maxlen: 24
80.93.210.0/24 maxlen: 24
80.93.211.0/24 maxlen: 24
80.93.208.0/24 maxlen: 24
80.93.209.0/24 maxlen: 24
80.93.213.0/24 maxlen: 24
80.93.219.0/24 maxlen: 24
80.93.217.0/24 maxlen: 24
80.93.218.0/24 maxlen: 24
80.93.215.0/24 maxlen: 24
80.93.216.0/24 maxlen: 24
80.93.214.0/24 maxlen: 24
80.93.222.0/24 maxlen: 24
80.93.223.0/24 maxlen: 24
80.93.221.0/24 maxlen: 24
78.111.98.0/24 maxlen: 24
78.111.96.0/24 maxlen: 24
78.111.97.0/24 maxlen: 24
78.111.105.0/24 maxlen: 24
78.111.103.0/24 maxlen: 24
78.111.104.0/24 maxlen: 24
78.111.101.0/24 maxlen: 24
78.111.102.0/24 maxlen: 24
78.111.100.0/24 maxlen: 24
78.111.99.0/24 maxlen: 24
78.111.110.0/24 maxlen: 24
78.111.111.0/24 maxlen: 24
78.111.108.0/24 maxlen: 24
78.111.109.0/24 maxlen: 24
78.111.106.0/24 maxlen: 24
78.111.107.0/24 maxlen: 24
217.195.192.0/24 maxlen: 24
217.195.198.0/24 maxlen: 24
217.195.196.0/24 maxlen: 24
217.195.193.0/24 maxlen: 24
217.195.194.0/24 maxlen: 24
217.195.206.0/24 maxlen: 24
217.195.204.0/24 maxlen: 24
217.195.205.0/24 maxlen: 24
217.195.203.0/24 maxlen: 24
217.195.200.0/24 maxlen: 24
217.195.201.0/24 maxlen: 24
217.195.207.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 827571967 (0x3153beff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0620eadb2e1562b4e2e4f480772c36887a777f24
Validity
Not Before: Jun 3 11:54:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6ecc7307278b1e640fbfe36ee8dbc81ce8675ef6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:91:5c:bb:4b:1e:36:fb:c2:0d:09:81:e1:9b:
04:17:df:ec:c2:93:62:5d:1c:39:8b:3e:53:5e:9a:
64:59:b2:87:29:f7:ed:cc:dc:bc:04:eb:2f:0d:4d:
8f:17:df:3f:59:6b:98:c9:e0:1b:03:6e:96:63:d8:
07:89:56:0e:22:d8:ee:09:06:cb:e8:88:a7:b6:ff:
77:be:8b:e7:c3:ec:07:df:f7:58:73:81:5d:69:ab:
a1:e5:f1:6f:7f:08:e5:9b:0f:1d:c8:60:19:9c:1f:
5e:bd:41:05:30:85:7f:f7:0f:31:7f:81:59:cf:23:
54:09:e0:f8:51:5c:e5:63:c3:cb:32:43:0f:8d:25:
76:bb:7a:a0:43:c1:1b:80:e8:25:ac:5f:1a:83:02:
13:4e:da:d6:19:bc:26:99:7c:3b:ff:e6:2c:69:21:
f0:09:43:a9:1e:db:6b:e3:91:09:85:68:c4:7a:14:
d1:f8:1d:b8:aa:6c:c3:01:9f:66:ed:e1:b1:42:b2:
88:74:1f:ae:e4:04:7e:58:1a:09:07:d2:98:d1:12:
cc:f8:38:b9:5d:80:a8:23:81:6b:0e:30:26:5c:02:
1c:a0:72:58:c9:1d:68:63:ad:32:9b:63:ff:d3:16:
fb:0c:ae:68:12:c4:9b:ce:47:13:e4:10:fb:93:90:
ac:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:CC:73:07:27:8B:1E:64:0F:BF:E3:6E:E8:DB:C8:1C:E8:67:5E:F6
X509v3 Authority Key Identifier:
keyid:06:20:EA:DB:2E:15:62:B4:E2:E4:F4:80:77:2C:36:88:7A:77:7F:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BiDq2y4VYrTi5PSAdyw2iHp3fyQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/cc8bfa-2b13-4674-a984-a5fdb570fe9a/1/bsxzByeLHmQPv-Nu6NvIHOhnXvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/cc8bfa-2b13-4674-a984-a5fdb570fe9a/1/BiDq2y4VYrTi5PSAdyw2iHp3fyQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.111.96.0/20
80.93.208.0-80.93.219.255
80.93.221.0-80.93.223.255
217.195.192.0-217.195.194.255
217.195.196.0/24
217.195.198.0/24
217.195.200.0/23
217.195.203.0-217.195.207.255
Signature Algorithm: sha256WithRSAEncryption
1d:56:d0:31:76:08:52:bb:94:f9:ba:c0:56:e0:df:0d:89:33:
88:a7:e4:7e:8a:a2:80:69:c8:83:b4:9c:00:a6:fa:40:74:93:
a6:61:17:14:a3:11:b8:09:ff:fb:ec:3c:64:57:67:2f:20:c0:
48:57:f7:2a:3d:e9:0a:5f:eb:7c:55:32:c6:b0:13:60:45:ee:
16:85:81:6c:f4:ca:ea:e6:7c:17:50:f4:0e:7d:e7:64:1f:5a:
ed:a6:c4:92:71:df:b6:43:40:32:52:6d:b9:b0:57:20:8d:3d:
8f:3c:9a:6f:1a:02:2f:82:3d:58:2f:40:f8:d2:99:f2:6e:90:
3b:e9:57:3d:65:8c:43:60:89:9c:e8:e4:a9:c8:bc:8b:e2:48:
67:d3:14:13:e7:de:96:d3:9a:dc:bb:2e:00:38:81:1f:09:a8:
9d:38:0e:ea:4a:af:32:d8:be:f7:96:1d:da:58:34:19:c1:96:
86:a7:57:93:81:cc:b9:3c:16:5f:76:7d:10:14:b7:af:0a:93:
0d:bc:73:62:e5:ac:b4:a6:87:b8:79:e4:19:c6:2d:02:eb:03:
96:f9:18:e2:98:49:e2:71:aa:aa:25:08:18:67:e8:fc:d5:26:
11:11:40:eb:ad:f0:88:30:6b:96:e7:89:ff:10:ac:a5:26:14:
d8:21:b0:8c
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgIEMVO+/zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NjIwZWFkYjJlMTU2MmI0ZTJlNGY0ODA3NzJjMzY4ODdhNzc3ZjI0MB4XDTIyMDYw
MzExNTQyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmVjYzczMDcyNzhi
MWU2NDBmYmZlMzZlZThkYmM4MWNlODY3NWVmNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJaRXLtLHjb7wg0JgeGbBBff7MKTYl0cOYs+U16aZFmyhyn3
7czcvATrLw1NjxffP1lrmMngGwNulmPYB4lWDiLY7gkGy+iIp7b/d76L58PsB9/3
WHOBXWmroeXxb38I5ZsPHchgGZwfXr1BBTCFf/cPMX+BWc8jVAng+FFc5WPDyzJD
D40ldrt6oEPBG4DoJaxfGoMCE07a1hm8Jpl8O//mLGkh8AlDqR7ba+ORCYVoxHoU
0fgduKpswwGfZu3hsUKyiHQfruQEflgaCQfSmNESzPg4uV2AqCOBaw4wJlwCHKBy
WMkdaGOtMptj/9MW+wyuaBLEm85HE+QQ+5OQrA0CAwEAAaOCAlMwggJPMB0GA1Ud
DgQWBBRuzHMHJ4seZA+/427o28gc6Gde9jAfBgNVHSMEGDAWgBQGIOrbLhVitOLk
9IB3LDaIend/JDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JpRHEyeTRWWXJUaTVQU0FkeXcyaUhwM2Z5US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDUvY2M4YmZhLTJiMTMtNDY3NC1hOTg0LWE1ZmRiNTcwZmU5YS8x
L2JzeHpCeWVMSG1RUHYtTnU2TnZJSE9oblh2WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDUv
Y2M4YmZhLTJiMTMtNDY3NC1hOTg0LWE1ZmRiNTcwZmU5YS8xL0JpRHEyeTRWWXJU
aTVQU0FkeXcyaUhwM2Z5US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBp
BggrBgEFBQcBBwEB/wRaMFgwVgQCAAEwUAMEBE5vYDAMAwQEUF3QAwQCUF3YMAwD
BABQXd0DBAVQXcAwDAMEBtnDwAMEANnDwgMEANnDxAMEANnDxgMEAdnDyDAMAwQA
2cPLAwQE2cPAMA0GCSqGSIb3DQEBCwUAA4IBAQAdVtAxdghSu5T5usBW4N8NiTOI
p+R+iqKAaciDtJwApvpAdJOmYRcUoxG4Cf/77DxkV2cvIMBIV/cqPekKX+t8VTLG
sBNgRe4WhYFs9Mrq5nwXUPQOfedkH1rtpsSScd+2Q0AyUm25sFcgjT2PPJpvGgIv
gj1YL0D40pnybpA76Vc9ZYxDYImc6OSpyLyL4khn0xQT596W05rcuy4AOIEfCaid
OA7qSq8y2L73lh3aWDQZwZaGp1eTgcy5PBZfdn0QFLevCpMNvHNi5ay0poe4eeQZ
xi0C6wOW+RjimEnicaqqJQgYZ+j81SYREUDrrfCIMGuW54n/EKylJhTYIbCM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:33 2024 by rpki-client on console-ams.rpki-client.org