Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/FF1sXXZzROmKWoHKoWPobiL4J94.roa
File: FF1sXXZzROmKWoHKoWPobiL4J94.roa (raw, json)
Hash identifier: Kc0j1fUozs3XfnxYmPiua/wdClLOahfwoQMZPJ2cj1I=
Subject key identifier: 14:5D:6C:5D:76:73:44:E9:8A:5A:81:CA:A1:63:E8:6E:22:F8:27:DE
Certificate issuer: /CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Certificate serial: 018B93EEB3A4907292F53050CDECF1B7768D
Authority key identifier: 5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/FF1sXXZzROmKWoHKoWPobiL4J94.roa
Signing time: Fri 03 Nov 2023 06:46:16 +0000
ROA not before: Fri 03 Nov 2023 06:46:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61400
IP address blocks: 217.199.209.0/24 maxlen: 24
62.76.24.0/22 maxlen: 24
91.107.85.0/24 maxlen: 24
91.107.84.0/24 maxlen: 24
91.107.86.0/24 maxlen: 24
91.107.86.0/23 maxlen: 24
185.126.92.0/22 maxlen: 24
185.62.103.0/24 maxlen: 24
46.21.252.0/22 maxlen: 24
62.76.112.0/22 maxlen: 24
185.111.216.0/23 maxlen: 24
185.111.219.0/24 maxlen: 24
185.111.218.0/24 maxlen: 24
212.8.232.0/22 maxlen: 24
89.248.236.0/24 maxlen: 24
185.40.28.0/22 maxlen: 24
31.200.248.0/21 maxlen: 24
62.76.88.0/22 maxlen: 24
91.227.34.0/23 maxlen: 24
62.76.100.0/22 maxlen: 24
2a03:220::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:93:ee:b3:a4:90:72:92:f5:30:50:cd:ec:f1:b7:76:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Validity
Not Before: Nov 3 06:46:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=145d6c5d767344e98a5a81caa163e86e22f827de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:1f:03:49:bb:7a:1a:a7:bc:5e:ce:00:9c:ba:
ff:c7:a8:50:b0:4e:eb:95:0d:5a:e1:5a:b2:44:28:
77:8f:8d:1b:6c:98:5a:7c:1b:e1:07:19:e8:6b:4c:
23:2e:34:6b:a9:97:25:d4:78:8d:0d:1b:44:47:e6:
6c:53:d2:40:f4:e3:80:51:b7:11:68:9d:90:62:19:
b9:ba:1b:e5:08:73:0d:e3:f5:90:f2:1a:dc:86:c9:
9a:76:b8:82:04:e4:22:28:6b:a4:1c:04:9f:26:0f:
a3:b2:01:a6:38:5b:09:dc:03:da:9f:7a:7f:ed:2f:
46:0c:df:08:9c:f8:c9:3d:85:04:3a:68:7a:21:26:
d8:0f:00:9d:35:ba:35:d8:d8:b2:33:5a:44:03:31:
1c:e7:e3:89:29:56:2a:2f:ee:2f:20:52:e8:40:da:
7a:82:be:77:98:17:c3:f6:fe:74:ed:75:8e:97:9b:
94:07:e4:23:e3:68:13:73:a1:8d:1a:43:d7:d2:36:
ad:67:ad:7c:bd:92:37:64:4e:ec:f9:64:f6:0c:21:
d9:f0:cb:3c:01:d1:20:1a:ec:88:66:d5:74:25:68:
a9:3d:65:51:d3:60:5a:c2:a7:06:0a:38:48:b9:8f:
f2:9a:14:61:34:9b:6d:f6:6a:2d:e4:59:a9:1b:73:
00:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:5D:6C:5D:76:73:44:E9:8A:5A:81:CA:A1:63:E8:6E:22:F8:27:DE
X509v3 Authority Key Identifier:
keyid:5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/FF1sXXZzROmKWoHKoWPobiL4J94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/XaQypOw7CsTKTk7OwOn01GtJevA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.200.248.0/21
46.21.252.0/22
62.76.24.0/22
62.76.88.0/22
62.76.100.0/22
62.76.112.0/22
89.248.236.0/24
91.107.84.0/22
91.227.34.0/23
185.40.28.0/22
185.62.103.0/24
185.111.216.0/22
185.126.92.0/22
212.8.232.0/22
217.199.209.0/24
IPv6:
2a03:220::/32
Signature Algorithm: sha256WithRSAEncryption
55:85:d1:3d:09:f2:f5:f1:7c:46:56:39:a3:c1:48:77:b8:f7:
23:47:e5:39:6f:24:f4:b8:e5:6d:3a:c3:27:63:d2:4e:45:20:
39:58:43:18:3c:c6:a8:1f:fb:c7:9c:e7:ea:bc:cd:f3:01:35:
49:84:bb:9f:d6:b7:1e:b3:b4:60:b3:2b:4d:ab:79:1e:70:ab:
38:be:9f:7f:9f:16:95:86:0e:64:55:49:05:2e:71:d2:01:5e:
30:91:4e:8c:e2:04:86:c5:c4:75:5d:5a:c9:47:de:1a:1b:f0:
21:0c:40:a5:18:68:08:cb:71:07:2e:a4:bc:34:09:dd:27:dd:
a3:eb:3a:0d:2a:41:c4:1e:ae:9f:9c:70:db:5d:fd:72:1f:63:
ec:8a:45:c1:96:8b:d4:bc:7e:53:72:d9:61:c8:50:a7:34:90:
cf:15:94:50:e7:0d:fc:91:ff:b0:f7:e2:4c:c5:d6:a5:21:e3:
e7:52:9f:d7:85:24:52:93:8f:a1:37:c7:08:ca:b7:d5:26:77:
44:7f:04:79:39:7c:26:1d:31:e5:cd:6d:30:12:f3:c5:d2:a6:
95:e5:87:f2:f0:db:7d:af:26:a6:ea:af:b4:a4:2e:b5:3a:e1:
03:13:84:93:34:3f:97:3a:dc:07:b2:b1:5d:41:21:29:f4:31:
c2:0c:a6:00
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAYuT7rOkkHKS9TBQzezxt3aNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTQzMmE0ZWMzYjBhYzRjYTRlNGVjZWMwZTlmNGQ0NmI0
OTdhZjAwHhcNMjMxMTAzMDY0NjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDVkNmM1ZDc2NzM0NGU5OGE1YTgxY2FhMTYzZTg2ZTIyZjgyN2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvx8DSbt6Gqe8Xs4AnLr/x6hQsE7r
lQ1a4VqyRCh3j40bbJhafBvhBxnoa0wjLjRrqZcl1HiNDRtER+ZsU9JA9OOAUbcR
aJ2QYhm5uhvlCHMN4/WQ8hrchsmadriCBOQiKGukHASfJg+jsgGmOFsJ3APan3p/
7S9GDN8InPjJPYUEOmh6ISbYDwCdNbo12NiyM1pEAzEc5+OJKVYqL+4vIFLoQNp6
gr53mBfD9v507XWOl5uUB+Qj42gTc6GNGkPX0jatZ618vZI3ZE7s+WT2DCHZ8Ms8
AdEgGuyIZtV0JWipPWVR02BawqcGCjhIuY/ymhRhNJtt9mot5FmpG3MAawIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFBRdbF12c0TpilqByqFj6G4i+CfeMB8GA1UdIwQY
MBaAFF2kMqTsOwrEyk5OzsDp9NRrSXrwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFReXBPdzdDc1RLVGs3T3dPbjAxR3RKZXZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85ZTg0N2YtNDE0Ni00NTY2LThjM2Ut
MWJhNTQzZWVhZWQ3LzEvRkYxc1hYWnpST21LV29IS29XUG9iaUw0Sjk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85ZTg0N2YtNDE0Ni00NTY2LThjM2UtMWJhNTQzZWVhZWQ3
LzEvWGFReXBPdzdDc1RLVGs3T3dPbjAxR3RKZXZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwYAQCAAEwWgMEAx/I+AME
Ai4V/AMEAj5MGAMEAj5MWAMEAj5MZAMEAj5McAMEAFn47AMEAltrVAMEAVvjIgME
ArkoHAMEALk+ZwMEArlv2AMEArl+XAMEAtQI6AMEANnH0TANBAIAAjAHAwUAKgMC
IDANBgkqhkiG9w0BAQsFAAOCAQEAVYXRPQny9fF8RlY5o8FId7j3I0flOW8k9Ljl
bTrDJ2PSTkUgOVhDGDzGqB/7x5zn6rzN8wE1SYS7n9a3HrO0YLMrTat5HnCrOL6f
f58WlYYOZFVJBS5x0gFeMJFOjOIEhsXEdV1ayUfeGhvwIQxApRhoCMtxBy6kvDQJ
3Sfdo+s6DSpBxB6un5xw2139ch9j7IpFwZaL1Lx+U3LZYchQpzSQzxWUUOcN/JH/
sPfiTMXWpSHj51Kf14UkUpOPoTfHCMq31SZ3RH8EeTl8Jh0x5c1tMBLzxdKmleWH
8vDbfa8mpuqvtKQutTrhAxOEkzQ/lzrcB7KxXUEhKfQxwgymAA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:49 2025 by rpki-client