Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/e7bd01-432f-4bf9-80c5-897d00977ff2/1/9NX6e2hZemgY0xElVn8-k2YWhhc.roa
File: 9NX6e2hZemgY0xElVn8-k2YWhhc.roa (raw, json)
Hash identifier: NGE8s7vH+0rOEosU357j/C5gW89xO6bkBjSuI0WysNE=
Subject key identifier: F4:D5:FA:7B:68:59:7A:68:18:D3:11:25:56:7F:3E:93:66:16:86:17
Certificate issuer: /CN=49596cecc21dd02677a727ef37f0689546ea5097
Certificate serial: 01856E41CEBD7D2B43BBE14999A354F4DAFC
Authority key identifier: 49:59:6C:EC:C2:1D:D0:26:77:A7:27:EF:37:F0:68:95:46:EA:50:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SVls7MId0CZ3pyfvN_BolUbqUJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/e7bd01-432f-4bf9-80c5-897d00977ff2/1/9NX6e2hZemgY0xElVn8-k2YWhhc.roa
Signing time: Sun 01 Jan 2023 16:54:44 +0000
ROA not before: Sun 01 Jan 2023 16:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5390
IP address blocks: 83.119.0.0/18 maxlen: 24
85.148.0.0/15 maxlen: 16
195.96.96.0/19 maxlen: 24
83.118.224.0/22 maxlen: 24
85.150.0.0/16 maxlen: 16
194.134.0.0/16 maxlen: 24
2a02:2500::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:41:ce:bd:7d:2b:43:bb:e1:49:99:a3:54:f4:da:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49596cecc21dd02677a727ef37f0689546ea5097
Validity
Not Before: Jan 1 16:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f4d5fa7b68597a6818d31125567f3e9366168617
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:3a:fb:4e:0d:c1:b8:17:bd:da:4e:7f:3a:a3:
1a:9c:22:db:eb:0a:01:ea:7f:8e:b3:41:7a:71:aa:
a5:4b:22:8c:58:d1:f8:79:17:cc:60:86:e2:c1:97:
4c:c0:2a:e3:2a:0f:34:13:cd:17:b3:3e:ad:7d:9c:
2e:d1:d7:20:88:c0:80:e3:3f:c9:9b:ae:4b:75:ea:
40:d0:cc:6e:87:3d:dd:c4:ee:2f:97:e9:28:81:36:
83:f6:06:b7:e4:f4:2c:2e:e3:15:65:22:8d:df:69:
db:30:93:5f:61:15:50:71:24:39:49:92:f3:56:bc:
83:52:b7:a9:fd:71:d0:a1:4c:0c:19:1f:be:7a:14:
83:fa:3c:0d:d0:d7:d2:e0:33:b5:09:b9:a8:74:54:
6c:0d:f0:b5:e8:0c:0e:fb:34:64:db:07:ac:71:05:
04:bd:69:16:1b:db:60:16:ac:bc:d4:c8:67:1d:3a:
78:78:d5:5f:fc:6e:31:26:62:ff:f7:30:70:61:d1:
aa:4e:c2:e7:8b:ef:8b:b1:44:b2:35:03:5f:33:a4:
e0:c2:c4:08:93:1f:fd:38:db:4e:0b:df:f4:92:41:
89:33:e8:63:e8:98:37:2f:6d:44:12:97:89:03:e8:
cf:bf:96:b1:22:c7:53:90:35:9e:e8:77:6d:e9:f5:
ec:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:D5:FA:7B:68:59:7A:68:18:D3:11:25:56:7F:3E:93:66:16:86:17
X509v3 Authority Key Identifier:
keyid:49:59:6C:EC:C2:1D:D0:26:77:A7:27:EF:37:F0:68:95:46:EA:50:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SVls7MId0CZ3pyfvN_BolUbqUJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/e7bd01-432f-4bf9-80c5-897d00977ff2/1/9NX6e2hZemgY0xElVn8-k2YWhhc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/e7bd01-432f-4bf9-80c5-897d00977ff2/1/SVls7MId0CZ3pyfvN_BolUbqUJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.224.0/22
83.119.0.0/18
85.148.0.0-85.150.255.255
194.134.0.0/16
195.96.96.0/19
IPv6:
2a02:2500::/32
Signature Algorithm: sha256WithRSAEncryption
26:35:01:e4:ab:18:ba:81:2d:09:c3:99:75:e5:fe:75:a3:b9:
a9:78:54:85:51:e2:b7:c7:82:3d:6a:08:4d:ab:a6:ae:e8:4d:
af:20:6a:84:5b:40:3d:af:4f:68:5b:00:5b:bf:d1:46:1d:51:
7b:b2:ae:b5:f9:8e:d9:e1:ac:62:51:b9:f7:e0:80:a7:e4:27:
77:e3:1c:35:ef:a8:a5:d3:10:86:ed:da:f5:ca:9f:ec:4a:aa:
2e:e9:99:38:71:b8:46:6f:c0:d7:79:0f:d2:98:85:ab:f9:e5:
25:d9:50:2f:3c:4e:f9:18:ca:d6:45:56:e2:f4:c5:70:96:8d:
46:8c:b2:64:08:a4:f7:b2:82:72:8f:51:d1:c8:9f:5d:7b:09:
13:ef:0f:28:02:53:9a:a8:07:0b:fb:5f:7f:e7:ae:e6:9c:23:
ac:29:46:f4:e7:f2:99:64:0f:c1:fd:8f:da:0f:4e:1d:c4:12:
f0:a7:bf:c5:c8:3c:26:b2:c4:4c:e7:99:c3:c1:89:ed:b6:b4:
91:71:e0:e7:22:4f:df:4d:3b:34:69:79:5d:ab:20:f2:00:db:
db:df:78:72:04:75:fb:11:fd:dc:c4:07:83:25:b1:f7:9a:9e:
b5:d7:49:b0:c6:db:4a:ff:f1:f8:2d:d7:c6:54:1b:ac:31:dd:
46:c2:3a:37
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYVuQc69fStDu+FJmaNU9Nr8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5NTk2Y2VjYzIxZGQwMjY3N2E3MjdlZjM3ZjA2ODk1NDZl
YTUwOTcwHhcNMjMwMTAxMTY1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGQ1ZmE3YjY4NTk3YTY4MThkMzExMjU1NjdmM2U5MzY2MTY4NjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszr7Tg3BuBe92k5/OqManCLb6woB
6n+Os0F6caqlSyKMWNH4eRfMYIbiwZdMwCrjKg80E80Xsz6tfZwu0dcgiMCA4z/J
m65LdepA0Mxuhz3dxO4vl+kogTaD9ga35PQsLuMVZSKN32nbMJNfYRVQcSQ5SZLz
VryDUrep/XHQoUwMGR++ehSD+jwN0NfS4DO1CbmodFRsDfC16AwO+zRk2wescQUE
vWkWG9tgFqy81MhnHTp4eNVf/G4xJmL/9zBwYdGqTsLni++LsUSyNQNfM6TgwsQI
kx/9ONtOC9/0kkGJM+hj6Jg3L21EEpeJA+jPv5axIsdTkDWe6Hdt6fXsHQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFPTV+ntoWXpoGNMRJVZ/PpNmFoYXMB8GA1UdIwQY
MBaAFElZbOzCHdAmd6cn7zfwaJVG6lCXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1ZsczdNSWQwQ1ozcHlmdk5fQm9sVWJxVUpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9lN2JkMDEtNDMyZi00YmY5LTgwYzUt
ODk3ZDAwOTc3ZmYyLzEvOU5YNmUyaFplbWdZMHhFbFZuOC1rMllXaGhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9lN2JkMDEtNDMyZi00YmY5LTgwYzUtODk3ZDAwOTc3ZmYy
LzEvU1ZsczdNSWQwQ1ozcHlmdk5fQm9sVWJxVUpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjApBAIAATAjAwQCU3bgAwQG
U3cAMAoDAwJVlAMDAFWWAwMAwoYDBAXDYGAwDQQCAAIwBwMFACoCJQAwDQYJKoZI
hvcNAQELBQADggEBACY1AeSrGLqBLQnDmXXl/nWjual4VIVR4rfHgj1qCE2rpq7o
Ta8gaoRbQD2vT2hbAFu/0UYdUXuyrrX5jtnhrGJRuffggKfkJ3fjHDXvqKXTEIbt
2vXKn+xKqi7pmThxuEZvwNd5D9KYhav55SXZUC88TvkYytZFVuL0xXCWjUaMsmQI
pPeygnKPUdHIn117CRPvDygCU5qoBwv7X3/nruacI6wpRvTn8plkD8H9j9oPTh3E
EvCnv8XIPCayxEznmcPBie22tJFx4OciT99NOzRpeV2rIPIA29vfeHIEdfsR/dzE
B4MlsfeanrXXSbDG20r/8fgt18ZUG6wx3UbCOjc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:07 2024 by rpki-client on console-fra.rpki-client.org