Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/DzPEJjkAHbRHxn4Uvv5p4y2_xPc.roa
File: DzPEJjkAHbRHxn4Uvv5p4y2_xPc.roa (raw, json)
Hash identifier: eFUV/IOLd2+uKNIWyQY4X/XcJBwwJ/9kTH+i7zUJJOI=
Subject key identifier: 0F:33:C4:26:39:00:1D:B4:47:C6:7E:14:BE:FE:69:E3:2D:BF:C4:F7
Certificate issuer: /CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Certificate serial: 0186CAAC
Authority key identifier: D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/DzPEJjkAHbRHxn4Uvv5p4y2_xPc.roa
Signing time: Sun 23 Jan 2022 09:52:04 +0000
ROA not before: Sun 23 Jan 2022 09:52:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43179
IP address blocks: 109.105.197.0/24 maxlen: 24
109.105.198.0/24 maxlen: 24
109.105.195.0/24 maxlen: 24
109.105.196.0/24 maxlen: 24
109.105.194.0/24 maxlen: 24
109.105.193.0/24 maxlen: 24
109.105.199.0/24 maxlen: 24
109.105.206.0/24 maxlen: 24
109.105.204.0/24 maxlen: 24
109.105.205.0/24 maxlen: 24
109.105.202.0/24 maxlen: 24
109.105.203.0/24 maxlen: 24
109.105.201.0/24 maxlen: 24
109.105.200.0/24 maxlen: 24
109.105.211.0/24 maxlen: 24
109.105.212.0/24 maxlen: 24
109.105.209.0/24 maxlen: 24
109.105.210.0/24 maxlen: 24
109.105.208.0/24 maxlen: 24
109.105.207.0/24 maxlen: 24
109.105.213.0/24 maxlen: 24
109.105.215.0/24 maxlen: 24
109.105.214.0/24 maxlen: 24
77.74.226.0/24 maxlen: 24
77.74.225.0/24 maxlen: 24
77.74.224.0/24 maxlen: 24
77.74.228.0/24 maxlen: 24
77.74.229.0/24 maxlen: 24
77.74.227.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25610924 (0x186caac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Validity
Not Before: Jan 23 09:52:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0f33c42639001db447c67e14befe69e32dbfc4f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:b5:ec:3f:1a:5c:48:68:bc:ac:e5:37:62:c6:
a6:87:e6:3f:e2:37:56:31:2f:5a:7c:b0:e7:93:93:
63:2f:0b:cf:98:e5:af:86:69:45:3f:f8:5c:62:27:
b4:86:76:a1:3f:50:2c:77:b4:04:e5:7b:81:d3:07:
b9:d2:54:e8:aa:44:e0:20:e5:e2:4f:b6:95:b7:cd:
c2:bd:ab:3a:f7:ed:5c:86:10:5c:0f:92:cb:93:8b:
6d:cc:8c:b5:fe:10:4c:a9:d6:bd:bf:8d:3a:86:35:
fc:c3:7b:d3:f9:8a:ee:f5:21:3a:18:aa:d9:f9:b8:
fa:26:b6:91:25:91:43:ae:95:a4:9e:7e:9b:11:74:
f9:d5:d3:08:6b:52:c8:fe:61:80:7a:4a:d9:fb:b6:
df:6c:01:db:b7:37:20:6c:db:4d:2c:7a:0e:a4:ee:
24:bc:a4:b3:b4:84:3a:94:be:68:75:0e:91:de:80:
d9:ad:36:e3:27:71:47:c7:e9:76:cc:70:7f:64:fd:
30:59:7e:9a:58:5c:e5:c6:3c:40:af:ca:42:af:e6:
8b:92:08:08:29:f1:37:61:b4:af:74:20:2f:29:b0:
25:17:bf:3d:0f:a8:ea:77:ce:5a:a5:93:80:88:8e:
11:2c:24:46:54:d0:30:20:ec:ec:17:e7:68:33:7b:
48:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:33:C4:26:39:00:1D:B4:47:C6:7E:14:BE:FE:69:E3:2D:BF:C4:F7
X509v3 Authority Key Identifier:
keyid:D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/DzPEJjkAHbRHxn4Uvv5p4y2_xPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.74.224.0-77.74.229.255
109.105.193.0-109.105.215.255
Signature Algorithm: sha256WithRSAEncryption
05:6e:98:ec:36:92:13:de:f5:47:ca:7c:5c:0b:69:7f:09:58:
cc:27:87:99:d0:db:cb:08:da:e5:3c:1b:43:83:f1:52:c2:fc:
ac:b0:5a:a8:46:fe:57:b2:f2:f4:73:9d:4c:95:4a:e6:e4:05:
ff:e7:b9:86:7a:31:e8:a2:a2:6f:df:b7:fe:48:c3:de:66:53:
4f:ae:3e:63:46:77:5b:ea:78:bd:6f:eb:8c:e5:40:5c:6b:16:
cc:27:35:bc:5c:94:d0:3d:23:fd:7e:a2:ae:1f:9e:77:c2:c5:
14:31:f9:07:d8:1f:2c:3a:f9:c3:5c:c7:7b:6d:9d:4d:6e:5c:
91:aa:72:a4:52:27:ce:8c:34:d6:1a:14:45:ef:3b:a5:cb:7b:
c6:6a:3a:20:af:8e:11:d0:07:73:f5:42:c0:7c:ba:51:89:97:
54:9e:7b:81:92:c0:d7:d2:55:9e:bb:1c:d2:42:84:a7:e9:d6:
8d:52:17:3c:94:df:b8:07:16:b3:bd:03:e0:16:06:b9:cc:af:
4d:ac:82:af:c5:b9:22:aa:5b:4e:ad:1a:88:4e:a9:0a:33:12:
3c:1c:34:9e:5d:60:d8:e4:ad:d0:70:df:c6:2c:d7:d9:43:1d:
63:ca:94:e7:95:f1:92:d1:22:2c:f6:3a:37:a9:8d:86:00:45:
9e:bc:a4:f1
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIEAYbKrDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OGM2MGEwZDJkNzBhOTMzN2QwYmRhNTZkMWFkNTk2YWMxZjY5Y2RhMB4XDTIyMDEy
MzA5NTIwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGYzM2M0MjYzOTAw
MWRiNDQ3YzY3ZTE0YmVmZTY5ZTMyZGJmYzRmNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIS17D8aXEhovKzlN2LGpofmP+I3VjEvWnyw55OTYy8Lz5jl
r4ZpRT/4XGIntIZ2oT9QLHe0BOV7gdMHudJU6KpE4CDl4k+2lbfNwr2rOvftXIYQ
XA+Sy5OLbcyMtf4QTKnWvb+NOoY1/MN70/mK7vUhOhiq2fm4+ia2kSWRQ66VpJ5+
mxF0+dXTCGtSyP5hgHpK2fu232wB27c3IGzbTSx6DqTuJLyks7SEOpS+aHUOkd6A
2a024ydxR8fpdsxwf2T9MFl+mlhc5cY8QK/KQq/mi5IICCnxN2G0r3QgLymwJRe/
PQ+o6nfOWqWTgIiOESwkRlTQMCDs7BfnaDN7SHMCAwEAAaOCAh8wggIbMB0GA1Ud
DgQWBBQPM8QmOQAdtEfGfhS+/mnjLb/E9zAfBgNVHSMEGDAWgBTYxgoNLXCpM30L
2lbRrVlqwfac2jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJNWUtEUzF3cVROOUM5cFcwYTFaYXNIMm5Oby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvYjUxYTg1LWY5OWYtNDIzZi05ZmFlLWRkMjk0YzM3OGY2Yy8x
L0R6UEVKamtBSGJSSHhuNFV2djVwNHkyX3hQYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
YjUxYTg1LWY5OWYtNDIzZi05ZmFlLWRkMjk0YzM3OGY2Yy8xLzJNWUtEUzF3cVRO
OUM5cFcwYTFaYXNIMm5Oby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA1
BggrBgEFBQcBBwEB/wQmMCQwIgQCAAEwHDAMAwQFTUrgAwQBTUrkMAwDBABtacED
BANtadAwDQYJKoZIhvcNAQELBQADggEBAAVumOw2khPe9UfKfFwLaX8JWMwnh5nQ
28sI2uU8G0OD8VLC/KywWqhG/ley8vRznUyVSubkBf/nuYZ6Meiiom/ft/5Iw95m
U0+uPmNGd1vqeL1v64zlQFxrFswnNbxclNA9I/1+oq4fnnfCxRQx+QfYHyw6+cNc
x3ttnU1uXJGqcqRSJ86MNNYaFEXvO6XLe8ZqOiCvjhHQB3P1QsB8ulGJl1See4GS
wNfSVZ67HNJChKfp1o1SFzyU37gHFrO9A+AWBrnMr02sgq/FuSKqW06tGohOqQoz
EjwcNJ5dYNjkrdBw38Ys19lDHWPKlOeV8ZLRIiz2OjepjYYARZ68pPE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:22 2023 by rpki-client on console-fra.rpki-client.org