Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/b6NpU0S3Q5vCqjT5vI7oaQgM4po.roa
File: b6NpU0S3Q5vCqjT5vI7oaQgM4po.roa (raw, json)
Hash identifier: Or2M1BLllCHeIDKOo1v2l0HfJZxY8eZWR3O9g3pmfOc=
Subject key identifier: 6F:A3:69:53:44:B7:43:9B:C2:AA:34:F9:BC:8E:E8:69:08:0C:E2:9A
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018571A7A1E6E7EE709208ED0384FFA7ED70
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/b6NpU0S3Q5vCqjT5vI7oaQgM4po.roa
Signing time: Mon 02 Jan 2023 08:44:49 +0000
ROA not before: Mon 02 Jan 2023 08:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42694
IP address blocks: 193.163.74.0/24 maxlen: 24
185.15.136.0/24 maxlen: 24
193.163.101.0/24 maxlen: 24
2a13:5800::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:a7:a1:e6:e7:ee:70:92:08:ed:03:84:ff:a7:ed:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 2 08:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6fa3695344b7439bc2aa34f9bc8ee869080ce29a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:fd:31:9d:38:53:ea:4c:ad:37:6c:d0:fc:d7:
b4:03:64:1a:fd:da:b9:02:ac:cf:a8:cb:0a:20:25:
31:05:0b:bd:42:8c:03:10:c7:b4:fc:35:c1:b5:72:
20:38:03:75:f8:68:a5:d5:45:b0:cb:cd:2d:0a:54:
70:e8:37:fe:ab:93:f4:b4:68:60:c7:c8:00:86:f3:
56:b4:22:ad:5e:25:c0:dd:8c:eb:c0:7e:f2:87:33:
e1:f9:45:eb:64:38:9e:22:ff:a9:7b:0e:e1:78:a2:
70:f6:f2:a2:77:1f:9e:a1:3b:ca:8b:8e:aa:42:d2:
06:bf:07:0e:1a:64:67:c3:5d:75:d3:4d:50:85:b1:
6e:0d:de:f6:9c:b6:b9:29:b4:0a:f8:43:95:d8:02:
06:d6:fd:96:12:15:6b:f3:07:b2:09:2c:fe:25:64:
53:2e:24:c3:6e:98:11:c2:c9:1a:26:e1:c0:a4:4e:
de:17:9e:f2:a0:4a:b0:47:93:0a:fa:68:51:bd:2c:
ff:d4:ce:9e:22:99:49:36:d0:2e:ec:51:c0:f9:d8:
c7:3a:d4:13:db:20:06:93:20:5f:07:91:b2:05:6f:
38:99:b3:a2:f3:c1:55:c3:43:e7:96:92:bd:93:ef:
02:3b:b7:83:6f:bb:3b:5d:bc:a7:08:65:26:a8:1e:
ba:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:A3:69:53:44:B7:43:9B:C2:AA:34:F9:BC:8E:E8:69:08:0C:E2:9A
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/b6NpU0S3Q5vCqjT5vI7oaQgM4po.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.15.136.0/24
193.163.74.0/24
193.163.101.0/24
IPv6:
2a13:5800::/29
Signature Algorithm: sha256WithRSAEncryption
b5:53:da:84:71:66:31:70:53:2f:ac:f0:8d:f2:58:bd:84:3e:
73:06:96:7c:62:27:be:20:61:48:49:eb:0c:83:db:d1:ad:77:
5a:8c:d0:7e:28:1a:15:81:ed:cf:4d:83:b6:90:9c:86:2e:0a:
a1:c5:de:26:aa:15:54:50:4c:15:83:6b:dc:62:4f:8b:9b:68:
31:45:ca:2f:b5:6e:48:96:2a:7b:47:f4:f0:de:13:2c:40:d9:
ac:ae:1a:61:78:a6:3e:dd:59:0e:6d:40:de:5b:be:10:cb:9e:
0a:80:43:2d:88:57:f2:c2:02:2c:98:ab:7a:49:87:7b:bd:b8:
1d:08:5a:84:fd:46:08:fe:6e:74:20:e1:64:4b:b9:ba:f0:e9:
96:fd:46:92:eb:10:e8:86:90:b5:75:87:dd:11:b1:5c:82:24:
8e:c2:9a:d1:a3:28:a8:63:6b:b8:f7:ef:01:9f:9c:94:08:c0:
32:44:27:72:e3:0b:47:16:e8:6b:00:d1:a1:9e:31:67:07:00:
d6:ce:f1:0e:45:5f:0b:92:04:36:5a:1a:43:13:c2:f7:41:76:
f4:45:58:8a:b4:22:05:95:45:e2:a4:b5:53:f8:96:87:2f:19:
cb:67:28:8d:96:bb:d2:3d:1b:86:d2:13:f9:66:44:a8:6c:c7:
1a:df:b9:79
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVxp6Hm5+5wkgjtA4T/p+1wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwMTAyMDg0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmEzNjk1MzQ0Yjc0MzliYzJhYTM0ZjliYzhlZTg2OTA4MGNlMjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuv0xnThT6kytN2zQ/Ne0A2Qa/dq5
AqzPqMsKICUxBQu9QowDEMe0/DXBtXIgOAN1+Gil1UWwy80tClRw6Df+q5P0tGhg
x8gAhvNWtCKtXiXA3YzrwH7yhzPh+UXrZDieIv+pew7heKJw9vKidx+eoTvKi46q
QtIGvwcOGmRnw111001QhbFuDd72nLa5KbQK+EOV2AIG1v2WEhVr8weyCSz+JWRT
LiTDbpgRwskaJuHApE7eF57yoEqwR5MK+mhRvSz/1M6eIplJNtAu7FHA+djHOtQT
2yAGkyBfB5GyBW84mbOi88FVw0PnlpK9k+8CO7eDb7s7XbynCGUmqB66OQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFG+jaVNEt0Obwqo0+byO6GkIDOKaMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvYjZOcFUwUzNRNXZDcWpUNXZJN29hUWdNNHBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAuQ+IAwQA
waNKAwQAwaNlMA0EAgACMAcDBQMqE1gAMA0GCSqGSIb3DQEBCwUAA4IBAQC1U9qE
cWYxcFMvrPCN8li9hD5zBpZ8Yie+IGFISesMg9vRrXdajNB+KBoVge3PTYO2kJyG
Lgqhxd4mqhVUUEwVg2vcYk+Lm2gxRcovtW5Ilip7R/Tw3hMsQNmsrhpheKY+3VkO
bUDeW74Qy54KgEMtiFfywgIsmKt6SYd7vbgdCFqE/UYI/m50IOFkS7m68OmW/UaS
6xDohpC1dYfdEbFcgiSOwprRoyioY2u49+8Bn5yUCMAyRCdy4wtHFuhrANGhnjFn
BwDWzvEORV8LkgQ2WhpDE8L3QXb0RViKtCIFlUXipLVT+JaHLxnLZyiNlrvSPRuG
0hP5ZkSobMca37l5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:26 2024 by rpki-client on console-ams.rpki-client.org