Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/qCCQ9ErayMl-N9m7j4v14pXGWJY.roa
File: qCCQ9ErayMl-N9m7j4v14pXGWJY.roa (raw, json)
Hash identifier: daLdxjmLIcjSjb6kYMBLEZycbpa/sJeNYZY7PVWUUOM=
Subject key identifier: A8:20:90:F4:4A:DA:C8:C9:7E:37:D9:BB:8F:8B:F5:E2:95:C6:58:96
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 0186C616DFF79E8E4283EEC65A02401342E4
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/qCCQ9ErayMl-N9m7j4v14pXGWJY.roa
Signing time: Thu 09 Mar 2023 11:17:13 +0000
ROA not before: Thu 09 Mar 2023 11:17:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7029
IP address blocks: 193.30.30.0/24 maxlen: 24
185.180.145.0/24 maxlen: 24
195.138.120.0/24 maxlen: 24
193.46.220.0/24 maxlen: 24
91.201.107.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c6:16:df:f7:9e:8e:42:83:ee:c6:5a:02:40:13:42:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Mar 9 11:17:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a82090f44adac8c97e37d9bb8f8bf5e295c65896
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:f3:d7:d3:3c:8f:b7:e0:7c:2b:f8:25:ba:83:
7b:97:cf:30:39:e8:1e:45:b1:27:6c:c2:18:59:4d:
29:3d:4f:2f:22:9a:55:88:8b:12:28:dd:45:0e:f7:
c5:54:e2:26:30:63:55:49:42:98:cd:ce:56:e2:b7:
65:71:0c:da:76:1a:a9:94:a6:e0:5c:94:94:d3:76:
57:68:a8:4e:7a:bf:31:18:9c:7a:d7:06:55:07:db:
ee:2d:11:c9:6b:0e:93:1f:0b:8c:02:07:fa:96:3e:
c5:19:4a:52:42:21:13:54:f6:34:71:2e:03:dd:95:
f6:83:e1:96:1f:2b:51:a8:cc:38:39:a5:30:5b:c5:
40:c0:c9:6e:ff:83:9b:79:0e:7d:3c:8e:f3:a2:6c:
86:8b:3d:b5:2b:d5:3d:65:5f:e3:16:ae:f7:38:11:
44:a0:f3:df:06:ff:7a:45:e9:56:ad:ec:98:f7:20:
43:62:58:63:75:4d:01:5f:28:c0:66:70:f7:e8:3b:
8d:09:31:b3:dc:11:09:c0:c8:16:14:f7:dc:f7:34:
64:a0:05:a1:a8:29:17:f9:92:36:03:90:70:e3:fd:
19:59:bc:65:fe:08:1b:db:54:6f:25:ac:96:5d:00:
2a:da:ef:19:09:cd:7a:46:8f:ee:d6:99:56:ea:77:
02:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:20:90:F4:4A:DA:C8:C9:7E:37:D9:BB:8F:8B:F5:E2:95:C6:58:96
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/qCCQ9ErayMl-N9m7j4v14pXGWJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.107.0/24
185.180.145.0/24
193.30.30.0/24
193.46.220.0/24
195.138.120.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:42:a3:52:9e:2c:90:ef:42:c4:64:6f:a9:43:65:81:1a:61:
87:9f:ef:09:3b:1e:94:01:0c:6c:2e:c8:55:ed:28:96:53:fe:
ac:9b:c0:24:92:b8:0b:46:cc:69:35:63:9f:6f:a0:2f:03:96:
b5:d8:26:93:03:a7:d3:02:01:68:f7:e1:39:ed:ff:38:eb:05:
10:0f:83:9b:4a:02:7d:b2:36:5f:60:6a:5d:25:10:48:7a:ff:
12:0b:48:61:e9:8c:c0:7e:fd:04:c4:91:bd:da:cf:d2:15:e9:
10:d5:6b:1e:5b:5d:6a:15:17:04:0c:9a:66:82:a2:f4:0b:55:
d1:ce:ab:3d:7b:87:8a:34:80:d5:8e:67:39:85:5f:22:20:9f:
42:05:72:61:5f:20:73:4d:6f:5a:15:9b:d8:b9:4f:fa:1e:74:
f3:62:7b:dc:6f:81:fd:e7:00:31:9d:9f:44:44:c8:b6:a8:29:
12:2a:1b:47:b6:df:80:a7:89:2d:c0:a8:7e:e8:5c:5f:88:fd:
94:d4:85:fa:fa:70:49:e8:65:c7:4a:07:44:55:22:16:2c:3e:
30:d0:8e:4c:54:87:28:ca:80:29:69:2c:68:79:e3:21:7d:3d:
dc:c7:30:bf:d0:3c:48:82:a7:33:e8:db:e1:f2:02:21:d5:06:
aa:9c:7d:cb
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYbGFt/3no5Cg+7GWgJAE0LkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwMzA5MTExNzEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODIwOTBmNDRhZGFjOGM5N2UzN2Q5YmI4ZjhiZjVlMjk1YzY1ODk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvPX0zyPt+B8K/gluoN7l88wOege
RbEnbMIYWU0pPU8vIppViIsSKN1FDvfFVOImMGNVSUKYzc5W4rdlcQzadhqplKbg
XJSU03ZXaKhOer8xGJx61wZVB9vuLRHJaw6THwuMAgf6lj7FGUpSQiETVPY0cS4D
3ZX2g+GWHytRqMw4OaUwW8VAwMlu/4ObeQ59PI7zomyGiz21K9U9ZV/jFq73OBFE
oPPfBv96RelWreyY9yBDYlhjdU0BXyjAZnD36DuNCTGz3BEJwMgWFPfc9zRkoAWh
qCkX+ZI2A5Bw4/0ZWbxl/ggb21RvJayWXQAq2u8ZCc16Ro/u1plW6ncCdQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKggkPRK2sjJfjfZu4+L9eKVxliWMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvcUNDUTlFcmF5TWwtTjltN2o0djE0cFhHV0pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAW8lrAwQA
ubSRAwQAwR4eAwQAwS7cAwQAw4p4MA0GCSqGSIb3DQEBCwUAA4IBAQCxQqNSniyQ
70LEZG+pQ2WBGmGHn+8JOx6UAQxsLshV7SiWU/6sm8AkkrgLRsxpNWOfb6AvA5a1
2CaTA6fTAgFo9+E57f846wUQD4ObSgJ9sjZfYGpdJRBIev8SC0hh6YzAfv0ExJG9
2s/SFekQ1WseW11qFRcEDJpmgqL0C1XRzqs9e4eKNIDVjmc5hV8iIJ9CBXJhXyBz
TW9aFZvYuU/6HnTzYnvcb4H95wAxnZ9ERMi2qCkSKhtHtt+Ap4ktwKh+6FxfiP2U
1IX6+nBJ6GXHSgdEVSIWLD4w0I5MVIcoyoApaSxoeeMhfT3cxzC/0DxIgqcz6Nvh
8gIh1QaqnH3L
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:27 2024 by rpki-client on console-ams.rpki-client.org