Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/06RC9LeTyVaXZ5wZj1jfo1G9KSE.roa
File: 06RC9LeTyVaXZ5wZj1jfo1G9KSE.roa (raw, json)
Hash identifier: s7GtFb4p/zHzNqNrOCC5TCW20g8hIsN5T8Nb440jbKg=
Subject key identifier: D3:A4:42:F4:B7:93:C9:56:97:67:9C:19:8F:58:DF:A3:51:BD:29:21
Certificate issuer: /CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Certificate serial: 018334443BA937C54AFC1603162E8D26CA13
Authority key identifier: A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/06RC9LeTyVaXZ5wZj1jfo1G9KSE.roa
Signing time: Tue 13 Sep 2022 00:33:50 +0000
ROA not before: Tue 13 Sep 2022 00:33:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9105
IP address blocks: 213.208.64.0/18 maxlen: 24
193.218.99.0/24 maxlen: 24
212.159.128.0/18 maxlen: 24
81.178.0.0/15 maxlen: 24
85.210.0.0/15 maxlen: 24
195.112.0.0/18 maxlen: 24
212.139.0.0/16 maxlen: 24
80.225.0.0/16 maxlen: 24
79.72.0.0/13 maxlen: 24
80.40.0.0/13 maxlen: 24
88.104.0.0/13 maxlen: 24
212.1.128.0/19 maxlen: 24
81.170.0.0/17 maxlen: 24
82.133.0.0/17 maxlen: 24
81.1.64.0/18 maxlen: 24
89.168.0.0/16 maxlen: 24
83.67.0.0/16 maxlen: 24
84.12.0.0/16 maxlen: 24
212.74.96.0/19 maxlen: 24
194.247.224.0/19 maxlen: 24
79.66.0.0/15 maxlen: 24
62.3.192.0/18 maxlen: 24
185.175.144.0/22 maxlen: 24
194.106.32.0/19 maxlen: 24
81.6.192.0/18 maxlen: 24
81.86.0.0/16 maxlen: 24
79.68.0.0/14 maxlen: 24
195.149.0.0/18 maxlen: 24
62.64.128.0/17 maxlen: 24
195.137.0.0/17 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:34:44:3b:a9:37:c5:4a:fc:16:03:16:2e:8d:26:ca:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Validity
Not Before: Sep 13 00:33:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d3a442f4b793c95697679c198f58dfa351bd2921
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:c6:03:39:f5:95:33:08:32:7b:fb:24:45:89:
5b:72:08:02:ba:49:53:85:38:cd:2f:b8:9d:ff:9b:
ec:dc:70:e6:f9:69:21:31:c9:dc:a2:1d:e0:d4:08:
18:ae:82:4a:a6:60:f4:9b:7e:e3:34:06:30:70:15:
ac:6d:37:75:2a:50:83:49:6c:b2:3c:cf:2c:07:a6:
c3:f6:8a:5f:fe:7f:56:88:ad:95:9d:92:18:2e:79:
aa:e2:cf:bd:66:06:ce:27:a0:6c:b5:d3:84:36:f3:
b4:21:49:59:b6:e9:5d:69:c7:b7:fb:c3:92:3c:14:
d7:6c:70:23:4e:bd:92:66:61:ec:56:e7:f7:1a:d5:
95:62:d1:48:4f:11:b6:94:44:eb:5c:5c:d3:1d:72:
da:46:a3:a7:30:a0:d6:b3:b3:5a:06:32:fc:49:fa:
2a:59:d4:44:71:5a:c6:a0:a1:3c:99:5a:cc:1d:59:
62:57:50:27:92:c0:71:91:1f:4c:09:0e:e1:e6:be:
92:94:32:8a:d9:01:f6:5d:45:3b:33:33:d6:7b:2f:
39:b5:b2:a7:0a:f5:a0:6f:d8:ed:e5:21:73:bf:d9:
91:94:ca:5a:1c:8b:77:37:ef:8f:14:fe:dc:98:13:
be:fb:ed:86:68:6d:67:08:e3:be:91:70:81:24:63:
c0:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:A4:42:F4:B7:93:C9:56:97:67:9C:19:8F:58:DF:A3:51:BD:29:21
X509v3 Authority Key Identifier:
keyid:A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/06RC9LeTyVaXZ5wZj1jfo1G9KSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/qYB_bVDZfZcdzy4uUGTpuQets-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.3.192.0/18
62.64.128.0/17
79.66.0.0-79.79.255.255
80.40.0.0/13
80.225.0.0/16
81.1.64.0/18
81.6.192.0/18
81.86.0.0/16
81.170.0.0/17
81.178.0.0/15
82.133.0.0/17
83.67.0.0/16
84.12.0.0/16
85.210.0.0/15
88.104.0.0/13
89.168.0.0/16
185.175.144.0/22
193.218.99.0/24
194.106.32.0/19
194.247.224.0/19
195.112.0.0/18
195.137.0.0/17
195.149.0.0/18
212.1.128.0/19
212.74.96.0/19
212.139.0.0/16
212.159.128.0/18
213.208.64.0/18
Signature Algorithm: sha256WithRSAEncryption
a2:bf:a6:d5:f8:64:3d:6c:0e:ff:c4:f9:8a:5f:b6:53:8d:6f:
d5:ee:f4:ba:d2:41:e7:ff:fe:90:08:28:40:71:41:29:34:b1:
76:84:f2:b9:6f:00:86:54:10:10:fc:9e:6e:50:2b:c3:16:af:
74:bf:1a:8d:23:06:5a:4b:f5:61:e3:92:5d:c7:ca:c5:c6:3c:
88:da:06:12:5a:82:d8:88:e3:a2:cc:91:31:9b:32:f6:94:3b:
83:ae:e9:f3:d9:d8:ac:35:33:54:32:aa:4d:06:4f:a0:21:63:
f7:88:76:99:c9:b0:65:16:bd:7f:7e:8d:bc:fe:ec:d2:1f:b5:
f8:75:88:ea:42:79:b1:56:93:5b:d8:bd:86:ed:28:32:c5:88:
9b:7b:b3:45:b9:bb:73:bf:ad:02:43:be:9a:e5:9b:a2:16:15:
72:5b:95:6d:af:0d:61:aa:6f:20:97:25:e1:41:83:21:40:1b:
53:36:64:61:7f:a6:df:44:bb:11:3e:f2:9d:a9:63:db:38:81:
7c:b6:36:26:a7:bb:58:76:05:38:54:fe:65:83:e2:13:c7:7e:
c1:41:6b:00:65:e5:25:a4:3f:db:c7:7a:9a:0b:a5:75:c5:86:
b5:a3:de:b4:99:da:4d:98:18:cb:a1:99:51:a9:b0:a5:ab:5f:
81:73:6f:82
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAYM0RDupN8VK/BYDFi6NJsoTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ODA3ZjZkNTBkOTdkOTcxZGNmMmUyZTUwNjRlOWI5MDdh
ZGIzZWMwHhcNMjIwOTEzMDAzMzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2E0NDJmNGI3OTNjOTU2OTc2NzljMTk4ZjU4ZGZhMzUxYmQyOTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhMYDOfWVMwgye/skRYlbcggCuklT
hTjNL7id/5vs3HDm+WkhMcncoh3g1AgYroJKpmD0m37jNAYwcBWsbTd1KlCDSWyy
PM8sB6bD9opf/n9WiK2VnZIYLnmq4s+9ZgbOJ6BstdOENvO0IUlZtuldace3+8OS
PBTXbHAjTr2SZmHsVuf3GtWVYtFITxG2lETrXFzTHXLaRqOnMKDWs7NaBjL8Sfoq
WdREcVrGoKE8mVrMHVliV1AnksBxkR9MCQ7h5r6SlDKK2QH2XUU7MzPWey85tbKn
CvWgb9jt5SFzv9mRlMpaHIt3N++PFP7cmBO+++2GaG1nCOO+kXCBJGPAewIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFNOkQvS3k8lWl2ecGY9Y36NRvSkhMB8GA1UdIwQY
MBaAFKmAf21Q2X2XHc8uLlBk6bkHrbPsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzIt
MGQ4ZjdkZDhjY2U2LzEvMDZSQzlMZVR5VmFYWjV3WmoxamZvMUc5S1NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzItMGQ4ZjdkZDhjY2U2
LzEvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHBBggrBgEFBQcBBwEB/wSBsTCBrjCBqwQCAAEwgaQDBAY+
A8ADBAc+QIAwCgMDAU9CAwMET0ADAwNQKAMDAFDhAwQGUQFAAwQGUQbAAwMAUVYD
BAdRqgADAwFRsgMEB1KFAAMDAFNDAwMAVAwDAwFV0gMDA1hoAwMAWagDBAK5r5AD
BADB2mMDBAXCaiADBAXC9+ADBAbDcAADBAfDiQADBAbDlQADBAXUAYADBAXUSmAD
AwDUiwMEBtSfgAMEBtXQQDANBgkqhkiG9w0BAQsFAAOCAQEAor+m1fhkPWwO/8T5
il+2U41v1e70utJB5//+kAgoQHFBKTSxdoTyuW8AhlQQEPyeblArwxavdL8ajSMG
Wkv1YeOSXcfKxcY8iNoGElqC2IjjosyRMZsy9pQ7g67p89nYrDUzVDKqTQZPoCFj
94h2mcmwZRa9f36NvP7s0h+1+HWI6kJ5sVaTW9i9hu0oMsWIm3uzRbm7c7+tAkO+
muWbohYVcluVba8NYapvIJcl4UGDIUAbUzZkYX+m30S7ET7ynalj2ziBfLY2Jqe7
WHYFOFT+ZYPiE8d+wUFrAGXlJaQ/28d6mguldcWGtaPetJnaTZgYy6GZUamwpatf
gXNvgg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:29 2024 by rpki-client on console-ams.rpki-client.org