Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/3RVjxqtAZz87zq1aLSo98-g7vdk.roa
File: 3RVjxqtAZz87zq1aLSo98-g7vdk.roa (raw, json)
Hash identifier: fwVGbhf9sTsjY6NR1jGa6Z4iL7L7pKD6LgbTzX6Nj38=
Subject key identifier: DD:15:63:C6:AB:40:67:3F:3B:CE:AD:5A:2D:2A:3D:F3:E8:3B:BD:D9
Certificate issuer: /CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Certificate serial: 018618135E5B8B28D29D80487E8C93200CD6
Authority key identifier: A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/3RVjxqtAZz87zq1aLSo98-g7vdk.roa
Signing time: Fri 03 Feb 2023 16:19:27 +0000
ROA not before: Fri 03 Feb 2023 16:19:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9105
IP address blocks: 213.208.64.0/18 maxlen: 24
193.218.99.0/24 maxlen: 24
212.159.128.0/18 maxlen: 24
81.178.0.0/15 maxlen: 24
195.112.0.0/18 maxlen: 24
79.75.0.0/16 maxlen: 24
212.139.0.0/16 maxlen: 24
80.40.0.0/13 maxlen: 24
88.104.0.0/13 maxlen: 24
212.1.128.0/19 maxlen: 24
81.170.0.0/17 maxlen: 24
82.133.0.0/17 maxlen: 24
81.1.64.0/18 maxlen: 24
83.67.0.0/16 maxlen: 24
84.12.0.0/16 maxlen: 24
212.74.96.0/19 maxlen: 24
194.247.224.0/19 maxlen: 24
79.76.0.0/14 maxlen: 24
79.66.0.0/15 maxlen: 24
62.3.192.0/18 maxlen: 24
185.175.144.0/22 maxlen: 24
194.106.32.0/19 maxlen: 24
81.6.192.0/18 maxlen: 24
89.168.128.0/17 maxlen: 24
81.86.0.0/16 maxlen: 24
79.68.0.0/14 maxlen: 24
195.149.0.0/18 maxlen: 24
195.137.0.0/17 maxlen: 24
79.73.0.0/16 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:18:13:5e:5b:8b:28:d2:9d:80:48:7e:8c:93:20:0c:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Validity
Not Before: Feb 3 16:19:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd1563c6ab40673f3bcead5a2d2a3df3e83bbdd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:87:08:a5:c3:bd:c5:97:96:a7:4f:ac:f5:7c:
82:51:b2:85:d0:c4:25:0e:a3:bc:db:11:c3:50:27:
9d:2f:06:09:fd:35:df:97:e8:27:08:f7:5b:aa:55:
03:77:33:c6:bc:8d:7c:ff:5f:e9:4c:91:67:d9:8c:
de:f5:9c:1a:5c:07:14:2c:6f:ae:de:0a:82:ce:23:
78:07:96:1e:83:a8:8c:11:e5:ec:cd:ba:60:d4:3d:
36:61:3c:18:81:fe:32:67:9e:fc:93:78:73:5d:90:
b6:9c:a1:d5:ee:31:c9:06:76:0a:42:93:70:66:ef:
f6:cb:74:2e:16:09:9d:a9:13:2a:48:1e:3b:e3:af:
23:87:da:9e:3d:83:b2:aa:36:de:71:17:dd:2c:3d:
cb:3c:40:1e:9d:f9:2e:1a:5e:e0:65:4e:f1:e5:59:
4e:c7:97:2e:d6:f3:81:07:a3:62:ab:a8:00:8a:50:
75:4f:a4:a4:59:cb:61:0f:32:d2:4b:5f:b6:41:74:
6d:b2:45:89:2d:0d:94:e6:0c:3e:e2:9f:f0:46:d8:
17:cf:28:b5:92:45:63:8b:c0:c3:78:c1:30:4a:99:
18:00:d9:cc:21:e1:14:e1:92:5a:d3:17:9a:48:74:
6b:15:2a:8e:60:4d:4e:a7:4b:d7:9d:cc:43:f2:c8:
6e:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:15:63:C6:AB:40:67:3F:3B:CE:AD:5A:2D:2A:3D:F3:E8:3B:BD:D9
X509v3 Authority Key Identifier:
keyid:A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/3RVjxqtAZz87zq1aLSo98-g7vdk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/qYB_bVDZfZcdzy4uUGTpuQets-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.3.192.0/18
79.66.0.0-79.71.255.255
79.73.0.0/16
79.75.0.0-79.79.255.255
80.40.0.0/13
81.1.64.0/18
81.6.192.0/18
81.86.0.0/16
81.170.0.0/17
81.178.0.0/15
82.133.0.0/17
83.67.0.0/16
84.12.0.0/16
88.104.0.0/13
89.168.128.0/17
185.175.144.0/22
193.218.99.0/24
194.106.32.0/19
194.247.224.0/19
195.112.0.0/18
195.137.0.0/17
195.149.0.0/18
212.1.128.0/19
212.74.96.0/19
212.139.0.0/16
212.159.128.0/18
213.208.64.0/18
Signature Algorithm: sha256WithRSAEncryption
87:ca:41:80:2a:4c:f2:eb:55:40:a0:39:c9:81:31:cb:75:8a:
9f:14:20:f4:74:0a:85:af:84:b5:a2:97:18:3c:0f:3c:c3:7c:
3e:a5:ad:e9:2f:af:08:58:cf:60:a4:d4:9e:6f:28:e7:6f:3c:
14:74:c0:8f:04:85:fb:57:16:e2:cc:a2:4f:08:4f:ff:86:46:
e3:59:07:0a:e5:39:eb:9c:f8:f4:9c:0f:3e:b3:33:91:7f:21:
ff:24:9b:f7:f1:b9:59:ef:15:a4:c1:74:7f:2c:3e:de:a9:f7:
fb:2b:bb:26:3a:57:20:41:31:65:3a:e5:63:9b:90:61:6d:c1:
22:29:c0:66:c6:bd:51:43:78:3f:35:d1:80:ba:f2:94:6a:65:
ed:4b:1b:4f:7d:39:a7:0a:df:03:0f:b5:c1:b7:73:5e:6c:9a:
97:d1:8d:b3:99:6f:70:55:c0:46:6d:39:b3:59:be:47:63:7a:
df:f0:9d:22:77:a7:3b:d9:35:b9:50:73:df:8c:14:18:c1:c7:
12:a1:8d:60:1f:d3:48:89:03:a3:b6:b0:8c:08:36:f4:71:df:
e3:4a:76:35:f4:4e:5c:c6:1d:42:f1:78:11:c4:59:49:5b:ec:
3b:58:f8:bf:6d:5b:be:0f:21:2d:02:b8:69:74:5e:95:84:29:
42:d6:a9:05
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgISAYYYE15biyjSnYBIfoyTIAzWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ODA3ZjZkNTBkOTdkOTcxZGNmMmUyZTUwNjRlOWI5MDdh
ZGIzZWMwHhcNMjMwMjAzMTYxOTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDE1NjNjNmFiNDA2NzNmM2JjZWFkNWEyZDJhM2RmM2U4M2JiZGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4cIpcO9xZeWp0+s9XyCUbKF0MQl
DqO82xHDUCedLwYJ/TXfl+gnCPdbqlUDdzPGvI18/1/pTJFn2Yze9ZwaXAcULG+u
3gqCziN4B5Yeg6iMEeXszbpg1D02YTwYgf4yZ578k3hzXZC2nKHV7jHJBnYKQpNw
Zu/2y3QuFgmdqRMqSB47468jh9qePYOyqjbecRfdLD3LPEAenfkuGl7gZU7x5VlO
x5cu1vOBB6Niq6gAilB1T6SkWcthDzLSS1+2QXRtskWJLQ2U5gw+4p/wRtgXzyi1
kkVji8DDeMEwSpkYANnMIeEU4ZJa0xeaSHRrFSqOYE1Op0vXncxD8shurwIDAQAB
o4ICrjCCAqowHQYDVR0OBBYEFN0VY8arQGc/O86tWi0qPfPoO73ZMB8GA1UdIwQY
MBaAFKmAf21Q2X2XHc8uLlBk6bkHrbPsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzIt
MGQ4ZjdkZDhjY2U2LzEvM1JWanhxdEFaejg3enExYUxTbzk4LWc3dmRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzItMGQ4ZjdkZDhjY2U2
LzEvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHDBggrBgEFBQcBBwEB/wSBszCBsDCBrQQCAAEwgaYDBAY+
A8AwCgMDAU9CAwMDT0ADAwBPSTAKAwMAT0sDAwRPQAMDA1AoAwQGUQFAAwQGUQbA
AwMAUVYDBAdRqgADAwFRsgMEB1KFAAMDAFNDAwMAVAwDAwNYaAMEB1mogAMEArmv
kAMEAMHaYwMEBcJqIAMEBcL34AMEBsNwAAMEB8OJAAMEBsOVAAMEBdQBgAMEBdRK
YAMDANSLAwQG1J+AAwQG1dBAMA0GCSqGSIb3DQEBCwUAA4IBAQCHykGAKkzy61VA
oDnJgTHLdYqfFCD0dAqFr4S1opcYPA88w3w+pa3pL68IWM9gpNSebyjnbzwUdMCP
BIX7VxbizKJPCE//hkbjWQcK5TnrnPj0nA8+szORfyH/JJv38blZ7xWkwXR/LD7e
qff7K7smOlcgQTFlOuVjm5BhbcEiKcBmxr1RQ3g/NdGAuvKUamXtSxtPfTmnCt8D
D7XBt3NebJqX0Y2zmW9wVcBGbTmzWb5HY3rf8J0id6c72TW5UHPfjBQYwccSoY1g
H9NIiQOjtrCMCDb0cd/jSnY19E5cxh1C8XgRxFlJW+w7WPi/bVu+DyEtArhpdF6V
hClC1qkF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:29 2024 by rpki-client on console-ams.rpki-client.org