Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/Hz93CXPsrd6aKqHWiK6mKI1ETc8.roa
File: Hz93CXPsrd6aKqHWiK6mKI1ETc8.roa (raw, json)
Hash identifier: 6gE0313L36vEnwR55gDQsXg1Yj/loU+SgScxwDhtjtA=
Subject key identifier: 1F:3F:77:09:73:EC:AD:DE:9A:2A:A1:D6:88:AE:A6:28:8D:44:4D:CF
Certificate issuer: /CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Certificate serial: 018C1D95C23BB5C6B13EEF72FD680E272F14
Authority key identifier: A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/Hz93CXPsrd6aKqHWiK6mKI1ETc8.roa
Signing time: Thu 30 Nov 2023 00:16:43 +0000
ROA not before: Thu 30 Nov 2023 00:16:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9105
IP address blocks: 213.208.64.0/18 maxlen: 24
193.218.99.0/24 maxlen: 24
212.159.128.0/18 maxlen: 24
81.178.0.0/15 maxlen: 24
79.77.0.0/16 maxlen: 24
195.112.0.0/18 maxlen: 24
212.139.0.0/16 maxlen: 24
80.40.0.0/13 maxlen: 24
212.1.128.0/19 maxlen: 24
81.170.0.0/17 maxlen: 24
82.133.0.0/17 maxlen: 24
81.1.64.0/18 maxlen: 24
83.67.0.0/16 maxlen: 24
84.12.0.0/16 maxlen: 24
212.74.96.0/19 maxlen: 24
194.247.224.0/19 maxlen: 24
79.76.0.0/14 maxlen: 24
185.175.144.0/22 maxlen: 24
194.106.32.0/19 maxlen: 24
81.6.192.0/18 maxlen: 24
89.168.128.0/17 maxlen: 24
81.86.0.0/16 maxlen: 24
195.149.0.0/18 maxlen: 24
79.78.0.0/15 maxlen: 24
195.137.0.0/17 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1d:95:c2:3b:b5:c6:b1:3e:ef:72:fd:68:0e:27:2f:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Validity
Not Before: Nov 30 00:16:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f3f770973ecadde9a2aa1d688aea6288d444dcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:ea:dc:9e:71:87:8a:4c:82:d8:6b:fc:d2:a5:
29:ef:ff:e6:79:d8:3e:5c:b3:f9:6c:74:23:96:68:
00:6c:73:4c:aa:73:12:29:5e:4c:79:a7:b0:8a:e5:
ce:68:5f:15:47:6c:ea:aa:52:6f:53:74:02:08:5d:
a4:77:d1:22:72:54:50:2e:54:71:5a:95:7d:01:67:
17:09:84:29:01:51:a3:55:27:fd:a8:0b:96:00:d1:
69:2e:61:37:31:d7:96:89:7c:9d:67:6d:2d:23:c2:
89:fc:15:2e:79:cc:b6:03:4d:8a:88:64:f9:5b:ee:
26:d4:04:2e:82:51:f7:13:92:82:66:a1:23:35:6b:
32:5a:00:a5:87:a8:27:ad:42:54:39:f8:a1:a4:2a:
52:d2:15:ee:d9:91:4d:9e:12:28:ea:d4:fc:61:eb:
91:b1:73:fe:dd:64:2f:ef:d3:2f:c3:f4:b4:ff:12:
f7:56:e6:54:23:44:80:f4:f3:25:90:18:25:ab:f9:
43:bc:a7:bc:38:1f:e1:64:e2:ff:67:d1:8b:9d:c9:
5a:e5:2c:29:70:63:dc:a2:30:88:1a:4d:57:bf:61:
5b:3b:90:25:46:4d:59:c0:ae:7d:37:47:f6:87:93:
63:fd:46:cf:3a:75:16:c1:c0:d9:4e:ad:62:01:73:
d2:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:3F:77:09:73:EC:AD:DE:9A:2A:A1:D6:88:AE:A6:28:8D:44:4D:CF
X509v3 Authority Key Identifier:
keyid:A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/Hz93CXPsrd6aKqHWiK6mKI1ETc8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/qYB_bVDZfZcdzy4uUGTpuQets-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.76.0.0/14
80.40.0.0/13
81.1.64.0/18
81.6.192.0/18
81.86.0.0/16
81.170.0.0/17
81.178.0.0/15
82.133.0.0/17
83.67.0.0/16
84.12.0.0/16
89.168.128.0/17
185.175.144.0/22
193.218.99.0/24
194.106.32.0/19
194.247.224.0/19
195.112.0.0/18
195.137.0.0/17
195.149.0.0/18
212.1.128.0/19
212.74.96.0/19
212.139.0.0/16
212.159.128.0/18
213.208.64.0/18
Signature Algorithm: sha256WithRSAEncryption
55:87:c6:ef:71:6c:4a:36:cd:9c:2e:45:fd:d5:88:d0:3e:e0:
f4:ca:61:22:c9:ba:a4:05:49:79:15:90:42:e8:73:46:78:c6:
dd:82:1f:54:42:79:80:f8:44:14:c4:66:c8:84:41:49:5a:99:
53:a5:61:d0:ca:fc:e3:2e:39:0d:45:17:f8:9b:0f:36:f4:43:
74:00:07:63:48:c2:d3:4f:a1:7e:b1:40:02:bc:4b:d1:e9:e5:
8e:18:30:cb:60:40:e6:49:76:17:35:f8:92:ae:03:a0:77:53:
10:ab:f2:06:76:ee:d9:7d:05:77:e6:0b:a2:e7:15:1f:58:32:
11:39:14:ab:71:d8:ac:84:21:e3:5b:44:3a:43:96:40:47:5d:
7d:e5:95:4c:25:85:ad:39:c7:da:a8:1f:c6:88:47:e0:bf:2f:
4c:77:77:28:f4:6b:ec:af:8f:9f:a5:8e:75:07:81:89:b1:56:
4a:85:02:51:c4:92:9c:f0:cd:df:bb:01:46:2c:43:6a:77:8b:
69:63:d7:5e:24:50:25:f9:a0:8a:09:75:36:78:8c:fc:dd:89:
c5:d5:1c:04:6b:bc:dd:ea:fe:11:3c:99:31:c2:cb:64:57:b2:
43:0a:e3:76:38:32:94:09:7a:83:af:61:82:6e:8e:cc:4c:82:
80:80:45:79
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgISAYwdlcI7tcaxPu9y/WgOJy8UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ODA3ZjZkNTBkOTdkOTcxZGNmMmUyZTUwNjRlOWI5MDdh
ZGIzZWMwHhcNMjMxMTMwMDAxNjQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjNmNzcwOTczZWNhZGRlOWEyYWExZDY4OGFlYTYyODhkNDQ0ZGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+rcnnGHikyC2Gv80qUp7//medg+
XLP5bHQjlmgAbHNMqnMSKV5MeaewiuXOaF8VR2zqqlJvU3QCCF2kd9EiclRQLlRx
WpV9AWcXCYQpAVGjVSf9qAuWANFpLmE3MdeWiXydZ20tI8KJ/BUuecy2A02KiGT5
W+4m1AQuglH3E5KCZqEjNWsyWgClh6gnrUJUOfihpCpS0hXu2ZFNnhIo6tT8YeuR
sXP+3WQv79Mvw/S0/xL3VuZUI0SA9PMlkBglq/lDvKe8OB/hZOL/Z9GLncla5Swp
cGPcojCIGk1Xv2FbO5AlRk1ZwK59N0f2h5Nj/UbPOnUWwcDZTq1iAXPSiwIDAQAB
o4ICizCCAocwHQYDVR0OBBYEFB8/dwlz7K3emiqh1oiupiiNRE3PMB8GA1UdIwQY
MBaAFKmAf21Q2X2XHc8uLlBk6bkHrbPsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzIt
MGQ4ZjdkZDhjY2U2LzEvSHo5M0NYUHNyZDZhS3FIV2lLNm1LSTFFVGM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzItMGQ4ZjdkZDhjY2U2
LzEvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGgBggrBgEFBQcBBwEB/wSBkDCBjTCBigQCAAEwgYMDAwJP
TAMDA1AoAwQGUQFAAwQGUQbAAwMAUVYDBAdRqgADAwFRsgMEB1KFAAMDAFNDAwMA
VAwDBAdZqIADBAK5r5ADBADB2mMDBAXCaiADBAXC9+ADBAbDcAADBAfDiQADBAbD
lQADBAXUAYADBAXUSmADAwDUiwMEBtSfgAMEBtXQQDANBgkqhkiG9w0BAQsFAAOC
AQEAVYfG73FsSjbNnC5F/dWI0D7g9MphIsm6pAVJeRWQQuhzRnjG3YIfVEJ5gPhE
FMRmyIRBSVqZU6Vh0Mr84y45DUUX+JsPNvRDdAAHY0jC00+hfrFAArxL0enljhgw
y2BA5kl2FzX4kq4DoHdTEKvyBnbu2X0Fd+YLoucVH1gyETkUq3HYrIQh41tEOkOW
QEddfeWVTCWFrTnH2qgfxohH4L8vTHd3KPRr7K+Pn6WOdQeBibFWSoUCUcSSnPDN
37sBRixDaneLaWPXXiRQJfmgigl1NniM/N2JxdUcBGu83er+ETyZMcLLZFeyQwrj
djgylAl6g69hgm6OzEyCgIBFeQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:29 2024 by rpki-client on console-ams.rpki-client.org