Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/TlkUd1Gjjcz2kpR4QUVV5viXE2s.roa
File: TlkUd1Gjjcz2kpR4QUVV5viXE2s.roa (raw, json)
Hash identifier: SKTWQTWI9lQbmgYi/FatGALAXQao6ovnsP8wcO1671E=
Subject key identifier: 4E:59:14:77:51:A3:8D:CC:F6:92:94:78:41:45:55:E6:F8:97:13:6B
Certificate issuer: /CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Certificate serial: 018BFF0BBDC2E81543FE586427287DB93D46
Authority key identifier: A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/TlkUd1Gjjcz2kpR4QUVV5viXE2s.roa
Signing time: Fri 24 Nov 2023 01:57:21 +0000
ROA not before: Fri 24 Nov 2023 01:57:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9105
IP address blocks: 84.12.0.0/16 maxlen: 24
212.74.96.0/19 maxlen: 24
213.208.64.0/18 maxlen: 24
193.218.99.0/24 maxlen: 24
194.247.224.0/19 maxlen: 24
79.76.0.0/14 maxlen: 24
212.159.128.0/18 maxlen: 24
81.178.0.0/15 maxlen: 24
185.175.144.0/22 maxlen: 24
195.112.0.0/18 maxlen: 24
194.106.32.0/19 maxlen: 24
81.6.192.0/18 maxlen: 24
89.168.128.0/17 maxlen: 24
212.139.0.0/16 maxlen: 24
81.86.0.0/16 maxlen: 24
80.40.0.0/13 maxlen: 24
212.1.128.0/19 maxlen: 24
81.170.0.0/17 maxlen: 24
82.133.0.0/17 maxlen: 24
195.149.0.0/18 maxlen: 24
81.1.64.0/18 maxlen: 24
83.67.0.0/16 maxlen: 24
195.137.0.0/17 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ff:0b:bd:c2:e8:15:43:fe:58:64:27:28:7d:b9:3d:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Validity
Not Before: Nov 24 01:57:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e59147751a38dccf6929478414555e6f897136b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:07:d8:21:ac:06:7d:18:14:a7:75:ba:30:29:
01:bc:ae:99:a9:5e:3e:80:8d:68:fd:b6:a1:8c:61:
22:1c:d0:43:7f:4b:cb:55:36:91:ff:65:c5:bf:ec:
51:e2:ce:f4:ac:e0:52:ae:3f:eb:9a:c4:3c:ee:8f:
62:b2:b8:34:b1:83:2b:1a:6e:f6:56:3c:e8:36:af:
8a:0f:88:32:a8:4e:91:c6:fc:fa:c9:44:19:63:8e:
fa:46:9b:20:76:c9:2e:9e:88:d2:19:6b:57:52:48:
b8:ed:0b:fd:6c:3f:24:0b:d3:1e:00:ee:0e:64:d7:
55:d8:5d:ed:24:91:44:84:04:55:7a:ef:51:6e:e0:
2f:0c:d2:a0:84:4c:16:f4:aa:27:9c:68:e5:9d:e5:
cb:81:22:eb:2b:85:53:f9:51:9e:76:a4:b9:0d:d4:
59:a0:35:f1:60:0a:77:a4:39:73:30:f2:0d:dc:56:
e9:52:df:7c:f0:6e:33:97:62:66:76:cf:4a:68:d7:
23:98:fe:0e:b7:31:7d:aa:6b:af:5a:0e:87:f5:86:
e4:b1:e9:bf:9f:ab:c4:2f:9d:19:bb:cc:d7:20:2d:
7c:ea:22:59:68:79:94:16:48:ea:96:ba:aa:2b:74:
57:a2:3b:f9:1d:9a:a1:37:b7:41:55:a2:f8:cb:7a:
1a:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:59:14:77:51:A3:8D:CC:F6:92:94:78:41:45:55:E6:F8:97:13:6B
X509v3 Authority Key Identifier:
keyid:A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/TlkUd1Gjjcz2kpR4QUVV5viXE2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/qYB_bVDZfZcdzy4uUGTpuQets-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.76.0.0/14
80.40.0.0/13
81.1.64.0/18
81.6.192.0/18
81.86.0.0/16
81.170.0.0/17
81.178.0.0/15
82.133.0.0/17
83.67.0.0/16
84.12.0.0/16
89.168.128.0/17
185.175.144.0/22
193.218.99.0/24
194.106.32.0/19
194.247.224.0/19
195.112.0.0/18
195.137.0.0/17
195.149.0.0/18
212.1.128.0/19
212.74.96.0/19
212.139.0.0/16
212.159.128.0/18
213.208.64.0/18
Signature Algorithm: sha256WithRSAEncryption
4c:32:85:28:bd:5c:f7:a0:8a:a1:71:f8:0b:b7:36:7b:f5:b2:
17:65:bc:70:01:5b:69:8a:74:c4:4d:72:db:16:81:82:20:99:
e4:99:e0:c6:1b:d4:84:ae:98:f9:3e:77:ba:e6:9a:96:99:fb:
53:68:a5:93:4f:50:a1:02:63:fb:61:ad:74:63:fb:51:0e:f0:
a0:c8:3d:1a:dd:2f:fa:dd:b3:f0:74:59:00:dd:65:53:18:b5:
21:4a:d6:18:1c:52:0c:27:92:e1:18:a1:2b:9a:4a:6b:9b:c2:
11:e3:90:be:bf:9d:a5:ae:76:e7:fb:42:73:c9:93:ac:48:de:
24:be:7e:7e:0d:ed:09:ea:05:46:40:0e:33:7e:4a:75:e7:3c:
bd:c5:3f:1e:a3:e0:d1:dd:8b:5c:34:19:35:99:ed:a3:01:55:
da:27:02:98:da:24:32:cc:d3:f3:ce:c8:a1:33:97:44:e2:80:
23:0b:6a:aa:2e:9a:e9:36:4b:f4:66:0a:5b:d5:fa:71:4b:13:
4c:61:3a:e5:08:6b:15:85:92:93:aa:7c:e5:63:ad:8e:1c:44:
45:ca:42:76:c3:91:69:72:3a:9b:85:31:94:c6:9e:4b:0c:35:
e5:b0:5e:b7:2c:c7:6f:90:e8:26:d9:e3:85:4a:66:fb:70:d4:
cf:77:25:d9
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgISAYv/C73C6BVD/lhkJyh9uT1GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ODA3ZjZkNTBkOTdkOTcxZGNmMmUyZTUwNjRlOWI5MDdh
ZGIzZWMwHhcNMjMxMTI0MDE1NzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTU5MTQ3NzUxYTM4ZGNjZjY5Mjk0Nzg0MTQ1NTVlNmY4OTcxMzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQfYIawGfRgUp3W6MCkBvK6ZqV4+
gI1o/bahjGEiHNBDf0vLVTaR/2XFv+xR4s70rOBSrj/rmsQ87o9isrg0sYMrGm72
VjzoNq+KD4gyqE6Rxvz6yUQZY476RpsgdskunojSGWtXUki47Qv9bD8kC9MeAO4O
ZNdV2F3tJJFEhARVeu9RbuAvDNKghEwW9KonnGjlneXLgSLrK4VT+VGedqS5DdRZ
oDXxYAp3pDlzMPIN3FbpUt988G4zl2Jmds9KaNcjmP4OtzF9qmuvWg6H9Ybksem/
n6vEL50Zu8zXIC186iJZaHmUFkjqlrqqK3RXojv5HZqhN7dBVaL4y3oaewIDAQAB
o4ICizCCAocwHQYDVR0OBBYEFE5ZFHdRo43M9pKUeEFFVeb4lxNrMB8GA1UdIwQY
MBaAFKmAf21Q2X2XHc8uLlBk6bkHrbPsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzIt
MGQ4ZjdkZDhjY2U2LzEvVGxrVWQxR2pqY3oya3BSNFFVVlY1dmlYRTJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzItMGQ4ZjdkZDhjY2U2
LzEvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGgBggrBgEFBQcBBwEB/wSBkDCBjTCBigQCAAEwgYMDAwJP
TAMDA1AoAwQGUQFAAwQGUQbAAwMAUVYDBAdRqgADAwFRsgMEB1KFAAMDAFNDAwMA
VAwDBAdZqIADBAK5r5ADBADB2mMDBAXCaiADBAXC9+ADBAbDcAADBAfDiQADBAbD
lQADBAXUAYADBAXUSmADAwDUiwMEBtSfgAMEBtXQQDANBgkqhkiG9w0BAQsFAAOC
AQEATDKFKL1c96CKoXH4C7c2e/WyF2W8cAFbaYp0xE1y2xaBgiCZ5JngxhvUhK6Y
+T53uuaalpn7U2ilk09QoQJj+2GtdGP7UQ7woMg9Gt0v+t2z8HRZAN1lUxi1IUrW
GBxSDCeS4RihK5pKa5vCEeOQvr+dpa525/tCc8mTrEjeJL5+fg3tCeoFRkAOM35K
dec8vcU/HqPg0d2LXDQZNZntowFV2icCmNokMszT887IoTOXROKAIwtqqi6a6TZL
9GYKW9X6cUsTTGE65QhrFYWSk6p85WOtjhxERcpCdsORaXI6m4UxlMaeSww15bBe
tyzHb5DoJtnjhUpm+3DUz3cl2Q==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:33 2025 by rpki-client