Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/byFyXq16rvqi3xqSdGoLoW9xi5U.roa
File: byFyXq16rvqi3xqSdGoLoW9xi5U.roa (raw, json)
Hash identifier: 5pEmQhGH/DB6cME7n77ERWhUxm35kdQOWUQZcfVBNmc=
Subject key identifier: 6F:21:72:5E:AD:7A:AE:FA:A2:DF:1A:92:74:6A:0B:A1:6F:71:8B:95
Certificate issuer: /CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Certificate serial: 0186123F52E00D627A28DC05081F76AE633A
Authority key identifier: A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/byFyXq16rvqi3xqSdGoLoW9xi5U.roa
Signing time: Thu 02 Feb 2023 13:09:45 +0000
ROA not before: Thu 02 Feb 2023 13:09:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9105
IP address blocks: 213.208.64.0/18 maxlen: 24
193.218.99.0/24 maxlen: 24
212.159.128.0/18 maxlen: 24
81.178.0.0/15 maxlen: 24
85.210.0.0/15 maxlen: 24
195.112.0.0/18 maxlen: 24
212.139.0.0/16 maxlen: 24
80.40.0.0/13 maxlen: 24
88.104.0.0/13 maxlen: 24
212.1.128.0/19 maxlen: 24
81.170.0.0/17 maxlen: 24
82.133.0.0/17 maxlen: 24
81.1.64.0/18 maxlen: 24
83.67.0.0/16 maxlen: 24
84.12.0.0/16 maxlen: 24
212.74.96.0/19 maxlen: 24
194.247.224.0/19 maxlen: 24
79.66.0.0/15 maxlen: 24
62.3.192.0/18 maxlen: 24
185.175.144.0/22 maxlen: 24
194.106.32.0/19 maxlen: 24
81.6.192.0/18 maxlen: 24
81.86.0.0/16 maxlen: 24
79.68.0.0/14 maxlen: 24
195.149.0.0/18 maxlen: 24
195.137.0.0/17 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:12:3f:52:e0:0d:62:7a:28:dc:05:08:1f:76:ae:63:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Validity
Not Before: Feb 2 13:09:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f21725ead7aaefaa2df1a92746a0ba16f718b95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:61:4f:bd:6b:5a:46:c4:71:28:24:62:52:ed:
f8:be:1e:4e:a7:74:b4:9a:3e:9d:ee:86:74:f2:ef:
b6:08:f7:27:c1:52:aa:61:97:71:83:53:02:17:94:
4f:44:be:c3:54:1e:c9:d4:24:2a:12:14:dd:8d:56:
d7:d3:45:dc:28:9f:df:09:b8:88:f9:ed:07:68:70:
e2:fe:88:d1:c8:c9:9a:22:3a:ee:2a:92:73:38:6d:
6b:b5:16:89:88:5d:8c:f8:cc:d9:e8:5f:4e:df:2b:
29:d7:f0:8e:ac:b3:5d:c2:d5:e5:a7:2e:60:52:65:
7b:3a:60:bf:da:1b:01:4d:62:3b:7d:6d:66:e5:ed:
20:3e:cc:a5:67:f6:a7:41:e4:03:21:2a:81:e5:87:
c4:b9:57:5e:82:9f:b5:b7:a6:ce:3a:09:5e:07:04:
e9:f6:39:e6:6b:76:7e:10:c1:c2:07:4b:d2:3d:f7:
85:75:48:a8:d2:4e:27:e2:b3:bf:28:cb:d0:0f:0b:
5c:58:33:e0:f4:6e:15:18:37:41:f9:16:4d:fe:6f:
03:da:09:17:04:41:73:c0:12:83:4d:63:95:0d:56:
cd:cf:ad:c4:0f:da:06:e2:bb:be:e4:25:32:65:16:
aa:6f:d6:56:18:8f:d4:16:ca:a4:2b:80:a4:28:58:
c1:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:21:72:5E:AD:7A:AE:FA:A2:DF:1A:92:74:6A:0B:A1:6F:71:8B:95
X509v3 Authority Key Identifier:
keyid:A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/byFyXq16rvqi3xqSdGoLoW9xi5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/qYB_bVDZfZcdzy4uUGTpuQets-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.3.192.0/18
79.66.0.0-79.71.255.255
80.40.0.0/13
81.1.64.0/18
81.6.192.0/18
81.86.0.0/16
81.170.0.0/17
81.178.0.0/15
82.133.0.0/17
83.67.0.0/16
84.12.0.0/16
85.210.0.0/15
88.104.0.0/13
185.175.144.0/22
193.218.99.0/24
194.106.32.0/19
194.247.224.0/19
195.112.0.0/18
195.137.0.0/17
195.149.0.0/18
212.1.128.0/19
212.74.96.0/19
212.139.0.0/16
212.159.128.0/18
213.208.64.0/18
Signature Algorithm: sha256WithRSAEncryption
ca:61:e4:c3:2a:e6:ee:d3:cf:84:dc:6f:33:69:19:32:3e:a2:
d9:c1:a8:c2:98:71:b5:74:78:42:ce:88:2b:25:a6:89:13:f1:
ae:df:6f:e8:8e:5e:19:63:db:f9:18:48:08:81:33:ae:60:8b:
e9:b4:fa:c4:cc:84:99:9a:2c:1d:f5:86:4d:fc:71:e0:cd:de:
77:dc:d8:76:b4:e5:0f:2d:50:83:08:dd:07:1b:f6:f1:e5:3a:
57:7d:20:f7:81:10:f9:dc:bf:fa:a1:4e:20:64:73:50:16:99:
5b:4d:a1:64:8b:e6:f5:0c:39:f7:be:28:04:bd:17:1c:20:71:
95:83:db:6b:3f:cb:62:1d:5a:4c:20:b0:62:bd:55:61:8c:ae:
8c:93:11:80:82:b9:35:69:d9:3d:7f:8e:28:eb:25:52:7b:ea:
c2:5c:5d:fc:ae:07:e8:56:7a:2e:e2:5b:6f:bd:1d:1c:30:a3:
71:9e:be:51:55:12:09:a5:9e:13:40:82:b1:4d:02:ab:a3:1c:
95:fa:fc:da:b4:42:77:dc:16:ef:1b:2c:9c:62:06:06:08:37:
27:f9:85:4e:3f:a2:df:ef:0c:3d:30:d4:09:58:0a:17:90:82:
16:0b:ce:cb:a8:7e:c6:c4:53:d3:0d:07:5a:81:e2:f1:ee:9f:
88:4d:7c:f2
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAYYSP1LgDWJ6KNwFCB92rmM6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ODA3ZjZkNTBkOTdkOTcxZGNmMmUyZTUwNjRlOWI5MDdh
ZGIzZWMwHhcNMjMwMjAyMTMwOTQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjIxNzI1ZWFkN2FhZWZhYTJkZjFhOTI3NDZhMGJhMTZmNzE4Yjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmFPvWtaRsRxKCRiUu34vh5Op3S0
mj6d7oZ08u+2CPcnwVKqYZdxg1MCF5RPRL7DVB7J1CQqEhTdjVbX00XcKJ/fCbiI
+e0HaHDi/ojRyMmaIjruKpJzOG1rtRaJiF2M+MzZ6F9O3ysp1/COrLNdwtXlpy5g
UmV7OmC/2hsBTWI7fW1m5e0gPsylZ/anQeQDISqB5YfEuVdegp+1t6bOOgleBwTp
9jnma3Z+EMHCB0vSPfeFdUio0k4n4rO/KMvQDwtcWDPg9G4VGDdB+RZN/m8D2gkX
BEFzwBKDTWOVDVbNz63ED9oG4ru+5CUyZRaqb9ZWGI/UFsqkK4CkKFjBtQIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFG8hcl6teq76ot8aknRqC6FvcYuVMB8GA1UdIwQY
MBaAFKmAf21Q2X2XHc8uLlBk6bkHrbPsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzIt
MGQ4ZjdkZDhjY2U2LzEvYnlGeVhxMTZydnFpM3hxU2RHb0xvVzl4aTVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzItMGQ4ZjdkZDhjY2U2
LzEvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjCBmwQCAAEwgZQDBAY+
A8AwCgMDAU9CAwMDT0ADAwNQKAMEBlEBQAMEBlEGwAMDAFFWAwQHUaoAAwMBUbID
BAdShQADAwBTQwMDAFQMAwMBVdIDAwNYaAMEArmvkAMEAMHaYwMEBcJqIAMEBcL3
4AMEBsNwAAMEB8OJAAMEBsOVAAMEBdQBgAMEBdRKYAMDANSLAwQG1J+AAwQG1dBA
MA0GCSqGSIb3DQEBCwUAA4IBAQDKYeTDKubu08+E3G8zaRkyPqLZwajCmHG1dHhC
zogrJaaJE/Gu32/ojl4ZY9v5GEgIgTOuYIvptPrEzISZmiwd9YZN/HHgzd533Nh2
tOUPLVCDCN0HG/bx5TpXfSD3gRD53L/6oU4gZHNQFplbTaFki+b1DDn3vigEvRcc
IHGVg9trP8tiHVpMILBivVVhjK6MkxGAgrk1adk9f44o6yVSe+rCXF38rgfoVnou
4ltvvR0cMKNxnr5RVRIJpZ4TQIKxTQKroxyV+vzatEJ33BbvGyycYgYGCDcn+YVO
P6Lf7ww9MNQJWAoXkIIWC87LqH7GxFPTDQdageLx7p+ITXzy
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:51 2023 by rpki-client on console-fra.rpki-client.org