Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/fQ19xQXFhqC_vzYQdCOKMPdlEzg.roa
File: fQ19xQXFhqC_vzYQdCOKMPdlEzg.roa (raw, json)
Hash identifier: BDBmwSFTbeC/QXUY+MQzgHWYnbuVMB0+cd1fYzZcvdc=
Subject key identifier: 7D:0D:7D:C5:05:C5:86:A0:BF:BF:36:10:74:23:8A:30:F7:65:13:38
Certificate issuer: /CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Certificate serial: 018614A084978EB0BA65A4330580652E8C46
Authority key identifier: A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/fQ19xQXFhqC_vzYQdCOKMPdlEzg.roa
Signing time: Fri 03 Feb 2023 00:15:09 +0000
ROA not before: Fri 03 Feb 2023 00:15:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9105
IP address blocks: 213.208.64.0/18 maxlen: 24
193.218.99.0/24 maxlen: 24
212.159.128.0/18 maxlen: 24
81.178.0.0/15 maxlen: 24
85.210.0.0/15 maxlen: 24
195.112.0.0/18 maxlen: 24
79.75.0.0/16 maxlen: 24
212.139.0.0/16 maxlen: 24
80.40.0.0/13 maxlen: 24
88.104.0.0/13 maxlen: 24
212.1.128.0/19 maxlen: 24
81.170.0.0/17 maxlen: 24
82.133.0.0/17 maxlen: 24
81.1.64.0/18 maxlen: 24
83.67.0.0/16 maxlen: 24
84.12.0.0/16 maxlen: 24
212.74.96.0/19 maxlen: 24
194.247.224.0/19 maxlen: 24
79.76.0.0/14 maxlen: 24
79.66.0.0/15 maxlen: 24
62.3.192.0/18 maxlen: 24
185.175.144.0/22 maxlen: 24
194.106.32.0/19 maxlen: 24
81.6.192.0/18 maxlen: 24
89.168.128.0/17 maxlen: 24
81.86.0.0/16 maxlen: 24
79.68.0.0/14 maxlen: 24
195.149.0.0/18 maxlen: 24
195.137.0.0/17 maxlen: 24
79.73.0.0/16 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:14:a0:84:97:8e:b0:ba:65:a4:33:05:80:65:2e:8c:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Validity
Not Before: Feb 3 00:15:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7d0d7dc505c586a0bfbf361074238a30f7651338
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:44:04:6d:c8:e9:54:da:3b:65:04:cb:5a:8d:
93:d4:01:d3:9f:aa:b6:90:c0:a3:43:8f:6e:a6:04:
b3:19:62:91:5d:2c:ca:a3:05:c5:b9:9c:46:5c:f5:
b1:a0:d3:74:d2:fa:8c:19:e1:41:cd:c6:87:a2:8e:
c1:62:d1:26:02:66:06:5f:80:50:c6:2a:61:33:4f:
4e:ed:0e:91:9d:33:73:8e:ab:3f:bd:3c:7b:3f:42:
ac:2c:2e:c4:99:ba:3f:d9:fd:71:55:5b:f2:a9:49:
58:00:3b:a5:60:bd:fb:c8:ee:9f:d5:7b:04:11:99:
54:88:81:b3:82:76:68:20:6e:4c:8d:6b:03:05:f8:
1c:5e:8d:b7:ad:6d:d1:72:ae:d0:ce:ee:b4:a4:6a:
ff:86:34:a4:dc:69:e1:c0:15:d7:b1:bd:2c:6f:c2:
99:a5:70:47:9a:ff:6b:cf:a6:12:c5:2e:36:d2:e3:
fc:25:ea:8b:f3:29:0d:e3:2b:71:b9:f4:00:66:99:
da:18:a9:52:0a:b5:20:1a:b1:c2:1b:6c:02:55:ba:
b5:ac:b3:d9:d5:e9:68:75:46:c8:46:ca:73:79:8b:
3c:6e:91:9c:16:c1:60:60:c7:c4:ae:9a:be:67:7c:
8e:f6:96:fc:3e:b8:ab:18:c1:f1:80:ac:fb:d4:8c:
42:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:0D:7D:C5:05:C5:86:A0:BF:BF:36:10:74:23:8A:30:F7:65:13:38
X509v3 Authority Key Identifier:
keyid:A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/fQ19xQXFhqC_vzYQdCOKMPdlEzg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/qYB_bVDZfZcdzy4uUGTpuQets-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.3.192.0/18
79.66.0.0-79.71.255.255
79.73.0.0/16
79.75.0.0-79.79.255.255
80.40.0.0/13
81.1.64.0/18
81.6.192.0/18
81.86.0.0/16
81.170.0.0/17
81.178.0.0/15
82.133.0.0/17
83.67.0.0/16
84.12.0.0/16
85.210.0.0/15
88.104.0.0/13
89.168.128.0/17
185.175.144.0/22
193.218.99.0/24
194.106.32.0/19
194.247.224.0/19
195.112.0.0/18
195.137.0.0/17
195.149.0.0/18
212.1.128.0/19
212.74.96.0/19
212.139.0.0/16
212.159.128.0/18
213.208.64.0/18
Signature Algorithm: sha256WithRSAEncryption
21:98:cd:07:11:f0:66:c4:ac:42:51:dd:7a:94:b3:72:ca:3f:
f9:81:7c:a5:69:22:80:e0:2d:7c:5b:82:d2:ab:06:3c:c0:6c:
b9:84:a7:5d:eb:6e:5e:29:00:20:af:e9:bc:6a:0e:16:14:16:
3b:6a:62:8d:43:7c:dd:25:6c:a7:d4:c3:76:db:90:e7:1e:61:
ee:ec:5b:4a:39:68:0d:f2:d2:fb:a6:02:c2:09:25:e8:68:8e:
92:24:af:fb:7f:1d:7f:9d:c5:54:4c:e0:bf:5b:28:ac:64:b2:
d2:51:b5:8c:c8:24:56:62:c3:81:22:a8:5a:ef:16:26:5d:95:
ed:b0:78:6f:26:2f:81:1f:02:cb:64:02:dc:53:2b:d8:65:04:
ae:82:a8:95:75:bb:22:eb:e8:76:ec:d9:d7:5f:90:0e:f7:d8:
31:09:65:75:1a:c1:53:6d:eb:bc:a9:d3:e3:06:af:6b:fd:9d:
a6:07:94:5b:76:98:67:6a:23:e2:03:f1:c1:04:ed:2c:35:a2:
ec:85:08:d4:1e:b7:f1:20:b8:2b:b0:1e:22:3f:ea:2f:1e:12:
32:22:7e:7b:e4:5e:77:20:2e:b0:e6:9e:95:3c:f9:ac:66:7a:
a6:d0:44:3b:d4:cb:b5:f3:7c:78:c5:e8:1b:60:92:78:47:7b:
95:c6:9c:d6
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgISAYYUoISXjrC6ZaQzBYBlLoxGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ODA3ZjZkNTBkOTdkOTcxZGNmMmUyZTUwNjRlOWI5MDdh
ZGIzZWMwHhcNMjMwMjAzMDAxNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDBkN2RjNTA1YzU4NmEwYmZiZjM2MTA3NDIzOGEzMGY3NjUxMzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlEQEbcjpVNo7ZQTLWo2T1AHTn6q2
kMCjQ49upgSzGWKRXSzKowXFuZxGXPWxoNN00vqMGeFBzcaHoo7BYtEmAmYGX4BQ
xiphM09O7Q6RnTNzjqs/vTx7P0KsLC7Embo/2f1xVVvyqUlYADulYL37yO6f1XsE
EZlUiIGzgnZoIG5MjWsDBfgcXo23rW3Rcq7Qzu60pGr/hjSk3GnhwBXXsb0sb8KZ
pXBHmv9rz6YSxS420uP8JeqL8ykN4ytxufQAZpnaGKlSCrUgGrHCG2wCVbq1rLPZ
1elodUbIRspzeYs8bpGcFsFgYMfErpq+Z3yO9pb8PrirGMHxgKz71IxCWQIDAQAB
o4ICszCCAq8wHQYDVR0OBBYEFH0NfcUFxYagv782EHQjijD3ZRM4MB8GA1UdIwQY
MBaAFKmAf21Q2X2XHc8uLlBk6bkHrbPsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzIt
MGQ4ZjdkZDhjY2U2LzEvZlExOXhRWEZocUNfdnpZUWRDT0tNUGRsRXpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzItMGQ4ZjdkZDhjY2U2
LzEvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHIBggrBgEFBQcBBwEB/wSBuDCBtTCBsgQCAAEwgasDBAY+
A8AwCgMDAU9CAwMDT0ADAwBPSTAKAwMAT0sDAwRPQAMDA1AoAwQGUQFAAwQGUQbA
AwMAUVYDBAdRqgADAwFRsgMEB1KFAAMDAFNDAwMAVAwDAwFV0gMDA1hoAwQHWaiA
AwQCua+QAwQAwdpjAwQFwmogAwQFwvfgAwQGw3AAAwQHw4kAAwQGw5UAAwQF1AGA
AwQF1EpgAwMA1IsDBAbUn4ADBAbV0EAwDQYJKoZIhvcNAQELBQADggEBACGYzQcR
8GbErEJR3XqUs3LKP/mBfKVpIoDgLXxbgtKrBjzAbLmEp13rbl4pACCv6bxqDhYU
FjtqYo1DfN0lbKfUw3bbkOceYe7sW0o5aA3y0vumAsIJJehojpIkr/t/HX+dxVRM
4L9bKKxkstJRtYzIJFZiw4EiqFrvFiZdle2weG8mL4EfAstkAtxTK9hlBK6CqJV1
uyLr6Hbs2ddfkA732DEJZXUawVNt67yp0+MGr2v9naYHlFt2mGdqI+ID8cEE7Sw1
ouyFCNQet/EguCuwHiI/6i8eEjIifnvkXncgLrDmnpU8+axmeqbQRDvUy7XzfHjF
6BtgknhHe5XGnNY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:44 2024 by rpki-client on console-fra.rpki-client.org