Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/i6fYJ1H3JpfQXbzZhuD_W1EuGFs.roa
File: i6fYJ1H3JpfQXbzZhuD_W1EuGFs.roa (raw, json)
Hash identifier: MouuQwmHq7dYOn4GInzwMf159IsyL41NGHnR81kD7K0=
Subject key identifier: 8B:A7:D8:27:51:F7:26:97:D0:5D:BC:D9:86:E0:FF:5B:51:2E:18:5B
Certificate issuer: /CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Certificate serial: 018B421B4A0084701FB445B59C09274FF2C0
Authority key identifier: 00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/i6fYJ1H3JpfQXbzZhuD_W1EuGFs.roa
Signing time: Wed 18 Oct 2023 09:26:06 +0000
ROA not before: Wed 18 Oct 2023 09:26:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.81.181.0/24 maxlen: 24
185.81.180.0/23 maxlen: 23
93.114.61.0/24 maxlen: 24
89.46.10.0/24 maxlen: 24
89.46.11.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:42:1b:4a:00:84:70:1f:b4:45:b5:9c:09:27:4f:f2:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Validity
Not Before: Oct 18 09:26:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ba7d82751f72697d05dbcd986e0ff5b512e185b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:34:91:9b:3e:84:d9:46:8d:0f:18:de:c2:b3:
60:71:19:93:64:9c:b1:f9:52:66:38:42:38:42:d6:
c8:3c:94:29:c8:e5:d1:a8:0c:aa:3d:3d:0d:f4:47:
25:a6:e6:f5:fa:02:76:f2:66:05:61:d5:d8:f8:d4:
4b:ae:88:a6:35:4d:fb:d9:7e:15:d0:2d:b0:44:65:
42:29:62:4b:fa:f1:f5:f4:ad:9c:e2:7f:20:e9:9b:
df:40:0a:e0:79:a8:cc:cd:cf:ca:10:7b:2e:43:09:
52:17:9e:5a:a1:e4:03:b9:ca:ce:6a:85:5a:cc:5c:
19:fc:97:83:34:70:80:f6:c0:6f:ae:5f:57:4f:33:
c9:15:12:d1:bd:c5:17:e9:61:a3:fb:8e:1c:1f:b6:
a9:3f:a4:ee:1b:14:ca:0a:00:05:8f:0b:d3:ac:bc:
7b:a3:72:15:31:a3:a6:20:be:2a:12:c0:9f:33:ae:
22:55:58:94:bb:1e:b3:38:a4:b0:27:13:1d:27:43:
03:85:c2:65:dd:68:a9:44:2f:ce:c7:10:1a:57:d7:
ad:8e:ed:18:b4:56:52:bd:b1:ea:96:ea:20:71:62:
68:93:f7:d5:15:01:99:7f:f3:5b:78:36:9e:02:10:
7e:d8:46:85:98:13:dd:10:40:89:8d:46:ea:48:a1:
c1:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:A7:D8:27:51:F7:26:97:D0:5D:BC:D9:86:E0:FF:5B:51:2E:18:5B
X509v3 Authority Key Identifier:
keyid:00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/i6fYJ1H3JpfQXbzZhuD_W1EuGFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/AK_2tO_-fDY-8gD28-WIi5FbpoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.10.0/23
93.114.61.0/24
185.81.180.0/23
Signature Algorithm: sha256WithRSAEncryption
01:d5:c7:bc:bd:15:85:b8:8e:4e:94:0e:0f:01:72:29:ce:81:
e2:2a:b5:6a:55:d6:ae:64:ea:26:ab:c4:e2:3d:a4:0c:f0:6c:
04:e2:8f:45:01:17:13:c2:e7:04:8d:75:04:b1:d2:5e:0c:aa:
b7:75:fb:a6:70:1e:57:00:1b:dc:d1:14:cb:df:a4:7e:26:61:
03:e7:ae:e0:e1:96:f6:29:76:aa:17:cc:a9:82:c7:b2:d3:5b:
36:4a:49:b7:a8:a2:0b:a3:15:cd:f1:5b:6f:19:31:3c:50:a9:
c4:72:bb:ec:23:aa:bc:18:f6:b5:d2:2c:04:86:3f:1f:6d:fe:
81:58:2c:01:c1:7e:bf:32:6a:d6:2d:ec:1c:20:51:04:8c:33:
5f:e5:13:ff:bb:31:e7:17:03:54:63:ed:fd:88:12:97:41:f5:
72:f8:e4:1a:f3:29:cd:7c:9a:e7:f6:16:11:7f:36:9f:7b:fa:
5c:a1:65:40:26:65:5d:52:49:09:28:41:2d:fa:92:3f:ef:a8:
e1:21:e2:7e:10:b8:b9:4d:f2:94:c9:b1:7b:6f:e3:02:54:75:
12:9f:22:e7:98:d0:f3:05:0f:ec:a3:02:9f:63:50:43:11:15:
96:98:74:8e:1d:cc:d1:b9:f1:4e:f7:06:f6:ac:11:ba:08:ab:
2e:7f:0d:ce
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYtCG0oAhHAftEW1nAknT/LAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYWZmNmI0ZWZmZTdjMzYzZWYyMDBmNmYzZTU4ODhiOTE1
YmE2ODEwHhcNMjMxMDE4MDkyNjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmE3ZDgyNzUxZjcyNjk3ZDA1ZGJjZDk4NmUwZmY1YjUxMmUxODViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgzSRmz6E2UaNDxjewrNgcRmTZJyx
+VJmOEI4QtbIPJQpyOXRqAyqPT0N9Eclpub1+gJ28mYFYdXY+NRLroimNU372X4V
0C2wRGVCKWJL+vH19K2c4n8g6ZvfQArgeajMzc/KEHsuQwlSF55aoeQDucrOaoVa
zFwZ/JeDNHCA9sBvrl9XTzPJFRLRvcUX6WGj+44cH7apP6TuGxTKCgAFjwvTrLx7
o3IVMaOmIL4qEsCfM64iVViUux6zOKSwJxMdJ0MDhcJl3WipRC/OxxAaV9etju0Y
tFZSvbHqluogcWJok/fVFQGZf/NbeDaeAhB+2EaFmBPdEECJjUbqSKHB2wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIun2CdR9yaX0F282Ybg/1tRLhhbMB8GA1UdIwQY
MBaAFACv9rTv/nw2PvIA9vPliIuRW6aBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMt
YTg3NzNkZTc2OGY3LzEvaTZmWUoxSDNKcGZRWGJ6Wmh1RF9XMUV1R0ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMtYTg3NzNkZTc2OGY3
LzEvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBWS4KAwQA
XXI9AwQBuVG0MA0GCSqGSIb3DQEBCwUAA4IBAQAB1ce8vRWFuI5OlA4PAXIpzoHi
KrVqVdauZOomq8TiPaQM8GwE4o9FARcTwucEjXUEsdJeDKq3dfumcB5XABvc0RTL
36R+JmED567g4Zb2KXaqF8ypgsey01s2Skm3qKILoxXN8VtvGTE8UKnEcrvsI6q8
GPa10iwEhj8fbf6BWCwBwX6/MmrWLewcIFEEjDNf5RP/uzHnFwNUY+39iBKXQfVy
+OQa8ynNfJrn9hYRfzafe/pcoWVAJmVdUkkJKEEt+pI/76jhIeJ+ELi5TfKUybF7
b+MCVHUSnyLnmNDzBQ/sowKfY1BDERWWmHSOHczRufFO9wb2rBG6CKsufw3O
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:11:17 2025 by rpki-client