Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/qAR_MEPyftJu1Dj98QjOr9Q7Yw4.roa
File: qAR_MEPyftJu1Dj98QjOr9Q7Yw4.roa (raw, json)
Hash identifier: /vXf1cICRvMXETtK06i78u19Iv/F08A/y3yOwyqGMR4=
Subject key identifier: A8:04:7F:30:43:F2:7E:D2:6E:D4:38:FD:F1:08:CE:AF:D4:3B:63:0E
Certificate issuer: /CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Certificate serial: 018B802B7E56435BEC644B52635AB197D605
Authority key identifier: 00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/qAR_MEPyftJu1Dj98QjOr9Q7Yw4.roa
Signing time: Mon 30 Oct 2023 10:40:15 +0000
ROA not before: Mon 30 Oct 2023 10:40:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.81.180.0/23 maxlen: 23
93.114.61.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:80:2b:7e:56:43:5b:ec:64:4b:52:63:5a:b1:97:d6:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Validity
Not Before: Oct 30 10:40:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8047f3043f27ed26ed438fdf108ceafd43b630e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:fd:35:58:5d:92:2c:cd:35:65:ce:7f:27:ea:
2d:4b:fb:74:13:1b:f5:3f:eb:c9:96:20:d4:73:cf:
74:af:c0:f6:70:a1:6b:6a:9f:af:fa:55:95:15:f2:
12:62:13:27:00:b9:d1:6e:cb:bc:42:7e:65:af:ed:
cc:f5:c4:ff:94:4f:60:a6:62:ce:4a:bc:b5:90:c2:
b6:b4:13:f8:06:97:bb:71:6f:6b:cd:eb:13:f1:75:
b9:f6:48:88:27:3e:08:a3:59:6d:b8:d0:1f:fe:fa:
06:87:35:85:0f:d2:e9:55:a6:de:37:d5:5b:8c:bd:
20:01:a4:5a:cc:c3:69:79:a4:bb:2b:9b:e6:29:8f:
13:9e:f8:7a:f8:0a:42:bf:3b:27:8a:f0:0e:f1:07:
6d:9e:c1:10:5e:3f:81:eb:3d:16:32:61:1d:06:c5:
24:02:a9:07:05:1b:13:8f:96:ee:50:ee:f2:d3:55:
99:9f:ae:83:76:81:4f:21:97:3b:c7:db:a1:88:8d:
fe:b0:ac:44:89:ac:89:62:0d:d3:66:37:54:c1:f3:
6a:2d:3d:de:4f:ca:72:ce:d9:d7:74:6c:38:ef:94:
ad:de:61:ef:b0:27:1d:b2:ba:2d:54:5d:61:6a:c8:
fa:50:1f:cc:1a:82:8a:41:ef:24:4f:91:66:76:6c:
ce:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:04:7F:30:43:F2:7E:D2:6E:D4:38:FD:F1:08:CE:AF:D4:3B:63:0E
X509v3 Authority Key Identifier:
keyid:00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/qAR_MEPyftJu1Dj98QjOr9Q7Yw4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/AK_2tO_-fDY-8gD28-WIi5FbpoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.114.61.0/24
185.81.180.0/23
Signature Algorithm: sha256WithRSAEncryption
64:ea:65:4f:ce:8d:c0:ab:58:a1:41:d9:e2:d0:88:51:35:e3:
ae:c5:51:5d:8b:b9:2f:8e:f6:95:5f:65:f1:08:bd:97:85:54:
2f:42:19:7a:96:47:79:c2:b9:6a:9f:69:29:b6:42:d1:a8:7c:
37:01:e7:c3:4b:51:fa:61:52:ab:7d:8d:ab:13:0a:b0:66:fc:
b0:42:b4:39:33:94:2d:a8:64:1d:9f:d9:0a:78:85:ad:5b:d9:
ec:c0:73:be:31:8c:e6:d8:58:b0:af:3c:f0:d7:ca:eb:e3:2c:
49:bb:78:0f:82:cd:ee:24:98:e1:ba:bd:64:d7:91:65:bc:24:
d6:23:21:f9:ab:37:69:1d:ab:63:75:44:a7:dd:9d:18:0f:6a:
9d:35:00:35:5e:ee:fd:ac:6f:96:02:ed:a7:de:89:55:30:cd:
ad:4b:85:63:af:dd:df:79:86:7b:23:67:eb:0b:fb:b7:1b:d7:
5c:13:cc:75:1a:d2:02:18:8b:8a:37:38:90:aa:c2:87:f1:a5:
54:58:0e:44:ba:88:fb:ea:9a:07:77:7a:cc:df:6a:7f:c8:6a:
d7:ff:43:10:01:0e:ef:d8:f5:95:d4:03:a9:ee:6c:2f:7e:ce:
3b:98:c1:cb:f7:5d:4e:c5:af:b7:cb:09:93:bc:f0:b4:39:ad:
ed:73:52:74
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYuAK35WQ1vsZEtSY1qxl9YFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYWZmNmI0ZWZmZTdjMzYzZWYyMDBmNmYzZTU4ODhiOTE1
YmE2ODEwHhcNMjMxMDMwMTA0MDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODA0N2YzMDQzZjI3ZWQyNmVkNDM4ZmRmMTA4Y2VhZmQ0M2I2MzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgf01WF2SLM01Zc5/J+otS/t0Exv1
P+vJliDUc890r8D2cKFrap+v+lWVFfISYhMnALnRbsu8Qn5lr+3M9cT/lE9gpmLO
Sry1kMK2tBP4Bpe7cW9rzesT8XW59kiIJz4Io1ltuNAf/voGhzWFD9LpVabeN9Vb
jL0gAaRazMNpeaS7K5vmKY8Tnvh6+ApCvzsnivAO8QdtnsEQXj+B6z0WMmEdBsUk
AqkHBRsTj5buUO7y01WZn66DdoFPIZc7x9uhiI3+sKxEiayJYg3TZjdUwfNqLT3e
T8pyztnXdGw475St3mHvsCcdsrotVF1hasj6UB/MGoKKQe8kT5FmdmzOEwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKgEfzBD8n7SbtQ4/fEIzq/UO2MOMB8GA1UdIwQY
MBaAFACv9rTv/nw2PvIA9vPliIuRW6aBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMt
YTg3NzNkZTc2OGY3LzEvcUFSX01FUHlmdEp1MURqOThRak9yOVE3WXc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMtYTg3NzNkZTc2OGY3
LzEvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXXI9AwQB
uVG0MA0GCSqGSIb3DQEBCwUAA4IBAQBk6mVPzo3Aq1ihQdni0IhRNeOuxVFdi7kv
jvaVX2XxCL2XhVQvQhl6lkd5wrlqn2kptkLRqHw3AefDS1H6YVKrfY2rEwqwZvyw
QrQ5M5QtqGQdn9kKeIWtW9nswHO+MYzm2Fiwrzzw18rr4yxJu3gPgs3uJJjhur1k
15FlvCTWIyH5qzdpHatjdUSn3Z0YD2qdNQA1Xu79rG+WAu2n3olVMM2tS4Vjr93f
eYZ7I2frC/u3G9dcE8x1GtICGIuKNziQqsKH8aVUWA5Euoj76poHd3rM32p/yGrX
/0MQAQ7v2PWV1AOp7mwvfs47mMHL911Oxa+3ywmTvPC0Oa3tc1J0
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:59 2025 by rpki-client