Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/j82_3SZTrtHRSgC232VzGXzKpGQ.roa
File: j82_3SZTrtHRSgC232VzGXzKpGQ.roa (raw, json)
Hash identifier: s/0Vs/b+h2ZEb6N7vD7ct4u82CF87I1q29Rm2O2MmGk=
Subject key identifier: 8F:CD:BF:DD:26:53:AE:D1:D1:4A:00:B6:DF:65:73:19:7C:CA:A4:64
Certificate issuer: /CN=8db34774b01979284fd9e754fea68fa3c61783d0
Certificate serial: 019096B1D2F9CE47C86CEF95279C4CC61EB2
Authority key identifier: 8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/j82_3SZTrtHRSgC232VzGXzKpGQ.roa
Signing time: Tue 09 Jul 2024 08:52:34 +0000
ROA not before: Tue 09 Jul 2024 08:52:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202505
IP address blocks: 84.54.14.0/24 maxlen: 24
86.104.14.0/24 maxlen: 24
89.43.78.0/24 maxlen: 24
176.98.42.0/24 maxlen: 24
176.98.43.0/24 maxlen: 24
185.81.152.0/24 maxlen: 24
185.81.153.0/24 maxlen: 24
185.81.154.0/24 maxlen: 24
185.81.155.0/24 maxlen: 24
193.31.117.0/24 maxlen: 24
193.31.119.0/24 maxlen: 24
2a05:88c0::/32 maxlen: 32
2a05:88c1::/32 maxlen: 32
2a05:88c2::/32 maxlen: 32
2a05:88c3::/32 maxlen: 32
2a05:88c4::/32 maxlen: 32
2a05:88c5::/32 maxlen: 32
2a05:88c6::/32 maxlen: 32
2a05:88c7::/32 maxlen: 32
2a06:f7c0::/32 maxlen: 32
2a06:f7c1::/32 maxlen: 32
2a06:f7c2::/32 maxlen: 32
2a06:f7c3::/32 maxlen: 32
2a06:f7c4::/32 maxlen: 32
2a06:f7c5::/32 maxlen: 32
2a06:f7c6::/32 maxlen: 32
2a06:f7c7::/32 maxlen: 32
2a10:3300::/32 maxlen: 32
2a10:3301::/32 maxlen: 32
2a10:3302::/32 maxlen: 32
2a10:3303::/32 maxlen: 32
2a10:3304::/32 maxlen: 32
2a10:3305::/32 maxlen: 32
2a10:3306::/32 maxlen: 32
2a10:3307::/32 maxlen: 32
2a10:7f40::/32 maxlen: 32
2a10:7f41::/32 maxlen: 32
2a10:7f42::/32 maxlen: 32
2a10:7f43::/32 maxlen: 32
2a10:7f44::/32 maxlen: 32
2a10:7f45::/32 maxlen: 32
2a10:7f46::/32 maxlen: 32
2a10:7f47::/32 maxlen: 32
2a10:7fc0::/32 maxlen: 32
2a10:7fc1::/32 maxlen: 32
2a10:7fc2::/32 maxlen: 32
2a10:7fc3::/32 maxlen: 32
2a10:7fc4::/32 maxlen: 32
2a10:7fc5::/32 maxlen: 32
2a10:7fc6::/32 maxlen: 32
2a10:7fc7::/32 maxlen: 32
2a11:d100::/32 maxlen: 32
2a11:d101::/32 maxlen: 32
2a11:d102::/32 maxlen: 32
2a11:d103::/32 maxlen: 32
2a11:d104::/32 maxlen: 32
2a11:d105::/32 maxlen: 32
2a11:d106::/32 maxlen: 32
2a11:d107::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:96:b1:d2:f9:ce:47:c8:6c:ef:95:27:9c:4c:c6:1e:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8db34774b01979284fd9e754fea68fa3c61783d0
Validity
Not Before: Jul 9 08:52:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8fcdbfdd2653aed1d14a00b6df6573197ccaa464
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:1b:59:07:75:e6:9d:05:09:ca:1b:9b:55:c0:
6d:12:3b:6b:7f:98:2c:33:f0:da:12:67:c4:ad:d4:
9d:2a:24:8a:a3:8f:89:b2:93:44:9f:93:ca:08:f5:
71:27:f3:b5:54:1a:0a:35:0b:99:5c:99:ea:c1:55:
d7:0d:61:e2:cd:4f:4c:ed:56:f8:4a:b1:30:d8:16:
d2:1e:12:bb:a0:b3:3a:b3:f9:0d:0c:ba:1c:55:4b:
31:2a:4e:88:e0:6e:8f:c8:c1:fd:84:6f:d3:e5:a6:
60:27:6d:21:79:5f:83:6b:ac:63:42:c0:de:cd:be:
17:7f:dc:c0:b5:ec:2d:37:2a:67:92:5d:d3:80:62:
a0:c1:84:b8:60:f5:28:5a:98:ad:de:7d:33:1e:bf:
e3:01:14:96:fd:08:05:6f:d0:90:28:6a:c4:0b:4f:
20:41:ae:a4:6b:07:5a:37:8c:9d:72:b3:ed:d6:e7:
a9:b5:58:07:76:49:a0:3b:36:c1:c1:d9:1e:dd:f7:
52:a3:2f:1b:75:9f:46:e9:f6:8d:fd:20:03:3e:12:
73:09:4a:19:64:81:05:f7:55:6e:5e:ef:76:8c:90:
3d:90:b0:8f:eb:29:ad:78:88:6f:3a:ab:21:3f:1f:
fa:07:73:99:7a:35:aa:65:3e:34:81:b3:9d:b1:00:
5d:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:CD:BF:DD:26:53:AE:D1:D1:4A:00:B6:DF:65:73:19:7C:CA:A4:64
X509v3 Authority Key Identifier:
keyid:8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/j82_3SZTrtHRSgC232VzGXzKpGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/jbNHdLAZeShP2edU_qaPo8YXg9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.54.14.0/24
86.104.14.0/24
89.43.78.0/24
176.98.42.0/23
185.81.152.0/22
193.31.117.0/24
193.31.119.0/24
IPv6:
2a05:88c0::/29
2a06:f7c0::/29
2a10:3300::/29
2a10:7f40::/29
2a10:7fc0::/29
2a11:d100::/29
Signature Algorithm: sha256WithRSAEncryption
76:4f:2d:60:e4:b5:2c:12:ae:fb:de:fe:82:e4:2a:f5:c4:05:
e5:2a:1a:d9:85:92:19:2d:f0:17:4b:2b:e9:0b:85:62:64:47:
34:25:f8:66:0a:a2:b2:b8:27:c2:16:9c:9e:bb:cc:f2:78:22:
09:10:f8:55:bd:50:fe:e6:71:16:67:c6:da:7c:25:72:61:61:
89:53:27:a7:54:32:da:e9:f7:d9:c5:c8:6e:2c:58:36:93:0e:
db:11:29:bd:a9:88:62:e3:5f:c9:09:5e:80:3c:ac:d4:40:2f:
5b:91:36:09:ed:1d:66:8d:f8:7a:8e:e2:e7:10:8a:ab:ca:fe:
79:28:a7:a5:e6:a5:06:0b:bb:23:25:e4:4a:16:5a:f7:45:05:
00:e4:d3:c7:3a:5f:7f:cf:b6:e3:51:55:f7:ce:93:d8:39:b1:
4a:56:61:af:fb:93:62:db:e7:a0:36:ca:92:a5:6a:30:14:8c:
f7:06:7d:b3:b5:82:8d:68:d6:ca:76:fb:52:a3:08:8e:e6:43:
2e:30:4e:28:18:56:9f:4d:68:23:77:3c:f8:fa:a5:bb:ca:6d:
4c:a7:df:88:7b:24:16:45:65:45:1a:84:c3:ff:69:2a:fa:93:
87:c5:2f:81:38:17:4b:60:94:1d:a7:98:8d:7b:14:fc:7e:16:
55:eb:8e:6a
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZCWsdL5zkfIbO+VJ5xMxh6yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYjM0Nzc0YjAxOTc5Mjg0ZmQ5ZTc1NGZlYTY4ZmEzYzYx
NzgzZDAwHhcNMjQwNzA5MDg1MjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmNkYmZkZDI2NTNhZWQxZDE0YTAwYjZkZjY1NzMxOTdjY2FhNDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxtZB3XmnQUJyhubVcBtEjtrf5gs
M/DaEmfErdSdKiSKo4+JspNEn5PKCPVxJ/O1VBoKNQuZXJnqwVXXDWHizU9M7Vb4
SrEw2BbSHhK7oLM6s/kNDLocVUsxKk6I4G6PyMH9hG/T5aZgJ20heV+Da6xjQsDe
zb4Xf9zAtewtNypnkl3TgGKgwYS4YPUoWpit3n0zHr/jARSW/QgFb9CQKGrEC08g
Qa6kawdaN4ydcrPt1ueptVgHdkmgOzbBwdke3fdSoy8bdZ9G6faN/SADPhJzCUoZ
ZIEF91VuXu92jJA9kLCP6ymteIhvOqshPx/6B3OZejWqZT40gbOdsQBdrQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFI/Nv90mU67R0UoAtt9lcxl8yqRkMB8GA1UdIwQY
MBaAFI2zR3SwGXkoT9nnVP6mj6PGF4PQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGIt
NjI2NTUyMWY2ZGY3LzEvajgyXzNTWlRydEhSU2dDMjMyVnpHWHpLcEdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGItNjI2NTUyMWY2ZGY3
LzEvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDAwBAIAATAqAwQAVDYOAwQA
VmgOAwQAWStOAwQBsGIqAwQCuVGYAwQAwR91AwQAwR93MDAEAgACMCoDBQMqBYjA
AwUDKgb3wAMFAyoQMwADBQMqEH9AAwUDKhB/wAMFAyoR0QAwDQYJKoZIhvcNAQEL
BQADggEBAHZPLWDktSwSrvve/oLkKvXEBeUqGtmFkhkt8BdLK+kLhWJkRzQl+GYK
orK4J8IWnJ67zPJ4IgkQ+FW9UP7mcRZnxtp8JXJhYYlTJ6dUMtrp99nFyG4sWDaT
DtsRKb2piGLjX8kJXoA8rNRAL1uRNgntHWaN+HqO4ucQiqvK/nkop6XmpQYLuyMl
5EoWWvdFBQDk08c6X3/PtuNRVffOk9g5sUpWYa/7k2Lb56A2ypKlajAUjPcGfbO1
go1o1sp2+1KjCI7mQy4wTigYVp9NaCN3PPj6pbvKbUyn34h7JBZFZUUahMP/aSr6
k4fFL4E4F0tglB2nmI17FPx+FlXrjmo=
-----END CERTIFICATE-----
Generated at Fri Apr 18 19:20:06 2025 by rpki-client