Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/6chc3EvBVSb4yIEm60Hywz8X0-8.roa
File: 6chc3EvBVSb4yIEm60Hywz8X0-8.roa (raw, json)
Hash identifier: +zw477qs4U+zjsx3z/NpU6hoaFl0vMCMeLIFMKlq30k=
Subject key identifier: E9:C8:5C:DC:4B:C1:55:26:F8:C8:81:26:EB:41:F2:C3:3F:17:D3:EF
Certificate issuer: /CN=29be02dea0a086e9880f564c86872bbc597cc672
Certificate serial: 0184809F393DF317D10924343D21DBDB7139
Authority key identifier: 29:BE:02:DE:A0:A0:86:E9:88:0F:56:4C:86:87:2B:BC:59:7C:C6:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kb4C3qCghumID1ZMhocrvFl8xnI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/6chc3EvBVSb4yIEm60Hywz8X0-8.roa
Signing time: Wed 16 Nov 2022 13:27:09 +0000
ROA not before: Wed 16 Nov 2022 13:27:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9002
IP address blocks: 139.45.192.0/19 maxlen: 19
139.45.192.0/18 maxlen: 18
87.245.192.0/18 maxlen: 18
87.245.208.0/20 maxlen: 20
87.245.208.0/21 maxlen: 21
185.82.8.0/22 maxlen: 22
87.245.224.0/19 maxlen: 19
139.45.224.0/19 maxlen: 19
2a02:2d8::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:80:9f:39:3d:f3:17:d1:09:24:34:3d:21:db:db:71:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29be02dea0a086e9880f564c86872bbc597cc672
Validity
Not Before: Nov 16 13:27:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e9c85cdc4bc15526f8c88126eb41f2c33f17d3ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:16:c7:f1:07:e9:71:83:9b:bc:03:a6:23:14:
c8:c5:d1:3d:1f:26:68:9e:70:d9:a5:c2:3a:25:49:
0a:37:5c:cd:50:c1:06:b5:64:71:89:a4:bc:3c:90:
14:e7:c6:08:f7:04:03:e4:3a:10:5b:e9:e5:20:0e:
56:fc:0e:e9:a9:61:3d:93:d2:ea:14:17:79:93:b4:
20:39:56:75:a6:5e:09:00:13:b7:2c:2b:05:b0:25:
0d:c9:1f:09:d7:07:df:39:82:ee:c9:7a:6d:6a:55:
ab:f1:33:0e:10:d1:6e:1c:3e:aa:15:0d:7d:39:45:
55:80:eb:26:21:f5:51:e8:95:2b:29:6a:a1:9e:cf:
1c:39:f5:04:6e:d6:8f:5e:18:02:49:de:0f:24:6e:
f5:43:46:94:1d:b9:b0:e5:e5:f2:2a:95:71:3d:df:
c7:d1:71:41:29:23:b4:ba:86:21:2f:85:5e:eb:84:
ee:41:9e:01:c8:0d:59:41:cb:81:1b:b3:03:72:16:
f8:3c:ba:80:97:18:ef:cd:f0:31:72:43:dd:ae:aa:
2f:28:6d:5e:d2:8d:6a:24:7b:4a:e4:35:3c:2e:eb:
de:8f:60:92:cd:2b:fd:2e:b7:c7:a6:16:c9:7e:dd:
83:b3:97:5a:22:8b:f1:33:df:d5:cd:29:33:77:52:
b3:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:C8:5C:DC:4B:C1:55:26:F8:C8:81:26:EB:41:F2:C3:3F:17:D3:EF
X509v3 Authority Key Identifier:
keyid:29:BE:02:DE:A0:A0:86:E9:88:0F:56:4C:86:87:2B:BC:59:7C:C6:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kb4C3qCghumID1ZMhocrvFl8xnI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/6chc3EvBVSb4yIEm60Hywz8X0-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/Kb4C3qCghumID1ZMhocrvFl8xnI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.245.192.0/18
139.45.192.0/18
185.82.8.0/22
IPv6:
2a02:2d8::/32
Signature Algorithm: sha256WithRSAEncryption
2d:c9:0a:0c:e6:af:45:72:ea:2d:48:f4:94:93:0e:bf:00:ad:
13:02:46:b1:b3:3a:61:21:9b:4f:6a:74:0e:73:63:b4:e6:a0:
01:f0:b7:bc:6c:29:d1:d7:a9:0c:a5:2e:48:95:53:29:f0:ea:
2f:8b:68:cc:e4:77:1e:da:fd:b0:28:32:2a:05:8d:e0:82:3d:
76:d7:27:d4:a4:73:4c:70:10:ba:83:6e:cc:b2:18:8e:2a:f8:
76:b7:9c:92:b9:be:b2:21:73:9e:16:89:b8:6e:d5:23:d5:f0:
84:5c:ac:7e:71:4f:c7:b8:f7:63:26:25:38:8b:bf:b1:61:97:
85:dd:71:0d:28:83:d1:bb:34:78:2f:eb:60:84:e2:13:e4:36:
09:60:f1:e7:5e:28:74:f0:59:68:6e:2a:71:30:ec:c8:60:3f:
e7:12:d3:41:68:10:bb:df:80:93:28:3d:dd:d1:8e:d1:bd:63:
d1:33:b4:d8:a8:6d:fe:7e:ad:1e:1d:ec:e0:6b:b9:c0:28:ae:
a7:0c:c6:be:21:5d:b2:f3:04:b1:2d:93:ba:a8:10:6d:d0:2f:
33:fa:6a:21:45:4a:33:a8:91:3e:69:f8:43:e2:41:9f:76:7e:
46:a3:7d:6d:7a:a7:d4:fa:0c:49:69:4c:d9:51:7b:cd:99:16:
35:c2:41:f4
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYSAnzk98xfRCSQ0PSHb23E5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YmUwMmRlYTBhMDg2ZTk4ODBmNTY0Yzg2ODcyYmJjNTk3
Y2M2NzIwHhcNMjIxMTE2MTMyNzA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWM4NWNkYzRiYzE1NTI2ZjhjODgxMjZlYjQxZjJjMzNmMTdkM2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxbH8QfpcYObvAOmIxTIxdE9HyZo
nnDZpcI6JUkKN1zNUMEGtWRxiaS8PJAU58YI9wQD5DoQW+nlIA5W/A7pqWE9k9Lq
FBd5k7QgOVZ1pl4JABO3LCsFsCUNyR8J1wffOYLuyXptalWr8TMOENFuHD6qFQ19
OUVVgOsmIfVR6JUrKWqhns8cOfUEbtaPXhgCSd4PJG71Q0aUHbmw5eXyKpVxPd/H
0XFBKSO0uoYhL4Ve64TuQZ4ByA1ZQcuBG7MDchb4PLqAlxjvzfAxckPdrqovKG1e
0o1qJHtK5DU8Luvej2CSzSv9LrfHphbJft2Ds5daIovxM9/VzSkzd1KzBQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOnIXNxLwVUm+MiBJutB8sM/F9PvMB8GA1UdIwQY
MBaAFCm+At6goIbpiA9WTIaHK7xZfMZyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2I0QzNxQ2dodW1JRDFaTWhvY3J2Rmw4eG5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9lYTFjZmYtYWU4Zi00NzE5LTg5YjMt
MDAzYTE1NjhiZjNmLzEvNmNoYzNFdkJWU2I0eUlFbTYwSHl3ejhYMC04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9lYTFjZmYtYWU4Zi00NzE5LTg5YjMtMDAzYTE1NjhiZjNm
LzEvS2I0QzNxQ2dodW1JRDFaTWhvY3J2Rmw4eG5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQGV/XAAwQG
iy3AAwQCuVIIMA0EAgACMAcDBQAqAgLYMA0GCSqGSIb3DQEBCwUAA4IBAQAtyQoM
5q9FcuotSPSUkw6/AK0TAkaxszphIZtPanQOc2O05qAB8Le8bCnR16kMpS5IlVMp
8Oovi2jM5Hce2v2wKDIqBY3ggj121yfUpHNMcBC6g27MshiOKvh2t5ySub6yIXOe
Fom4btUj1fCEXKx+cU/HuPdjJiU4i7+xYZeF3XENKIPRuzR4L+tghOIT5DYJYPHn
Xih08FlobipxMOzIYD/nEtNBaBC734CTKD3d0Y7RvWPRM7TYqG3+fq0eHezga7nA
KK6nDMa+IV2y8wSxLZO6qBBt0C8z+mohRUozqJE+afhD4kGfdn5Go31teqfU+gxJ
aUzZUXvNmRY1wkH0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:09 2024 by rpki-client on console-ams.rpki-client.org