Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/Az4zhyGy73DVX8-rB_2JmVihEdc.roa
File: Az4zhyGy73DVX8-rB_2JmVihEdc.roa (raw, json)
Hash identifier: tR+882vn2VwZQWAgFlaDYTscE5zc1x/HoaBkEakqcFE=
Subject key identifier: 03:3E:33:87:21:B2:EF:70:D5:5F:CF:AB:07:FD:89:99:58:A1:11:D7
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 01878F3222C5967E65A7B8EC7B737ACBDE80
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/Az4zhyGy73DVX8-rB_2JmVihEdc.roa
Signing time: Mon 17 Apr 2023 12:30:40 +0000
ROA not before: Mon 17 Apr 2023 12:30:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58061
IP address blocks: 194.93.3.0/24 maxlen: 24
91.243.189.0/24 maxlen: 24
77.83.193.0/24 maxlen: 24
212.107.26.0/24 maxlen: 24
78.142.238.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:8f:32:22:c5:96:7e:65:a7:b8:ec:7b:73:7a:cb:de:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Apr 17 12:30:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=033e338721b2ef70d55fcfab07fd899958a111d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:4e:55:37:9d:66:11:4e:f6:25:2c:b2:8a:64:
d6:87:83:62:27:c1:85:e0:7b:72:7b:88:11:e4:54:
c7:59:40:b0:fc:09:e9:f6:97:d0:02:b0:e8:eb:cb:
b1:14:8b:be:5c:53:b5:1a:35:7e:42:41:0f:d7:c0:
48:dc:bf:8d:11:2f:6c:bd:11:50:89:1d:35:63:7e:
2d:c5:c4:9f:15:4e:1e:f7:d2:0a:b9:62:87:79:06:
ab:33:d7:a0:26:40:9a:3b:42:3b:3e:87:04:fc:1f:
ca:7d:87:69:e1:5d:ad:1d:e2:77:ed:ec:0c:1c:3f:
2c:3b:ba:d9:f2:a4:3c:5b:16:da:20:07:fd:b6:1e:
50:75:c6:55:05:2d:ab:60:22:9f:e1:f3:e0:8f:7e:
1b:6c:ed:dc:4e:5e:bf:ef:59:41:fa:d4:d1:5c:24:
e2:d5:0a:83:c0:81:c0:6d:54:27:0f:35:0b:3e:bb:
68:d3:d3:bf:ac:9a:10:28:f2:ff:b6:ce:73:f1:ac:
ce:8d:a6:b9:3e:1f:ba:43:d2:0f:77:20:2c:35:54:
0b:5c:c8:9f:f4:e5:b0:2d:63:ef:09:86:43:16:fe:
5c:df:d3:b2:82:85:cc:d0:60:d7:d7:97:2e:1c:af:
f1:a1:b3:ba:d2:2c:2e:52:3e:8a:22:fe:55:a2:a2:
17:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:3E:33:87:21:B2:EF:70:D5:5F:CF:AB:07:FD:89:99:58:A1:11:D7
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/Az4zhyGy73DVX8-rB_2JmVihEdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.193.0/24
78.142.238.0/24
91.243.189.0/24
194.93.3.0/24
212.107.26.0/24
Signature Algorithm: sha256WithRSAEncryption
80:56:fa:a2:9a:60:2c:e9:98:0e:25:8f:83:a7:97:06:22:ea:
7f:48:b4:76:45:f3:da:98:3c:52:ce:7e:4d:ac:02:e8:a8:66:
e7:0d:5e:46:a1:b7:48:8a:b9:6a:e4:72:10:f2:80:fc:3d:74:
bb:08:c4:ce:4a:23:49:98:ef:d6:36:53:9d:07:a3:51:f2:c3:
46:d0:0e:8d:8a:50:ad:14:9e:6e:50:cd:aa:ff:6a:8e:c4:02:
0e:e6:3a:7e:5d:89:b6:e1:5e:b8:23:34:86:fe:b1:f2:8c:b0:
0a:f0:b7:27:c7:ed:70:c1:44:9e:99:38:f0:8c:42:b1:b8:ee:
51:b0:2b:81:9a:81:f4:4a:12:8e:fc:a2:79:92:60:ba:f9:c3:
8e:f3:de:9e:41:f4:3a:8c:65:f9:ef:92:03:d1:b2:e6:5c:5c:
f4:98:fc:bf:a7:62:a9:f1:46:4c:13:a9:70:dc:a0:4b:25:06:
1b:72:7f:8a:8d:2b:78:f9:51:96:9a:82:ea:12:06:f3:16:88:
60:34:d8:20:b5:1c:5a:25:c7:80:0e:ef:42:b9:1f:3c:68:69:
54:01:dd:07:4c:ba:51:d3:fb:7d:67:11:7b:bf:b8:12:9c:e3:
e0:3a:40:ec:48:34:7b:5d:d4:3a:0a:4a:25:ae:df:cb:6e:6e:
bc:1a:e3:a3
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYePMiLFln5lp7jse3N6y96AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjMwNDE3MTIzMDQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzNlMzM4NzIxYjJlZjcwZDU1ZmNmYWIwN2ZkODk5OTU4YTExMWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk05VN51mEU72JSyyimTWh4NiJ8GF
4Htye4gR5FTHWUCw/Anp9pfQArDo68uxFIu+XFO1GjV+QkEP18BI3L+NES9svRFQ
iR01Y34txcSfFU4e99IKuWKHeQarM9egJkCaO0I7PocE/B/KfYdp4V2tHeJ37ewM
HD8sO7rZ8qQ8WxbaIAf9th5QdcZVBS2rYCKf4fPgj34bbO3cTl6/71lB+tTRXCTi
1QqDwIHAbVQnDzULPrto09O/rJoQKPL/ts5z8azOjaa5Ph+6Q9IPdyAsNVQLXMif
9OWwLWPvCYZDFv5c39OygoXM0GDX15cuHK/xobO60iwuUj6KIv5VoqIXLwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAM+M4chsu9w1V/Pqwf9iZlYoRHXMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvQXo0emh5R3k3M0RWWDgtckJfMkptVmloRWRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQATVPBAwQA
To7uAwQAW/O9AwQAwl0DAwQA1GsaMA0GCSqGSIb3DQEBCwUAA4IBAQCAVvqimmAs
6ZgOJY+Dp5cGIup/SLR2RfPamDxSzn5NrALoqGbnDV5GobdIirlq5HIQ8oD8PXS7
CMTOSiNJmO/WNlOdB6NR8sNG0A6NilCtFJ5uUM2q/2qOxAIO5jp+XYm24V64IzSG
/rHyjLAK8Lcnx+1wwUSemTjwjEKxuO5RsCuBmoH0ShKO/KJ5kmC6+cOO896eQfQ6
jGX575ID0bLmXFz0mPy/p2Kp8UZME6lw3KBLJQYbcn+KjSt4+VGWmoLqEgbzFohg
NNggtRxaJceADu9CuR88aGlUAd0HTLpR0/t9ZxF7v7gSnOPgOkDsSDR7XdQ6Ckol
rt/Lbm68GuOj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:46 2024 by rpki-client on console-ams.rpki-client.org