Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/2EaEP6QTK8WZMFIEvwM2qmVHa0Q.roa
File: 2EaEP6QTK8WZMFIEvwM2qmVHa0Q.roa (raw, json)
Hash identifier: lIzuvQ8HrKbFt3SdKYA3lWmpNeHn/w165qZzujlyRis=
Subject key identifier: D8:46:84:3F:A4:13:2B:C5:99:30:52:04:BF:03:36:AA:65:47:6B:44
Certificate issuer: /CN=ceb86983547113359bade1f3f38104091e3a6439
Certificate serial: 0182B175E066CDC6997D2CD564A986A329B4
Authority key identifier: CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/2EaEP6QTK8WZMFIEvwM2qmVHa0Q.roa
Signing time: Thu 18 Aug 2022 14:57:48 +0000
ROA not before: Thu 18 Aug 2022 14:57:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8612
IP address blocks: 84.220.0.0/14 maxlen: 24
195.130.224.0/19 maxlen: 19
213.205.0.0/18 maxlen: 18
193.43.2.0/23 maxlen: 23
82.85.26.128/26 maxlen: 26
82.85.53.64/26 maxlen: 26
82.85.53.0/26 maxlen: 26
82.84.0.0/15 maxlen: 24
193.207.0.0/16 maxlen: 21
62.10.0.0/15 maxlen: 24
217.133.0.0/16 maxlen: 16
217.73.208.0/20 maxlen: 20
94.32.0.0/13 maxlen: 24
193.207.96.0/20 maxlen: 21
212.123.64.0/19 maxlen: 19
193.207.112.0/20 maxlen: 20
94.199.8.0/24 maxlen: 24
193.207.128.0/19 maxlen: 19
193.207.128.0/18 maxlen: 22
94.32.0.0/14 maxlen: 14
94.36.0.0/14 maxlen: 14
213.205.0.251/32 maxlen: 32
212.24.0.0/19 maxlen: 19
217.133.170.0/24 maxlen: 24
212.22.128.0/19 maxlen: 19
2a01:7d0:4800:1::/64 maxlen: 64
2a01:7d0::/32 maxlen: 32
2a01:7d0:4811::/64 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:b1:75:e0:66:cd:c6:99:7d:2c:d5:64:a9:86:a3:29:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ceb86983547113359bade1f3f38104091e3a6439
Validity
Not Before: Aug 18 14:57:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d846843fa4132bc599305204bf0336aa65476b44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:66:bc:d0:9b:2c:e0:53:b4:4c:41:88:12:96:
81:03:84:79:2b:54:b9:b0:96:e0:e7:1b:91:e5:1f:
c0:c1:55:50:8e:87:a7:99:e6:70:4c:0b:9d:de:79:
87:15:2b:6e:f7:5e:9f:4d:48:0e:88:69:61:9d:4b:
46:91:cf:b6:6d:37:01:a1:da:a1:14:52:c0:76:cd:
82:3d:97:7b:16:49:dc:16:d4:b3:41:50:f3:08:09:
c3:34:54:5c:5c:2c:4a:4a:52:c9:9b:bc:f1:c0:f2:
43:5e:0b:32:0e:aa:69:41:b9:95:9b:f8:37:16:df:
da:08:e8:e1:70:42:6f:5e:ac:36:df:f3:f3:78:f1:
b0:38:e1:6e:52:26:a5:1f:69:f0:2b:15:70:00:4b:
09:eb:89:6c:ae:4c:f4:25:8e:1c:00:10:d3:68:29:
71:2c:b2:99:49:de:0d:a4:a9:aa:ce:fc:a7:bd:08:
43:19:57:0b:0a:58:57:64:7a:81:35:0a:59:7a:93:
8c:42:82:14:9c:58:96:02:8d:00:db:0e:07:12:a2:
8d:4b:41:d0:8c:71:f2:33:9e:a8:4f:68:07:dd:a5:
70:f0:11:bf:eb:a0:e9:16:3b:10:f7:25:14:06:76:
5d:9d:81:e1:c4:9a:b4:eb:74:c6:ab:54:74:e2:e9:
45:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:46:84:3F:A4:13:2B:C5:99:30:52:04:BF:03:36:AA:65:47:6B:44
X509v3 Authority Key Identifier:
keyid:CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/2EaEP6QTK8WZMFIEvwM2qmVHa0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/zrhpg1RxEzWbreHz84EECR46ZDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.10.0.0/15
82.84.0.0/15
84.220.0.0/14
94.32.0.0/13
94.199.8.0/24
193.43.2.0/23
193.207.0.0/16
195.130.224.0/19
212.22.128.0/19
212.24.0.0/19
212.123.64.0/19
213.205.0.0/18
217.73.208.0/20
217.133.0.0/16
IPv6:
2a01:7d0::/32
Signature Algorithm: sha256WithRSAEncryption
13:71:52:9f:38:20:bc:cb:1d:1a:e4:73:ba:90:c1:a4:dd:eb:
c3:0b:1e:57:77:db:f9:9c:ec:9a:38:f3:75:e7:49:c6:4c:70:
09:63:79:a2:19:e6:4d:e0:03:c2:3b:47:80:2f:c1:71:a3:25:
97:be:7b:00:e1:5c:34:f3:ac:d7:b6:b6:06:a2:b7:5a:92:e9:
b6:9a:d8:8e:d6:ab:2f:47:6a:a0:80:1b:00:1a:c0:f4:77:60:
d7:bc:56:41:39:fc:63:d3:bb:5c:cc:12:9c:e4:d2:e9:a3:7b:
83:1c:f5:40:3e:b3:75:40:40:74:02:8f:40:65:6e:80:58:32:
7f:68:c3:39:be:86:46:4c:87:80:c0:cd:82:d3:e2:14:43:7d:
cb:b4:52:9a:2a:e9:09:e9:34:f1:6a:b5:29:17:b9:da:68:c0:
57:c3:a1:28:9c:64:b2:2d:45:9e:e2:26:da:50:91:a5:fd:53:
f2:87:41:07:da:66:a6:09:d1:74:82:af:8b:4d:b2:82:01:e2:
96:75:fc:ce:2f:df:b1:da:ed:bf:35:c3:69:18:5c:a4:88:9f:
1f:cd:bb:ce:06:0f:2c:1e:16:fd:f8:af:17:15:73:fb:f3:bc:
38:f7:de:04:08:cc:05:96:37:57:5f:96:65:6a:40:65:4b:39:
f1:7a:5b:41
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAYKxdeBmzcaZfSzVZKmGoym0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYjg2OTgzNTQ3MTEzMzU5YmFkZTFmM2YzODEwNDA5MWUz
YTY0MzkwHhcNMjIwODE4MTQ1NzQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODQ2ODQzZmE0MTMyYmM1OTkzMDUyMDRiZjAzMzZhYTY1NDc2YjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgGa80Jss4FO0TEGIEpaBA4R5K1S5
sJbg5xuR5R/AwVVQjoenmeZwTAud3nmHFStu916fTUgOiGlhnUtGkc+2bTcBodqh
FFLAds2CPZd7FkncFtSzQVDzCAnDNFRcXCxKSlLJm7zxwPJDXgsyDqppQbmVm/g3
Ft/aCOjhcEJvXqw23/PzePGwOOFuUialH2nwKxVwAEsJ64lsrkz0JY4cABDTaClx
LLKZSd4NpKmqzvynvQhDGVcLClhXZHqBNQpZepOMQoIUnFiWAo0A2w4HEqKNS0HQ
jHHyM56oT2gH3aVw8BG/66DpFjsQ9yUUBnZdnYHhxJq063TGq1R04ulFIQIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFNhGhD+kEyvFmTBSBL8DNqplR2tEMB8GA1UdIwQY
MBaAFM64aYNUcRM1m63h8/OBBAkeOmQ5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenJocGcxUnhFeldicmVIejg0RUVDUjQ2WkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9mMzUzOWQtMzhjZC00NjVlLWE1N2Qt
ZGVlMmY2NTBkZDg2LzEvMkVhRVA2UVRLOFdaTUZJRXZ3TTJxbVZIYTBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9mMzUzOWQtMzhjZC00NjVlLWE1N2QtZGVlMmY2NTBkZDg2
LzEvenJocGcxUnhFeldicmVIejg0RUVDUjQ2WkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwMBPgoDAwFS
VAMDAlTcAwMDXiADBABexwgDBAHBKwIDAwDBzwMEBcOC4AMEBdQWgAMEBdQYAAME
BdR7QAMEBtXNAAMEBNlJ0AMDANmFMA0EAgACMAcDBQAqAQfQMA0GCSqGSIb3DQEB
CwUAA4IBAQATcVKfOCC8yx0a5HO6kMGk3evDCx5Xd9v5nOyaOPN150nGTHAJY3mi
GeZN4APCO0eAL8FxoyWXvnsA4Vw086zXtrYGordakum2mtiO1qsvR2qggBsAGsD0
d2DXvFZBOfxj07tczBKc5NLpo3uDHPVAPrN1QEB0Ao9AZW6AWDJ/aMM5voZGTIeA
wM2C0+IUQ33LtFKaKukJ6TTxarUpF7naaMBXw6EonGSyLUWe4ibaUJGl/VPyh0EH
2mamCdF0gq+LTbKCAeKWdfzOL9+x2u2/NcNpGFykiJ8fzbvOBg8sHhb9+K8XFXP7
87w4994ECMwFljdXX5ZlakBlSznxeltB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:42 2024 by rpki-client on console-ams.rpki-client.org