Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/8RdtLM-QMfhnZRGc6v0-_qRcBrg.roa
File: 8RdtLM-QMfhnZRGc6v0-_qRcBrg.roa (raw, json)
Hash identifier: +3mLZvYrYWCzypxarwL4/LDLba5uaM8YQDrrMDLe094=
Subject key identifier: F1:17:6D:2C:CF:90:31:F8:67:65:11:9C:EA:FD:3E:FE:A4:5C:06:B8
Certificate issuer: /CN=ceb86983547113359bade1f3f38104091e3a6439
Certificate serial: 018354CB87AD0BE8C2E94F7A99C379E0CFEC
Authority key identifier: CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/8RdtLM-QMfhnZRGc6v0-_qRcBrg.roa
Signing time: Mon 19 Sep 2022 08:09:28 +0000
ROA not before: Mon 19 Sep 2022 08:09:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8612
IP address blocks: 84.220.0.0/14 maxlen: 24
195.130.224.0/19 maxlen: 19
213.205.0.0/18 maxlen: 18
193.43.3.192/26 maxlen: 26
193.43.2.0/24 maxlen: 24
82.85.26.128/26 maxlen: 26
82.85.53.64/26 maxlen: 26
82.85.53.0/26 maxlen: 26
82.84.0.0/15 maxlen: 24
193.207.24.0/21 maxlen: 24
62.10.0.0/15 maxlen: 24
217.133.0.0/16 maxlen: 16
193.207.32.0/19 maxlen: 24
217.73.208.0/20 maxlen: 20
94.32.0.0/13 maxlen: 24
193.207.96.0/20 maxlen: 21
212.123.64.0/19 maxlen: 19
94.199.8.0/24 maxlen: 24
193.207.128.0/17 maxlen: 22
193.207.64.0/18 maxlen: 24
94.32.0.0/14 maxlen: 14
94.36.0.0/14 maxlen: 14
213.205.0.251/32 maxlen: 32
193.43.3.176/28 maxlen: 28
217.133.170.0/24 maxlen: 24
2a01:7d0:4800:1::/64 maxlen: 64
2a01:7d0::/32 maxlen: 32
2a01:7d0:4811::/64 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:54:cb:87:ad:0b:e8:c2:e9:4f:7a:99:c3:79:e0:cf:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ceb86983547113359bade1f3f38104091e3a6439
Validity
Not Before: Sep 19 08:09:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f1176d2ccf9031f86765119ceafd3efea45c06b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:d7:5b:e9:90:a7:25:67:9c:d7:73:a6:e6:46:
75:5e:e3:a5:18:ee:79:cd:c9:a9:51:b8:c1:08:a8:
b4:06:5b:f2:7c:4c:f7:fd:bf:d3:7b:90:c1:81:e3:
20:88:03:7a:b7:9c:b1:2d:bf:86:01:18:31:64:37:
4b:31:dd:15:6e:8f:3d:36:08:65:0d:b1:5b:13:57:
3d:37:d6:b4:4d:a6:d5:67:98:14:ae:48:67:4a:29:
3c:f0:22:e6:8b:e9:32:fe:55:49:95:23:ea:d2:56:
58:ae:ae:37:0a:77:6c:03:ac:a7:b3:a1:39:cd:2b:
b9:73:1b:1e:2b:55:03:7a:eb:ac:8c:3e:6a:51:ab:
fd:95:b9:6a:b5:24:07:c3:7f:51:c2:34:28:3f:84:
dc:9f:b1:5a:e6:12:59:bd:54:88:2b:05:b0:db:d6:
1d:c1:01:63:80:9b:54:f0:a0:bd:12:0d:4e:a0:df:
d7:56:07:3b:ae:f4:d5:f5:98:3d:0a:68:40:1f:95:
89:ab:e7:15:4e:c7:d8:1a:6f:cf:1a:7e:39:06:e5:
b8:fb:5c:ef:aa:31:1f:ec:85:f4:36:b8:36:ba:34:
85:40:db:f9:d8:ec:8d:7f:08:cd:20:a3:fb:9f:1a:
b6:6e:0b:90:80:4b:1c:61:66:ba:b1:93:86:a6:f7:
c9:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:17:6D:2C:CF:90:31:F8:67:65:11:9C:EA:FD:3E:FE:A4:5C:06:B8
X509v3 Authority Key Identifier:
keyid:CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/8RdtLM-QMfhnZRGc6v0-_qRcBrg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/zrhpg1RxEzWbreHz84EECR46ZDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.10.0.0/15
82.84.0.0/15
84.220.0.0/14
94.32.0.0/13
94.199.8.0/24
193.43.2.0/24
193.43.3.176-193.43.3.255
193.207.24.0-193.207.255.255
195.130.224.0/19
212.123.64.0/19
213.205.0.0/18
217.73.208.0/20
217.133.0.0/16
IPv6:
2a01:7d0::/32
Signature Algorithm: sha256WithRSAEncryption
0c:e8:84:f7:b1:4f:14:5b:42:75:7a:b7:6d:6a:46:82:89:c0:
9e:59:33:ee:37:3d:a9:6f:b9:6d:75:92:d1:2a:78:eb:e0:cb:
70:f2:31:1a:9d:3e:ba:54:53:c0:f8:c4:3f:45:c6:99:08:54:
03:f0:c1:d1:46:3e:06:48:70:45:af:65:6d:d3:7d:58:d0:46:
4d:f8:71:69:a8:28:3a:f2:16:bb:6d:33:f3:7a:4a:76:f0:f2:
d5:cc:b6:df:6e:a4:c8:14:7c:97:da:31:c8:ea:d6:43:a6:c1:
fb:66:24:bf:e5:d6:4d:2b:9f:82:01:cc:ae:a1:f3:87:52:64:
12:9d:f8:56:d4:a5:ed:31:7d:cb:15:0e:fa:f1:8a:2b:b3:3b:
01:cc:73:aa:e8:84:12:2d:3c:9b:04:6e:ce:b4:80:7e:17:2a:
49:ab:ca:a4:13:d9:21:b1:58:e3:a4:0d:04:1a:7b:11:e3:c9:
e1:30:1f:fb:76:7f:75:1e:b6:7d:98:7e:8c:a1:57:69:ca:43:
ce:e6:40:d9:36:bc:8c:a5:fd:bd:b7:b3:90:9a:45:ab:4f:03:
eb:ce:67:e7:7c:37:4d:19:e8:57:76:31:c0:1e:4f:7d:ca:c9:
2b:ef:ec:95:e2:83:ea:19:44:ca:80:05:9b:e1:ff:31:db:ca:
8e:32:3c:4b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAYNUy4etC+jC6U96mcN54M/sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYjg2OTgzNTQ3MTEzMzU5YmFkZTFmM2YzODEwNDA5MWUz
YTY0MzkwHhcNMjIwOTE5MDgwOTI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTE3NmQyY2NmOTAzMWY4Njc2NTExOWNlYWZkM2VmZWE0NWMwNmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltdb6ZCnJWec13Om5kZ1XuOlGO55
zcmpUbjBCKi0BlvyfEz3/b/Te5DBgeMgiAN6t5yxLb+GARgxZDdLMd0Vbo89Nghl
DbFbE1c9N9a0TabVZ5gUrkhnSik88CLmi+ky/lVJlSPq0lZYrq43CndsA6yns6E5
zSu5cxseK1UDeuusjD5qUav9lblqtSQHw39RwjQoP4Tcn7Fa5hJZvVSIKwWw29Yd
wQFjgJtU8KC9Eg1OoN/XVgc7rvTV9Zg9CmhAH5WJq+cVTsfYGm/PGn45BuW4+1zv
qjEf7IX0Nrg2ujSFQNv52OyNfwjNIKP7nxq2bguQgEscYWa6sZOGpvfJvQIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFPEXbSzPkDH4Z2URnOr9Pv6kXAa4MB8GA1UdIwQY
MBaAFM64aYNUcRM1m63h8/OBBAkeOmQ5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenJocGcxUnhFeldicmVIejg0RUVDUjQ2WkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9mMzUzOWQtMzhjZC00NjVlLWE1N2Qt
ZGVlMmY2NTBkZDg2LzEvOFJkdExNLVFNZmhuWlJHYzZ2MC1fcVJjQnJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9mMzUzOWQtMzhjZC00NjVlLWE1N2QtZGVlMmY2NTBkZDg2
LzEvenJocGcxUnhFeldicmVIejg0RUVDUjQ2WkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwXwQCAAEwWQMDAT4KAwMB
UlQDAwJU3AMDA14gAwQAXscIAwQAwSsCMA0DBQTBKwOwAwQCwSsAMAsDBAPBzxgD
AwTBwAMEBcOC4AMEBdR7QAMEBtXNAAMEBNlJ0AMDANmFMA0EAgACMAcDBQAqAQfQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAM6IT3sU8UW0J1erdtakaCicCeWTPuNz2pb7lt
dZLRKnjr4Mtw8jEanT66VFPA+MQ/RcaZCFQD8MHRRj4GSHBFr2Vt031Y0EZN+HFp
qCg68ha7bTPzekp28PLVzLbfbqTIFHyX2jHI6tZDpsH7ZiS/5dZNK5+CAcyuofOH
UmQSnfhW1KXtMX3LFQ768YorszsBzHOq6IQSLTybBG7OtIB+FypJq8qkE9khsVjj
pA0EGnsR48nhMB/7dn91HrZ9mH6MoVdpykPO5kDZNryMpf29t7OQmkWrTwPrzmfn
fDdNGehXdjHAHk99yskr7+yV4oPqGUTKgAWb4f8x28qOMjxL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:42 2024 by rpki-client on console-ams.rpki-client.org