Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/F7_P-VthI51SaiZfgntJ1nzyJpQ.roa
File: F7_P-VthI51SaiZfgntJ1nzyJpQ.roa (raw, json)
Hash identifier: zZYIWsXuGAl5NnrmWLa6fW3FaZEqG3N42u8/PFTUXiY=
Subject key identifier: 17:BF:CF:F9:5B:61:23:9D:52:6A:26:5F:82:7B:49:D6:7C:F2:26:94
Certificate issuer: /CN=ceb86983547113359bade1f3f38104091e3a6439
Certificate serial: 018CED8F4DCBCDA8E52A44F7556D38E509C2
Authority key identifier: CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/F7_P-VthI51SaiZfgntJ1nzyJpQ.roa
Signing time: Tue 09 Jan 2024 09:30:40 +0000
ROA not before: Tue 09 Jan 2024 09:30:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8612
IP address blocks: 84.220.0.0/16 maxlen: 24
195.130.224.0/19 maxlen: 19
193.43.3.180/30 maxlen: 30
213.205.0.0/18 maxlen: 18
193.43.3.192/26 maxlen: 26
193.43.2.0/24 maxlen: 24
82.85.26.128/26 maxlen: 26
82.85.53.64/26 maxlen: 26
82.85.53.0/26 maxlen: 26
82.84.0.0/15 maxlen: 24
193.207.24.0/21 maxlen: 24
217.133.0.0/16 maxlen: 16
193.207.32.0/19 maxlen: 24
217.73.208.0/20 maxlen: 21
193.207.96.0/20 maxlen: 21
193.43.3.184/29 maxlen: 29
212.123.64.0/19 maxlen: 19
193.207.128.0/17 maxlen: 22
84.221.0.0/16 maxlen: 24
193.207.64.0/18 maxlen: 24
94.32.0.0/14 maxlen: 14
213.205.0.251/32 maxlen: 32
94.32.115.0/24 maxlen: 24
217.133.170.0/24 maxlen: 24
2a01:7d0:4800:1::/64 maxlen: 64
2a01:7d0::/32 maxlen: 32
2a01:7d0:4811::/64 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ed:8f:4d:cb:cd:a8:e5:2a:44:f7:55:6d:38:e5:09:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ceb86983547113359bade1f3f38104091e3a6439
Validity
Not Before: Jan 9 09:30:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=17bfcff95b61239d526a265f827b49d67cf22694
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:90:55:02:23:59:55:db:1a:46:81:fc:db:83:
9f:e5:11:56:0e:c3:02:15:af:65:5e:f3:1c:57:56:
76:bf:dc:01:07:17:62:e7:57:e2:5b:ae:d5:bc:2e:
0b:ac:13:b3:17:5b:85:b3:d7:42:b4:f7:77:5f:92:
b6:6c:66:1e:3a:54:a5:fb:c6:1c:54:00:48:0e:0e:
b7:ff:82:b3:75:1e:ba:7e:1a:3a:40:b7:24:bb:53:
d6:58:1c:86:7d:9f:34:e2:1d:18:ee:3a:86:f4:39:
96:60:ca:4c:98:a9:7a:17:dc:5d:9f:8f:91:9a:23:
65:31:59:9a:a3:20:26:77:3a:53:2d:1d:3e:19:36:
a1:9e:28:8d:78:23:47:15:f4:79:b8:3c:e1:e7:aa:
34:e6:3e:3a:90:db:b8:7b:72:ff:de:22:17:34:62:
b3:d4:70:a9:7a:e6:4f:db:a3:0d:5c:08:5b:ce:68:
5d:9c:15:8e:ff:0b:33:53:d6:f8:8e:c2:65:7c:ad:
50:45:26:2c:17:5f:b0:eb:4c:63:be:47:44:03:15:
89:f3:c6:95:42:8f:c8:b2:dc:73:1f:b4:e7:74:88:
60:55:2a:b1:62:ed:e7:79:b3:62:3c:ae:ab:fa:91:
db:6e:b8:71:94:ea:12:8b:87:77:12:d9:31:51:df:
58:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:BF:CF:F9:5B:61:23:9D:52:6A:26:5F:82:7B:49:D6:7C:F2:26:94
X509v3 Authority Key Identifier:
keyid:CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/F7_P-VthI51SaiZfgntJ1nzyJpQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/zrhpg1RxEzWbreHz84EECR46ZDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.84.0.0/15
84.220.0.0/15
94.32.0.0/14
193.43.2.0/24
193.43.3.180-193.43.3.255
193.207.24.0-193.207.255.255
195.130.224.0/19
212.123.64.0/19
213.205.0.0/18
217.73.208.0/20
217.133.0.0/16
IPv6:
2a01:7d0::/32
Signature Algorithm: sha256WithRSAEncryption
5d:99:24:3f:7d:4c:8e:b7:2a:6b:c5:47:9f:8f:7a:fa:07:71:
3e:35:fd:3e:8d:2e:55:b1:a1:7e:ac:8d:6b:59:ff:38:a6:89:
6d:df:47:37:5a:6d:d0:57:14:cc:1b:7c:f5:83:d0:aa:bf:63:
e9:8e:b8:61:7e:e5:a2:75:15:e2:12:d4:cb:13:31:30:22:e6:
a4:95:b4:59:50:7b:f7:fa:e6:5e:90:20:6c:a1:ac:b9:00:d2:
26:59:35:62:4d:61:b4:02:cd:af:7f:b1:a7:b0:86:c8:c0:12:
b9:10:f1:06:90:42:de:32:12:aa:8f:15:20:6d:07:f2:c1:d3:
10:12:5e:23:8b:83:11:da:18:dd:68:64:b4:93:52:a5:f3:82:
89:70:fc:a6:7b:4b:58:f3:17:f4:66:7c:64:8b:32:8b:6f:d7:
34:6c:f5:02:69:c4:28:dd:b7:91:fc:34:64:03:8d:aa:97:cd:
9a:87:8c:99:bc:89:16:21:ce:97:80:66:d4:3b:b5:77:98:bb:
ae:f3:63:d7:a5:a0:5d:e9:66:d2:d2:4f:82:0c:1d:10:3b:49:
b0:4c:f4:9a:04:4c:73:bd:d8:14:01:aa:5a:1b:dc:ca:5e:4d:
68:96:74:5f:37:db:53:da:66:74:52:3e:73:99:a6:42:e2:35:
90:aa:8c:dd
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAYztj03LzajlKkT3VW045QnCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYjg2OTgzNTQ3MTEzMzU5YmFkZTFmM2YzODEwNDA5MWUz
YTY0MzkwHhcNMjQwMTA5MDkzMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2JmY2ZmOTViNjEyMzlkNTI2YTI2NWY4MjdiNDlkNjdjZjIyNjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpBVAiNZVdsaRoH824Of5RFWDsMC
Fa9lXvMcV1Z2v9wBBxdi51fiW67VvC4LrBOzF1uFs9dCtPd3X5K2bGYeOlSl+8Yc
VABIDg63/4KzdR66fho6QLcku1PWWByGfZ804h0Y7jqG9DmWYMpMmKl6F9xdn4+R
miNlMVmaoyAmdzpTLR0+GTahniiNeCNHFfR5uDzh56o05j46kNu4e3L/3iIXNGKz
1HCpeuZP26MNXAhbzmhdnBWO/wszU9b4jsJlfK1QRSYsF1+w60xjvkdEAxWJ88aV
Qo/IstxzH7TndIhgVSqxYu3nebNiPK6r+pHbbrhxlOoSi4d3EtkxUd9YwwIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFBe/z/lbYSOdUmomX4J7SdZ88iaUMB8GA1UdIwQY
MBaAFM64aYNUcRM1m63h8/OBBAkeOmQ5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenJocGcxUnhFeldicmVIejg0RUVDUjQ2WkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9mMzUzOWQtMzhjZC00NjVlLWE1N2Qt
ZGVlMmY2NTBkZDg2LzEvRjdfUC1WdGhJNTFTYWlaZmdudEoxbnp5SnBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9mMzUzOWQtMzhjZC00NjVlLWE1N2QtZGVlMmY2NTBkZDg2
LzEvenJocGcxUnhFeldicmVIejg0RUVDUjQ2WkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwMBUlQDAwFU
3AMDAl4gAwQAwSsCMA0DBQLBKwO0AwQCwSsAMAsDBAPBzxgDAwTBwAMEBcOC4AME
BdR7QAMEBtXNAAMEBNlJ0AMDANmFMA0EAgACMAcDBQAqAQfQMA0GCSqGSIb3DQEB
CwUAA4IBAQBdmSQ/fUyOtyprxUefj3r6B3E+Nf0+jS5VsaF+rI1rWf84polt30c3
Wm3QVxTMG3z1g9Cqv2PpjrhhfuWidRXiEtTLEzEwIuaklbRZUHv3+uZekCBsoay5
ANImWTViTWG0As2vf7GnsIbIwBK5EPEGkELeMhKqjxUgbQfywdMQEl4ji4MR2hjd
aGS0k1Kl84KJcPyme0tY8xf0ZnxkizKLb9c0bPUCacQo3beR/DRkA42ql82ah4yZ
vIkWIc6XgGbUO7V3mLuu82PXpaBd6WbS0k+CDB0QO0mwTPSaBExzvdgUAapaG9zK
Xk1olnRfN9tT2mZ0Uj5zmaZC4jWQqozd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:42 2024 by rpki-client on console-ams.rpki-client.org