Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/I4S2dRl0fWIdePpb4xXTITbFK3s.roa
File: I4S2dRl0fWIdePpb4xXTITbFK3s.roa (raw, json)
Hash identifier: 5tbYMVuZCnmsluh22Pg6EF3tNWfEV+sEArKjDa6Fdts=
Subject key identifier: 23:84:B6:75:19:74:7D:62:1D:78:FA:5B:E3:15:D3:21:36:C5:2B:7B
Certificate issuer: /CN=ceb86983547113359bade1f3f38104091e3a6439
Certificate serial: 018CC26D19C6EFD680A970C65876C906FB5D
Authority key identifier: CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/I4S2dRl0fWIdePpb4xXTITbFK3s.roa
Signing time: Mon 01 Jan 2024 00:29:39 +0000
ROA not before: Mon 01 Jan 2024 00:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8612
IP address blocks: 84.220.0.0/16 maxlen: 24
195.130.224.0/19 maxlen: 19
193.43.3.180/30 maxlen: 30
213.205.0.0/18 maxlen: 18
193.43.3.192/26 maxlen: 26
193.43.2.0/24 maxlen: 24
82.85.26.128/26 maxlen: 26
82.85.53.64/26 maxlen: 26
82.85.53.0/26 maxlen: 26
82.84.0.0/15 maxlen: 24
193.207.24.0/21 maxlen: 24
217.133.0.0/16 maxlen: 16
193.207.32.0/19 maxlen: 24
217.73.208.0/20 maxlen: 20
193.207.96.0/20 maxlen: 21
193.43.3.184/29 maxlen: 29
212.123.64.0/19 maxlen: 19
193.207.128.0/17 maxlen: 22
84.221.0.0/16 maxlen: 24
193.207.64.0/18 maxlen: 24
94.32.0.0/14 maxlen: 14
213.205.0.251/32 maxlen: 32
94.32.115.0/24 maxlen: 24
217.133.170.0/24 maxlen: 24
2a01:7d0:4800:1::/64 maxlen: 64
2a01:7d0::/32 maxlen: 32
2a01:7d0:4811::/64 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:19:c6:ef:d6:80:a9:70:c6:58:76:c9:06:fb:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ceb86983547113359bade1f3f38104091e3a6439
Validity
Not Before: Jan 1 00:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2384b67519747d621d78fa5be315d32136c52b7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:32:08:da:31:00:c0:c4:1d:df:52:1b:41:86:
56:71:a5:b6:2c:2d:96:ef:d8:fb:c9:41:5c:97:27:
07:3b:35:c3:cb:fd:5a:9f:e5:78:53:c6:c0:54:9b:
ac:23:44:f3:89:04:ad:ff:27:41:31:4e:e9:93:01:
5a:cd:f6:a8:cd:fb:0a:0b:19:06:43:d1:45:c3:e8:
7b:f8:76:cd:86:0e:ff:34:da:ab:08:f7:02:4e:5f:
6d:3a:dc:f1:91:7b:e1:33:c5:a3:60:44:8b:5c:11:
84:ff:d8:52:8b:a4:b2:ba:48:bb:d5:fe:ba:67:f2:
9b:2e:10:c2:64:eb:5a:09:cb:20:62:c3:04:32:3e:
3f:f2:bb:da:87:b4:2f:95:63:2c:34:6b:c2:0a:88:
3d:a9:c0:28:61:8b:1d:c6:2d:20:3d:e2:f6:8a:26:
cc:b5:11:38:4f:79:14:29:9a:29:e0:9a:c1:d6:cb:
3d:68:8c:50:a4:e8:b8:e3:7a:ac:a6:e1:f6:d8:7c:
5e:2e:be:41:13:a6:62:e1:16:b5:b6:4a:4b:e7:03:
35:07:ff:2c:a6:4d:08:d3:61:39:0c:df:0b:08:86:
5b:2e:c2:29:22:90:cb:3f:80:01:74:25:7b:32:02:
d3:8f:43:3c:29:8b:3c:a9:55:2b:3f:12:30:ea:c0:
4f:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:84:B6:75:19:74:7D:62:1D:78:FA:5B:E3:15:D3:21:36:C5:2B:7B
X509v3 Authority Key Identifier:
keyid:CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/I4S2dRl0fWIdePpb4xXTITbFK3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/zrhpg1RxEzWbreHz84EECR46ZDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.84.0.0/15
84.220.0.0/15
94.32.0.0/14
193.43.2.0/24
193.43.3.180-193.43.3.255
193.207.24.0-193.207.255.255
195.130.224.0/19
212.123.64.0/19
213.205.0.0/18
217.73.208.0/20
217.133.0.0/16
IPv6:
2a01:7d0::/32
Signature Algorithm: sha256WithRSAEncryption
8a:0f:82:ad:17:96:d3:1b:54:5e:7c:c5:ab:5b:e6:6f:44:19:
18:30:fb:0e:4f:d7:f0:51:44:bf:8c:2b:9b:f7:94:61:7c:76:
4e:a4:13:77:42:e0:33:76:a1:57:32:10:fe:a7:82:6d:c3:e5:
7a:b6:a2:d5:fd:54:57:43:10:86:33:ca:f9:9a:e9:d0:c7:f8:
d3:fd:c6:39:39:2a:2a:82:1e:f3:2c:70:db:03:fb:9b:44:b6:
29:78:d1:fd:82:28:75:80:34:22:aa:37:74:cd:93:ce:59:57:
ac:8b:7c:c9:c7:71:7e:51:c6:a9:da:bc:6b:0a:49:42:0b:27:
55:86:2c:cb:9c:f7:7e:0a:d4:9b:87:67:6e:67:3c:9f:dc:8f:
70:7b:1d:28:36:2e:af:fc:d0:1e:fa:15:6c:ef:31:8a:78:f9:
28:dc:34:e8:59:86:05:62:4a:f9:86:1a:cb:45:d5:5a:ea:e0:
9b:f9:f9:49:cb:1b:23:aa:aa:15:88:87:bd:1e:47:2e:a3:f4:
2a:9a:02:d6:61:ca:37:e8:68:38:f2:33:10:a2:5d:b1:93:48:
69:e1:f5:dd:c4:e7:2d:81:22:9b:50:09:e7:71:88:db:7a:bc:
12:d3:59:2c:21:98:84:f1:15:52:46:7f:d7:6c:5b:1f:1d:6b:
88:04:ed:79
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAYzCbRnG79aAqXDGWHbJBvtdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYjg2OTgzNTQ3MTEzMzU5YmFkZTFmM2YzODEwNDA5MWUz
YTY0MzkwHhcNMjQwMTAxMDAyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzg0YjY3NTE5NzQ3ZDYyMWQ3OGZhNWJlMzE1ZDMyMTM2YzUyYjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzII2jEAwMQd31IbQYZWcaW2LC2W
79j7yUFclycHOzXDy/1an+V4U8bAVJusI0TziQSt/ydBMU7pkwFazfaozfsKCxkG
Q9FFw+h7+HbNhg7/NNqrCPcCTl9tOtzxkXvhM8WjYESLXBGE/9hSi6Syuki71f66
Z/KbLhDCZOtaCcsgYsMEMj4/8rvah7QvlWMsNGvCCog9qcAoYYsdxi0gPeL2iibM
tRE4T3kUKZop4JrB1ss9aIxQpOi443qspuH22HxeLr5BE6Zi4Ra1tkpL5wM1B/8s
pk0I02E5DN8LCIZbLsIpIpDLP4ABdCV7MgLTj0M8KYs8qVUrPxIw6sBP3QIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFCOEtnUZdH1iHXj6W+MV0yE2xSt7MB8GA1UdIwQY
MBaAFM64aYNUcRM1m63h8/OBBAkeOmQ5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenJocGcxUnhFeldicmVIejg0RUVDUjQ2WkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9mMzUzOWQtMzhjZC00NjVlLWE1N2Qt
ZGVlMmY2NTBkZDg2LzEvSTRTMmRSbDBmV0lkZVBwYjR4WFRJVGJGSzNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9mMzUzOWQtMzhjZC00NjVlLWE1N2QtZGVlMmY2NTBkZDg2
LzEvenJocGcxUnhFeldicmVIejg0RUVDUjQ2WkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwMBUlQDAwFU
3AMDAl4gAwQAwSsCMA0DBQLBKwO0AwQCwSsAMAsDBAPBzxgDAwTBwAMEBcOC4AME
BdR7QAMEBtXNAAMEBNlJ0AMDANmFMA0EAgACMAcDBQAqAQfQMA0GCSqGSIb3DQEB
CwUAA4IBAQCKD4KtF5bTG1RefMWrW+ZvRBkYMPsOT9fwUUS/jCub95RhfHZOpBN3
QuAzdqFXMhD+p4Jtw+V6tqLV/VRXQxCGM8r5munQx/jT/cY5OSoqgh7zLHDbA/ub
RLYpeNH9gih1gDQiqjd0zZPOWVesi3zJx3F+Ucap2rxrCklCCydVhizLnPd+CtSb
h2duZzyf3I9wex0oNi6v/NAe+hVs7zGKePko3DToWYYFYkr5hhrLRdVa6uCb+flJ
yxsjqqoViIe9Hkcuo/QqmgLWYco36Gg48jMQol2xk0hp4fXdxOctgSKbUAnncYjb
erwS01ksIZiE8RVSRn/XbFsfHWuIBO15
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:42 2024 by rpki-client on console-ams.rpki-client.org