Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/QejC0XwgzhxFF-F7ldeFPbAG5Wg.roa
File: QejC0XwgzhxFF-F7ldeFPbAG5Wg.roa (raw, json)
Hash identifier: VkcgzzJF1enQVxsg9ELQF3o0zSW5P0NwsrAukS4lORw=
Subject key identifier: 41:E8:C2:D1:7C:20:CE:1C:45:17:E1:7B:95:D7:85:3D:B0:06:E5:68
Certificate issuer: /CN=ceb86983547113359bade1f3f38104091e3a6439
Certificate serial: 018AD62CFD011BB9836DB92ACDC94C0CAC82
Authority key identifier: CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/QejC0XwgzhxFF-F7ldeFPbAG5Wg.roa
Signing time: Wed 27 Sep 2023 10:26:27 +0000
ROA not before: Wed 27 Sep 2023 10:26:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8612
IP address blocks: 84.220.0.0/16 maxlen: 24
84.220.0.0/14 maxlen: 24
195.130.224.0/19 maxlen: 19
193.43.3.180/30 maxlen: 30
213.205.0.0/18 maxlen: 18
193.43.3.192/26 maxlen: 26
193.43.2.0/24 maxlen: 24
82.85.26.128/26 maxlen: 26
82.85.53.64/26 maxlen: 26
82.85.53.0/26 maxlen: 26
82.84.0.0/15 maxlen: 24
193.207.24.0/21 maxlen: 24
217.133.0.0/16 maxlen: 16
193.207.32.0/19 maxlen: 24
84.222.0.0/16 maxlen: 24
217.73.208.0/20 maxlen: 20
193.207.96.0/20 maxlen: 21
193.43.3.184/29 maxlen: 29
212.123.64.0/19 maxlen: 19
193.207.128.0/17 maxlen: 22
84.221.0.0/16 maxlen: 24
193.207.64.0/18 maxlen: 24
94.32.0.0/14 maxlen: 14
213.205.0.251/32 maxlen: 32
94.32.115.0/24 maxlen: 24
217.133.170.0/24 maxlen: 24
2a01:7d0:4800:1::/64 maxlen: 64
2a01:7d0::/32 maxlen: 32
2a01:7d0:4811::/64 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d6:2c:fd:01:1b:b9:83:6d:b9:2a:cd:c9:4c:0c:ac:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ceb86983547113359bade1f3f38104091e3a6439
Validity
Not Before: Sep 27 10:26:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41e8c2d17c20ce1c4517e17b95d7853db006e568
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:85:92:f5:7a:c2:6f:ad:78:b2:94:b1:a0:94:
5b:54:0c:19:f6:ee:af:3f:98:8e:be:93:eb:c6:84:
d1:e4:85:bd:43:57:ed:94:6f:18:e4:32:9c:8f:07:
7f:7e:dd:24:20:b6:61:b7:af:e9:84:eb:ba:72:0c:
f8:de:f8:92:0b:6f:a6:51:bb:8f:69:37:8a:9a:85:
ac:bc:0f:25:a5:fe:bf:23:f2:b0:04:82:36:d9:eb:
37:98:a6:32:9d:f9:ab:fe:ef:57:a8:d0:d0:51:dd:
34:e8:24:32:2f:4d:6f:c2:c6:a8:ac:b5:2b:da:37:
6a:dd:14:83:6a:35:8b:a2:96:41:21:56:2e:95:7f:
36:51:10:5b:92:f9:a0:fb:04:ac:54:68:46:f6:d6:
3d:5f:22:7f:b4:68:4d:87:d4:73:f8:72:7c:c5:8b:
e0:5a:3e:4a:1c:f6:ce:74:45:8e:c4:5e:43:b4:bc:
f1:2c:fd:8b:1f:18:63:2a:31:77:63:29:44:2e:72:
44:4c:f7:0f:d1:21:1e:8f:97:b5:69:34:57:12:6a:
5f:20:45:e7:b6:b7:a0:be:33:2f:27:08:ef:54:27:
ee:57:32:4e:e2:f4:f6:34:cb:9c:3e:5c:d7:e5:6e:
9e:6b:d0:89:8b:17:bc:bc:f3:c3:31:40:7d:a4:fe:
27:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:E8:C2:D1:7C:20:CE:1C:45:17:E1:7B:95:D7:85:3D:B0:06:E5:68
X509v3 Authority Key Identifier:
keyid:CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/QejC0XwgzhxFF-F7ldeFPbAG5Wg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/zrhpg1RxEzWbreHz84EECR46ZDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.84.0.0/15
84.220.0.0/14
94.32.0.0/14
193.43.2.0/24
193.43.3.180-193.43.3.255
193.207.24.0-193.207.255.255
195.130.224.0/19
212.123.64.0/19
213.205.0.0/18
217.73.208.0/20
217.133.0.0/16
IPv6:
2a01:7d0::/32
Signature Algorithm: sha256WithRSAEncryption
6e:71:d8:e9:66:5f:4b:05:6d:1f:87:b7:9d:d7:87:47:c5:bb:
13:19:5b:16:39:82:58:86:de:40:74:f7:fd:2b:17:ee:a0:56:
d8:6c:12:47:c8:7d:77:7d:45:d9:b2:f6:f9:4a:35:2e:66:c8:
3f:1e:98:16:0a:99:f1:38:64:28:8e:12:34:a6:78:df:1c:f7:
ff:aa:dd:b1:e0:d5:df:91:32:10:b0:00:e9:9d:25:56:aa:12:
f3:5d:57:b0:c2:db:8a:92:28:03:7a:da:7e:ef:41:4c:a7:24:
d3:47:16:7d:1e:92:a9:c4:68:45:94:61:e9:8d:77:11:54:5b:
72:4d:d4:1b:5a:1c:c2:00:80:5d:4a:69:63:ac:3f:41:bb:46:
46:5b:f4:78:b2:a6:39:08:e3:b8:af:1e:92:aa:72:db:b9:44:
9a:9c:29:01:9c:43:ce:da:57:2e:0a:de:58:db:0d:d0:88:9f:
1f:6d:5c:c4:66:85:7b:11:83:13:d6:6a:6d:43:05:33:f2:29:
e6:b1:aa:1b:50:8a:59:6a:2e:6e:32:92:38:d2:9b:53:ce:13:
b0:29:8d:73:d0:9a:11:01:0e:a5:ee:f1:86:cb:30:c9:08:39:
7f:58:d0:db:1f:27:d6:3d:53:1d:03:9e:fd:24:0c:ed:39:3b:
58:37:20:7a
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAYrWLP0BG7mDbbkqzclMDKyCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYjg2OTgzNTQ3MTEzMzU5YmFkZTFmM2YzODEwNDA5MWUz
YTY0MzkwHhcNMjMwOTI3MTAyNjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWU4YzJkMTdjMjBjZTFjNDUxN2UxN2I5NWQ3ODUzZGIwMDZlNTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0YWS9XrCb614spSxoJRbVAwZ9u6v
P5iOvpPrxoTR5IW9Q1ftlG8Y5DKcjwd/ft0kILZht6/phOu6cgz43viSC2+mUbuP
aTeKmoWsvA8lpf6/I/KwBII22es3mKYynfmr/u9XqNDQUd006CQyL01vwsaorLUr
2jdq3RSDajWLopZBIVYulX82URBbkvmg+wSsVGhG9tY9XyJ/tGhNh9Rz+HJ8xYvg
Wj5KHPbOdEWOxF5DtLzxLP2LHxhjKjF3YylELnJETPcP0SEej5e1aTRXEmpfIEXn
tregvjMvJwjvVCfuVzJO4vT2NMucPlzX5W6ea9CJixe8vPPDMUB9pP4nWwIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFEHowtF8IM4cRRfhe5XXhT2wBuVoMB8GA1UdIwQY
MBaAFM64aYNUcRM1m63h8/OBBAkeOmQ5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenJocGcxUnhFeldicmVIejg0RUVDUjQ2WkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9mMzUzOWQtMzhjZC00NjVlLWE1N2Qt
ZGVlMmY2NTBkZDg2LzEvUWVqQzBYd2d6aHhGRi1GN2xkZUZQYkFHNVdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9mMzUzOWQtMzhjZC00NjVlLWE1N2QtZGVlMmY2NTBkZDg2
LzEvenJocGcxUnhFeldicmVIejg0RUVDUjQ2WkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwMBUlQDAwJU
3AMDAl4gAwQAwSsCMA0DBQLBKwO0AwQCwSsAMAsDBAPBzxgDAwTBwAMEBcOC4AME
BdR7QAMEBtXNAAMEBNlJ0AMDANmFMA0EAgACMAcDBQAqAQfQMA0GCSqGSIb3DQEB
CwUAA4IBAQBucdjpZl9LBW0fh7ed14dHxbsTGVsWOYJYht5AdPf9KxfuoFbYbBJH
yH13fUXZsvb5SjUuZsg/HpgWCpnxOGQojhI0pnjfHPf/qt2x4NXfkTIQsADpnSVW
qhLzXVewwtuKkigDetp+70FMpyTTRxZ9HpKpxGhFlGHpjXcRVFtyTdQbWhzCAIBd
SmljrD9Bu0ZGW/R4sqY5COO4rx6SqnLbuUSanCkBnEPO2lcuCt5Y2w3QiJ8fbVzE
ZoV7EYMT1mptQwUz8inmsaobUIpZai5uMpI40ptTzhOwKY1z0JoRAQ6l7vGGyzDJ
CDl/WNDbHyfWPVMdA579JAztOTtYNyB6
-----END CERTIFICATE-----
Generated at Tue Oct 17 09:10:54 2023 by rpki-client on console-fra.rpki-client.org