Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/gKl8WGvwo0fqp0Fk2VgpPLSynd0.roa
File: gKl8WGvwo0fqp0Fk2VgpPLSynd0.roa (raw, json)
Hash identifier: yKGGK6k8wwiD8KEw9a2GMJzB46F3e0y5jMfprHKyabw=
Subject key identifier: 80:A9:7C:58:6B:F0:A3:47:EA:A7:41:64:D9:58:29:3C:B4:B2:9D:DD
Certificate issuer: /CN=ceb86983547113359bade1f3f38104091e3a6439
Certificate serial: 084FE0BC
Authority key identifier: CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/gKl8WGvwo0fqp0Fk2VgpPLSynd0.roa
Signing time: Mon 04 Apr 2022 09:57:59 +0000
ROA not before: Mon 04 Apr 2022 09:57:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8612
IP address blocks: 84.220.0.0/14 maxlen: 24
195.130.224.0/19 maxlen: 19
213.205.0.0/18 maxlen: 18
130.186.128.0/17 maxlen: 17
130.186.32.0/19 maxlen: 19
193.43.2.0/23 maxlen: 23
82.85.26.128/26 maxlen: 26
82.85.53.0/26 maxlen: 26
82.85.53.64/26 maxlen: 26
82.84.0.0/15 maxlen: 24
193.207.0.0/16 maxlen: 21
62.10.0.0/15 maxlen: 24
217.133.0.0/16 maxlen: 16
217.73.208.0/20 maxlen: 20
94.32.0.0/13 maxlen: 24
193.207.96.0/20 maxlen: 21
193.207.112.0/20 maxlen: 20
94.199.8.0/24 maxlen: 24
212.123.64.0/19 maxlen: 19
78.12.0.0/14 maxlen: 24
193.207.128.0/19 maxlen: 19
193.207.128.0/18 maxlen: 22
94.32.0.0/14 maxlen: 14
94.36.0.0/14 maxlen: 14
80.241.160.0/20 maxlen: 20
213.205.0.251/32 maxlen: 32
212.24.0.0/19 maxlen: 19
212.22.128.0/19 maxlen: 19
217.133.170.0/24 maxlen: 24
2a01:7d0:4800:1::/64 maxlen: 64
2a01:7d0::/32 maxlen: 32
2a01:7d0:4811::/64 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 139452604 (0x84fe0bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ceb86983547113359bade1f3f38104091e3a6439
Validity
Not Before: Apr 4 09:57:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=80a97c586bf0a347eaa74164d958293cb4b29ddd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:0c:4a:48:1d:d8:4c:f7:5f:97:5b:b2:ef:f8:
86:fb:b2:49:84:3b:33:11:4f:a1:24:08:5a:29:46:
91:8b:b3:30:4b:3a:da:ce:7b:f6:8a:6b:da:bb:8d:
ea:07:a9:81:6a:64:d7:3e:8d:5a:ec:97:5f:15:f1:
63:61:9d:d9:2d:77:fb:b2:7d:fa:24:41:b2:10:9e:
a5:ae:f6:03:7d:73:86:76:9b:49:c7:e1:ff:2a:45:
a5:26:61:a5:3e:8b:73:eb:ba:c4:75:8f:51:1e:07:
df:ad:be:f4:0c:0e:f0:d0:b6:28:3e:f1:00:67:a4:
7d:7d:78:60:ce:25:54:23:4b:a3:74:f0:5c:8b:8f:
65:40:00:4f:e7:57:29:1e:ef:5a:f0:86:af:37:a8:
e5:25:52:48:fa:6f:81:de:8e:d3:e9:a3:3f:ff:b8:
06:17:78:31:3a:15:31:f3:64:c6:b7:49:40:77:25:
ac:2b:c5:0d:18:3f:57:57:8a:7f:b6:72:e3:7b:d6:
10:43:56:e5:fd:b9:11:dd:97:8d:6b:b8:f5:e9:e8:
0b:c9:8f:c8:57:ac:d2:f6:5f:89:32:3a:cd:85:4a:
76:fa:b4:63:6a:e5:23:c2:d0:15:18:80:a7:a7:97:
c5:63:b0:00:98:bc:fe:9d:3d:ce:d2:09:37:28:a0:
b3:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:A9:7C:58:6B:F0:A3:47:EA:A7:41:64:D9:58:29:3C:B4:B2:9D:DD
X509v3 Authority Key Identifier:
keyid:CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/gKl8WGvwo0fqp0Fk2VgpPLSynd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/zrhpg1RxEzWbreHz84EECR46ZDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.10.0.0/15
78.12.0.0/14
80.241.160.0/20
82.84.0.0/15
84.220.0.0/14
94.32.0.0/13
94.199.8.0/24
130.186.32.0/19
130.186.128.0/17
193.43.2.0/23
193.207.0.0/16
195.130.224.0/19
212.22.128.0/19
212.24.0.0/19
212.123.64.0/19
213.205.0.0/18
217.73.208.0/20
217.133.0.0/16
IPv6:
2a01:7d0::/32
Signature Algorithm: sha256WithRSAEncryption
2a:87:8f:1a:4c:a8:46:b3:34:13:ea:6f:54:8d:a0:0a:e2:e1:
ca:88:ae:8b:b9:90:6c:4d:36:01:45:c6:96:e3:a3:4a:32:fe:
1e:9e:ea:3d:14:d4:ea:10:58:f7:73:76:bd:bf:e7:4d:48:45:
9e:59:85:e9:7a:6f:9b:6d:5b:29:5f:52:e8:22:72:3d:bc:24:
7f:61:89:e7:2e:a5:cc:02:d8:95:77:62:83:9f:fe:4a:ef:74:
00:c2:fc:0f:80:e9:00:99:e3:4c:c6:01:08:de:8d:64:0e:15:
a9:31:05:fb:bb:cb:68:b0:ac:14:9c:7f:7f:dc:b2:28:76:d4:
d8:42:aa:fe:13:2f:ed:e3:3f:d6:a7:a4:2c:7e:23:7a:f8:e4:
eb:b4:07:22:43:bb:41:4a:40:18:d1:2e:20:6d:5f:3a:7b:65:
3f:d5:d8:e0:77:a5:a2:f8:13:aa:1f:53:a6:a8:b1:d0:fa:5f:
39:34:e0:8c:d2:da:93:9a:e6:d6:05:9d:36:26:2a:86:35:a4:
82:e0:9f:44:fc:11:71:c6:a6:31:3c:66:76:ff:ad:77:1d:b5:
1b:5d:d3:05:b8:11:79:d1:e2:80:1c:9f:0b:9b:a5:f5:03:08:
8a:b1:d6:32:d7:3d:63:6f:74:68:a3:a3:46:25:70:93:03:21:
11:1a:1c:bc
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIECE/gvDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZWI4Njk4MzU0NzExMzM1OWJhZGUxZjNmMzgxMDQwOTFlM2E2NDM5MB4XDTIyMDQw
NDA5NTc1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODBhOTdjNTg2YmYw
YTM0N2VhYTc0MTY0ZDk1ODI5M2NiNGIyOWRkZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMAMSkgd2Ez3X5dbsu/4hvuySYQ7MxFPoSQIWilGkYuzMEs6
2s579opr2ruN6gepgWpk1z6NWuyXXxXxY2Gd2S13+7J9+iRBshCepa72A31zhnab
Scfh/ypFpSZhpT6Lc+u6xHWPUR4H362+9AwO8NC2KD7xAGekfX14YM4lVCNLo3Tw
XIuPZUAAT+dXKR7vWvCGrzeo5SVSSPpvgd6O0+mjP/+4Bhd4MToVMfNkxrdJQHcl
rCvFDRg/V1eKf7Zy43vWEENW5f25Ed2XjWu49enoC8mPyFes0vZfiTI6zYVKdvq0
Y2rlI8LQFRiAp6eXxWOwAJi8/p09ztIJNyigsx8CAwEAAaOCAngwggJ0MB0GA1Ud
DgQWBBSAqXxYa/CjR+qnQWTZWCk8tLKd3TAfBgNVHSMEGDAWgBTOuGmDVHETNZut
4fPzgQQJHjpkOTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pyaHBnMVJ4RXpXYnJlSHo4NEVFQ1I0NlpEay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvZjM1MzlkLTM4Y2QtNDY1ZS1hNTdkLWRlZTJmNjUwZGQ4Ni8x
L2dLbDhXR3Z3bzBmcXAwRmsyVmdwUExTeW5kMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
ZjM1MzlkLTM4Y2QtNDY1ZS1hNTdkLWRlZTJmNjUwZGQ4Ni8xL3pyaHBnMVJ4RXpX
YnJlSHo4NEVFQ1I0NlpEay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
jQYIKwYBBQUHAQcBAf8EfjB8MGsEAgABMGUDAwE+CgMDAk4MAwQEUPGgAwMBUlQD
AwJU3AMDA14gAwQAXscIAwQFgrogAwQHgrqAAwQBwSsCAwMAwc8DBAXDguADBAXU
FoADBAXUGAADBAXUe0ADBAbVzQADBATZSdADAwDZhTANBAIAAjAHAwUAKgEH0DAN
BgkqhkiG9w0BAQsFAAOCAQEAKoePGkyoRrM0E+pvVI2gCuLhyoiui7mQbE02AUXG
luOjSjL+Hp7qPRTU6hBY93N2vb/nTUhFnlmF6Xpvm21bKV9S6CJyPbwkf2GJ5y6l
zALYlXdig5/+Su90AML8D4DpAJnjTMYBCN6NZA4VqTEF+7vLaLCsFJx/f9yyKHbU
2EKq/hMv7eM/1qekLH4jevjk67QHIkO7QUpAGNEuIG1fOntlP9XY4HelovgTqh9T
pqix0PpfOTTgjNLak5rm1gWdNiYqhjWkguCfRPwRccamMTxmdv+tdx21G13TBbgR
edHigByfC5ul9QMIirHWMtc9Y290aKOjRiVwkwMhERocvA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:45 2024 by rpki-client on console-fra.rpki-client.org