Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/kDcG00q-BPRwtwdLFhrLb6lnHaU.roa
File: kDcG00q-BPRwtwdLFhrLb6lnHaU.roa (raw, json)
Hash identifier: wQmwFmRZf5IFkoEv2f/jEWs6QTA9seNqE7al8L7j6nE=
Subject key identifier: 90:37:06:D3:4A:BE:04:F4:70:B7:07:4B:16:1A:CB:6F:A9:67:1D:A5
Certificate issuer: /CN=ceb86983547113359bade1f3f38104091e3a6439
Certificate serial: 0183A6F6F56865534FD6F739542D31FB58FE
Authority key identifier: CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/kDcG00q-BPRwtwdLFhrLb6lnHaU.roa
Signing time: Wed 05 Oct 2022 07:05:45 +0000
ROA not before: Wed 05 Oct 2022 07:05:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8612
IP address blocks: 84.220.0.0/14 maxlen: 24
195.130.224.0/19 maxlen: 19
193.43.3.180/30 maxlen: 30
213.205.0.0/18 maxlen: 18
193.43.3.192/26 maxlen: 26
193.43.2.0/24 maxlen: 24
82.85.26.128/26 maxlen: 26
82.85.53.64/26 maxlen: 26
82.85.53.0/26 maxlen: 26
82.84.0.0/15 maxlen: 24
193.207.24.0/21 maxlen: 24
62.10.0.0/15 maxlen: 24
217.133.0.0/16 maxlen: 16
193.207.32.0/19 maxlen: 24
217.73.208.0/20 maxlen: 20
94.32.0.0/13 maxlen: 24
193.207.96.0/20 maxlen: 21
193.43.3.184/29 maxlen: 29
212.123.64.0/19 maxlen: 19
94.199.8.0/24 maxlen: 24
193.207.128.0/17 maxlen: 22
193.207.64.0/18 maxlen: 24
94.32.0.0/14 maxlen: 14
94.36.0.0/14 maxlen: 14
213.205.0.251/32 maxlen: 32
217.133.170.0/24 maxlen: 24
2a01:7d0:4800:1::/64 maxlen: 64
2a01:7d0::/32 maxlen: 32
2a01:7d0:4811::/64 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:a6:f6:f5:68:65:53:4f:d6:f7:39:54:2d:31:fb:58:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ceb86983547113359bade1f3f38104091e3a6439
Validity
Not Before: Oct 5 07:05:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=903706d34abe04f470b7074b161acb6fa9671da5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:2d:9a:3d:89:b6:e0:49:05:35:96:15:68:62:
ed:74:dc:dc:9f:3f:1a:57:ab:f2:97:ae:cd:05:79:
cc:ea:67:aa:8d:be:6f:e8:77:e1:be:3b:8d:c2:d0:
f9:61:c9:cf:c7:bf:dd:2f:e3:d7:16:08:b5:aa:93:
c5:29:ce:4a:3e:26:22:2b:74:eb:f0:5f:fc:12:23:
35:e7:8a:e4:ef:3c:cd:56:b3:c9:9c:41:a1:fb:14:
1d:d4:a8:7a:6a:bc:a4:c8:d6:ad:c2:a1:82:52:58:
a6:f8:ad:dd:ad:e3:22:6c:a8:94:d3:80:5e:dd:22:
0f:c9:16:78:f6:62:77:0f:b7:cc:13:7a:60:d4:19:
d2:87:4d:1e:6c:4c:41:e8:95:6b:36:06:59:f7:ac:
65:c4:e2:7f:29:00:29:67:dc:d0:10:a2:a0:64:f1:
3d:10:0e:a3:47:45:98:24:26:e8:dc:9b:33:60:ce:
18:66:22:0e:1e:49:c4:bf:80:30:d4:42:48:f4:22:
98:ac:1e:6e:9d:1d:c7:8c:e0:03:c6:9a:0f:ec:d7:
72:39:55:bd:a8:ea:f2:44:ab:18:73:ce:81:67:70:
a1:6e:c6:4e:10:57:b5:ec:7d:9a:a4:69:aa:09:29:
89:31:d8:fc:e1:04:17:22:0b:74:6f:32:22:73:12:
a7:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:37:06:D3:4A:BE:04:F4:70:B7:07:4B:16:1A:CB:6F:A9:67:1D:A5
X509v3 Authority Key Identifier:
keyid:CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/kDcG00q-BPRwtwdLFhrLb6lnHaU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/zrhpg1RxEzWbreHz84EECR46ZDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.10.0.0/15
82.84.0.0/15
84.220.0.0/14
94.32.0.0/13
94.199.8.0/24
193.43.2.0/24
193.43.3.180-193.43.3.255
193.207.24.0-193.207.255.255
195.130.224.0/19
212.123.64.0/19
213.205.0.0/18
217.73.208.0/20
217.133.0.0/16
IPv6:
2a01:7d0::/32
Signature Algorithm: sha256WithRSAEncryption
21:e0:3b:c2:c6:d2:ff:39:68:67:ad:86:ff:b8:9c:cb:c8:65:
7a:01:73:57:5b:47:c9:d1:c2:f8:f9:fc:49:c1:39:9c:af:3f:
ec:3c:80:fe:76:83:05:73:ca:9c:8c:c3:06:b4:72:4a:d6:29:
86:ef:30:5a:36:16:d6:91:e6:6f:aa:ee:3a:b6:7e:16:18:47:
b3:d2:a7:5f:f7:cb:87:be:34:86:b1:28:33:67:90:64:16:b5:
03:b6:d5:af:65:b8:2c:15:36:b2:52:6e:3a:a7:f5:ba:4b:e7:
7f:3e:74:9c:79:a9:de:49:2c:cc:a3:31:e1:db:de:9e:c1:1e:
f2:67:49:4b:9a:e2:e5:a2:d4:ea:b9:8b:db:a8:a9:49:4e:6b:
87:87:28:be:6d:a8:93:18:90:6a:9b:a8:c1:e2:e7:e6:51:0d:
f6:5b:9b:05:c0:e2:77:07:e7:ad:ed:6c:6f:ff:c9:39:c8:91:
05:14:e2:65:f0:6d:b1:56:6a:4a:b8:be:02:43:fb:23:d3:26:
67:a8:8b:24:c7:d2:38:d7:d6:92:07:42:a1:bd:cb:50:c7:11:
85:77:5a:fd:cb:7e:cb:24:6a:a4:5d:ba:cf:d0:51:ee:ea:8f:
f8:66:96:9c:14:ca:20:61:e3:4d:f7:bc:1f:e0:ba:c9:6d:78:
0a:a9:2f:fa
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAYOm9vVoZVNP1vc5VC0x+1j+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYjg2OTgzNTQ3MTEzMzU5YmFkZTFmM2YzODEwNDA5MWUz
YTY0MzkwHhcNMjIxMDA1MDcwNTQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDM3MDZkMzRhYmUwNGY0NzBiNzA3NGIxNjFhY2I2ZmE5NjcxZGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAly2aPYm24EkFNZYVaGLtdNzcnz8a
V6vyl67NBXnM6meqjb5v6HfhvjuNwtD5YcnPx7/dL+PXFgi1qpPFKc5KPiYiK3Tr
8F/8EiM154rk7zzNVrPJnEGh+xQd1Kh6arykyNatwqGCUlim+K3dreMibKiU04Be
3SIPyRZ49mJ3D7fME3pg1BnSh00ebExB6JVrNgZZ96xlxOJ/KQApZ9zQEKKgZPE9
EA6jR0WYJCbo3JszYM4YZiIOHknEv4Aw1EJI9CKYrB5unR3HjOADxpoP7NdyOVW9
qOryRKsYc86BZ3ChbsZOEFe17H2apGmqCSmJMdj84QQXIgt0bzIicxKnEQIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFJA3BtNKvgT0cLcHSxYay2+pZx2lMB8GA1UdIwQY
MBaAFM64aYNUcRM1m63h8/OBBAkeOmQ5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenJocGcxUnhFeldicmVIejg0RUVDUjQ2WkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9mMzUzOWQtMzhjZC00NjVlLWE1N2Qt
ZGVlMmY2NTBkZDg2LzEva0RjRzAwcS1CUFJ3dHdkTEZockxiNmxuSGFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9mMzUzOWQtMzhjZC00NjVlLWE1N2QtZGVlMmY2NTBkZDg2
LzEvenJocGcxUnhFeldicmVIejg0RUVDUjQ2WkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwXwQCAAEwWQMDAT4KAwMB
UlQDAwJU3AMDA14gAwQAXscIAwQAwSsCMA0DBQLBKwO0AwQCwSsAMAsDBAPBzxgD
AwTBwAMEBcOC4AMEBdR7QAMEBtXNAAMEBNlJ0AMDANmFMA0EAgACMAcDBQAqAQfQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAh4DvCxtL/OWhnrYb/uJzLyGV6AXNXW0fJ0cL4
+fxJwTmcrz/sPID+doMFc8qcjMMGtHJK1imG7zBaNhbWkeZvqu46tn4WGEez0qdf
98uHvjSGsSgzZ5BkFrUDttWvZbgsFTayUm46p/W6S+d/PnSceaneSSzMozHh296e
wR7yZ0lLmuLlotTquYvbqKlJTmuHhyi+baiTGJBqm6jB4ufmUQ32W5sFwOJ3B+et
7Wxv/8k5yJEFFOJl8G2xVmpKuL4CQ/sj0yZnqIskx9I419aSB0KhvctQxxGFd1r9
y37LJGqkXbrP0FHu6o/4ZpacFMogYeNN97wf4LrJbXgKqS/6
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:07 2023 by rpki-client on console-ams.rpki-client.org