Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/81bc95-1444-408a-92f1-392e05a84277/1/fTk4ShRiFl0mjiFclCSUChjJ6Jw.roa
File: fTk4ShRiFl0mjiFclCSUChjJ6Jw.roa (raw, json)
Hash identifier: qr4g5fgj0x31iMdWMd/FKJhXGrMjhg0Uzx3PC+f/e0w=
Subject key identifier: 7D:39:38:4A:14:62:16:5D:26:8E:21:5C:94:24:94:0A:18:C9:E8:9C
Certificate issuer: /CN=1f739d213a438f678b322a8f8f84e2d8c7814aca
Certificate serial: 018ADABF3495E3F29E9C8A294E53E8F79333
Authority key identifier: 1F:73:9D:21:3A:43:8F:67:8B:32:2A:8F:8F:84:E2:D8:C7:81:4A:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H3OdITpDj2eLMiqPj4Ti2MeBSso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/81bc95-1444-408a-92f1-392e05a84277/1/fTk4ShRiFl0mjiFclCSUChjJ6Jw.roa
Signing time: Thu 28 Sep 2023 07:44:38 +0000
ROA not before: Thu 28 Sep 2023 07:44:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12350
IP address blocks: 83.228.128.0/17 maxlen: 17
213.162.0.0/19 maxlen: 19
194.38.64.0/19 maxlen: 19
185.133.28.0/22 maxlen: 22
212.232.128.0/17 maxlen: 17
194.148.96.0/19 maxlen: 19
194.148.4.0/22 maxlen: 22
194.148.0.0/18 maxlen: 18
194.148.8.0/21 maxlen: 21
195.15.0.0/17 maxlen: 17
194.148.16.0/20 maxlen: 20
212.28.128.0/19 maxlen: 19
194.38.160.0/19 maxlen: 19
194.148.32.0/19 maxlen: 19
212.147.79.0/24 maxlen: 24
212.40.0.0/19 maxlen: 19
212.147.0.0/17 maxlen: 17
213.5.152.0/21 maxlen: 21
212.254.0.0/16 maxlen: 16
212.109.64.0/19 maxlen: 19
2a03:a360::/32 maxlen: 32
2001:4c78::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:da:bf:34:95:e3:f2:9e:9c:8a:29:4e:53:e8:f7:93:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f739d213a438f678b322a8f8f84e2d8c7814aca
Validity
Not Before: Sep 28 07:44:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7d39384a1462165d268e215c9424940a18c9e89c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:9a:c3:80:87:2e:8b:de:4e:4e:99:0a:c9:33:
d3:3e:a2:01:60:e5:3a:a3:22:e7:d1:dd:96:e6:83:
58:82:4e:dd:d0:b6:56:99:88:f9:6d:fd:b7:5c:0a:
0a:bd:ac:1d:fa:f3:6a:e3:14:4a:ef:8a:67:cb:34:
03:d1:16:fa:0e:ce:d2:61:8e:14:36:c6:fd:5f:b0:
d9:c4:d2:dd:9a:4c:41:26:0e:fe:8c:ac:ca:e2:86:
58:e1:31:ba:56:eb:8a:6f:06:e8:1b:76:46:1a:a2:
5c:69:2e:bc:4d:d8:ec:58:0b:c2:f2:34:cb:f9:8e:
29:b3:65:04:f4:ae:f5:d0:aa:d3:6c:8d:6f:dc:30:
89:26:0e:f1:82:64:77:c0:d3:c7:01:82:d8:e6:22:
f1:a5:27:15:7c:cc:40:0a:3a:f3:6a:a0:3a:81:db:
53:e7:a3:bc:13:f8:c2:10:74:70:59:d9:fb:b0:a9:
7f:8a:9f:45:80:f8:5e:96:be:0e:82:f7:40:49:41:
e7:4b:74:20:ef:c1:a4:77:94:bd:f6:2e:a1:ac:d5:
db:51:c1:4d:55:3f:b9:49:e2:b0:33:e2:9d:67:0f:
8e:fd:02:32:ad:a5:88:7a:1f:a8:d4:4e:c6:77:c5:
d6:b1:0c:a6:97:e5:f9:38:0f:c6:44:c6:9c:a9:39:
fe:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:39:38:4A:14:62:16:5D:26:8E:21:5C:94:24:94:0A:18:C9:E8:9C
X509v3 Authority Key Identifier:
keyid:1F:73:9D:21:3A:43:8F:67:8B:32:2A:8F:8F:84:E2:D8:C7:81:4A:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H3OdITpDj2eLMiqPj4Ti2MeBSso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/81bc95-1444-408a-92f1-392e05a84277/1/fTk4ShRiFl0mjiFclCSUChjJ6Jw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/81bc95-1444-408a-92f1-392e05a84277/1/H3OdITpDj2eLMiqPj4Ti2MeBSso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.228.128.0/17
185.133.28.0/22
194.38.64.0/19
194.38.160.0/19
194.148.0.0/18
194.148.96.0/19
195.15.0.0/17
212.28.128.0/19
212.40.0.0/19
212.109.64.0/19
212.147.0.0/17
212.232.128.0/17
212.254.0.0/16
213.5.152.0/21
213.162.0.0/19
IPv6:
2001:4c78::/32
2a03:a360::/32
Signature Algorithm: sha256WithRSAEncryption
23:8d:21:26:b7:01:1f:85:0b:a5:2a:59:d5:be:5b:2a:a0:a6:
23:59:5c:91:33:80:35:00:e7:1d:a7:2a:c4:e7:c6:ac:ac:d1:
85:ed:cd:42:65:38:0b:92:2c:03:31:76:d6:9a:3f:b7:4b:26:
1d:d3:9c:da:c5:69:8b:9f:dd:f9:b6:33:99:94:73:8b:6b:e3:
cb:61:20:75:f2:98:a0:85:99:dc:dd:69:19:4c:c6:b6:4c:9b:
6b:46:0f:fd:28:31:28:47:85:57:08:7a:64:08:ee:ff:e3:48:
27:b2:80:f0:c0:62:0b:2b:26:eb:20:5d:82:54:05:17:07:82:
38:fb:84:62:c9:ff:b9:37:a7:ab:85:81:9a:fc:5d:cb:12:9f:
30:cb:24:98:a3:00:43:39:e1:71:6c:e6:09:1f:23:e3:a2:9d:
0e:30:4d:d0:6d:b3:70:39:fb:f5:07:a1:77:88:ab:09:99:e6:
22:c0:49:24:84:47:52:4b:36:3c:8a:e9:59:3a:c4:2a:81:17:
cc:11:dd:8d:53:cb:6b:6d:0f:e2:a7:c1:6e:95:85:31:69:bd:
c7:2f:c1:77:fe:b6:c9:15:60:e9:b9:f8:9e:1e:ba:e6:ea:6f:
fc:be:c3:a8:f1:60:cc:10:82:72:68:77:a7:87:29:90:10:b3:
67:a2:65:38
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAYravzSV4/KenIopTlPo95MzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNzM5ZDIxM2E0MzhmNjc4YjMyMmE4ZjhmODRlMmQ4Yzc4
MTRhY2EwHhcNMjMwOTI4MDc0NDM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDM5Mzg0YTE0NjIxNjVkMjY4ZTIxNWM5NDI0OTQwYTE4YzllODljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZrDgIcui95OTpkKyTPTPqIBYOU6
oyLn0d2W5oNYgk7d0LZWmYj5bf23XAoKvawd+vNq4xRK74pnyzQD0Rb6Ds7SYY4U
Nsb9X7DZxNLdmkxBJg7+jKzK4oZY4TG6VuuKbwboG3ZGGqJcaS68TdjsWAvC8jTL
+Y4ps2UE9K710KrTbI1v3DCJJg7xgmR3wNPHAYLY5iLxpScVfMxACjrzaqA6gdtT
56O8E/jCEHRwWdn7sKl/ip9FgPhelr4OgvdASUHnS3Qg78Gkd5S99i6hrNXbUcFN
VT+5SeKwM+KdZw+O/QIyraWIeh+o1E7Gd8XWsQyml+X5OA/GRMacqTn+HwIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFH05OEoUYhZdJo4hXJQklAoYyeicMB8GA1UdIwQY
MBaAFB9znSE6Q49nizIqj4+E4tjHgUrKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDNPZElUcERqMmVMTWlxUGo0VGkyTWVCU3NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni84MWJjOTUtMTQ0NC00MDhhLTkyZjEt
MzkyZTA1YTg0Mjc3LzEvZlRrNFNoUmlGbDBtamlGY2xDU1VDaGpKNkp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni84MWJjOTUtMTQ0NC00MDhhLTkyZjEtMzkyZTA1YTg0Mjc3
LzEvSDNPZElUcERqMmVMTWlxUGo0VGkyTWVCU3NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwXwQCAAEwWQMEB1PkgAME
ArmFHAMEBcImQAMEBcImoAMEBsKUAAMEBcKUYAMEB8MPAAMEBdQcgAMEBdQoAAME
BdRtQAMEB9STAAMEB9TogAMDANT+AwQD1QWYAwQF1aIAMBQEAgACMA4DBQAgAUx4
AwUAKgOjYDANBgkqhkiG9w0BAQsFAAOCAQEAI40hJrcBH4ULpSpZ1b5bKqCmI1lc
kTOANQDnHacqxOfGrKzRhe3NQmU4C5IsAzF21po/t0smHdOc2sVpi5/d+bYzmZRz
i2vjy2EgdfKYoIWZ3N1pGUzGtkyba0YP/SgxKEeFVwh6ZAju/+NIJ7KA8MBiCysm
6yBdglQFFweCOPuEYsn/uTenq4WBmvxdyxKfMMskmKMAQznhcWzmCR8j46KdDjBN
0G2zcDn79Qehd4irCZnmIsBJJIRHUks2PIrpWTrEKoEXzBHdjVPLa20P4qfBbpWF
MWm9xy/Bd/62yRVg6bn4nh665upv/L7DqPFgzBCCcmh3p4cpkBCzZ6JlOA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:13:01 2025 by rpki-client