Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/6axgB3f4JGl6CAGIMSNnCObZvoY.roa
File: 6axgB3f4JGl6CAGIMSNnCObZvoY.roa (raw, json)
Hash identifier: hVBUy0idqv4uwN/fw608VAj44VaNjBKfLXKITQG/0ss=
Subject key identifier: E9:AC:60:07:77:F8:24:69:7A:08:01:88:31:23:67:08:E6:D9:BE:86
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 01860EF12D6A774722BC9F5B0C0D76B2D61B
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/6axgB3f4JGl6CAGIMSNnCObZvoY.roa
Signing time: Wed 01 Feb 2023 21:45:32 +0000
ROA not before: Wed 01 Feb 2023 21:45:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 996
IP address blocks: 217.144.55.0/24 maxlen: 24
217.144.52.0/24 maxlen: 24
217.144.57.0/24 maxlen: 24
217.144.58.0/24 maxlen: 24
79.172.224.0/24 maxlen: 24
217.144.59.0/24 maxlen: 24
217.144.60.0/24 maxlen: 24
79.172.228.0/24 maxlen: 24
79.172.250.0/24 maxlen: 24
84.21.12.0/24 maxlen: 24
84.21.13.0/24 maxlen: 24
79.172.192.0/24 maxlen: 24
79.172.207.0/24 maxlen: 24
185.63.17.0/24 maxlen: 24
185.63.18.0/24 maxlen: 24
185.63.19.0/24 maxlen: 24
213.181.217.0/24 maxlen: 24
213.181.218.0/24 maxlen: 24
213.181.216.0/24 maxlen: 24
84.21.4.0/24 maxlen: 24
213.181.221.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:0e:f1:2d:6a:77:47:22:bc:9f:5b:0c:0d:76:b2:d6:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Feb 1 21:45:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e9ac600777f824697a08018831236708e6d9be86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:47:40:50:c8:42:3b:7a:c6:f5:08:df:06:b7:
d6:b3:fc:4b:23:f0:8e:b0:d1:99:7c:76:cd:37:0d:
95:13:4a:17:e7:bf:f5:c6:89:4d:03:2a:7a:28:1f:
14:ed:10:fe:42:26:56:61:de:dd:a2:ad:b0:0a:6c:
8b:6f:af:7d:2f:6c:b3:7b:5a:f9:8c:79:de:9f:76:
8c:f8:4a:7e:d2:0d:5f:a0:bb:ab:68:46:d7:dc:40:
dc:db:ee:33:3b:a2:e4:41:97:3d:93:22:49:61:6b:
45:f8:42:1c:7d:74:b0:91:3c:e7:02:75:a8:51:c2:
8f:83:f4:44:2e:5d:f6:08:8e:6a:3b:df:b7:52:4f:
31:db:a6:67:28:af:8c:8a:86:d7:67:c6:16:56:cf:
cf:08:ea:30:ee:27:56:d3:fd:10:a7:0c:3c:4a:15:
c5:80:32:ff:38:c3:e7:7a:be:b7:1b:4e:5e:81:48:
3c:df:5f:6b:27:51:fc:db:09:59:97:17:97:96:c6:
57:26:98:28:8f:92:c8:88:a2:33:74:0d:23:44:7f:
ef:0b:d9:1c:37:7c:bf:4f:37:b3:d9:e2:e9:84:a6:
18:4d:9f:25:97:c3:fe:a5:2e:47:fa:3f:13:9b:46:
a4:5d:d9:fd:1d:21:3c:34:43:63:ba:3f:d7:f7:bd:
6c:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:AC:60:07:77:F8:24:69:7A:08:01:88:31:23:67:08:E6:D9:BE:86
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/6axgB3f4JGl6CAGIMSNnCObZvoY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.192.0/24
79.172.207.0/24
79.172.224.0/24
79.172.228.0/24
79.172.250.0/24
84.21.4.0/24
84.21.12.0/23
185.63.17.0-185.63.19.255
213.181.216.0-213.181.218.255
213.181.221.0/24
217.144.52.0/24
217.144.55.0/24
217.144.57.0-217.144.60.255
Signature Algorithm: sha256WithRSAEncryption
64:d3:3b:a1:6d:3c:ef:08:d1:62:6b:6e:c1:3d:a8:6c:3e:19:
14:b7:0d:f5:ad:e6:f5:e4:06:bd:c8:69:e2:00:d5:ef:d4:93:
b1:13:0e:d4:30:50:ce:74:43:dc:57:9d:ba:17:f4:1b:90:cf:
d9:48:ea:5a:10:7e:97:7e:95:2b:c1:39:f0:3e:9e:5b:52:42:
89:3d:65:a1:df:d6:65:e8:72:09:19:b5:43:17:1d:e6:b9:95:
b2:0b:f7:c3:78:d1:d1:d0:cb:3c:57:b4:b6:a3:a1:e7:25:f5:
0a:07:15:51:d2:6f:ec:bc:b3:6a:3a:2f:48:95:d8:fe:61:5e:
cd:0d:e8:0b:7f:24:95:aa:77:d2:4f:97:0b:50:f5:61:a3:be:
7d:f1:4f:12:18:58:f4:72:aa:93:50:21:f7:97:4d:0a:81:aa:
12:ce:4e:f7:8e:7c:8e:03:a1:1f:87:8e:ad:2b:aa:47:02:36:
32:a4:0b:24:ba:3e:c5:6d:23:e9:3c:92:de:ee:eb:ac:96:ba:
77:54:fe:c7:27:ef:f3:83:f7:4a:2d:cb:3e:1d:d0:22:c9:ba:
ce:d7:9c:7b:e1:fa:83:25:99:7b:88:d7:7c:d9:c9:7f:7d:d3:
c7:e3:6b:45:89:53:35:31:11:d8:74:28:5e:b4:78:0d:db:1d:
d0:df:f5:66
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYYO8S1qd0civJ9bDA12stYbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjMwMjAxMjE0NTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWFjNjAwNzc3ZjgyNDY5N2EwODAxODgzMTIzNjcwOGU2ZDliZTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukdAUMhCO3rG9QjfBrfWs/xLI/CO
sNGZfHbNNw2VE0oX57/1xolNAyp6KB8U7RD+QiZWYd7doq2wCmyLb699L2yze1r5
jHnen3aM+Ep+0g1foLuraEbX3EDc2+4zO6LkQZc9kyJJYWtF+EIcfXSwkTznAnWo
UcKPg/RELl32CI5qO9+3Uk8x26ZnKK+MiobXZ8YWVs/PCOow7idW0/0Qpww8ShXF
gDL/OMPner63G05egUg8319rJ1H82wlZlxeXlsZXJpgoj5LIiKIzdA0jRH/vC9kc
N3y/Tzez2eLphKYYTZ8ll8P+pS5H+j8Tm0akXdn9HSE8NENjuj/X971sXwIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFOmsYAd3+CRpeggBiDEjZwjm2b6GMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvNmF4Z0IzZjRKR2w2Q0FHSU1TTm5DT2Jadm9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQAT6zAAwQA
T6zPAwQAT6zgAwQAT6zkAwQAT6z6AwQAVBUEAwQBVBUMMAwDBAC5PxEDBAK5PxAw
DAMEA9W12AMEANW12gMEANW13QMEANmQNAMEANmQNzAMAwQA2ZA5AwQA2ZA8MA0G
CSqGSIb3DQEBCwUAA4IBAQBk0zuhbTzvCNFia27BPahsPhkUtw31reb15Aa9yGni
ANXv1JOxEw7UMFDOdEPcV526F/QbkM/ZSOpaEH6XfpUrwTnwPp5bUkKJPWWh39Zl
6HIJGbVDFx3muZWyC/fDeNHR0Ms8V7S2o6HnJfUKBxVR0m/svLNqOi9Ildj+YV7N
DegLfySVqnfST5cLUPVho7598U8SGFj0cqqTUCH3l00KgaoSzk73jnyOA6Efh46t
K6pHAjYypAskuj7FbSPpPJLe7uuslrp3VP7HJ+/zg/dKLcs+HdAiybrO15x74fqD
JZl7iNd82cl/fdPH42tFiVM1MRHYdChetHgN2x3Q3/Vm
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:39 2023 by rpki-client on console-fra.rpki-client.org