Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/ccV6rQqXFWm-W-lW2ZFmFs3c1T0.roa
File: ccV6rQqXFWm-W-lW2ZFmFs3c1T0.roa (raw, json)
Hash identifier: 3kAdaRcja9LUzqXpBOzP/MO24kt/o3RYPK3HEzpMS0w=
Subject key identifier: 71:C5:7A:AD:0A:97:15:69:BE:5B:E9:56:D9:91:66:16:CD:DC:D5:3D
Certificate issuer: /CN=8777b5b36f66e13c4388c9934da507856515d073
Certificate serial: 01856DE64AAA9479F48CA5A6B8B47766DD4C
Authority key identifier: 87:77:B5:B3:6F:66:E1:3C:43:88:C9:93:4D:A5:07:85:65:15:D0:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3e1s29m4TxDiMmTTaUHhWUV0HM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/ccV6rQqXFWm-W-lW2ZFmFs3c1T0.roa
Signing time: Sun 01 Jan 2023 15:14:47 +0000
ROA not before: Sun 01 Jan 2023 15:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213241
IP address blocks: 185.185.230.0/24 maxlen: 24
87.238.226.0/24 maxlen: 24
94.139.34.0/23 maxlen: 24
94.139.38.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:e6:4a:aa:94:79:f4:8c:a5:a6:b8:b4:77:66:dd:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8777b5b36f66e13c4388c9934da507856515d073
Validity
Not Before: Jan 1 15:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=71c57aad0a971569be5be956d9916616cddcd53d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:59:81:39:08:1e:3c:a1:8f:2a:90:8d:06:1d:
11:28:c1:0f:f7:49:f8:7c:02:20:86:60:36:54:f2:
08:a1:3f:35:0a:be:53:c1:2d:95:25:61:63:cb:22:
66:22:60:b6:19:7a:de:1a:74:c7:9f:42:15:ba:68:
ba:f5:de:6b:80:b5:02:75:72:fb:8d:fb:72:75:db:
68:20:24:06:68:b6:22:25:f6:f7:a4:7f:ea:2e:30:
9a:94:43:a6:88:16:c4:81:7e:0c:81:58:66:ef:6e:
b3:2c:40:12:fb:b4:cc:c5:07:12:1c:ca:ac:c0:5e:
92:85:9b:90:6b:80:90:ab:d0:28:a3:2a:11:67:41:
84:4b:1e:f1:81:64:4f:e4:c4:35:45:a1:77:ea:7e:
e9:51:f2:49:7b:b3:4c:bc:e6:bb:7b:8b:7b:5c:eb:
ea:e0:f4:2f:49:ff:ca:b9:87:8b:72:19:0f:7b:5d:
2f:17:ec:ae:80:c3:34:bb:72:63:2d:28:b5:8b:7e:
c4:1a:10:1d:ad:bc:bd:d7:69:9f:83:70:76:54:b8:
de:d9:6c:02:75:20:46:8f:a4:98:df:e1:c9:ed:e2:
55:b1:e4:0f:6e:cc:80:41:77:fe:af:c0:8d:12:42:
eb:00:f6:ba:a4:c2:a3:07:48:bd:3e:b3:21:c8:42:
34:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:C5:7A:AD:0A:97:15:69:BE:5B:E9:56:D9:91:66:16:CD:DC:D5:3D
X509v3 Authority Key Identifier:
keyid:87:77:B5:B3:6F:66:E1:3C:43:88:C9:93:4D:A5:07:85:65:15:D0:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3e1s29m4TxDiMmTTaUHhWUV0HM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/ccV6rQqXFWm-W-lW2ZFmFs3c1T0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/h3e1s29m4TxDiMmTTaUHhWUV0HM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.238.226.0/24
94.139.34.0/23
94.139.38.0/24
185.185.230.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:23:8d:de:0e:88:a1:8e:45:3d:9e:53:4c:44:a0:27:cc:ec:
2f:39:77:e8:72:3e:bf:b1:2d:50:f4:f4:4e:98:47:7d:cf:9a:
46:19:07:e3:43:c3:68:ef:51:31:c2:ac:7e:b5:51:1d:60:1a:
87:19:e8:2d:39:98:0e:56:b1:64:11:b7:46:58:27:fc:58:39:
af:14:e7:f9:ae:6d:ce:01:18:fa:65:e7:be:a0:95:17:0f:8d:
a5:ae:86:72:65:6d:06:c5:01:50:a6:98:24:3d:e4:20:af:87:
b7:3c:2b:7f:11:ee:89:41:e6:cf:f0:81:8f:e9:46:9f:53:79:
1a:47:c0:5f:99:f0:1d:4e:9c:6f:70:8e:4d:f4:85:a6:fc:f2:
5c:0a:52:96:24:eb:26:a7:e6:17:79:7e:48:b9:71:88:b8:b3:
7c:46:68:4f:3d:05:0e:5f:32:df:b3:97:0f:8e:a0:f4:52:24:
d6:a4:21:db:5a:dd:f8:c5:94:24:fd:33:b1:d8:2d:8e:f2:66:
cf:05:9c:f9:d7:47:73:79:c9:c7:55:d6:65:75:2c:aa:48:e5:
f3:a7:6f:e4:17:4f:8d:d4:49:a2:ca:6d:14:30:10:1e:11:5c:
cc:b5:17:8a:ae:30:da:c5:d0:47:1f:83:9f:80:29:85:cb:d3:
31:80:b4:1c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVt5kqqlHn0jKWmuLR3Zt1MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzdiNWIzNmY2NmUxM2M0Mzg4Yzk5MzRkYTUwNzg1NjUx
NWQwNzMwHhcNMjMwMTAxMTUxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWM1N2FhZDBhOTcxNTY5YmU1YmU5NTZkOTkxNjYxNmNkZGNkNTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2FmBOQgePKGPKpCNBh0RKMEP90n4
fAIghmA2VPIIoT81Cr5TwS2VJWFjyyJmImC2GXreGnTHn0IVumi69d5rgLUCdXL7
jftyddtoICQGaLYiJfb3pH/qLjCalEOmiBbEgX4MgVhm726zLEAS+7TMxQcSHMqs
wF6ShZuQa4CQq9AooyoRZ0GESx7xgWRP5MQ1RaF36n7pUfJJe7NMvOa7e4t7XOvq
4PQvSf/KuYeLchkPe10vF+yugMM0u3JjLSi1i37EGhAdrby912mfg3B2VLje2WwC
dSBGj6SY3+HJ7eJVseQPbsyAQXf+r8CNEkLrAPa6pMKjB0i9PrMhyEI0XwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHHFeq0KlxVpvlvpVtmRZhbN3NU9MB8GA1UdIwQY
MBaAFId3tbNvZuE8Q4jJk02lB4VlFdBzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNlMXMyOW00VHhEaU1tVFRhVUhoV1VWMEhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9mOTJlMmEtZTFlNC00ODdkLTlhY2Mt
ZWQxZjMwY2MxYzU3LzEvY2NWNnJRcVhGV20tVy1sVzJaRm1GczNjMVQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9mOTJlMmEtZTFlNC00ODdkLTlhY2MtZWQxZjMwY2MxYzU3
LzEvaDNlMXMyOW00VHhEaU1tVFRhVUhoV1VWMEhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAV+7iAwQB
XosiAwQAXosmAwQAubnmMA0GCSqGSIb3DQEBCwUAA4IBAQCiI43eDoihjkU9nlNM
RKAnzOwvOXfocj6/sS1Q9PROmEd9z5pGGQfjQ8No71Exwqx+tVEdYBqHGegtOZgO
VrFkEbdGWCf8WDmvFOf5rm3OARj6Zee+oJUXD42lroZyZW0GxQFQppgkPeQgr4e3
PCt/Ee6JQebP8IGP6UafU3kaR8BfmfAdTpxvcI5N9IWm/PJcClKWJOsmp+YXeX5I
uXGIuLN8RmhPPQUOXzLfs5cPjqD0UiTWpCHbWt34xZQk/TOx2C2O8mbPBZz510dz
ecnHVdZldSyqSOXzp2/kF0+N1Emiym0UMBAeEVzMtReKrjDaxdBHH4OfgCmFy9Mx
gLQc
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:00 2023 by rpki-client on console-fra.rpki-client.org