Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/1-ReMzoiJZtPCwIjPy-HOmWKW4_E.roa
File: 1-ReMzoiJZtPCwIjPy-HOmWKW4_E.roa (raw, json)
Hash identifier: T6tRu/5O7mnPcV5rlCEQ/i74zIuy3+xOQNNteo8tV+A=
Subject key identifier: F9:17:8C:CE:88:89:66:D3:C2:C0:88:CF:CB:E1:CE:99:62:96:E3:F1
Certificate issuer: /CN=b0f619ef200840dfa8fd43567c7a978c15312d7f
Certificate serial: 018E33A17D40D72DC203B9D8C7C41F942C40
Authority key identifier: B0:F6:19:EF:20:08:40:DF:A8:FD:43:56:7C:7A:97:8C:15:31:2D:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/1-ReMzoiJZtPCwIjPy-HOmWKW4_E.roa
Signing time: Tue 12 Mar 2024 17:06:45 +0000
ROA not before: Tue 12 Mar 2024 17:06:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 31.222.244.0/24 maxlen: 24
88.151.11.0/24 maxlen: 24
91.210.71.0/24 maxlen: 24
109.205.62.0/24 maxlen: 24
193.200.61.0/24 maxlen: 24
193.228.131.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:33:a1:7d:40:d7:2d:c2:03:b9:d8:c7:c4:1f:94:2c:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0f619ef200840dfa8fd43567c7a978c15312d7f
Validity
Not Before: Mar 12 17:06:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f9178cce888966d3c2c088cfcbe1ce996296e3f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:72:50:08:c2:6a:17:a8:4c:af:b3:fd:2d:8d:
78:fe:db:b5:ac:6b:31:c5:2d:87:a6:a7:d6:46:12:
19:98:7d:23:98:52:2a:0e:c7:b1:41:95:5b:bd:d1:
c2:6a:50:24:d0:b0:bb:c3:82:b2:8e:bf:b3:2a:b4:
8e:51:25:c1:b2:c8:d9:66:ff:85:f7:6d:d8:9e:3b:
93:a0:a0:34:57:96:8e:3e:a1:01:ba:a0:ef:1d:30:
98:79:3b:41:61:5b:5b:57:69:e6:58:d2:60:42:3d:
24:5b:9d:e6:78:a5:7b:58:d4:49:35:10:06:fb:8c:
5e:12:c7:79:3b:51:d1:79:82:6f:41:dd:52:b5:1a:
45:c1:57:dd:be:f6:92:4f:34:92:c6:48:dc:34:60:
9e:b0:58:e4:59:a8:b8:8a:f5:6b:d6:b5:ac:d8:21:
f3:d6:53:fc:2b:6d:0b:2b:33:b0:63:7c:d2:89:76:
8a:be:78:df:b1:dc:51:db:26:e5:36:7e:a4:1d:c2:
92:e1:4d:cc:3e:06:89:ad:98:60:1d:7b:da:7a:84:
46:c7:be:5e:16:52:6f:c2:73:75:17:9d:12:e7:92:
53:c8:e4:54:a5:ff:32:0a:cc:7e:8b:68:5e:cf:6d:
a4:24:77:30:fd:d5:aa:40:3f:81:f8:9b:bd:af:aa:
48:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:17:8C:CE:88:89:66:D3:C2:C0:88:CF:CB:E1:CE:99:62:96:E3:F1
X509v3 Authority Key Identifier:
keyid:B0:F6:19:EF:20:08:40:DF:A8:FD:43:56:7C:7A:97:8C:15:31:2D:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/1-ReMzoiJZtPCwIjPy-HOmWKW4_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.244.0/24
88.151.11.0/24
91.210.71.0/24
109.205.62.0/24
193.200.61.0/24
193.228.131.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:d4:3c:d3:b9:4b:a6:61:a9:14:12:28:c9:b4:09:cb:60:87:
b9:8a:c2:37:41:21:b0:33:c5:ac:0b:8c:04:20:4b:ab:11:6b:
cc:bd:38:e6:e3:ae:41:82:24:cf:16:8a:a9:c4:0b:c4:b3:35:
81:9a:58:5f:75:9a:be:c6:9b:fb:5d:d6:f0:26:44:17:93:22:
32:e5:88:1e:8c:d0:3a:30:89:82:97:cd:db:d5:44:90:08:80:
8f:21:af:d7:33:fd:cb:f5:e6:c8:48:ac:f0:2b:d3:42:4a:ea:
d6:d8:3a:f5:c9:21:dd:d5:61:68:8d:d9:41:cb:4b:44:13:f8:
ef:d9:e2:a1:52:66:3c:63:8e:27:a6:2a:6c:ba:b4:0a:27:ed:
07:66:e3:06:32:2e:83:62:2d:ea:b5:c5:74:82:e5:64:8c:70:
b6:2c:6a:d2:dc:cb:35:5a:a9:40:14:fe:49:45:2f:16:6d:78:
33:9d:fa:e5:98:0a:bc:ea:18:96:8b:34:aa:e1:a7:3d:e6:7c:
6c:da:8f:fa:c9:60:3c:f1:4d:23:d5:b5:97:16:54:82:da:da:
40:55:b6:29:ab:bc:03:ba:9b:d4:54:b4:bc:dc:28:6a:ac:bf:
36:a3:e5:92:11:a7:ac:38:91:42:2a:c1:40:9e:0a:a8:74:bb:
b0:43:66:9d
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAY4zoX1A1y3CA7nYx8QflCxAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZjYxOWVmMjAwODQwZGZhOGZkNDM1NjdjN2E5NzhjMTUz
MTJkN2YwHhcNMjQwMzEyMTcwNjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTE3OGNjZTg4ODk2NmQzYzJjMDg4Y2ZjYmUxY2U5OTYyOTZlM2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhnJQCMJqF6hMr7P9LY14/tu1rGsx
xS2HpqfWRhIZmH0jmFIqDsexQZVbvdHCalAk0LC7w4Kyjr+zKrSOUSXBssjZZv+F
923YnjuToKA0V5aOPqEBuqDvHTCYeTtBYVtbV2nmWNJgQj0kW53meKV7WNRJNRAG
+4xeEsd5O1HReYJvQd1StRpFwVfdvvaSTzSSxkjcNGCesFjkWai4ivVr1rWs2CHz
1lP8K20LKzOwY3zSiXaKvnjfsdxR2yblNn6kHcKS4U3MPgaJrZhgHXvaeoRGx75e
FlJvwnN1F50S55JTyORUpf8yCsx+i2hez22kJHcw/dWqQD+B+Ju9r6pIgwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFPkXjM6IiWbTwsCIz8vhzpliluPxMB8GA1UdIwQY
MBaAFLD2Ge8gCEDfqP1DVnx6l4wVMS1/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1BZWjd5QUlRTi1vX1VOV2ZIcVhqQlV4TFg4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wZTE4ZDItZDgwYi00YWEwLWFhZWYt
MDY5NjYxNjc1MTA2LzEvMS1SZU16b2lKWnRQQ3dJalB5LUhPbVdLVzRfRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNmIvMGUxOGQyLWQ4MGItNGFhMC1hYWVmLTA2OTY2MTY3NTEw
Ni8xL3NQWVo3eUFJUU4tb19VTldmSHFYakJVeExYOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA9BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAB/e9AME
AFiXCwMEAFvSRwMEAG3NPgMEAMHIPQMEAMHkgzANBgkqhkiG9w0BAQsFAAOCAQEA
i9Q807lLpmGpFBIoybQJy2CHuYrCN0EhsDPFrAuMBCBLqxFrzL045uOuQYIkzxaK
qcQLxLM1gZpYX3Wavsab+13W8CZEF5MiMuWIHozQOjCJgpfN29VEkAiAjyGv1zP9
y/XmyEis8CvTQkrq1tg69ckh3dVhaI3ZQctLRBP479nioVJmPGOOJ6YqbLq0Cift
B2bjBjIug2It6rXFdILlZIxwtixq0tzLNVqpQBT+SUUvFm14M5365ZgKvOoYlos0
quGnPeZ8bNqP+slgPPFNI9W1lxZUgtraQFW2Kau8A7qb1FS0vNwoaqy/NqPlkhGn
rDiRQirBQJ4KqHS7sENmnQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:18 2024 by rpki-client on console-ams.rpki-client.org