Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/qSBtc-p7tsvv29thxPOeI-YLOV0.roa
File: qSBtc-p7tsvv29thxPOeI-YLOV0.roa (raw, json)
Hash identifier: fSTLlimgbaeYAs5z+IXby7LVR9NWlftuml2cQj9AUIc=
Subject key identifier: A9:20:6D:73:EA:7B:B6:CB:EF:DB:DB:61:C4:F3:9E:23:E6:0B:39:5D
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 018CC3B72AA4538094C68F362F4A5F9B7C9E
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/qSBtc-p7tsvv29thxPOeI-YLOV0.roa
Signing time: Mon 01 Jan 2024 06:30:10 +0000
ROA not before: Mon 01 Jan 2024 06:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5511
IP address blocks: 193.251.220.0/22 maxlen: 24
193.251.240.0/20 maxlen: 24
90.84.48.0/20 maxlen: 24
81.52.128.0/21 maxlen: 24
90.84.128.0/20 maxlen: 24
81.52.136.0/22 maxlen: 24
81.52.140.0/23 maxlen: 24
90.84.151.0/24 maxlen: 24
90.84.148.0/24 maxlen: 24
193.251.148.0/23 maxlen: 23
193.251.160.0/20 maxlen: 24
193.251.169.0/24 maxlen: 24
81.52.236.0/22 maxlen: 24
90.84.255.0/24 maxlen: 24
81.52.160.0/24 maxlen: 24
81.52.168.0/23 maxlen: 24
81.52.166.0/23 maxlen: 24
81.52.176.0/20 maxlen: 24
80.12.71.0/24 maxlen: 32
80.12.76.0/24 maxlen: 24
80.12.79.0/24 maxlen: 24
81.52.190.0/24 maxlen: 24
193.251.128.0/19 maxlen: 24
80.12.98.0/24 maxlen: 24
80.12.96.0/22 maxlen: 24
81.52.202.0/24 maxlen: 24
80.12.96.0/23 maxlen: 24
2a01:c000::/19 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:2a:a4:53:80:94:c6:8f:36:2f:4a:5f:9b:7c:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 06:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a9206d73ea7bb6cbefdbdb61c4f39e23e60b395d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:3f:0b:17:d2:35:34:8b:41:06:58:3b:3c:6c:
ff:82:c9:e0:50:38:34:2a:05:8b:8c:2b:6a:2c:22:
67:84:43:29:23:9e:be:d6:ac:8b:6e:b2:c0:33:3b:
34:ad:77:79:24:a7:63:0a:8a:bb:d5:38:6a:68:61:
8f:bb:b8:71:87:d0:ba:6d:ef:b7:32:44:55:27:72:
0c:8a:af:cc:2c:24:70:a1:95:c3:41:53:d3:9b:73:
0b:d4:a5:8a:ea:46:c6:d5:d8:51:3d:7c:1f:db:9e:
62:c4:eb:9b:e3:d8:a4:25:18:b2:28:5a:92:e6:2b:
90:af:aa:dd:5a:79:01:ad:6d:49:2d:a5:ac:14:0a:
24:b4:5d:11:43:71:0a:73:6c:a3:a9:82:1b:ac:54:
62:5d:1d:16:0e:1b:02:30:33:2e:d5:a3:cf:56:e6:
f0:a1:9a:9b:54:34:8c:93:6e:76:24:37:1e:61:f1:
25:08:11:39:10:cc:39:bc:38:b7:f8:e4:9c:e8:3c:
bb:e2:f2:dc:2f:9f:9a:aa:56:1d:06:04:e9:43:c1:
51:83:03:c3:38:12:11:6e:2e:60:e0:77:1d:ed:ee:
ac:b6:38:28:6e:72:2b:ae:c0:5d:c9:04:aa:23:a9:
0f:8e:9a:c8:0d:f0:71:53:e2:df:29:5d:eb:f4:1a:
0c:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:20:6D:73:EA:7B:B6:CB:EF:DB:DB:61:C4:F3:9E:23:E6:0B:39:5D
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/qSBtc-p7tsvv29thxPOeI-YLOV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.12.71.0/24
80.12.76.0/24
80.12.79.0/24
80.12.96.0/22
81.52.128.0-81.52.141.255
81.52.160.0/24
81.52.166.0-81.52.169.255
81.52.176.0/20
81.52.202.0/24
81.52.236.0/22
90.84.48.0/20
90.84.128.0/20
90.84.148.0/24
90.84.151.0/24
90.84.255.0/24
193.251.128.0-193.251.175.255
193.251.220.0/22
193.251.240.0/20
IPv6:
2a01:c000::/19
Signature Algorithm: sha256WithRSAEncryption
1e:44:15:39:56:f7:b2:6a:8d:e3:6c:40:d3:11:70:fe:60:71:
90:1a:8a:ed:ee:6e:0f:1e:96:5a:ad:f5:59:1b:67:74:d9:57:
e5:31:67:e5:45:eb:bb:9c:b9:8d:cd:1b:06:17:e2:9d:0f:38:
1b:04:00:f5:ba:c1:0a:d7:8b:6a:c8:d9:04:08:63:91:5e:c8:
4e:38:8b:19:25:b8:ba:c5:91:a1:ac:a6:dd:79:6c:bf:d3:28:
6f:4a:7b:b1:e0:a4:1d:23:2b:3c:c8:e7:af:ff:0b:fa:52:55:
36:17:34:b7:4c:fe:be:8c:c2:80:ff:36:3d:ef:d3:22:6f:20:
86:14:65:0e:cc:92:cf:f2:f2:b7:61:28:f4:50:30:62:6b:c8:
2e:cc:b7:9d:29:4a:0e:31:d6:1e:6a:ef:34:a3:0a:5d:6e:6a:
f6:e2:db:74:c0:95:96:86:e2:46:74:ae:aa:eb:ff:07:fe:01:
10:2d:bc:70:e3:cf:c2:71:02:e1:39:77:41:82:78:cf:f4:f0:
c0:d9:8c:f2:80:bf:8c:00:b7:58:8b:b2:f7:7e:6a:65:8f:21:
33:5f:bc:fb:94:17:fa:db:d0:dc:35:bb:c4:a3:c3:d0:2a:a0:
c7:39:32:32:16:f0:b3:78:8f:bf:37:33:1f:33:02:f1:bc:0a:
2f:2a:da:d1
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgISAYzDtyqkU4CUxo82L0pfm3yeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjQwMTAxMDYzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTIwNmQ3M2VhN2JiNmNiZWZkYmRiNjFjNGYzOWUyM2U2MGIzOTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmT8LF9I1NItBBlg7PGz/gsngUDg0
KgWLjCtqLCJnhEMpI56+1qyLbrLAMzs0rXd5JKdjCoq71ThqaGGPu7hxh9C6be+3
MkRVJ3IMiq/MLCRwoZXDQVPTm3ML1KWK6kbG1dhRPXwf255ixOub49ikJRiyKFqS
5iuQr6rdWnkBrW1JLaWsFAoktF0RQ3EKc2yjqYIbrFRiXR0WDhsCMDMu1aPPVubw
oZqbVDSMk252JDceYfElCBE5EMw5vDi3+OSc6Dy74vLcL5+aqlYdBgTpQ8FRgwPD
OBIRbi5g4Hcd7e6stjgobnIrrsBdyQSqI6kPjprIDfBxU+LfKV3r9BoMOwIDAQAB
o4ICmjCCApYwHQYDVR0OBBYEFKkgbXPqe7bL79vbYcTzniPmCzldMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvcVNCdGMtcDd0c3Z2Mjl0aHhQT2VJLVlMT1YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGvBggrBgEFBQcBBwEB/wSBnzCBnDCBiwQCAAEwgYQDBABQ
DEcDBABQDEwDBABQDE8DBAJQDGAwDAMEB1E0gAMEAVE0jAMEAFE0oDAMAwQBUTSm
AwQBUTSoAwQEUTSwAwQAUTTKAwQCUTTsAwQEWlQwAwQEWlSAAwQAWlSUAwQAWlSX
AwQAWlT/MAwDBAfB+4ADBATB+6ADBALB+9wDBATB+/AwDAQCAAIwBgMEBSoBwDAN
BgkqhkiG9w0BAQsFAAOCAQEAHkQVOVb3smqN42xA0xFw/mBxkBqK7e5uDx6WWq31
WRtndNlX5TFn5UXru5y5jc0bBhfinQ84GwQA9brBCteLasjZBAhjkV7ITjiLGSW4
usWRoaym3Xlsv9Mob0p7seCkHSMrPMjnr/8L+lJVNhc0t0z+vozCgP82Pe/TIm8g
hhRlDsySz/Lyt2Eo9FAwYmvILsy3nSlKDjHWHmrvNKMKXW5q9uLbdMCVlobiRnSu
quv/B/4BEC28cOPPwnEC4Tl3QYJ4z/TwwNmM8oC/jAC3WIuy935qZY8hM1+8+5QX
+tvQ3DW7xKPD0CqgxzkyMhbws3iPvzczHzMC8bwKLyra0Q==
-----END CERTIFICATE-----
Generated at Mon Jul 22 16:02:47 2024 by rpki-client on console-fra.rpki-client.org