Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/_-Z2XDmu_wDh4z6Ta9Whxo2-C6g.roa
File: _-Z2XDmu_wDh4z6Ta9Whxo2-C6g.roa (raw, json)
Hash identifier: vvnxN/hFJpVf8yQD6FIV4zSJqJKruBqdSZF0gRP2RL8=
Subject key identifier: FF:E6:76:5C:39:AE:FF:00:E1:E3:3E:93:6B:D5:A1:C6:8D:BE:0B:A8
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 13C3FBE4
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/_-Z2XDmu_wDh4z6Ta9Whxo2-C6g.roa
Signing time: Wed 16 Feb 2022 12:21:38 +0000
ROA not before: Wed 16 Feb 2022 12:21:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 85.8.164.0/22 maxlen: 24
212.90.100.0/22 maxlen: 24
185.248.184.0/22 maxlen: 24
185.220.236.0/22 maxlen: 24
188.253.0.0/23 maxlen: 24
91.132.59.0/24 maxlen: 24
193.36.84.0/24 maxlen: 24
212.87.192.0/22 maxlen: 24
185.234.144.0/22 maxlen: 24
185.59.115.0/24 maxlen: 24
82.115.16.0/24 maxlen: 24
82.115.20.0/23 maxlen: 24
82.115.18.0/23 maxlen: 24
82.115.24.0/22 maxlen: 24
185.129.108.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 331611108 (0x13c3fbe4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Feb 16 12:21:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ffe6765c39aeff00e1e33e936bd5a1c68dbe0ba8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:af:c2:ee:53:8e:12:ab:63:68:c0:a0:f9:83:
a5:69:3c:86:a4:80:62:37:86:d4:63:c0:69:08:ea:
8b:91:78:f1:3b:95:3d:69:19:6f:31:d2:a2:91:2b:
a0:e0:23:d3:8e:b8:2b:e7:c3:82:df:a3:4b:5e:87:
8b:d2:da:53:ef:cc:47:b8:36:80:a7:18:d7:8d:af:
c9:66:dd:c4:2e:48:e7:19:49:40:78:ac:41:a8:b9:
8b:8f:31:92:3e:5b:15:f4:f9:e3:9b:d6:7b:a9:98:
f1:9f:45:9c:67:ea:22:8e:4f:77:8b:7d:20:6b:64:
cb:c3:06:03:eb:e9:ae:ea:9f:ff:de:3d:d2:21:8e:
ad:f2:95:72:88:9e:6d:be:70:c6:27:65:0c:31:8a:
61:37:92:99:d2:f4:f1:60:3c:3a:9f:ac:65:85:e1:
15:26:ac:48:4c:71:5a:8e:e9:3e:b7:20:c5:82:aa:
29:97:df:d1:96:ab:2c:a6:4b:b8:36:c9:93:e1:c6:
f7:ba:79:b7:e4:02:38:d5:e2:15:3b:af:55:cb:bf:
b5:00:47:00:01:c5:bb:65:e3:4c:a4:db:e1:df:6b:
e3:4f:80:bf:e4:e8:19:c5:d1:52:0a:ca:04:06:99:
f8:d8:5a:eb:4f:29:79:b7:87:14:1f:a3:d3:c9:ff:
6e:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:E6:76:5C:39:AE:FF:00:E1:E3:3E:93:6B:D5:A1:C6:8D:BE:0B:A8
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/_-Z2XDmu_wDh4z6Ta9Whxo2-C6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.115.16.0/24
82.115.18.0-82.115.21.255
82.115.24.0/22
85.8.164.0/22
91.132.59.0/24
185.59.115.0/24
185.129.108.0/23
185.220.236.0/22
185.234.144.0/22
185.248.184.0/22
188.253.0.0/23
193.36.84.0/24
212.87.192.0/22
212.90.100.0/22
Signature Algorithm: sha256WithRSAEncryption
40:e2:d7:48:56:b9:2c:b1:b8:17:fe:c1:68:31:30:f7:44:15:
0a:ff:48:a2:01:c3:cf:d8:4a:dc:82:c1:c7:1c:98:04:c5:84:
e7:1f:14:b3:10:8b:22:4a:f1:a4:4f:5c:45:9a:c3:dc:18:2f:
93:9f:90:51:4a:53:bd:94:c4:9c:18:dc:7f:5c:0a:ae:91:ce:
91:1d:e2:fc:4c:f1:f4:55:0c:2d:84:c4:77:56:2c:e1:e9:60:
df:b6:84:2e:da:45:98:31:2c:33:12:75:ad:8e:f5:3e:78:3a:
f5:e3:39:7b:0d:f4:4f:91:a4:33:ba:ca:63:7d:fb:47:14:83:
f6:6e:fe:fd:b1:f1:c8:46:96:76:b6:ee:cc:98:4b:c2:07:64:
f0:27:45:16:30:d3:9f:ec:41:89:5e:36:0e:51:5c:26:4e:b9:
25:99:26:7a:17:ae:49:48:3e:4b:d0:1c:77:ac:c6:56:b8:a6:
09:04:6c:6f:57:91:df:6d:6f:d5:70:42:d5:c9:4f:8c:80:27:
5e:cd:6e:80:ed:de:cf:07:f9:be:a2:3d:df:7c:c7:1b:57:8d:
0c:14:f3:3a:4a:ab:09:83:cd:04:53:22:d6:7b:f5:26:dc:42:
cb:05:c9:f7:19:55:35:0e:57:e5:21:eb:73:27:ff:07:5d:ea:
c6:84:1b:46
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIEE8P75DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YWMzZGFhMWIxNDg1MGYyZTYxYzU5MmIyMTkxOTE1YTVlNjVhNDc4MB4XDTIyMDIx
NjEyMjEzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmZlNjc2NWMzOWFl
ZmYwMGUxZTMzZTkzNmJkNWExYzY4ZGJlMGJhODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK6vwu5TjhKrY2jAoPmDpWk8hqSAYjeG1GPAaQjqi5F48TuV
PWkZbzHSopEroOAj0464K+fDgt+jS16Hi9LaU+/MR7g2gKcY142vyWbdxC5I5xlJ
QHisQai5i48xkj5bFfT545vWe6mY8Z9FnGfqIo5Pd4t9IGtky8MGA+vpruqf/949
0iGOrfKVcoiebb5wxidlDDGKYTeSmdL08WA8Op+sZYXhFSasSExxWo7pPrcgxYKq
KZff0ZarLKZLuDbJk+HG97p5t+QCONXiFTuvVcu/tQBHAAHFu2XjTKTb4d9r40+A
v+ToGcXRUgrKBAaZ+Nha608pebeHFB+j08n/boECAwEAAaOCAl8wggJbMB0GA1Ud
DgQWBBT/5nZcOa7/AOHjPpNr1aHGjb4LqDAfBgNVHSMEGDAWgBQqw9qhsUhQ8uYc
WSshkZFaXmWkeDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tzUGFvYkZJVVBMbUhGa3JJWkdSV2w1bHBIZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzAvNDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8x
L18tWjJYRG11X3dEaDR6NlRhOVdoeG8yLUM2Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAv
NDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8xL0tzUGFvYkZJVVBM
bUhGa3JJWkdSV2w1bHBIZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB1
BggrBgEFBQcBBwEB/wRmMGQwYgQCAAEwXAMEAFJzEDAMAwQBUnMSAwQBUnMUAwQC
UnMYAwQCVQikAwQAW4Q7AwQAuTtzAwQBuYFsAwQCudzsAwQCueqQAwQCufi4AwQB
vP0AAwQAwSRUAwQC1FfAAwQC1FpkMA0GCSqGSIb3DQEBCwUAA4IBAQBA4tdIVrks
sbgX/sFoMTD3RBUK/0iiAcPP2ErcgsHHHJgExYTnHxSzEIsiSvGkT1xFmsPcGC+T
n5BRSlO9lMScGNx/XAqukc6RHeL8TPH0VQwthMR3Vizh6WDftoQu2kWYMSwzEnWt
jvU+eDr14zl7DfRPkaQzuspjfftHFIP2bv79sfHIRpZ2tu7MmEvCB2TwJ0UWMNOf
7EGJXjYOUVwmTrklmSZ6F65JSD5L0Bx3rMZWuKYJBGxvV5HfbW/VcELVyU+MgCde
zW6A7d7PB/m+oj3ffMcbV40MFPM6SqsJg80EUyLWe/Um3ELLBcn3GVU1DlflIetz
J/8HXerGhBtG
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:45 2023 by rpki-client on console-fra.rpki-client.org