Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/kEi47kXJvtYRvrrZUX9NZeCOt0E.roa
File: kEi47kXJvtYRvrrZUX9NZeCOt0E.roa (raw, json)
Hash identifier: 5ffIwJOQnL+0Ua4TOzXZxfPoSZxsYIZ4A9GvAgVxBg0=
Subject key identifier: 90:48:B8:EE:45:C9:BE:D6:11:BE:BA:D9:51:7F:4D:65:E0:8E:B7:41
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 0184E24F27382F054B65E08578670342EB4C
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/kEi47kXJvtYRvrrZUX9NZeCOt0E.roa
Signing time: Mon 05 Dec 2022 12:42:28 +0000
ROA not before: Mon 05 Dec 2022 12:42:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12325
IP address blocks: 94.177.28.0/24 maxlen: 24
89.35.124.0/23 maxlen: 24
89.46.42.0/24 maxlen: 24
94.177.145.0/24 maxlen: 24
188.213.212.0/24 maxlen: 24
188.213.216.0/24 maxlen: 24
94.176.213.0/24 maxlen: 24
89.47.36.0/24 maxlen: 24
77.81.65.0/24 maxlen: 24
92.114.32.0/24 maxlen: 24
89.40.222.0/23 maxlen: 24
77.81.88.0/24 maxlen: 24
188.214.107.0/24 maxlen: 24
92.114.54.0/24 maxlen: 24
89.44.105.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e2:4f:27:38:2f:05:4b:65:e0:85:78:67:03:42:eb:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Dec 5 12:42:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9048b8ee45c9bed611bebad9517f4d65e08eb741
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d6:22:c1:0f:c1:f2:e1:f3:39:49:44:42:fd:
f1:07:c6:37:49:06:8c:11:59:1d:d8:52:d5:f8:60:
e0:04:55:71:6f:d2:ca:ae:c8:6b:78:85:03:11:35:
bd:72:4c:54:1e:1a:a5:c7:e5:8d:f3:5f:48:1f:81:
5d:07:50:71:07:e6:18:97:de:7a:76:56:d7:8f:8d:
84:ff:15:c9:d7:16:6b:54:54:c3:22:cd:a6:2c:97:
8c:da:ef:76:22:10:e0:98:cd:77:94:58:67:b0:09:
fb:db:d7:ad:72:aa:53:22:cb:cf:9e:98:1a:38:9c:
e3:2a:f6:a4:08:8b:5d:d4:ab:31:1c:48:d9:1a:0a:
66:6a:e8:d3:08:42:12:e7:a7:29:f0:69:1c:b0:55:
d4:8b:13:13:a8:a6:9e:71:df:43:93:d5:e4:cb:22:
71:01:2f:ea:8b:56:09:d3:66:c6:4a:48:71:4a:d5:
f1:0f:0c:33:c5:ed:7e:11:6c:fa:a6:c4:e2:6c:9e:
d8:4f:39:98:14:7e:1f:08:2f:87:8f:03:7b:a1:9f:
c1:93:63:ac:30:f1:7d:43:a7:de:84:52:8d:d6:43:
ab:f1:02:43:47:26:84:d3:03:0e:02:a2:1d:96:b9:
3e:a4:7b:4b:d2:f0:e5:3e:7f:97:95:0e:39:24:2b:
4c:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:48:B8:EE:45:C9:BE:D6:11:BE:BA:D9:51:7F:4D:65:E0:8E:B7:41
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/kEi47kXJvtYRvrrZUX9NZeCOt0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.65.0/24
77.81.88.0/24
89.35.124.0/23
89.40.222.0/23
89.44.105.0/24
89.46.42.0/24
89.47.36.0/24
92.114.32.0/24
92.114.54.0/24
94.176.213.0/24
94.177.28.0/24
94.177.145.0/24
188.213.212.0/24
188.213.216.0/24
188.214.107.0/24
Signature Algorithm: sha256WithRSAEncryption
d2:03:94:39:7d:8c:7b:f7:9a:4f:09:c3:25:6c:d8:3c:d0:18:
83:e9:84:3c:a6:80:be:7a:c4:38:fb:0b:c4:26:20:a2:6a:60:
58:83:ae:3f:01:e5:58:4d:07:2f:8a:7e:32:c5:d0:8f:38:da:
9f:27:38:40:a8:98:fb:a7:ac:b8:64:40:d7:ec:a0:30:ae:82:
28:df:4c:43:8d:52:a6:46:22:29:02:ab:8c:d8:6f:df:70:e7:
7b:4b:31:22:44:ae:a9:7f:61:9e:8f:d4:71:52:63:36:bb:79:
ed:19:f7:ac:34:c6:12:46:9e:de:99:ae:98:3b:da:b0:4b:c7:
f6:a3:d6:48:e1:8d:a8:de:3f:73:c3:e1:6a:6c:c8:24:83:68:
30:94:cb:bc:a2:fb:a6:dc:5d:38:a8:e5:4c:4d:9d:92:d1:21:
ea:8d:3a:c8:03:f7:a8:aa:64:61:8e:e0:6d:3d:5b:82:9c:14:
ea:de:a0:5f:12:b7:ca:e7:09:57:88:cf:59:6a:54:b0:3b:5b:
13:98:c2:d8:5f:de:d2:4d:8d:85:f4:99:b8:ed:9d:23:38:90:
8a:73:e5:de:4d:bb:ac:c9:de:4d:ce:47:ed:b9:91:12:c8:11:
eb:1a:4c:57:c1:02:d5:65:43:a5:61:30:cf:7f:8a:b5:11:c8:
f4:e3:48:98
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAYTiTyc4LwVLZeCFeGcDQutMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjIxMjA1MTI0MjI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDQ4YjhlZTQ1YzliZWQ2MTFiZWJhZDk1MTdmNGQ2NWUwOGViNzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotYiwQ/B8uHzOUlEQv3xB8Y3SQaM
EVkd2FLV+GDgBFVxb9LKrshreIUDETW9ckxUHhqlx+WN819IH4FdB1BxB+YYl956
dlbXj42E/xXJ1xZrVFTDIs2mLJeM2u92IhDgmM13lFhnsAn729etcqpTIsvPnpga
OJzjKvakCItd1KsxHEjZGgpmaujTCEIS56cp8GkcsFXUixMTqKaecd9Dk9XkyyJx
AS/qi1YJ02bGSkhxStXxDwwzxe1+EWz6psTibJ7YTzmYFH4fCC+HjwN7oZ/Bk2Os
MPF9Q6fehFKN1kOr8QJDRyaE0wMOAqIdlrk+pHtL0vDlPn+XlQ45JCtMuQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFJBIuO5Fyb7WEb662VF/TWXgjrdBMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL2tFaTQ3a1hKdnRZUnZyclpVWDlOWmVDT3QwRS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwcwYIKwYBBQUHAQcBAf8EZDBiMGAEAgABMFoDBABNUUED
BABNUVgDBAFZI3wDBAFZKN4DBABZLGkDBABZLioDBABZLyQDBABcciADBABccjYD
BABesNUDBABesRwDBABesZEDBAC81dQDBAC81dgDBAC81mswDQYJKoZIhvcNAQEL
BQADggEBANIDlDl9jHv3mk8JwyVs2DzQGIPphDymgL56xDj7C8QmIKJqYFiDrj8B
5VhNBy+KfjLF0I842p8nOEComPunrLhkQNfsoDCugijfTEONUqZGIikCq4zYb99w
53tLMSJErql/YZ6P1HFSYza7ee0Z96w0xhJGnt6Zrpg72rBLx/aj1kjhjajeP3PD
4WpsyCSDaDCUy7yi+6bcXTio5UxNnZLRIeqNOsgD96iqZGGO4G09W4KcFOreoF8S
t8rnCVeIz1lqVLA7WxOYwthf3tJNjYX0mbjtnSM4kIpz5d5Nu6zJ3k3OR+25kRLI
EesaTFfBAtVlQ6VhMM9/irURyPTjSJg=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:49 2023 by rpki-client on console-ams.rpki-client.org