Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/ffx-kpCts39KD3dYfKhoUJtex88.roa
File: ffx-kpCts39KD3dYfKhoUJtex88.roa (raw, json)
Hash identifier: YiPZs2Wghp1PXJDpvmut/pHtTEQS86LmtXsgZ7DJYR0=
Subject key identifier: 7D:FC:7E:92:90:AD:B3:7F:4A:0F:77:58:7C:A8:68:50:9B:5E:C7:CF
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 01840A05B701DE3C4A0CF7A874AF227CA3C5
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/ffx-kpCts39KD3dYfKhoUJtex88.roa
Signing time: Mon 24 Oct 2022 12:44:17 +0000
ROA not before: Mon 24 Oct 2022 12:44:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5503
IP address blocks: 213.18.192.0/18 maxlen: 24
212.132.128.0/19 maxlen: 24
212.173.0.0/19 maxlen: 24
217.176.0.0/15 maxlen: 24
185.192.228.0/22 maxlen: 24
212.173.64.0/18 maxlen: 24
212.132.0.0/17 maxlen: 24
217.180.0.0/17 maxlen: 24
212.207.0.0/16 maxlen: 24
194.154.0.0/19 maxlen: 24
217.181.0.0/17 maxlen: 24
62.171.192.0/18 maxlen: 24
217.179.0.0/16 maxlen: 24
212.173.32.0/19 maxlen: 24
194.238.2.0/23 maxlen: 24
194.238.0.0/16 maxlen: 24
2a02:fb0::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0a:05:b7:01:de:3c:4a:0c:f7:a8:74:af:22:7c:a3:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Oct 24 12:44:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7dfc7e9290adb37f4a0f77587ca868509b5ec7cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:a7:68:63:ac:b1:fe:a1:b4:13:d9:79:84:a3:
02:e3:60:02:0f:be:af:41:1f:28:87:e7:f4:22:b4:
dc:d6:7e:6e:3a:56:be:8e:52:3d:33:07:f3:20:df:
57:b0:55:14:d7:64:89:08:93:ed:19:13:98:11:ec:
a3:dd:0a:59:4f:23:ef:a9:3f:82:9a:5e:3f:7a:4a:
f3:da:c3:79:bf:e4:2b:22:e1:ad:c7:0c:12:9f:c7:
65:09:a3:af:11:62:be:80:0a:70:f3:e7:ce:c7:e1:
dc:c7:3c:0c:57:e7:3d:92:ab:1e:54:7f:5f:92:85:
e7:bc:15:40:76:7d:e1:97:7f:95:3a:4a:2f:ad:7f:
86:43:69:5b:d3:14:ec:7c:8b:c1:00:6c:7b:17:28:
e6:32:e3:25:7e:17:d0:27:77:25:c3:01:9c:5f:2c:
5d:3a:62:34:ab:c6:28:c9:2c:f8:cf:2c:e1:d2:4d:
f7:ea:9c:d1:b7:5f:1e:d5:8c:08:23:34:5b:4b:a2:
ae:48:80:b1:36:26:8d:29:9f:70:95:01:bc:90:9d:
6a:ee:83:4a:69:3c:3c:e8:e4:dc:99:e5:89:89:da:
9c:7f:e8:94:89:b3:fc:14:63:3f:80:22:98:37:9e:
be:af:f9:87:43:39:bf:fe:ea:52:c0:58:75:9f:22:
b4:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:FC:7E:92:90:AD:B3:7F:4A:0F:77:58:7C:A8:68:50:9B:5E:C7:CF
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/ffx-kpCts39KD3dYfKhoUJtex88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.171.192.0/18
185.192.228.0/22
194.154.0.0/19
194.238.0.0/16
212.132.0.0-212.132.159.255
212.173.0.0/17
212.207.0.0/16
213.18.192.0/18
217.176.0.0/15
217.179.0.0-217.180.127.255
217.181.0.0/17
IPv6:
2a02:fb0::/32
Signature Algorithm: sha256WithRSAEncryption
a8:18:f1:f3:60:2b:35:fb:e1:c8:37:52:e9:d4:a9:43:f0:d5:
64:5d:14:91:eb:59:e6:16:48:7e:f6:aa:60:62:73:40:70:1a:
5e:ad:31:ab:06:e9:db:96:7c:f4:fb:76:12:9b:2b:57:77:4d:
fb:97:cf:9d:55:8c:b0:f6:bd:fd:6a:88:15:d6:fd:68:60:80:
3f:88:6f:2a:72:04:d2:8d:b4:2a:33:b5:f0:b3:f8:77:65:a4:
ee:4c:c4:e1:92:ef:c7:be:67:78:09:79:ca:04:bd:d6:d4:6a:
61:e2:35:dc:a4:71:ba:c6:90:03:fb:99:be:08:da:a3:48:70:
98:6a:39:1c:98:78:66:ed:f0:3a:55:b7:09:4b:86:64:1b:48:
23:3b:a2:d9:14:4b:a1:e0:40:a0:dc:85:8a:4d:f3:2e:fe:44:
62:a5:24:cb:96:c4:ac:d8:f0:7f:c6:31:f6:3c:33:0e:45:e8:
ac:1d:50:a4:ea:92:80:b4:9e:52:11:db:1e:14:0e:78:ce:41:
3d:f6:a4:30:97:30:e7:ef:0e:9e:c7:a8:7d:16:d4:67:9b:14:
88:b4:f5:b6:30:8e:a8:c9:f4:aa:38:2e:14:23:0b:46:0c:64:
27:3c:c0:57:92:b6:a8:df:d1:7a:b7:ef:9c:f4:cd:0f:b3:fe:
1e:73:0a:9a
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAYQKBbcB3jxKDPeodK8ifKPFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjIxMDI0MTI0NDE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGZjN2U5MjkwYWRiMzdmNGEwZjc3NTg3Y2E4Njg1MDliNWVjN2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxadoY6yx/qG0E9l5hKMC42ACD76v
QR8oh+f0IrTc1n5uOla+jlI9MwfzIN9XsFUU12SJCJPtGROYEeyj3QpZTyPvqT+C
ml4/ekrz2sN5v+QrIuGtxwwSn8dlCaOvEWK+gApw8+fOx+HcxzwMV+c9kqseVH9f
koXnvBVAdn3hl3+VOkovrX+GQ2lb0xTsfIvBAGx7FyjmMuMlfhfQJ3clwwGcXyxd
OmI0q8YoySz4zyzh0k336pzRt18e1YwIIzRbS6KuSICxNiaNKZ9wlQG8kJ1q7oNK
aTw86OTcmeWJidqcf+iUibP8FGM/gCKYN56+r/mHQzm//upSwFh1nyK0nQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFH38fpKQrbN/Sg93WHyoaFCbXsfPMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvZmZ4LWtwQ3RzMzlLRDNkWWZLaG9VSnRleDg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBTBAIAATBNAwQGPqvAAwQC
ucDkAwQFwpoAAwMAwu4wCwMDAtSEAwQF1ISAAwQH1K0AAwMA1M8DBAbVEsADAwHZ
sDALAwMA2bMDBAfZtAADBAfZtQAwDQQCAAIwBwMFACoCD7AwDQYJKoZIhvcNAQEL
BQADggEBAKgY8fNgKzX74cg3UunUqUPw1WRdFJHrWeYWSH72qmBic0BwGl6tMasG
6duWfPT7dhKbK1d3TfuXz51VjLD2vf1qiBXW/WhggD+IbypyBNKNtCoztfCz+Hdl
pO5MxOGS78e+Z3gJecoEvdbUamHiNdykcbrGkAP7mb4I2qNIcJhqORyYeGbt8DpV
twlLhmQbSCM7otkUS6HgQKDchYpN8y7+RGKlJMuWxKzY8H/GMfY8Mw5F6KwdUKTq
koC0nlIR2x4UDnjOQT32pDCXMOfvDp7HqH0W1GebFIi09bYwjqjJ9Ko4LhQjC0YM
ZCc8wFeStqjf0Xq375z0zQ+z/h5zCpo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:21 2023 by rpki-client on console-fra.rpki-client.org