Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/wHHYvmin4UlKFBF5O_d0u4jO5J0.roa
File: wHHYvmin4UlKFBF5O_d0u4jO5J0.roa (raw, json)
Hash identifier: U5ZDz3xtO6UZcVdKsxaeMAnCMVYUYyaBFsKPJSHdu5w=
Subject key identifier: C0:71:D8:BE:68:A7:E1:49:4A:14:11:79:3B:F7:74:BB:88:CE:E4:9D
Certificate issuer: /CN=add353933674a5608f6d1ee2dab4f64c8bff8f39
Certificate serial: 018D119F7AD002DE4857860D798650FA854C
Authority key identifier: AD:D3:53:93:36:74:A5:60:8F:6D:1E:E2:DA:B4:F6:4C:8B:FF:8F:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/wHHYvmin4UlKFBF5O_d0u4jO5J0.roa
Signing time: Tue 16 Jan 2024 09:34:40 +0000
ROA not before: Tue 16 Jan 2024 09:34:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206509
IP address blocks: 194.46.32.0/19 maxlen: 19
91.85.192.0/18 maxlen: 18
194.46.64.0/19 maxlen: 19
91.85.0.0/17 maxlen: 17
91.85.0.0/16 maxlen: 16
194.46.80.0/20 maxlen: 20
91.85.128.0/19 maxlen: 19
212.104.128.0/19 maxlen: 19
212.108.80.0/21 maxlen: 21
212.108.88.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:11:9f:7a:d0:02:de:48:57:86:0d:79:86:50:fa:85:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=add353933674a5608f6d1ee2dab4f64c8bff8f39
Validity
Not Before: Jan 16 09:34:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c071d8be68a7e1494a1411793bf774bb88cee49d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:0f:dd:06:90:af:c8:7f:5e:26:88:66:7a:bf:
15:fb:d6:94:0e:4a:8e:6c:55:8b:eb:6d:ec:d2:c4:
87:d8:dd:49:aa:3b:01:65:78:59:f1:ba:35:09:15:
78:26:37:1d:69:12:7c:ac:e3:0f:8b:60:ee:69:16:
58:77:a7:a5:50:a5:d9:b3:5f:dc:57:7f:25:01:54:
65:62:f7:1a:8f:fa:11:e4:48:8b:1e:6b:39:3a:55:
f2:c8:43:88:3e:6a:96:bf:6d:be:0e:75:c7:77:ac:
08:e8:37:7d:36:aa:32:da:2f:66:dc:ca:ad:51:4f:
e1:b5:7e:4c:a6:cd:69:ac:26:c0:97:85:32:26:ad:
48:d8:88:40:b7:2f:10:3b:77:41:2f:19:64:c3:26:
a6:28:29:3a:ab:a2:07:1a:da:c1:bf:47:69:2e:39:
49:55:92:77:f3:6c:34:b7:4f:64:58:d3:bd:e9:6d:
86:e6:35:36:77:e0:d6:8f:74:b7:33:36:45:ee:49:
4b:e2:ab:cf:b7:16:79:2f:d2:69:75:99:88:db:50:
64:96:8a:22:bd:db:60:5c:8b:df:a6:0a:eb:85:39:
5b:f6:89:07:64:82:13:ff:9e:3b:46:7d:d2:f9:49:
15:83:1e:9a:fa:cc:9d:20:ba:24:81:cc:03:60:f3:
f7:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:71:D8:BE:68:A7:E1:49:4A:14:11:79:3B:F7:74:BB:88:CE:E4:9D
X509v3 Authority Key Identifier:
keyid:AD:D3:53:93:36:74:A5:60:8F:6D:1E:E2:DA:B4:F6:4C:8B:FF:8F:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/wHHYvmin4UlKFBF5O_d0u4jO5J0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.85.0.0/16
194.46.32.0-194.46.95.255
212.104.128.0/19
212.108.80.0-212.108.91.255
Signature Algorithm: sha256WithRSAEncryption
02:48:9a:28:9e:4c:86:4b:60:10:2f:5b:59:34:70:8f:26:6d:
b3:b1:c0:3d:39:5e:63:83:18:a9:e2:ea:33:e5:c1:a6:82:e9:
e2:45:79:84:5b:be:c7:ef:1f:48:91:54:11:2e:8b:cc:49:c7:
56:65:2f:4f:7b:7f:aa:55:cf:6d:5c:2c:42:ec:d1:aa:46:31:
09:0b:c8:1c:63:1a:67:3d:9b:c5:c1:4c:8d:79:01:a6:93:a4:
9a:d0:31:c1:c4:1a:e0:14:40:9d:07:9e:c0:3f:01:7d:12:6c:
ad:45:4b:df:84:56:70:39:a4:57:bb:76:77:ea:05:18:de:87:
e4:f4:39:1a:1d:9d:81:e7:4d:f1:77:85:3f:81:df:fa:b0:7e:
fb:22:b3:88:dd:27:ba:a4:cb:60:f7:d4:aa:e5:bc:ec:c2:b0:
96:7f:91:ec:ea:fd:bc:a9:c8:49:88:fd:3a:f2:a1:33:3d:3c:
91:5a:dc:09:5d:a7:dc:37:6d:09:7c:83:b6:b9:c4:f6:c0:ee:
5e:06:04:a6:3f:48:7a:6a:ba:1b:ac:11:5f:8a:17:07:d8:20:
5e:14:3d:c8:00:09:ce:e9:2a:19:dc:1a:cf:ef:3d:af:b5:b0:
0c:13:99:30:be:b7:18:33:4f:da:a3:f8:86:f7:e2:43:c8:ca:
02:e5:92:bd
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAY0Rn3rQAt5IV4YNeYZQ+oVMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZDM1MzkzMzY3NGE1NjA4ZjZkMWVlMmRhYjRmNjRjOGJm
ZjhmMzkwHhcNMjQwMTE2MDkzNDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDcxZDhiZTY4YTdlMTQ5NGExNDExNzkzYmY3NzRiYjg4Y2VlNDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApg/dBpCvyH9eJohmer8V+9aUDkqO
bFWL623s0sSH2N1JqjsBZXhZ8bo1CRV4JjcdaRJ8rOMPi2DuaRZYd6elUKXZs1/c
V38lAVRlYvcaj/oR5EiLHms5OlXyyEOIPmqWv22+DnXHd6wI6Dd9Nqoy2i9m3Mqt
UU/htX5Mps1prCbAl4UyJq1I2IhAty8QO3dBLxlkwyamKCk6q6IHGtrBv0dpLjlJ
VZJ382w0t09kWNO96W2G5jU2d+DWj3S3MzZF7klL4qvPtxZ5L9JpdZmI21Bklooi
vdtgXIvfpgrrhTlb9okHZIIT/547Rn3S+UkVgx6a+sydILokgcwDYPP3NwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFMBx2L5op+FJShQReTv3dLuIzuSdMB8GA1UdIwQY
MBaAFK3TU5M2dKVgj20e4tq09kyL/485MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmROVGt6WjBwV0NQYlI3aTJyVDJUSXZfanprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy80OGI0MDctNmQ5NC00OWFlLWEzZDgt
NzJjODMxMjg3NjFiLzEvd0hIWXZtaW40VWxLRkJGNU9fZDB1NGpPNUowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy80OGI0MDctNmQ5NC00OWFlLWEzZDgtNzJjODMxMjg3NjFi
LzEvcmROVGt6WjBwV0NQYlI3aTJyVDJUSXZfanprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAtBAIAATAnAwMAW1UwDAME
BcIuIAMEBcIuQAMEBdRogDAMAwQE1GxQAwQC1GxYMA0GCSqGSIb3DQEBCwUAA4IB
AQACSJoonkyGS2AQL1tZNHCPJm2zscA9OV5jgxip4uoz5cGmguniRXmEW77H7x9I
kVQRLovMScdWZS9Pe3+qVc9tXCxC7NGqRjEJC8gcYxpnPZvFwUyNeQGmk6Sa0DHB
xBrgFECdB57APwF9EmytRUvfhFZwOaRXu3Z36gUY3ofk9DkaHZ2B503xd4U/gd/6
sH77IrOI3Se6pMtg99Sq5bzswrCWf5Hs6v28qchJiP068qEzPTyRWtwJXafcN20J
fIO2ucT2wO5eBgSmP0h6arobrBFfihcH2CBeFD3IAAnO6SoZ3BrP7z2vtbAME5kw
vrcYM0/ao/iG9+JDyMoC5ZK9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:14 2024 by rpki-client on console-fra.rpki-client.org