Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/a188bc-deee-42ec-8289-ed84a0058a9f/1/6V0mKmuBxWhgXx-_-H7MyQRZEs0.roa
File: 6V0mKmuBxWhgXx-_-H7MyQRZEs0.roa (raw, json)
Hash identifier: MbhFiuZi1vt/McI6UNfEUtZ+Jt7WbYJJ2j+3/RoquEc=
Subject key identifier: E9:5D:26:2A:6B:81:C5:68:60:5F:1F:BF:F8:7E:CC:C9:04:59:12:CD
Certificate issuer: /CN=b328fe258a1b9bf6148a6ce0e8a712f18840904c
Certificate serial: 018C3BE8B1C7A46C006216EF80DC70F48457
Authority key identifier: B3:28:FE:25:8A:1B:9B:F6:14:8A:6C:E0:E8:A7:12:F1:88:40:90:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/syj-JYobm_YUimzg6KcS8YhAkEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/a188bc-deee-42ec-8289-ed84a0058a9f/1/6V0mKmuBxWhgXx-_-H7MyQRZEs0.roa
Signing time: Tue 05 Dec 2023 21:35:54 +0000
ROA not before: Tue 05 Dec 2023 21:35:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25459
IP address blocks: 83.172.128.0/18 maxlen: 18
83.172.128.0/19 maxlen: 19
83.172.160.0/21 maxlen: 21
83.172.168.0/22 maxlen: 22
83.172.180.0/22 maxlen: 22
83.172.184.0/21 maxlen: 21
2a02:cec0::/30 maxlen: 30
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3b:e8:b1:c7:a4:6c:00:62:16:ef:80:dc:70:f4:84:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b328fe258a1b9bf6148a6ce0e8a712f18840904c
Validity
Not Before: Dec 5 21:35:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e95d262a6b81c568605f1fbff87eccc9045912cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:17:95:28:00:ec:42:6b:96:42:84:6b:f3:06:
52:3a:b6:77:48:a6:c4:cc:51:9c:fd:0f:fd:7f:82:
9d:ae:42:b9:08:9f:94:18:cb:75:9d:59:a6:ba:64:
de:4a:13:72:46:ec:3d:46:d6:7b:0b:5c:4b:1f:de:
b4:0b:9d:8b:64:ae:1d:79:b8:d8:70:74:35:d1:1e:
db:8a:c8:c7:e6:48:e6:4a:6e:74:86:e7:53:14:4c:
24:f2:28:66:72:53:fe:9c:e0:69:d6:c5:bb:19:69:
3f:ee:fa:74:75:b4:16:63:93:39:f5:61:c8:3d:61:
dd:b4:d6:a0:9d:63:93:45:26:b1:5b:16:4f:06:84:
41:76:b9:92:07:bb:cb:6a:4b:fc:4a:c5:59:fe:42:
03:17:6c:38:b7:a6:c2:40:4f:f2:2d:32:03:ee:84:
75:78:e6:c6:5c:80:8d:67:7d:4a:d8:a4:68:9b:4f:
2d:b3:a0:d3:b1:45:1d:f7:6f:0e:f2:61:aa:ca:88:
51:60:05:53:03:69:0a:c1:6f:c9:c0:b4:ef:a7:e1:
84:6d:af:fe:c6:d0:bb:61:57:2a:84:0f:1d:20:b8:
cf:b3:b3:97:54:f1:f3:af:39:c6:6a:5a:ed:27:ab:
3c:f3:50:85:d0:17:8c:13:7d:ba:8a:04:c3:23:d7:
06:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:5D:26:2A:6B:81:C5:68:60:5F:1F:BF:F8:7E:CC:C9:04:59:12:CD
X509v3 Authority Key Identifier:
keyid:B3:28:FE:25:8A:1B:9B:F6:14:8A:6C:E0:E8:A7:12:F1:88:40:90:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/syj-JYobm_YUimzg6KcS8YhAkEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/a188bc-deee-42ec-8289-ed84a0058a9f/1/6V0mKmuBxWhgXx-_-H7MyQRZEs0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/a188bc-deee-42ec-8289-ed84a0058a9f/1/syj-JYobm_YUimzg6KcS8YhAkEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.172.128.0/18
IPv6:
2a02:cec0::/30
Signature Algorithm: sha256WithRSAEncryption
4f:bc:33:57:53:70:f2:02:2f:b2:21:5b:66:35:66:95:88:39:
6d:e8:d2:98:df:c0:b6:19:dd:08:00:50:f1:b0:1f:6d:48:9f:
01:68:bf:3e:b6:ff:14:53:85:9c:45:e4:8c:96:46:c8:ba:05:
6a:b1:51:e2:3c:a0:bb:4f:23:50:ce:25:61:10:6b:60:a0:14:
35:40:85:1c:61:dc:d3:cb:b6:45:29:d0:00:bc:fd:fc:97:95:
9c:09:42:c0:30:32:8a:ef:43:45:10:60:76:f9:27:14:5c:df:
0d:84:b6:80:71:9b:ec:ab:57:4b:7c:a2:fa:05:a0:af:12:df:
21:9f:0b:89:ab:dd:46:13:ac:06:05:27:62:83:01:2d:df:b2:
0a:28:5a:f2:92:d9:d2:89:86:60:6b:d4:05:85:40:2a:c2:c6:
8f:fe:95:95:76:3b:5e:39:90:77:7d:66:8c:b4:cf:0b:3d:84:
07:7c:87:13:f1:b5:0e:c9:54:00:99:04:04:5f:22:d3:64:b7:
bd:eb:8c:92:a8:9c:57:cc:d5:da:2f:cc:df:49:1b:bf:8e:aa:
1d:f5:aa:6b:09:07:25:20:ae:a2:35:45:8d:94:f9:19:b3:21:
ce:1f:d3:e8:18:79:9d:4f:b2:d9:40:c7:03:2d:10:cf:64:63:
40:e8:86:cd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYw76LHHpGwAYhbvgNxw9IRXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMjhmZTI1OGExYjliZjYxNDhhNmNlMGU4YTcxMmYxODg0
MDkwNGMwHhcNMjMxMjA1MjEzNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTVkMjYyYTZiODFjNTY4NjA1ZjFmYmZmODdlY2NjOTA0NTkxMmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyBeVKADsQmuWQoRr8wZSOrZ3SKbE
zFGc/Q/9f4KdrkK5CJ+UGMt1nVmmumTeShNyRuw9RtZ7C1xLH960C52LZK4debjY
cHQ10R7bisjH5kjmSm50hudTFEwk8ihmclP+nOBp1sW7GWk/7vp0dbQWY5M59WHI
PWHdtNagnWOTRSaxWxZPBoRBdrmSB7vLakv8SsVZ/kIDF2w4t6bCQE/yLTID7oR1
eObGXICNZ31K2KRom08ts6DTsUUd928O8mGqyohRYAVTA2kKwW/JwLTvp+GEba/+
xtC7YVcqhA8dILjPs7OXVPHzrznGalrtJ6s881CF0BeME326igTDI9cGsQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOldJiprgcVoYF8fv/h+zMkEWRLNMB8GA1UdIwQY
MBaAFLMo/iWKG5v2FIps4OinEvGIQJBMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3lqLUpZb2JtX1lVaW16ZzZLY1M4WWhBa0V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9hMTg4YmMtZGVlZS00MmVjLTgyODkt
ZWQ4NGEwMDU4YTlmLzEvNlYwbUttdUJ4V2hnWHgtXy1IN015UVJaRXMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9hMTg4YmMtZGVlZS00MmVjLTgyODktZWQ4NGEwMDU4YTlm
LzEvc3lqLUpZb2JtX1lVaW16ZzZLY1M4WWhBa0V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQGU6yAMA0E
AgACMAcDBQIqAs7AMA0GCSqGSIb3DQEBCwUAA4IBAQBPvDNXU3DyAi+yIVtmNWaV
iDlt6NKY38C2Gd0IAFDxsB9tSJ8BaL8+tv8UU4WcReSMlkbIugVqsVHiPKC7TyNQ
ziVhEGtgoBQ1QIUcYdzTy7ZFKdAAvP38l5WcCULAMDKK70NFEGB2+ScUXN8NhLaA
cZvsq1dLfKL6BaCvEt8hnwuJq91GE6wGBSdigwEt37IKKFryktnSiYZga9QFhUAq
wsaP/pWVdjteOZB3fWaMtM8LPYQHfIcT8bUOyVQAmQQEXyLTZLe964ySqJxXzNXa
L8zfSRu/jqod9aprCQclIK6iNUWNlPkZsyHOH9PoGHmdT7LZQMcDLRDPZGNA6IbN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:23 2024 by rpki-client on console-fra.rpki-client.org