Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/ec3512-71ba-441e-bfe1-da7d45b732fa/1/AVoIet5Z9mT8DJ6f6sM2dtzqerE.roa
File: AVoIet5Z9mT8DJ6f6sM2dtzqerE.roa (raw, json)
Hash identifier: WeL8KMCg/XObbaAtp/wm0biMECxjKO2rmnj30aqcfAI=
Subject key identifier: 01:5A:08:7A:DE:59:F6:64:FC:0C:9E:9F:EA:C3:36:76:DC:EA:7A:B1
Certificate issuer: /CN=8fb620a4838ef6e21bcc26ad351262d7566eb275
Certificate serial: 018CC86F117635222B8FCE8D7F29ABAD4887
Authority key identifier: 8F:B6:20:A4:83:8E:F6:E2:1B:CC:26:AD:35:12:62:D7:56:6E:B2:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j7YgpIOO9uIbzCatNRJi11ZusnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/ec3512-71ba-441e-bfe1-da7d45b732fa/1/AVoIet5Z9mT8DJ6f6sM2dtzqerE.roa
Signing time: Tue 02 Jan 2024 04:29:31 +0000
ROA not before: Tue 02 Jan 2024 04:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43708
IP address blocks: 95.85.192.0/18 maxlen: 18
78.110.208.0/20 maxlen: 20
185.24.20.0/22 maxlen: 22
31.41.200.0/21 maxlen: 21
2a01:510::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:11:76:35:22:2b:8f:ce:8d:7f:29:ab:ad:48:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8fb620a4838ef6e21bcc26ad351262d7566eb275
Validity
Not Before: Jan 2 04:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=015a087ade59f664fc0c9e9feac33676dcea7ab1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:6c:ea:80:ee:95:06:ba:9b:f9:c9:ba:a9:ea:
f9:13:6a:32:85:e4:ef:92:61:37:94:f1:b6:2e:4f:
0d:f0:ca:7a:23:6a:ac:66:7a:87:4f:17:5f:10:e5:
d6:05:75:3f:12:fa:cd:2a:2d:e4:c3:e3:38:4b:ee:
6c:40:6c:63:e2:04:d3:d1:cf:dd:4a:12:32:14:97:
d0:d1:7b:63:28:0f:f5:78:dd:5f:09:b7:95:0d:0b:
db:5b:1d:ef:99:a8:c8:5e:fb:29:76:a5:65:a8:f3:
03:5a:93:3d:bd:8b:2e:f9:25:53:fa:61:34:31:4a:
f4:68:da:98:8f:5d:09:b1:d0:bf:5d:e8:80:e7:38:
9f:f1:bd:7f:58:84:13:d7:5e:08:a9:55:4a:6d:ca:
b3:ab:cf:e3:f3:ed:1b:58:21:70:4e:fe:2a:b7:10:
fa:c7:0c:6a:d5:e7:66:6e:39:df:91:1c:f3:65:d5:
17:25:86:cd:ed:9f:38:97:52:bc:88:01:58:c5:f6:
63:45:5e:5b:72:28:3e:c9:4c:04:97:b6:36:69:f5:
bd:57:c6:38:a8:ea:7a:7e:68:1a:81:12:3d:43:41:
dd:aa:c1:cf:7e:ea:d7:4d:01:ef:dc:bc:a9:c3:aa:
40:f3:39:c5:02:56:fe:7c:7d:42:b8:25:7b:dc:37:
44:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:5A:08:7A:DE:59:F6:64:FC:0C:9E:9F:EA:C3:36:76:DC:EA:7A:B1
X509v3 Authority Key Identifier:
keyid:8F:B6:20:A4:83:8E:F6:E2:1B:CC:26:AD:35:12:62:D7:56:6E:B2:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j7YgpIOO9uIbzCatNRJi11ZusnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ec3512-71ba-441e-bfe1-da7d45b732fa/1/AVoIet5Z9mT8DJ6f6sM2dtzqerE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ec3512-71ba-441e-bfe1-da7d45b732fa/1/j7YgpIOO9uIbzCatNRJi11ZusnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.200.0/21
78.110.208.0/20
95.85.192.0/18
185.24.20.0/22
IPv6:
2a01:510::/32
Signature Algorithm: sha256WithRSAEncryption
3c:26:da:ec:53:2e:ba:77:57:88:fe:51:f1:ce:56:89:34:eb:
62:32:cf:29:4d:62:14:96:b3:fa:eb:47:48:48:a2:aa:48:65:
ec:2c:21:4e:c4:d9:b6:b3:c5:8c:16:82:e6:f5:55:ca:12:8a:
70:42:ef:f5:71:de:e6:38:50:63:08:43:d3:b7:4d:cb:96:ab:
d2:6b:39:14:62:b8:15:2d:ff:39:bb:1a:fc:54:95:2d:49:53:
51:42:53:5d:77:13:a2:c1:93:4c:fc:14:cb:9f:bf:ba:6c:1b:
ed:d8:bc:1c:a1:d6:36:62:c5:a7:52:e8:ee:4f:1b:20:7a:19:
8a:3d:de:1d:da:70:f8:db:74:5a:88:54:b9:7d:d8:ed:6f:06:
c5:90:04:73:ad:3b:b1:f4:cc:4d:24:78:66:23:7a:59:c3:16:
11:1a:80:a6:ef:f2:da:0a:34:0b:b9:d3:10:42:4d:f2:5b:e7:
d5:f6:23:76:b3:49:10:d6:94:a2:c4:b7:3a:bd:04:bd:cd:3f:
7b:2f:b7:9e:3e:83:3e:b5:55:65:c1:83:14:54:a5:36:20:35:
ff:6a:e0:f5:50:f6:db:4b:12:e1:6d:04:ce:5f:ff:6a:fc:ac:
f3:56:35:10:1f:d1:cb:33:95:47:31:07:15:ee:e3:a6:b5:a6:
e9:da:38:6a
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzIbxF2NSIrj86NfymrrUiHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmYjYyMGE0ODM4ZWY2ZTIxYmNjMjZhZDM1MTI2MmQ3NTY2
ZWIyNzUwHhcNMjQwMTAyMDQyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTVhMDg3YWRlNTlmNjY0ZmMwYzllOWZlYWMzMzY3NmRjZWE3YWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2zqgO6VBrqb+cm6qer5E2oyheTv
kmE3lPG2Lk8N8Mp6I2qsZnqHTxdfEOXWBXU/EvrNKi3kw+M4S+5sQGxj4gTT0c/d
ShIyFJfQ0XtjKA/1eN1fCbeVDQvbWx3vmajIXvspdqVlqPMDWpM9vYsu+SVT+mE0
MUr0aNqYj10JsdC/XeiA5zif8b1/WIQT114IqVVKbcqzq8/j8+0bWCFwTv4qtxD6
xwxq1edmbjnfkRzzZdUXJYbN7Z84l1K8iAFYxfZjRV5bcig+yUwEl7Y2afW9V8Y4
qOp6fmgagRI9Q0HdqsHPfurXTQHv3Lypw6pA8znFAlb+fH1CuCV73DdEQQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFAFaCHreWfZk/Ayen+rDNnbc6nqxMB8GA1UdIwQY
MBaAFI+2IKSDjvbiG8wmrTUSYtdWbrJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajdZZ3BJT085dUliekNhdE5SSmkxMVp1c25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9lYzM1MTItNzFiYS00NDFlLWJmZTEt
ZGE3ZDQ1YjczMmZhLzEvQVZvSWV0NVo5bVQ4REo2ZjZzTTJkdHpxZXJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9lYzM1MTItNzFiYS00NDFlLWJmZTEtZGE3ZDQ1YjczMmZh
LzEvajdZZ3BJT085dUliekNhdE5SSmkxMVp1c25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDHynIAwQE
Tm7QAwQGX1XAAwQCuRgUMA0EAgACMAcDBQAqAQUQMA0GCSqGSIb3DQEBCwUAA4IB
AQA8JtrsUy66d1eI/lHxzlaJNOtiMs8pTWIUlrP660dISKKqSGXsLCFOxNm2s8WM
FoLm9VXKEopwQu/1cd7mOFBjCEPTt03LlqvSazkUYrgVLf85uxr8VJUtSVNRQlNd
dxOiwZNM/BTLn7+6bBvt2LwcodY2YsWnUujuTxsgehmKPd4d2nD423RaiFS5fdjt
bwbFkARzrTux9MxNJHhmI3pZwxYRGoCm7/LaCjQLudMQQk3yW+fV9iN2s0kQ1pSi
xLc6vQS9zT97L7eePoM+tVVlwYMUVKU2IDX/auD1UPbbSxLhbQTOX/9q/KzzVjUQ
H9HLM5VHMQcV7uOmtabp2jhq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:54 2024 by rpki-client on console-ams.rpki-client.org