Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/afd415-0a86-431f-bc3a-d43207d62dfe/1/1-PEBzPPuspXADL0Ede2JqGtojE8.roa
File: 1-PEBzPPuspXADL0Ede2JqGtojE8.roa (raw, json)
Hash identifier: FOnP2uI8ftG/eF3Uyn9AH7G9iiACLYIPh/3i1KNXq/Q=
Subject key identifier: F8:F1:01:CC:F3:EE:B2:95:C0:0C:BD:04:75:ED:89:A8:6B:68:8C:4F
Certificate issuer: /CN=23394a125fa3ace0c47a6fe34f4086b4d3ba5588
Certificate serial: 018BD80842361667C53B7C9A196E73A39F1F
Authority key identifier: 23:39:4A:12:5F:A3:AC:E0:C4:7A:6F:E3:4F:40:86:B4:D3:BA:55:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IzlKEl-jrODEem_jT0CGtNO6VYg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/afd415-0a86-431f-bc3a-d43207d62dfe/1/1-PEBzPPuspXADL0Ede2JqGtojE8.roa
Signing time: Thu 16 Nov 2023 12:08:21 +0000
ROA not before: Thu 16 Nov 2023 12:08:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197248
IP address blocks: 77.111.96.0/20 maxlen: 24
93.88.192.0/21 maxlen: 21
93.88.194.0/24 maxlen: 24
109.61.0.0/22 maxlen: 22
109.61.0.0/18 maxlen: 22
109.61.8.0/21 maxlen: 21
77.111.64.0/19 maxlen: 21
77.111.88.0/21 maxlen: 24
62.112.192.0/19 maxlen: 19
109.61.96.0/21 maxlen: 21
109.61.112.0/20 maxlen: 20
109.61.22.0/24 maxlen: 24
109.61.20.0/22 maxlen: 22
109.61.24.0/21 maxlen: 21
109.61.32.0/19 maxlen: 19
109.61.64.0/20 maxlen: 20
2a01:be00::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d8:08:42:36:16:67:c5:3b:7c:9a:19:6e:73:a3:9f:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23394a125fa3ace0c47a6fe34f4086b4d3ba5588
Validity
Not Before: Nov 16 12:08:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f8f101ccf3eeb295c00cbd0475ed89a86b688c4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:85:52:e3:7d:c7:44:e4:92:06:bc:5a:51:2e:
6b:a8:79:3b:f0:07:7f:c1:71:b4:95:66:f1:9e:59:
fa:c3:8b:03:f0:ef:f3:d4:73:83:a5:a9:5b:43:f2:
e9:79:c0:c1:e1:7d:54:08:b0:31:5e:1a:f1:d4:b2:
7c:03:0f:74:5e:95:f0:5b:54:cf:a4:32:7e:f3:c0:
eb:3a:4d:7a:70:49:6b:61:50:a3:f4:e6:0c:9c:c4:
68:4c:cd:5d:6a:e7:30:f2:44:1e:7e:bd:3a:c3:41:
08:5a:82:62:83:bf:6f:f4:bc:3d:d2:ad:3f:bb:b1:
65:4b:c5:fc:6f:21:98:9d:7a:3f:20:9c:c5:5e:c4:
97:94:e2:ad:d0:95:85:3b:62:2c:2f:3f:9a:a9:ba:
4c:a0:56:e7:71:00:27:03:79:31:37:7a:bc:ce:f9:
be:b0:88:3e:c4:b2:60:e6:d8:6b:09:b1:e8:83:3b:
56:36:14:e5:75:de:eb:ff:ef:47:e8:d8:55:76:a9:
38:99:b3:56:d4:14:87:9a:09:09:12:51:91:ec:60:
4f:89:67:f0:82:d0:eb:0b:7b:09:dd:14:bb:d5:30:
2b:94:d8:21:5b:4b:c3:da:8c:31:d2:e7:a6:ee:58:
9f:ef:30:13:b3:f7:79:72:1b:b7:da:bd:69:6c:fe:
d2:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:F1:01:CC:F3:EE:B2:95:C0:0C:BD:04:75:ED:89:A8:6B:68:8C:4F
X509v3 Authority Key Identifier:
keyid:23:39:4A:12:5F:A3:AC:E0:C4:7A:6F:E3:4F:40:86:B4:D3:BA:55:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IzlKEl-jrODEem_jT0CGtNO6VYg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/afd415-0a86-431f-bc3a-d43207d62dfe/1/1-PEBzPPuspXADL0Ede2JqGtojE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/afd415-0a86-431f-bc3a-d43207d62dfe/1/IzlKEl-jrODEem_jT0CGtNO6VYg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.112.192.0/19
77.111.64.0-77.111.111.255
93.88.192.0/21
109.61.0.0-109.61.79.255
109.61.96.0/21
109.61.112.0/20
IPv6:
2a01:be00::/32
Signature Algorithm: sha256WithRSAEncryption
3a:81:5c:aa:76:28:fa:54:ef:05:df:75:fe:c2:a4:c9:21:44:
93:5c:44:06:39:2b:f8:4f:7e:72:e7:6b:c0:d0:94:ba:dd:64:
43:ae:19:42:90:a1:02:a7:8c:86:73:3e:ce:ad:51:69:55:a2:
88:0c:62:f1:f0:81:c0:b5:70:78:c4:ad:7c:b2:ff:4e:23:15:
b8:f8:11:11:a2:b6:82:e1:8a:57:a5:07:c8:3f:71:30:ec:bf:
44:37:af:b4:fa:75:45:7c:80:8b:3d:58:13:4b:8c:40:60:98:
9a:89:49:ef:62:67:d4:07:26:2f:49:01:0e:59:80:53:19:70:
10:4b:88:b5:54:f8:8d:50:d7:06:6c:f0:24:18:6c:b3:59:8c:
e0:23:81:ce:a0:f1:cb:6c:f0:75:ad:6c:0b:b6:92:f0:bd:b0:
c1:4b:5f:e0:d6:47:c5:2d:0a:df:41:41:ed:09:91:50:e1:c4:
e2:3b:0b:80:fe:7d:cd:9b:ae:af:f6:da:2d:b2:ef:fd:22:17:
be:e6:9f:09:25:36:ee:61:c0:71:99:be:7c:6a:e9:7d:c5:a2:
56:0c:09:cd:d3:e9:53:e7:a4:77:42:74:25:1a:33:82:ca:a4:
df:47:d4:d8:40:f7:93:21:64:0d:80:21:83:cb:32:c4:e2:c2:
5a:cc:ef:d1
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAYvYCEI2FmfFO3yaGW5zo58fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMzk0YTEyNWZhM2FjZTBjNDdhNmZlMzRmNDA4NmI0ZDNi
YTU1ODgwHhcNMjMxMTE2MTIwODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGYxMDFjY2YzZWViMjk1YzAwY2JkMDQ3NWVkODlhODZiNjg4YzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4VS433HROSSBrxaUS5rqHk78Ad/
wXG0lWbxnln6w4sD8O/z1HODpalbQ/LpecDB4X1UCLAxXhrx1LJ8Aw90XpXwW1TP
pDJ+88DrOk16cElrYVCj9OYMnMRoTM1daucw8kQefr06w0EIWoJig79v9Lw90q0/
u7FlS8X8byGYnXo/IJzFXsSXlOKt0JWFO2IsLz+aqbpMoFbncQAnA3kxN3q8zvm+
sIg+xLJg5thrCbHogztWNhTldd7r/+9H6NhVdqk4mbNW1BSHmgkJElGR7GBPiWfw
gtDrC3sJ3RS71TArlNghW0vD2owx0uem7lif7zATs/d5chu32r1pbP7S6QIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFPjxAczz7rKVwAy9BHXtiahraIxPMB8GA1UdIwQY
MBaAFCM5ShJfo6zgxHpv409AhrTTulWIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXpsS0VsLWpyT0RFZW1falQwQ0d0Tk82VllnLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9hZmQ0MTUtMGE4Ni00MzFmLWJjM2Et
ZDQzMjA3ZDYyZGZlLzEvMS1QRUJ6UFB1c3BYQURMMEVkZTJKcUd0b2pFOC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvN2YvYWZkNDE1LTBhODYtNDMxZi1iYzNhLWQ0MzIwN2Q2MmRm
ZS8xL0l6bEtFbC1qck9ERWVtX2pUMENHdE5PNlZZZy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBbBggrBgEFBQcBBwEB/wRMMEowOQQCAAEwMwMEBT5wwDAM
AwQGTW9AAwQETW9gAwQDXVjAMAsDAwBtPQMEBG09QAMEA209YAMEBG09cDANBAIA
AjAHAwUAKgG+ADANBgkqhkiG9w0BAQsFAAOCAQEAOoFcqnYo+lTvBd91/sKkySFE
k1xEBjkr+E9+cudrwNCUut1kQ64ZQpChAqeMhnM+zq1RaVWiiAxi8fCBwLVweMSt
fLL/TiMVuPgREaK2guGKV6UHyD9xMOy/RDevtPp1RXyAiz1YE0uMQGCYmolJ72Jn
1AcmL0kBDlmAUxlwEEuItVT4jVDXBmzwJBhss1mM4COBzqDxy2zwda1sC7aS8L2w
wUtf4NZHxS0K30FB7QmRUOHE4jsLgP59zZuur/baLbLv/SIXvuafCSU27mHAcZm+
fGrpfcWiVgwJzdPpU+ekd0J0JRozgsqk30fU2ED3kyFkDYAhg8syxOLCWszv0Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:13 2024 by rpki-client on console-ams.rpki-client.org