Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/afd415-0a86-431f-bc3a-d43207d62dfe/1/WcypdWdw8WEfh45gRpc2P--pHBE.roa
File: WcypdWdw8WEfh45gRpc2P--pHBE.roa (raw, json)
Hash identifier: yvmXN5RvLgGET0vc4wrXfWV4uSSZyGkTE6/MMIpdgeU=
Subject key identifier: 59:CC:A9:75:67:70:F1:61:1F:87:8E:60:46:97:36:3F:EF:A9:1C:11
Certificate issuer: /CN=23394a125fa3ace0c47a6fe34f4086b4d3ba5588
Certificate serial: 0185F39DDEAF60123C560E3805F4BCD3D0E6
Authority key identifier: 23:39:4A:12:5F:A3:AC:E0:C4:7A:6F:E3:4F:40:86:B4:D3:BA:55:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IzlKEl-jrODEem_jT0CGtNO6VYg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/afd415-0a86-431f-bc3a-d43207d62dfe/1/WcypdWdw8WEfh45gRpc2P--pHBE.roa
Signing time: Fri 27 Jan 2023 14:24:47 +0000
ROA not before: Fri 27 Jan 2023 14:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197248
IP address blocks: 109.61.64.0/18 maxlen: 18
77.111.96.0/20 maxlen: 20
62.112.192.0/19 maxlen: 19
93.88.192.0/20 maxlen: 20
109.61.96.0/19 maxlen: 19
109.61.0.0/17 maxlen: 17
109.61.0.0/18 maxlen: 19
109.61.22.0/24 maxlen: 24
77.111.64.0/19 maxlen: 19
109.61.64.0/20 maxlen: 20
2a01:be00::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f3:9d:de:af:60:12:3c:56:0e:38:05:f4:bc:d3:d0:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23394a125fa3ace0c47a6fe34f4086b4d3ba5588
Validity
Not Before: Jan 27 14:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=59cca9756770f1611f878e604697363fefa91c11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:86:62:52:31:da:8b:0e:18:03:25:d5:3b:fa:
92:35:48:af:0f:a1:58:73:ad:ad:86:f1:17:a6:0a:
7f:74:19:20:29:d4:62:8e:a2:98:63:f6:07:16:fa:
da:bf:71:0b:d0:55:81:7b:25:4d:9a:2c:5c:e0:8a:
20:ce:53:c2:98:96:a2:e4:31:5e:a2:58:f9:cf:fd:
23:4b:fb:80:4d:84:80:91:45:e5:a5:f5:2b:f3:db:
66:45:d8:ce:b3:9a:3e:e8:85:1f:66:93:8b:0f:09:
ab:ad:27:fe:85:0b:9a:06:ea:6d:ed:bd:40:2a:e9:
de:e4:85:16:99:90:68:88:9f:d7:9d:b7:41:ec:d2:
ae:15:d9:85:75:4c:71:c7:01:81:40:1a:52:fc:da:
d5:1f:de:dd:57:07:92:19:03:61:3c:3b:75:f0:37:
56:02:73:da:3e:d4:0e:e4:42:4e:cd:a7:b7:04:67:
d5:a5:fb:68:1e:32:43:b9:75:40:ee:0d:67:ff:e0:
da:08:87:44:13:eb:14:8d:d1:ab:cc:d2:32:f3:70:
5e:72:6d:f3:e1:5d:39:21:90:3f:1d:82:60:eb:8f:
91:46:83:d1:1c:30:04:13:a6:62:2c:f3:67:9f:60:
fe:fb:6b:1a:0d:7c:36:ec:dd:92:81:30:af:c9:cb:
84:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:CC:A9:75:67:70:F1:61:1F:87:8E:60:46:97:36:3F:EF:A9:1C:11
X509v3 Authority Key Identifier:
keyid:23:39:4A:12:5F:A3:AC:E0:C4:7A:6F:E3:4F:40:86:B4:D3:BA:55:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IzlKEl-jrODEem_jT0CGtNO6VYg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/afd415-0a86-431f-bc3a-d43207d62dfe/1/WcypdWdw8WEfh45gRpc2P--pHBE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/afd415-0a86-431f-bc3a-d43207d62dfe/1/IzlKEl-jrODEem_jT0CGtNO6VYg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.112.192.0/19
77.111.64.0-77.111.111.255
93.88.192.0/20
109.61.0.0/17
IPv6:
2a01:be00::/32
Signature Algorithm: sha256WithRSAEncryption
96:a4:10:cd:01:9a:fd:cf:98:41:27:80:18:0d:e8:71:67:cf:
75:54:da:41:cd:13:59:44:63:23:81:f7:6d:ff:a5:15:e9:0d:
3c:ea:19:27:f7:29:c1:ac:1a:40:a4:8b:7a:af:ad:f5:12:88:
bf:4a:e7:d0:26:a3:70:fe:77:c0:8c:4b:37:50:18:ac:b1:0e:
fa:25:2e:b1:e6:76:6f:a5:1f:1c:dd:a3:f9:7f:cc:97:1a:5b:
98:c5:00:23:af:53:9d:05:a4:b8:61:99:de:c4:35:80:6a:c2:
63:75:71:0d:64:8c:38:1b:8f:20:6b:07:45:de:ff:21:5d:69:
0b:f9:f6:21:53:80:d3:51:7e:7e:df:5b:23:e9:b5:6e:22:df:
9c:ec:65:3e:0d:ec:a1:52:de:5b:06:63:78:2c:12:c2:ac:fd:
eb:7c:3d:ac:7e:b0:d9:9a:7c:e0:3c:8c:1c:fd:30:02:76:ee:
16:c5:d9:1a:24:f4:b3:0a:98:96:cb:9a:dc:f5:2a:bb:e7:74:
6f:84:3c:2b:a9:a1:2a:36:2e:ef:d6:ba:7a:a2:62:84:fa:6d:
90:39:14:2d:22:b3:12:52:31:03:f7:7d:9f:dd:ce:51:f8:7a:
95:ff:0d:4d:e0:43:47:05:57:94:e5:61:8d:e2:e3:1e:87:e4:
15:a7:b6:96
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYXznd6vYBI8Vg44BfS809DmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMzk0YTEyNWZhM2FjZTBjNDdhNmZlMzRmNDA4NmI0ZDNi
YTU1ODgwHhcNMjMwMTI3MTQyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWNjYTk3NTY3NzBmMTYxMWY4NzhlNjA0Njk3MzYzZmVmYTkxYzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiIZiUjHaiw4YAyXVO/qSNUivD6FY
c62thvEXpgp/dBkgKdRijqKYY/YHFvrav3EL0FWBeyVNmixc4IogzlPCmJai5DFe
olj5z/0jS/uATYSAkUXlpfUr89tmRdjOs5o+6IUfZpOLDwmrrSf+hQuaBupt7b1A
Kune5IUWmZBoiJ/XnbdB7NKuFdmFdUxxxwGBQBpS/NrVH97dVweSGQNhPDt18DdW
AnPaPtQO5EJOzae3BGfVpftoHjJDuXVA7g1n/+DaCIdEE+sUjdGrzNIy83Becm3z
4V05IZA/HYJg64+RRoPRHDAEE6ZiLPNnn2D++2saDXw27N2SgTCvycuEmwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFFnMqXVncPFhH4eOYEaXNj/vqRwRMB8GA1UdIwQY
MBaAFCM5ShJfo6zgxHpv409AhrTTulWIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXpsS0VsLWpyT0RFZW1falQwQ0d0Tk82VllnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9hZmQ0MTUtMGE4Ni00MzFmLWJjM2Et
ZDQzMjA3ZDYyZGZlLzEvV2N5cGRXZHc4V0VmaDQ1Z1JwYzJQLS1wSEJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9hZmQ0MTUtMGE4Ni00MzFmLWJjM2EtZDQzMjA3ZDYyZGZl
LzEvSXpsS0VsLWpyT0RFZW1falQwQ0d0Tk82VllnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQFPnDAMAwD
BAZNb0ADBARNb2ADBARdWMADBAdtPQAwDQQCAAIwBwMFACoBvgAwDQYJKoZIhvcN
AQELBQADggEBAJakEM0Bmv3PmEEngBgN6HFnz3VU2kHNE1lEYyOB923/pRXpDTzq
GSf3KcGsGkCki3qvrfUSiL9K59Amo3D+d8CMSzdQGKyxDvolLrHmdm+lHxzdo/l/
zJcaW5jFACOvU50FpLhhmd7ENYBqwmN1cQ1kjDgbjyBrB0Xe/yFdaQv59iFTgNNR
fn7fWyPptW4i35zsZT4N7KFS3lsGY3gsEsKs/et8Pax+sNmafOA8jBz9MAJ27hbF
2Rok9LMKmJbLmtz1KrvndG+EPCupoSo2Lu/WunqiYoT6bZA5FC0isxJSMQP3fZ/d
zlH4epX/DU3gQ0cFV5TlYY3i4x6H5BWntpY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:39 2024 by rpki-client on console-fra.rpki-client.org