Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/afd415-0a86-431f-bc3a-d43207d62dfe/1/cYvrpI-jg5dVNv6fVoTocv5zZ00.roa
File: cYvrpI-jg5dVNv6fVoTocv5zZ00.roa (raw, json)
Hash identifier: 4np5Czne4QER3Fdd31mH8ZFCHNgX0MPMOPCNiv+2lHQ=
Subject key identifier: 71:8B:EB:A4:8F:A3:83:97:55:36:FE:9F:56:84:E8:72:FE:73:67:4D
Certificate issuer: /CN=23394a125fa3ace0c47a6fe34f4086b4d3ba5588
Certificate serial: 0187DC07FAC03E4B28CAFF165415954A4BAD
Authority key identifier: 23:39:4A:12:5F:A3:AC:E0:C4:7A:6F:E3:4F:40:86:B4:D3:BA:55:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IzlKEl-jrODEem_jT0CGtNO6VYg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/afd415-0a86-431f-bc3a-d43207d62dfe/1/cYvrpI-jg5dVNv6fVoTocv5zZ00.roa
Signing time: Tue 02 May 2023 10:35:23 +0000
ROA not before: Tue 02 May 2023 10:35:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197248
IP address blocks: 109.61.64.0/18 maxlen: 18
77.111.96.0/20 maxlen: 20
62.112.192.0/19 maxlen: 19
93.88.192.0/20 maxlen: 20
109.61.96.0/19 maxlen: 19
109.61.0.0/17 maxlen: 17
109.61.0.0/18 maxlen: 19
109.61.22.0/24 maxlen: 24
77.111.64.0/19 maxlen: 21
109.61.64.0/20 maxlen: 20
2a01:be00::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:dc:07:fa:c0:3e:4b:28:ca:ff:16:54:15:95:4a:4b:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23394a125fa3ace0c47a6fe34f4086b4d3ba5588
Validity
Not Before: May 2 10:35:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=718beba48fa383975536fe9f5684e872fe73674d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:8c:da:6d:c0:ec:90:d5:c8:8a:03:33:c3:50:
a3:c6:c5:a2:eb:45:3e:19:1a:fb:9a:a8:82:f3:27:
be:fd:c9:97:b2:09:fb:e2:36:a3:19:91:95:8d:c3:
3b:4f:92:25:ca:45:af:22:fd:40:eb:b5:45:c8:ec:
65:ad:61:61:80:0b:c4:3d:0d:0d:ea:3c:1c:20:6d:
13:01:24:70:2c:2d:92:67:df:c2:bb:da:cf:22:6f:
34:18:8d:cb:d4:f4:6a:b3:2f:d9:ea:f6:83:bb:8d:
f7:24:b6:ca:7f:d1:77:d7:76:cd:e7:26:ae:9c:eb:
37:c2:b5:0e:c2:ec:b1:77:29:57:74:f0:54:43:71:
5d:d6:8e:10:13:62:39:97:24:3f:7e:77:bb:0d:61:
a8:60:45:17:ed:1b:ab:db:71:49:76:47:c0:f0:5e:
7a:0f:12:a5:1d:96:8b:4a:bf:4c:f8:6b:43:33:75:
8a:87:57:64:82:5c:ba:bb:7d:3b:1c:08:86:63:3a:
ec:3b:3e:f1:90:92:1a:c6:97:20:c3:c9:28:cc:fe:
5e:3d:44:73:b5:8b:db:93:89:3e:b6:4e:15:38:34:
2f:c0:32:40:fc:0d:be:40:ca:e2:1d:5c:61:30:64:
68:41:14:5f:8c:0b:30:70:b5:40:87:99:8b:ec:76:
f0:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:8B:EB:A4:8F:A3:83:97:55:36:FE:9F:56:84:E8:72:FE:73:67:4D
X509v3 Authority Key Identifier:
keyid:23:39:4A:12:5F:A3:AC:E0:C4:7A:6F:E3:4F:40:86:B4:D3:BA:55:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IzlKEl-jrODEem_jT0CGtNO6VYg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/afd415-0a86-431f-bc3a-d43207d62dfe/1/cYvrpI-jg5dVNv6fVoTocv5zZ00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/afd415-0a86-431f-bc3a-d43207d62dfe/1/IzlKEl-jrODEem_jT0CGtNO6VYg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.112.192.0/19
77.111.64.0-77.111.111.255
93.88.192.0/20
109.61.0.0/17
IPv6:
2a01:be00::/32
Signature Algorithm: sha256WithRSAEncryption
70:eb:76:a3:f2:68:c2:da:f0:26:d7:f7:84:87:52:6b:ce:f6:
6a:a7:f2:fd:5e:31:fe:ad:e4:08:2f:c9:f9:9d:7a:b4:61:e1:
ec:f8:3e:6a:b5:b9:80:63:16:13:82:9e:41:61:ed:d1:b6:91:
fb:03:ed:71:83:9f:cb:f3:b6:43:9d:c8:fe:e4:9a:89:3f:67:
5b:23:3b:52:23:da:2f:74:6a:4f:9b:9f:b1:d5:7a:16:a9:73:
23:10:cf:a6:b9:5c:b5:2a:98:a6:ec:e0:73:f4:1b:93:b9:e0:
98:27:4f:00:96:52:b1:2e:19:bd:78:8d:29:49:d6:2f:45:9d:
1d:a1:dd:25:fd:f4:ff:80:37:94:37:87:85:4e:bf:a8:17:5c:
e0:66:0d:e7:89:94:b4:dd:2a:65:3a:ba:ca:65:47:d1:27:72:
d1:ff:3e:69:62:f6:3a:8a:ce:1a:36:75:b7:58:e1:f7:8f:f1:
f2:2b:26:4c:a8:68:fa:3a:c1:94:04:11:7e:f8:87:b1:4f:35:
76:2c:11:56:4e:cd:ab:2d:44:47:71:59:28:71:4c:7b:30:da:
8a:40:59:f4:70:a6:32:47:6a:bf:6d:27:76:ba:a5:df:27:6d:
c4:6d:7f:d7:50:90:ec:54:74:be:49:97:b6:6e:e3:52:ec:4a:
e7:07:6f:f3
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYfcB/rAPksoyv8WVBWVSkutMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMzk0YTEyNWZhM2FjZTBjNDdhNmZlMzRmNDA4NmI0ZDNi
YTU1ODgwHhcNMjMwNTAyMTAzNTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MThiZWJhNDhmYTM4Mzk3NTUzNmZlOWY1Njg0ZTg3MmZlNzM2NzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYzabcDskNXIigMzw1CjxsWi60U+
GRr7mqiC8ye+/cmXsgn74jajGZGVjcM7T5IlykWvIv1A67VFyOxlrWFhgAvEPQ0N
6jwcIG0TASRwLC2SZ9/Cu9rPIm80GI3L1PRqsy/Z6vaDu433JLbKf9F313bN5yau
nOs3wrUOwuyxdylXdPBUQ3Fd1o4QE2I5lyQ/fne7DWGoYEUX7Rur23FJdkfA8F56
DxKlHZaLSr9M+GtDM3WKh1dkgly6u307HAiGYzrsOz7xkJIaxpcgw8kozP5ePURz
tYvbk4k+tk4VODQvwDJA/A2+QMriHVxhMGRoQRRfjAswcLVAh5mL7HbwqQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFHGL66SPo4OXVTb+n1aE6HL+c2dNMB8GA1UdIwQY
MBaAFCM5ShJfo6zgxHpv409AhrTTulWIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXpsS0VsLWpyT0RFZW1falQwQ0d0Tk82VllnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9hZmQ0MTUtMGE4Ni00MzFmLWJjM2Et
ZDQzMjA3ZDYyZGZlLzEvY1l2cnBJLWpnNWRWTnY2ZlZvVG9jdjV6WjAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9hZmQ0MTUtMGE4Ni00MzFmLWJjM2EtZDQzMjA3ZDYyZGZl
LzEvSXpsS0VsLWpyT0RFZW1falQwQ0d0Tk82VllnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQFPnDAMAwD
BAZNb0ADBARNb2ADBARdWMADBAdtPQAwDQQCAAIwBwMFACoBvgAwDQYJKoZIhvcN
AQELBQADggEBAHDrdqPyaMLa8CbX94SHUmvO9mqn8v1eMf6t5AgvyfmderRh4ez4
Pmq1uYBjFhOCnkFh7dG2kfsD7XGDn8vztkOdyP7kmok/Z1sjO1Ij2i90ak+bn7HV
ehapcyMQz6a5XLUqmKbs4HP0G5O54JgnTwCWUrEuGb14jSlJ1i9FnR2h3SX99P+A
N5Q3h4VOv6gXXOBmDeeJlLTdKmU6usplR9EnctH/Pmli9jqKzho2dbdY4feP8fIr
JkyoaPo6wZQEEX74h7FPNXYsEVZOzastREdxWShxTHsw2opAWfRwpjJHar9tJ3a6
pd8nbcRtf9dQkOxUdL5Jl7Zu41LsSucHb/M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:39 2024 by rpki-client on console-fra.rpki-client.org