Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/afd415-0a86-431f-bc3a-d43207d62dfe/1/yzA4Sf7Ch-AYPgXvI6886ljk7mg.roa
File: yzA4Sf7Ch-AYPgXvI6886ljk7mg.roa (raw, json)
Hash identifier: Hhc8cvfgB1Uu2zme77WVrje5KZdhWFz2Bq4ZciGLPKk=
Subject key identifier: CB:30:38:49:FE:C2:87:E0:18:3E:05:EF:23:AF:3C:EA:58:E4:EE:68
Certificate issuer: /CN=23394a125fa3ace0c47a6fe34f4086b4d3ba5588
Certificate serial: 018973C179EEB38A546E98ABC2D0F42E32A6
Authority key identifier: 23:39:4A:12:5F:A3:AC:E0:C4:7A:6F:E3:4F:40:86:B4:D3:BA:55:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IzlKEl-jrODEem_jT0CGtNO6VYg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/afd415-0a86-431f-bc3a-d43207d62dfe/1/yzA4Sf7Ch-AYPgXvI6886ljk7mg.roa
Signing time: Thu 20 Jul 2023 14:43:26 +0000
ROA not before: Thu 20 Jul 2023 14:43:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197248
IP address blocks: 77.111.96.0/20 maxlen: 24
93.88.192.0/20 maxlen: 24
62.112.192.0/19 maxlen: 19
109.61.96.0/19 maxlen: 21
109.61.0.0/18 maxlen: 19
109.61.22.0/24 maxlen: 24
77.111.64.0/19 maxlen: 21
109.61.64.0/20 maxlen: 20
77.111.88.0/21 maxlen: 24
2a01:be00::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:73:c1:79:ee:b3:8a:54:6e:98:ab:c2:d0:f4:2e:32:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23394a125fa3ace0c47a6fe34f4086b4d3ba5588
Validity
Not Before: Jul 20 14:43:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb303849fec287e0183e05ef23af3cea58e4ee68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:75:b7:e6:8c:3b:cb:ec:00:ef:05:ef:33:60:
cd:0f:f9:f5:ba:98:92:08:8a:20:02:73:d9:43:3c:
d8:7c:b3:74:c3:54:8d:a1:fb:11:b0:86:00:5b:b4:
da:90:ad:57:c2:0e:37:50:b8:6b:36:eb:b3:c7:05:
04:b0:da:29:e1:29:eb:0a:8e:2a:3f:c1:17:02:c4:
4a:b0:54:f1:0e:e5:cf:05:29:aa:00:5c:f9:4f:43:
8c:d0:64:1a:e7:c3:dc:c5:c4:0f:d9:a6:a3:82:5f:
ae:f2:95:45:90:c0:de:ee:e9:f7:80:0c:68:55:02:
35:1f:ea:cd:52:a4:ee:23:15:37:40:93:b8:b8:22:
01:3b:d2:f0:1e:6f:1f:87:4f:7a:f1:55:8c:5e:08:
83:73:ef:e8:af:b3:37:ff:e0:00:94:d1:03:1d:89:
84:7e:2c:9a:69:21:e5:e6:64:fc:ec:1a:34:f2:58:
14:90:63:90:12:65:5f:41:4e:4a:78:27:db:f1:f2:
d3:ea:53:e2:8e:03:95:b9:fe:66:92:a4:73:26:64:
2b:dd:2e:a2:a7:ae:f0:52:4a:79:a8:a1:52:12:ae:
dd:7a:3e:f5:d6:31:d8:a9:ea:91:8c:f1:b3:a4:c7:
2d:82:52:ac:91:46:af:39:32:22:10:7f:82:30:06:
ee:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:30:38:49:FE:C2:87:E0:18:3E:05:EF:23:AF:3C:EA:58:E4:EE:68
X509v3 Authority Key Identifier:
keyid:23:39:4A:12:5F:A3:AC:E0:C4:7A:6F:E3:4F:40:86:B4:D3:BA:55:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IzlKEl-jrODEem_jT0CGtNO6VYg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/afd415-0a86-431f-bc3a-d43207d62dfe/1/yzA4Sf7Ch-AYPgXvI6886ljk7mg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/afd415-0a86-431f-bc3a-d43207d62dfe/1/IzlKEl-jrODEem_jT0CGtNO6VYg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.112.192.0/19
77.111.64.0-77.111.111.255
93.88.192.0/20
109.61.0.0-109.61.79.255
109.61.96.0/19
IPv6:
2a01:be00::/32
Signature Algorithm: sha256WithRSAEncryption
03:2b:3b:67:a6:91:43:fe:98:f4:20:f8:83:7e:20:3d:70:cc:
0b:6f:44:6e:1d:c3:d2:b3:9b:68:dd:db:c5:f4:44:64:75:7e:
6c:71:ab:35:d8:ae:6e:b6:71:ca:65:19:0d:f7:c4:ff:7d:46:
70:29:d6:55:ef:f3:71:4c:15:83:b2:ce:14:f0:a4:65:55:c0:
76:c0:66:e2:6d:07:ca:d5:fb:84:15:35:5d:6c:b0:53:2a:a9:
ce:8f:87:88:3f:d3:af:2f:70:a6:c9:09:05:1e:64:7d:7b:3a:
43:95:82:bd:43:d8:44:ad:2b:ac:d3:56:8b:fd:55:3f:3d:54:
6f:b4:65:7e:6e:29:05:dc:f3:9d:2b:b6:c6:35:df:45:30:f8:
53:60:ce:0c:a6:21:a1:58:0d:65:88:a1:ff:72:45:ce:b6:19:
42:f9:2a:cf:54:af:79:7a:d4:a2:af:4e:3d:fb:09:f9:8f:ab:
1a:16:88:4a:79:48:de:5c:cb:63:e9:b1:eb:5a:bb:a9:d1:cb:
17:0f:6d:3d:c4:a7:f0:1f:bf:a8:6e:ae:92:eb:54:1e:dd:07:
94:58:0a:cb:06:f2:d7:fa:13:bf:3a:55:3f:55:a2:54:4b:cf:
29:da:89:b5:82:12:03:1f:2b:c1:8e:59:ad:5d:db:18:38:bc:
6a:5f:c5:d9
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYlzwXnus4pUbpirwtD0LjKmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMzk0YTEyNWZhM2FjZTBjNDdhNmZlMzRmNDA4NmI0ZDNi
YTU1ODgwHhcNMjMwNzIwMTQ0MzI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjMwMzg0OWZlYzI4N2UwMTgzZTA1ZWYyM2FmM2NlYTU4ZTRlZTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhnW35ow7y+wA7wXvM2DND/n1upiS
CIogAnPZQzzYfLN0w1SNofsRsIYAW7TakK1Xwg43ULhrNuuzxwUEsNop4SnrCo4q
P8EXAsRKsFTxDuXPBSmqAFz5T0OM0GQa58PcxcQP2aajgl+u8pVFkMDe7un3gAxo
VQI1H+rNUqTuIxU3QJO4uCIBO9LwHm8fh0968VWMXgiDc+/or7M3/+AAlNEDHYmE
fiyaaSHl5mT87Bo08lgUkGOQEmVfQU5KeCfb8fLT6lPijgOVuf5mkqRzJmQr3S6i
p67wUkp5qKFSEq7dej711jHYqeqRjPGzpMctglKskUavOTIiEH+CMAbuvQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFMswOEn+wofgGD4F7yOvPOpY5O5oMB8GA1UdIwQY
MBaAFCM5ShJfo6zgxHpv409AhrTTulWIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXpsS0VsLWpyT0RFZW1falQwQ0d0Tk82VllnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9hZmQ0MTUtMGE4Ni00MzFmLWJjM2Et
ZDQzMjA3ZDYyZGZlLzEveXpBNFNmN0NoLUFZUGdYdkk2ODg2bGprN21nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9hZmQ0MTUtMGE4Ni00MzFmLWJjM2EtZDQzMjA3ZDYyZGZl
LzEvSXpsS0VsLWpyT0RFZW1falQwQ0d0Tk82VllnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAzBAIAATAtAwQFPnDAMAwD
BAZNb0ADBARNb2ADBARdWMAwCwMDAG09AwQEbT1AAwQFbT1gMA0EAgACMAcDBQAq
Ab4AMA0GCSqGSIb3DQEBCwUAA4IBAQADKztnppFD/pj0IPiDfiA9cMwLb0RuHcPS
s5to3dvF9ERkdX5scas12K5utnHKZRkN98T/fUZwKdZV7/NxTBWDss4U8KRlVcB2
wGbibQfK1fuEFTVdbLBTKqnOj4eIP9OvL3CmyQkFHmR9ezpDlYK9Q9hErSus01aL
/VU/PVRvtGV+bikF3POdK7bGNd9FMPhTYM4MpiGhWA1liKH/ckXOthlC+SrPVK95
etSir049+wn5j6saFohKeUjeXMtj6bHrWrup0csXD209xKfwH7+obq6S61Qe3QeU
WArLBvLX+hO/OlU/VaJUS88p2om1ghIDHyvBjlmtXdsYOLxqX8XZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:13 2024 by rpki-client on console-ams.rpki-client.org