Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/8d6943-ca75-4372-b77f-5c6502bffa1f/1/s8FfzT_kpnmoCvXXnsJ5qXMgcGw.roa
File: s8FfzT_kpnmoCvXXnsJ5qXMgcGw.roa (raw, json)
Hash identifier: AswRC6bPHTrmfYppMl0D9WR8jvfKQoGI+dWUUgXntCE=
Subject key identifier: B3:C1:5F:CD:3F:E4:A6:79:A8:0A:F5:D7:9E:C2:79:A9:73:20:70:6C
Certificate issuer: /CN=c6d18653fbfb6fd5732dc940c1d65d77ab0bbfa3
Certificate serial: 018573F1B62006C33BF840A506B903DBB5DF
Authority key identifier: C6:D1:86:53:FB:FB:6F:D5:73:2D:C9:40:C1:D6:5D:77:AB:0B:BF:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xtGGU_v7b9VzLclAwdZdd6sLv6M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/8d6943-ca75-4372-b77f-5c6502bffa1f/1/s8FfzT_kpnmoCvXXnsJ5qXMgcGw.roa
Signing time: Mon 02 Jan 2023 19:24:58 +0000
ROA not before: Mon 02 Jan 2023 19:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31042
IP address blocks: 91.143.208.0/20 maxlen: 24
94.230.176.0/20 maxlen: 24
185.81.60.0/22 maxlen: 24
80.93.224.0/19 maxlen: 24
46.240.128.0/17 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:f1:b6:20:06:c3:3b:f8:40:a5:06:b9:03:db:b5:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6d18653fbfb6fd5732dc940c1d65d77ab0bbfa3
Validity
Not Before: Jan 2 19:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3c15fcd3fe4a679a80af5d79ec279a97320706c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:80:de:f4:2a:09:94:12:21:a9:00:56:60:23:
5d:ea:ed:45:14:1d:a5:aa:a7:d2:62:cb:01:9a:ad:
ae:57:f7:f3:6a:97:0a:4d:e7:b3:2e:80:05:d4:22:
0a:01:46:77:bb:8c:8a:d4:08:04:58:99:aa:92:1b:
ef:0f:9b:93:08:de:41:c3:80:5a:99:f7:85:f7:ca:
ae:b0:d0:f6:d3:d4:2f:da:5d:dc:55:ed:d8:ba:98:
76:60:2d:58:8e:bc:c3:4e:df:90:9c:1c:e8:09:a8:
80:3a:e1:97:f9:a3:29:8a:c0:cd:78:26:d5:75:49:
14:0f:4e:74:13:11:e3:ce:52:77:d1:3e:f9:2f:bb:
2d:89:0a:f9:30:e4:3c:2a:2f:a0:58:24:0e:e8:31:
c7:14:31:62:18:88:f7:af:dc:f4:1e:b4:f2:20:76:
fa:e4:5b:b9:6a:90:78:0b:24:c0:22:83:ad:b7:6a:
c8:eb:42:2d:72:41:49:ff:2a:56:69:05:d5:50:cf:
1e:70:18:07:49:87:11:62:3f:37:00:7f:8f:ba:ce:
8e:f6:95:87:8a:86:d7:fc:f8:da:84:2e:06:f0:06:
01:17:26:57:bd:f1:fd:88:98:ea:d3:41:1e:a3:14:
02:a2:f8:cf:49:ca:48:6a:27:69:4c:bb:f5:dc:17:
46:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:C1:5F:CD:3F:E4:A6:79:A8:0A:F5:D7:9E:C2:79:A9:73:20:70:6C
X509v3 Authority Key Identifier:
keyid:C6:D1:86:53:FB:FB:6F:D5:73:2D:C9:40:C1:D6:5D:77:AB:0B:BF:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xtGGU_v7b9VzLclAwdZdd6sLv6M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/8d6943-ca75-4372-b77f-5c6502bffa1f/1/s8FfzT_kpnmoCvXXnsJ5qXMgcGw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/8d6943-ca75-4372-b77f-5c6502bffa1f/1/xtGGU_v7b9VzLclAwdZdd6sLv6M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.240.128.0/17
80.93.224.0/19
91.143.208.0/20
94.230.176.0/20
185.81.60.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:e5:83:50:27:69:c6:ae:fb:1c:3d:c3:bb:52:03:41:30:06:
fd:4a:f1:d3:66:34:92:1c:d6:0c:17:a5:33:63:20:82:e8:8d:
8f:f4:fc:ab:4d:46:e3:6d:df:65:94:b4:7f:bc:af:b3:2b:00:
e3:78:96:01:12:42:96:a0:6f:fb:98:8b:19:c1:3b:88:77:e7:
ca:a1:0a:35:f8:eb:6d:55:09:2e:18:88:70:e7:39:71:5f:46:
6f:63:8b:7e:30:0c:78:54:09:b5:0b:41:e4:16:08:67:d3:16:
f7:d8:57:fd:2f:bf:ac:c8:9e:e7:ba:77:1c:a6:1f:a5:bb:7d:
70:3e:10:d8:8f:6c:08:d4:03:a9:a5:c1:ef:7f:28:2e:d2:98:
8a:ae:fc:dc:fe:fe:4b:54:e2:4d:a6:e9:39:e1:18:ac:30:53:
39:7a:6e:95:a1:5b:7b:b9:9c:ec:b7:7e:23:90:e5:30:84:98:
c0:21:5c:6e:31:45:ba:73:a6:18:7f:41:9d:76:64:4d:35:91:
79:9b:f1:68:25:26:bc:a8:d4:90:85:82:28:92:e8:f5:fa:ee:
98:9b:6f:91:bc:18:5e:93:3b:7b:b3:ce:99:79:1c:62:fb:b3:
99:ef:c7:43:c2:c9:06:95:22:c9:2d:6d:3c:d0:4b:59:9e:05:
01:9f:d2:9f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVz8bYgBsM7+EClBrkD27XfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ZDE4NjUzZmJmYjZmZDU3MzJkYzk0MGMxZDY1ZDc3YWIw
YmJmYTMwHhcNMjMwMTAyMTkyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2MxNWZjZDNmZTRhNjc5YTgwYWY1ZDc5ZWMyNzlhOTczMjA3MDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgoDe9CoJlBIhqQBWYCNd6u1FFB2l
qqfSYssBmq2uV/fzapcKTeezLoAF1CIKAUZ3u4yK1AgEWJmqkhvvD5uTCN5Bw4Ba
mfeF98qusND209Qv2l3cVe3Yuph2YC1YjrzDTt+QnBzoCaiAOuGX+aMpisDNeCbV
dUkUD050ExHjzlJ30T75L7stiQr5MOQ8Ki+gWCQO6DHHFDFiGIj3r9z0HrTyIHb6
5Fu5apB4CyTAIoOtt2rI60ItckFJ/ypWaQXVUM8ecBgHSYcRYj83AH+Pus6O9pWH
iobX/PjahC4G8AYBFyZXvfH9iJjq00EeoxQCovjPScpIaidpTLv13BdGRQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLPBX80/5KZ5qAr1157CealzIHBsMB8GA1UdIwQY
MBaAFMbRhlP7+2/Vcy3JQMHWXXerC7+jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHRHR1VfdjdiOVZ6TGNsQXdkWmRkNnNMdjZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS84ZDY5NDMtY2E3NS00MzcyLWI3N2Yt
NWM2NTAyYmZmYTFmLzEvczhGZnpUX2twbm1vQ3ZYWG5zSjVxWE1nY0d3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS84ZDY5NDMtY2E3NS00MzcyLWI3N2YtNWM2NTAyYmZmYTFm
LzEveHRHR1VfdjdiOVZ6TGNsQXdkWmRkNnNMdjZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQHLvCAAwQF
UF3gAwQEW4/QAwQEXuawAwQCuVE8MA0GCSqGSIb3DQEBCwUAA4IBAQBs5YNQJ2nG
rvscPcO7UgNBMAb9SvHTZjSSHNYMF6UzYyCC6I2P9PyrTUbjbd9llLR/vK+zKwDj
eJYBEkKWoG/7mIsZwTuId+fKoQo1+OttVQkuGIhw5zlxX0ZvY4t+MAx4VAm1C0Hk
Fghn0xb32Ff9L7+syJ7nunccph+lu31wPhDYj2wI1AOppcHvfygu0piKrvzc/v5L
VOJNpuk54RisMFM5em6VoVt7uZzst34jkOUwhJjAIVxuMUW6c6YYf0GddmRNNZF5
m/FoJSa8qNSQhYIokuj1+u6Ym2+RvBhekzt7s86ZeRxi+7OZ78dDwskGlSLJLW08
0EtZngUBn9Kf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:42 2024 by rpki-client on console-ams.rpki-client.org