Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/70c477-a8cd-4a72-b669-1f93c239a012/1/ajtlzro2416EKtFWJDPs2Ftz_DQ.roa
File: ajtlzro2416EKtFWJDPs2Ftz_DQ.roa (raw, json)
Hash identifier: Mf5+VOxKqiER6GmfpcRvGW1CLTZ6sr150ZuxuNzSWnM=
Subject key identifier: 6A:3B:65:CE:BA:36:E3:5E:84:2A:D1:56:24:33:EC:D8:5B:73:FC:34
Certificate issuer: /CN=1bd2d463ae15346d5edd7937b8bfa8e09b14376d
Certificate serial: 018934CBF9F54BC9DE87DC78BF8292635591
Authority key identifier: 1B:D2:D4:63:AE:15:34:6D:5E:DD:79:37:B8:BF:A8:E0:9B:14:37:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G9LUY64VNG1e3Xk3uL-o4JsUN20.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/70c477-a8cd-4a72-b669-1f93c239a012/1/ajtlzro2416EKtFWJDPs2Ftz_DQ.roa
Signing time: Sat 08 Jul 2023 09:18:50 +0000
ROA not before: Sat 08 Jul 2023 09:18:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204467
IP address blocks: 185.247.156.0/22 maxlen: 22
92.39.48.0/20 maxlen: 20
92.39.48.0/21 maxlen: 21
2a0d:c680::/29 maxlen: 29
2a01:6dc0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:34:cb:f9:f5:4b:c9:de:87:dc:78:bf:82:92:63:55:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bd2d463ae15346d5edd7937b8bfa8e09b14376d
Validity
Not Before: Jul 8 09:18:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a3b65ceba36e35e842ad1562433ecd85b73fc34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:56:cc:7a:87:b0:29:c3:f0:91:c1:86:6d:55:
f4:3c:30:89:db:1c:f8:f9:d0:08:05:9b:a2:08:ec:
1e:54:20:1d:b5:5a:3f:98:77:ef:f6:48:46:b6:9c:
7d:66:9c:44:d7:7a:c7:f8:13:8b:6e:bf:b3:6d:a6:
10:ae:b1:75:fb:0a:b8:03:53:29:54:11:a4:1d:a3:
a2:2f:39:8e:5a:c9:8a:6a:49:c6:10:f5:cb:57:57:
0b:36:c3:d6:8e:a6:99:9c:79:c4:43:eb:99:69:e6:
37:d5:46:9d:da:51:52:3f:ba:50:69:d8:85:32:c7:
ce:58:ba:29:20:45:eb:26:c4:ad:50:49:fa:d6:8b:
bd:fe:9c:cb:67:27:35:9e:89:97:a8:03:70:c5:19:
29:26:c3:f3:6c:96:2b:f7:30:a5:6a:7b:b4:33:90:
64:18:87:eb:1d:45:a0:0c:19:b4:55:b9:52:26:56:
5f:f1:9a:f9:2d:8f:1b:bd:43:10:ba:3b:77:5d:5d:
0a:38:75:99:40:14:2a:a4:21:e9:03:23:d5:89:67:
bb:0d:92:f2:9f:c5:23:92:1e:09:66:09:1a:be:1b:
00:16:a2:a1:b9:48:18:01:55:b8:35:22:b7:8d:1e:
65:6a:82:80:0a:37:f0:dc:66:40:35:17:cf:cc:e1:
36:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:3B:65:CE:BA:36:E3:5E:84:2A:D1:56:24:33:EC:D8:5B:73:FC:34
X509v3 Authority Key Identifier:
keyid:1B:D2:D4:63:AE:15:34:6D:5E:DD:79:37:B8:BF:A8:E0:9B:14:37:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G9LUY64VNG1e3Xk3uL-o4JsUN20.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/70c477-a8cd-4a72-b669-1f93c239a012/1/ajtlzro2416EKtFWJDPs2Ftz_DQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/70c477-a8cd-4a72-b669-1f93c239a012/1/G9LUY64VNG1e3Xk3uL-o4JsUN20.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.39.48.0/20
185.247.156.0/22
IPv6:
2a01:6dc0::/32
2a0d:c680::/29
Signature Algorithm: sha256WithRSAEncryption
2a:c3:6b:3c:2f:4c:99:35:e5:b5:fd:52:7d:3e:c1:ff:01:dd:
8a:f1:40:69:70:4f:6f:fe:53:a8:49:0b:f3:20:72:2a:69:64:
83:ce:f4:5e:86:24:a2:65:91:af:3f:69:20:b0:63:f1:f4:44:
a4:e7:91:f1:c8:5c:ae:50:1c:8c:bb:17:fb:38:8d:eb:2b:cb:
17:b9:37:91:02:d3:1a:37:94:e8:8f:47:65:1c:1f:ca:45:58:
73:38:63:58:c4:d8:e2:bd:cb:1d:32:71:79:3c:1b:2b:eb:6f:
0c:72:45:67:0e:9a:58:81:b2:1b:42:ce:09:8d:1e:83:65:85:
fc:15:dc:56:ce:94:08:b9:d1:a3:e8:c4:f7:7b:99:dc:42:b4:
e2:cd:58:39:4d:0f:68:9b:70:ec:cc:8d:eb:b1:76:eb:7f:bf:
77:20:d2:8f:6e:90:af:e0:2b:e2:02:73:b0:a7:b1:9f:de:bc:
32:bd:fc:e0:54:6c:a5:cd:88:29:2b:ad:58:b8:87:bc:65:40:
86:02:b0:46:35:b7:9e:b7:c4:03:ea:dc:28:41:da:64:91:b2:
90:44:95:cb:db:00:2a:f3:38:5f:e1:0e:55:70:0a:09:7a:0c:
6e:ce:3b:36:ad:b7:35:ab:cf:c8:08:a6:51:ec:76:a5:d8:88:
24:79:99:49
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYk0y/n1S8neh9x4v4KSY1WRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZDJkNDYzYWUxNTM0NmQ1ZWRkNzkzN2I4YmZhOGUwOWIx
NDM3NmQwHhcNMjMwNzA4MDkxODUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTNiNjVjZWJhMzZlMzVlODQyYWQxNTYyNDMzZWNkODViNzNmYzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVbMeoewKcPwkcGGbVX0PDCJ2xz4
+dAIBZuiCOweVCAdtVo/mHfv9khGtpx9ZpxE13rH+BOLbr+zbaYQrrF1+wq4A1Mp
VBGkHaOiLzmOWsmKaknGEPXLV1cLNsPWjqaZnHnEQ+uZaeY31Uad2lFSP7pQadiF
MsfOWLopIEXrJsStUEn61ou9/pzLZyc1nomXqANwxRkpJsPzbJYr9zClanu0M5Bk
GIfrHUWgDBm0VblSJlZf8Zr5LY8bvUMQujt3XV0KOHWZQBQqpCHpAyPViWe7DZLy
n8Ujkh4JZgkavhsAFqKhuUgYAVW4NSK3jR5laoKACjfw3GZANRfPzOE2LQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFGo7Zc66NuNehCrRViQz7Nhbc/w0MB8GA1UdIwQY
MBaAFBvS1GOuFTRtXt15N7i/qOCbFDdtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzlMVVk2NFZORzFlM1hrM3VMLW80SnNVTjIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC83MGM0NzctYThjZC00YTcyLWI2Njkt
MWY5M2MyMzlhMDEyLzEvYWp0bHpybzI0MTZFS3RGV0pEUHMyRnR6X0RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC83MGM0NzctYThjZC00YTcyLWI2NjktMWY5M2MyMzlhMDEy
LzEvRzlMVVk2NFZORzFlM1hrM3VMLW80SnNVTjIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQEXCcwAwQC
ufecMBQEAgACMA4DBQAqAW3AAwUDKg3GgDANBgkqhkiG9w0BAQsFAAOCAQEAKsNr
PC9MmTXltf1SfT7B/wHdivFAaXBPb/5TqEkL8yByKmlkg870XoYkomWRrz9pILBj
8fREpOeR8chcrlAcjLsX+ziN6yvLF7k3kQLTGjeU6I9HZRwfykVYczhjWMTY4r3L
HTJxeTwbK+tvDHJFZw6aWIGyG0LOCY0eg2WF/BXcVs6UCLnRo+jE93uZ3EK04s1Y
OU0PaJtw7MyN67F263+/dyDSj26Qr+Ar4gJzsKexn968Mr384FRspc2IKSutWLiH
vGVAhgKwRjW3nrfEA+rcKEHaZJGykESVy9sAKvM4X+EOVXAKCXoMbs47Nq23NavP
yAimUex2pdiIJHmZSQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:53 2024 by rpki-client on console-ams.rpki-client.org