Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/0wDYOwSWETxbSphNfrvyuoqqOJA.roa
File: 0wDYOwSWETxbSphNfrvyuoqqOJA.roa (raw, json)
Hash identifier: Guut39Ze+H1wBOryaoyTn9iPdODUjqZ+X9L3pe2YBT0=
Subject key identifier: D3:00:D8:3B:04:96:11:3C:5B:4A:98:4D:7E:BB:F2:BA:8A:AA:38:90
Certificate issuer: /CN=a29d9751f3675f51332734da68ea960260045b12
Certificate serial: 0D788DD9
Authority key identifier: A2:9D:97:51:F3:67:5F:51:33:27:34:DA:68:EA:96:02:60:04:5B:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/op2XUfNnX1EzJzTaaOqWAmAEWxI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/0wDYOwSWETxbSphNfrvyuoqqOJA.roa
Signing time: Sat 01 Jan 2022 14:02:12 +0000
ROA not before: Sat 01 Jan 2022 14:02:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49037
IP address blocks: 185.9.184.0/22 maxlen: 24
80.72.16.0/21 maxlen: 32
95.174.96.0/19 maxlen: 24
80.72.24.0/22 maxlen: 32
185.230.240.0/22 maxlen: 24
2a00:8740::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 226004441 (0xd788dd9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a29d9751f3675f51332734da68ea960260045b12
Validity
Not Before: Jan 1 14:02:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d300d83b0496113c5b4a984d7ebbf2ba8aaa3890
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:7f:84:eb:98:5f:12:07:7a:27:1a:fb:08:28:
d7:86:1d:f0:24:3b:46:59:d7:25:3c:24:0c:b2:0e:
5d:71:e6:9a:91:e1:7e:4e:a4:ab:06:80:e1:ee:27:
12:1b:f7:b0:d7:02:f4:52:b7:f0:50:94:ee:ee:28:
c6:64:1e:5b:5c:a9:12:df:d9:79:fc:76:1b:74:01:
51:5d:2f:1e:0b:84:0c:5a:3b:ca:a6:ac:91:65:82:
21:d4:3b:24:06:97:72:b8:62:12:c9:c5:5a:c9:d1:
0f:10:4b:03:d4:97:c8:98:3d:66:e5:70:27:a0:58:
33:be:71:a6:78:23:93:a3:de:78:73:ca:0e:0d:4c:
17:77:f3:b1:c7:90:25:6d:54:d0:d1:91:e9:47:bd:
e3:ac:a5:d1:bf:fc:de:3c:a9:0f:d4:1a:47:68:73:
c3:3f:d8:ab:e5:8e:b9:13:f9:c3:8b:b1:cf:d1:0d:
ec:c8:fd:0c:dc:22:bb:10:15:8b:25:fd:68:10:18:
a2:03:8a:2b:c5:3b:05:46:15:c5:6f:58:72:ae:51:
cf:b2:bc:f8:64:34:f6:aa:e5:2d:8c:cc:e7:25:b8:
9d:2b:e7:47:06:54:bc:f8:63:00:88:4d:ea:eb:e3:
64:c0:51:40:7d:f3:92:4f:91:9c:9a:7b:83:13:f0:
54:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:00:D8:3B:04:96:11:3C:5B:4A:98:4D:7E:BB:F2:BA:8A:AA:38:90
X509v3 Authority Key Identifier:
keyid:A2:9D:97:51:F3:67:5F:51:33:27:34:DA:68:EA:96:02:60:04:5B:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/op2XUfNnX1EzJzTaaOqWAmAEWxI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/0wDYOwSWETxbSphNfrvyuoqqOJA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/op2XUfNnX1EzJzTaaOqWAmAEWxI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.72.16.0-80.72.27.255
95.174.96.0/19
185.9.184.0/22
185.230.240.0/22
IPv6:
2a00:8740::/32
Signature Algorithm: sha256WithRSAEncryption
81:8c:25:e5:e5:40:7c:f7:bc:bf:1f:cb:63:9e:66:63:55:96:
44:2e:c0:bc:0d:9e:26:ea:c7:bc:16:8f:73:d0:0b:67:77:85:
08:f0:74:db:fe:76:3d:11:9e:ef:fe:cf:11:58:51:2d:e7:d4:
d8:be:94:47:b4:7e:3b:74:13:f1:cc:98:ac:d7:82:45:26:f4:
09:b0:0e:f8:6d:da:a3:33:70:64:2b:9c:30:bf:08:27:0e:77:
4e:c4:e7:38:83:de:2e:0f:2e:bb:16:16:c4:9e:60:fa:3c:ae:
1d:9b:d6:a1:e0:5b:64:59:cc:c3:7e:4a:58:51:7b:3b:88:29:
8f:39:c4:03:ee:1c:be:59:77:f2:7d:99:e6:3d:85:02:a6:4c:
c4:02:86:23:b4:d6:24:19:a5:b0:f6:fe:eb:bb:b5:e7:5e:e2:
25:b6:5f:e7:cf:ce:c8:5b:78:f3:cf:7e:e1:cc:b3:90:3e:3a:
a8:8d:12:fd:75:94:af:3f:18:28:9e:69:d5:82:a2:3b:9f:19:
bf:ce:fc:cd:2c:64:40:d6:b9:64:4f:64:48:2c:3e:9c:dc:bd:
09:fd:12:81:fe:46:50:bb:f1:28:f6:5f:58:a7:6b:f9:51:5f:
e9:84:fb:2c:22:aa:6b:99:9f:76:41:d8:48:ab:fa:bb:f1:59:
da:a4:d2:16
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIEDXiN2TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MjlkOTc1MWYzNjc1ZjUxMzMyNzM0ZGE2OGVhOTYwMjYwMDQ1YjEyMB4XDTIyMDEw
MTE0MDIxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDMwMGQ4M2IwNDk2
MTEzYzViNGE5ODRkN2ViYmYyYmE4YWFhMzg5MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANt/hOuYXxIHeica+wgo14Yd8CQ7RlnXJTwkDLIOXXHmmpHh
fk6kqwaA4e4nEhv3sNcC9FK38FCU7u4oxmQeW1ypEt/Zefx2G3QBUV0vHguEDFo7
yqaskWWCIdQ7JAaXcrhiEsnFWsnRDxBLA9SXyJg9ZuVwJ6BYM75xpngjk6PeeHPK
Dg1MF3fzsceQJW1U0NGR6Ue946yl0b/83jypD9QaR2hzwz/Yq+WOuRP5w4uxz9EN
7Mj9DNwiuxAViyX9aBAYogOKK8U7BUYVxW9Ycq5Rz7K8+GQ09qrlLYzM5yW4nSvn
RwZUvPhjAIhN6uvjZMBRQH3zkk+RnJp7gxPwVK8CAwEAAaOCAjIwggIuMB0GA1Ud
DgQWBBTTANg7BJYRPFtKmE1+u/K6iqo4kDAfBgNVHSMEGDAWgBSinZdR82dfUTMn
NNpo6pYCYARbEjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29wMlhVZk5uWDFFekp6VGFhT3FXQW1BRVd4SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGYvZTY0Mzk4LTk2MDEtNGI3Yy1iNzgzLTA3OWJhMDU3MGY3NS8x
LzB3RFlPd1NXRVR4YlNwaE5mcnZ5dW9xcU9KQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGYv
ZTY0Mzk4LTk2MDEtNGI3Yy1iNzgzLTA3OWJhMDU3MGY3NS8xL29wMlhVZk5uWDFF
ekp6VGFhT3FXQW1BRVd4SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBI
BggrBgEFBQcBBwEB/wQ5MDcwJgQCAAEwIDAMAwQEUEgQAwQCUEgYAwQFX65gAwQC
uQm4AwQCuebwMA0EAgACMAcDBQAqAIdAMA0GCSqGSIb3DQEBCwUAA4IBAQCBjCXl
5UB897y/H8tjnmZjVZZELsC8DZ4m6se8Fo9z0Atnd4UI8HTb/nY9EZ7v/s8RWFEt
59TYvpRHtH47dBPxzJis14JFJvQJsA74bdqjM3BkK5wwvwgnDndOxOc4g94uDy67
FhbEnmD6PK4dm9ah4FtkWczDfkpYUXs7iCmPOcQD7hy+WXfyfZnmPYUCpkzEAoYj
tNYkGaWw9v7ru7XnXuIltl/nz87IW3jzz37hzLOQPjqojRL9dZSvPxgonmnVgqI7
nxm/zvzNLGRA1rlkT2RILD6c3L0J/RKB/kZQu/Eo9l9Yp2v5UV/phPssIqprmZ92
QdhIq/q78VnapNIW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:05 2024 by rpki-client on console-fra.rpki-client.org