Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/cad244-3995-4d41-886b-ac463e221974/1/R6LUOpTyS5NTALf-kK95iGO72TE.roa
File: R6LUOpTyS5NTALf-kK95iGO72TE.roa (raw, json)
Hash identifier: bs7Ni04vT4ZtybvrTgYjC9cCYzUwL1pgSrECji745TI=
Subject key identifier: 47:A2:D4:3A:94:F2:4B:93:53:00:B7:FE:90:AF:79:88:63:BB:D9:31
Certificate issuer: /CN=8d7dcb363d9ac34bdc9b6980f2686dd219d50257
Certificate serial: 0A435E06
Authority key identifier: 8D:7D:CB:36:3D:9A:C3:4B:DC:9B:69:80:F2:68:6D:D2:19:D5:02:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jX3LNj2aw0vcm2mA8mht0hnVAlc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/cad244-3995-4d41-886b-ac463e221974/1/R6LUOpTyS5NTALf-kK95iGO72TE.roa
Signing time: Sat 01 Jan 2022 08:03:50 +0000
ROA not before: Sat 01 Jan 2022 08:03:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35189
IP address blocks: 185.81.44.0/22 maxlen: 22
141.255.128.0/21 maxlen: 21
185.198.78.0/23 maxlen: 23
78.24.32.0/21 maxlen: 21
2a01:470::/29 maxlen: 29
2a0a:85c0::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 172187142 (0xa435e06)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d7dcb363d9ac34bdc9b6980f2686dd219d50257
Validity
Not Before: Jan 1 08:03:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=47a2d43a94f24b935300b7fe90af798863bbd931
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:cc:ae:36:51:a3:50:b5:dc:56:94:cc:eb:14:
77:76:43:47:41:49:a3:89:86:9b:d1:19:3f:63:97:
50:61:0f:e7:87:53:18:0b:27:51:df:d7:3a:3d:47:
cc:3a:0c:60:d2:7f:5e:77:4f:d2:4d:c2:5e:fb:b7:
22:54:26:d3:f8:13:6b:87:ae:63:4c:61:2f:8d:a5:
4b:f4:50:54:2f:8e:0f:c1:93:9f:67:d4:aa:53:de:
6f:a0:fc:07:50:8d:bf:3b:93:34:f1:91:16:ff:37:
0c:03:17:b5:a2:55:a6:1d:48:e8:99:28:5f:44:ae:
53:e2:56:ea:db:1c:1b:94:5b:e7:38:68:2b:02:20:
0d:65:7a:c0:3c:70:0c:94:a7:0e:f3:96:b2:e8:23:
63:bc:2e:7e:97:ed:4d:f8:f6:cc:f8:10:a1:cb:6e:
ef:7a:92:5d:e1:55:df:f7:b9:8c:31:a7:74:25:d7:
f7:01:0a:21:67:4b:2d:b1:39:22:ea:93:84:1a:ea:
94:54:33:e7:76:c0:92:19:5e:d0:3b:ba:13:da:db:
c4:31:8e:a9:85:ef:d3:0f:99:cc:cf:df:8a:87:4d:
10:dd:1b:5a:c8:78:d1:7c:19:1f:6f:bf:da:fb:55:
10:91:20:06:a9:4f:06:3a:75:ff:b7:48:62:13:1e:
f1:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:A2:D4:3A:94:F2:4B:93:53:00:B7:FE:90:AF:79:88:63:BB:D9:31
X509v3 Authority Key Identifier:
keyid:8D:7D:CB:36:3D:9A:C3:4B:DC:9B:69:80:F2:68:6D:D2:19:D5:02:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jX3LNj2aw0vcm2mA8mht0hnVAlc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/cad244-3995-4d41-886b-ac463e221974/1/R6LUOpTyS5NTALf-kK95iGO72TE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/cad244-3995-4d41-886b-ac463e221974/1/jX3LNj2aw0vcm2mA8mht0hnVAlc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.24.32.0/21
141.255.128.0/21
185.81.44.0/22
185.198.78.0/23
IPv6:
2a01:470::/29
2a0a:85c0::/29
Signature Algorithm: sha256WithRSAEncryption
00:cd:c7:af:ad:0e:e3:16:9a:ca:6d:06:e6:71:25:f2:f7:75:
d9:fe:6f:a2:62:b6:f5:ad:ae:cb:b1:32:87:b1:1c:a6:01:db:
d7:d9:82:e7:30:a1:17:cf:2b:2e:62:87:5f:00:58:52:b7:05:
a3:f5:73:5c:1e:73:f8:68:29:88:30:ee:bb:71:44:0c:38:c5:
e8:bf:e3:d0:c4:ef:49:c2:bd:a0:67:d7:15:b8:b5:0e:b9:34:
8a:de:e3:63:77:6c:91:e4:c1:e3:19:34:10:3a:42:98:7c:b8:
cc:10:9f:f7:6a:8e:19:a9:d5:62:db:95:db:cd:53:4c:b3:3b:
30:36:e3:cd:39:9a:50:42:55:31:f2:0c:1f:b5:ca:94:de:62:
00:46:2d:32:a1:31:77:a1:43:3b:31:2d:16:15:f9:20:8f:8d:
ab:27:5f:f6:fd:9c:16:cf:7c:4a:5e:be:dd:10:47:9c:90:35:
ea:12:3b:15:7c:34:80:2f:37:dd:42:9d:15:4a:23:f6:f2:df:
7f:07:0c:e3:de:d8:ae:38:2a:73:30:68:96:ad:8b:e2:9e:86:
c5:b1:e1:b2:d1:88:fa:01:c8:0b:82:4b:5a:0e:f6:61:97:28:
38:50:6a:13:bd:15:82:ad:ca:8e:13:7a:30:5d:9a:43:61:8b:
12:d3:88:48
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIECkNeBjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZDdkY2IzNjNkOWFjMzRiZGM5YjY5ODBmMjY4NmRkMjE5ZDUwMjU3MB4XDTIyMDEw
MTA4MDM1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDdhMmQ0M2E5NGYy
NGI5MzUzMDBiN2ZlOTBhZjc5ODg2M2JiZDkzMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALTMrjZRo1C13FaUzOsUd3ZDR0FJo4mGm9EZP2OXUGEP54dT
GAsnUd/XOj1HzDoMYNJ/XndP0k3CXvu3IlQm0/gTa4euY0xhL42lS/RQVC+OD8GT
n2fUqlPeb6D8B1CNvzuTNPGRFv83DAMXtaJVph1I6JkoX0SuU+JW6tscG5Rb5zho
KwIgDWV6wDxwDJSnDvOWsugjY7wufpftTfj2zPgQoctu73qSXeFV3/e5jDGndCXX
9wEKIWdLLbE5IuqThBrqlFQz53bAkhle0Du6E9rbxDGOqYXv0w+ZzM/fiodNEN0b
Wsh40XwZH2+/2vtVEJEgBqlPBjp1/7dIYhMe8UcCAwEAAaOCAjEwggItMB0GA1Ud
DgQWBBRHotQ6lPJLk1MAt/6Qr3mIY7vZMTAfBgNVHSMEGDAWgBSNfcs2PZrDS9yb
aYDyaG3SGdUCVzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pYM0xOajJhdzB2Y20ybUE4bWh0MGhuVkFsYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTYvY2FkMjQ0LTM5OTUtNGQ0MS04ODZiLWFjNDYzZTIyMTk3NC8x
L1I2TFVPcFR5UzVOVEFMZi1rSzk1aUdPNzJURS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTYv
Y2FkMjQ0LTM5OTUtNGQ0MS04ODZiLWFjNDYzZTIyMTk3NC8xL2pYM0xOajJhdzB2
Y20ybUE4bWh0MGhuVkFsYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBH
BggrBgEFBQcBBwEB/wQ4MDYwHgQCAAEwGAMEA04YIAMEA43/gAMEArlRLAMEAbnG
TjAUBAIAAjAOAwUDKgEEcAMFAyoKhcAwDQYJKoZIhvcNAQELBQADggEBAADNx6+t
DuMWmsptBuZxJfL3ddn+b6JitvWtrsuxMoexHKYB29fZgucwoRfPKy5ih18AWFK3
BaP1c1wec/hoKYgw7rtxRAw4xei/49DE70nCvaBn1xW4tQ65NIre42N3bJHkweMZ
NBA6Qph8uMwQn/dqjhmp1WLbldvNU0yzOzA24805mlBCVTHyDB+1ypTeYgBGLTKh
MXehQzsxLRYV+SCPjasnX/b9nBbPfEpevt0QR5yQNeoSOxV8NIAvN91CnRVKI/by
338HDOPe2K44KnMwaJati+KehsWx4bLRiPoByAuCS1oO9mGXKDhQahO9FYKtyo4T
ejBdmkNhixLTiEg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:56 2024 by rpki-client on console-fra.rpki-client.org