Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/54a65b-cf0b-498f-80d4-bc584b36cbef/1/4qwegF3_QI8i2yCWXG381swDbHo.roa
File: 4qwegF3_QI8i2yCWXG381swDbHo.roa (raw, json)
Hash identifier: n3/5NonpDyiFUfuzRDeNVmrWvdFrxGPMVkDZ10O+AIo=
Subject key identifier: E2:AC:1E:80:5D:FF:40:8F:22:DB:20:96:5C:6D:FC:D6:CC:03:6C:7A
Certificate issuer: /CN=79e24b47f8943cad6e04c9f646cb1077c140fdfb
Certificate serial: 018D1C2483C923A8C93F7F016CFEDEBDE603
Authority key identifier: 79:E2:4B:47:F8:94:3C:AD:6E:04:C9:F6:46:CB:10:77:C1:40:FD:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eeJLR_iUPK1uBMn2RssQd8FA_fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/54a65b-cf0b-498f-80d4-bc584b36cbef/1/4qwegF3_QI8i2yCWXG381swDbHo.roa
Signing time: Thu 18 Jan 2024 10:36:11 +0000
ROA not before: Thu 18 Jan 2024 10:36:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42532
IP address blocks: 77.73.64.0/23 maxlen: 23
77.73.71.0/24 maxlen: 24
91.197.0.0/22 maxlen: 22
185.145.245.0/24 maxlen: 24
185.155.119.0/24 maxlen: 24
185.242.104.0/22 maxlen: 22
185.242.106.0/23 maxlen: 23
212.6.44.0/24 maxlen: 24
2a0c:16c0::/32 maxlen: 32
2a0c:16c1::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1c:24:83:c9:23:a8:c9:3f:7f:01:6c:fe:de:bd:e6:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79e24b47f8943cad6e04c9f646cb1077c140fdfb
Validity
Not Before: Jan 18 10:36:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2ac1e805dff408f22db20965c6dfcd6cc036c7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:34:e3:81:29:ab:9d:6a:52:bf:54:1c:69:3d:
f5:3c:40:5d:89:c5:01:5c:cb:97:31:f7:c1:bb:cb:
5a:bc:b3:10:37:5a:f5:ef:5a:15:64:cd:e7:fd:c5:
b8:a7:b3:b4:b2:79:5f:e8:6f:0f:6b:13:d5:83:77:
6e:82:34:ac:a8:f1:07:53:af:58:6a:bf:00:be:a3:
b5:bd:fb:46:ed:4c:b4:f6:a7:ba:54:e6:08:10:2b:
9e:6d:fc:14:5e:08:7d:c2:ed:cb:8b:37:91:fb:06:
ea:45:46:b7:e2:92:33:b8:06:e3:b2:43:62:09:55:
25:16:60:f4:f1:b8:c9:f3:ae:52:52:0e:21:a5:df:
b6:87:16:68:97:6a:fe:43:0d:4a:d5:4a:be:cb:4a:
63:07:bd:0c:48:86:03:2b:be:45:52:4d:cf:33:3c:
a1:47:d9:98:d2:0f:7f:0a:56:48:48:aa:85:8b:3c:
e0:2b:ec:56:3b:58:1e:02:17:a4:05:f3:6d:f2:43:
46:ef:b2:4d:d8:ee:58:1c:45:11:a8:b9:65:96:25:
97:02:83:c0:40:ee:1b:30:16:65:eb:c7:6f:cd:e7:
b6:60:c8:f7:07:80:7b:f9:7d:ce:46:50:6f:93:7e:
a8:69:f1:6f:0d:51:82:ce:98:74:2c:cc:a9:8b:7c:
ba:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:AC:1E:80:5D:FF:40:8F:22:DB:20:96:5C:6D:FC:D6:CC:03:6C:7A
X509v3 Authority Key Identifier:
keyid:79:E2:4B:47:F8:94:3C:AD:6E:04:C9:F6:46:CB:10:77:C1:40:FD:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eeJLR_iUPK1uBMn2RssQd8FA_fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/54a65b-cf0b-498f-80d4-bc584b36cbef/1/4qwegF3_QI8i2yCWXG381swDbHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/54a65b-cf0b-498f-80d4-bc584b36cbef/1/eeJLR_iUPK1uBMn2RssQd8FA_fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.73.64.0/23
77.73.71.0/24
91.197.0.0/22
185.145.245.0/24
185.155.119.0/24
185.242.104.0/22
212.6.44.0/24
IPv6:
2a0c:16c0::/31
Signature Algorithm: sha256WithRSAEncryption
0f:2c:b0:ba:0d:cb:68:04:18:42:22:81:6f:55:d5:57:8b:fc:
16:cf:7b:c2:e0:88:9f:89:2a:37:0b:f0:65:01:a5:0f:62:6f:
9d:48:ba:31:45:cc:24:bb:fa:a5:8e:17:e1:93:4f:e3:aa:75:
e3:05:b4:5c:8e:df:6f:66:90:dd:ad:96:7e:e3:71:58:43:d1:
e5:64:77:15:a3:69:8c:fd:8b:c7:7a:1b:50:b8:70:d2:99:cd:
24:76:9a:a8:02:ae:8a:ab:b6:d7:42:30:70:be:c3:10:c8:89:
df:3b:51:e2:a7:40:33:d2:9d:d6:38:d4:a7:39:bb:e3:e2:f8:
ca:43:e2:2d:8a:8d:e3:6e:39:3d:4b:c8:e7:35:7f:4c:b6:aa:
b5:f0:9d:05:4b:98:21:ea:67:9b:e1:6f:d3:6a:07:0b:f8:68:
da:60:0d:3a:5e:5a:51:a6:c6:e0:18:d9:a0:c5:05:ff:36:de:
37:72:a5:f9:ae:04:5b:74:b8:49:31:19:d4:b8:ba:3d:4e:4b:
43:8b:ea:1c:97:0c:fd:1e:07:8a:dc:d4:e9:bb:8f:57:08:24:
68:df:a6:a8:b8:34:03:7b:09:42:35:9e:06:ac:0d:af:cd:c2:
34:95:ec:d3:84:08:6b:20:12:b3:1f:53:bc:77:9c:07:9b:dc:
50:5b:30:79
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAY0cJIPJI6jJP38BbP7eveYDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5ZTI0YjQ3Zjg5NDNjYWQ2ZTA0YzlmNjQ2Y2IxMDc3YzE0
MGZkZmIwHhcNMjQwMTE4MTAzNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmFjMWU4MDVkZmY0MDhmMjJkYjIwOTY1YzZkZmNkNmNjMDM2YzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzTjgSmrnWpSv1QcaT31PEBdicUB
XMuXMffBu8tavLMQN1r171oVZM3n/cW4p7O0snlf6G8PaxPVg3dugjSsqPEHU69Y
ar8AvqO1vftG7Uy09qe6VOYIECuebfwUXgh9wu3LizeR+wbqRUa34pIzuAbjskNi
CVUlFmD08bjJ865SUg4hpd+2hxZol2r+Qw1K1Uq+y0pjB70MSIYDK75FUk3PMzyh
R9mY0g9/ClZISKqFizzgK+xWO1geAhekBfNt8kNG77JN2O5YHEURqLllliWXAoPA
QO4bMBZl68dvzee2YMj3B4B7+X3ORlBvk36oafFvDVGCzph0LMypi3y65QIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFOKsHoBd/0CPItsgllxt/NbMA2x6MB8GA1UdIwQY
MBaAFHniS0f4lDytbgTJ9kbLEHfBQP37MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWVKTFJfaVVQSzF1Qk1uMlJzc1FkOEZBX2ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi81NGE2NWItY2YwYi00OThmLTgwZDQt
YmM1ODRiMzZjYmVmLzEvNHF3ZWdGM19RSThpMnlDV1hHMzgxc3dEYkhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi81NGE2NWItY2YwYi00OThmLTgwZDQtYmM1ODRiMzZjYmVm
LzEvZWVKTFJfaVVQSzF1Qk1uMlJzc1FkOEZBX2ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQBTUlAAwQA
TUlHAwQCW8UAAwQAuZH1AwQAuZt3AwQCufJoAwQA1AYsMA0EAgACMAcDBQEqDBbA
MA0GCSqGSIb3DQEBCwUAA4IBAQAPLLC6DctoBBhCIoFvVdVXi/wWz3vC4IifiSo3
C/BlAaUPYm+dSLoxRcwku/qljhfhk0/jqnXjBbRcjt9vZpDdrZZ+43FYQ9HlZHcV
o2mM/YvHehtQuHDSmc0kdpqoAq6Kq7bXQjBwvsMQyInfO1Hip0Az0p3WONSnObvj
4vjKQ+Itio3jbjk9S8jnNX9Mtqq18J0FS5gh6meb4W/TagcL+GjaYA06XlpRpsbg
GNmgxQX/Nt43cqX5rgRbdLhJMRnUuLo9TktDi+oclwz9HgeK3NTpu49XCCRo36ao
uDQDewlCNZ4GrA2vzcI0lezThAhrIBKzH1O8d5wHm9xQWzB5
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:24:53 2025 by rpki-client