Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/61ec7d-8df6-4ffe-b637-5b09a6743375/1/AsVcBSHHGoAyhDuS_08WZigvSQA.roa
File: AsVcBSHHGoAyhDuS_08WZigvSQA.roa (raw, json)
Hash identifier: UZNjfcJmiLa68B9ToT6TjP1oLqeI0OtSJQgRNaYv6/4=
Subject key identifier: 02:C5:5C:05:21:C7:1A:80:32:84:3B:92:FF:4F:16:66:28:2F:49:00
Certificate issuer: /CN=ff3ed3d4d47b8e825fbfd079482f7a0c21dc91ef
Certificate serial: 0189D427173CC8205F6B8F577D12CBC9C65F
Authority key identifier: FF:3E:D3:D4:D4:7B:8E:82:5F:BF:D0:79:48:2F:7A:0C:21:DC:91:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_z7T1NR7joJfv9B5SC96DCHcke8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/61ec7d-8df6-4ffe-b637-5b09a6743375/1/AsVcBSHHGoAyhDuS_08WZigvSQA.roa
Signing time: Tue 08 Aug 2023 07:57:58 +0000
ROA not before: Tue 08 Aug 2023 07:57:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39724
IP address blocks: 85.222.172.0/22 maxlen: 24
185.55.157.0/24 maxlen: 24
185.55.158.0/24 maxlen: 24
185.55.158.0/23 maxlen: 23
185.55.156.0/23 maxlen: 23
185.55.156.0/24 maxlen: 24
185.55.156.0/22 maxlen: 22
185.55.159.0/24 maxlen: 24
77.247.101.0/24 maxlen: 24
77.247.102.0/24 maxlen: 24
77.247.102.0/23 maxlen: 23
77.247.100.0/22 maxlen: 22
77.247.100.0/23 maxlen: 23
77.247.100.0/24 maxlen: 24
77.247.103.0/24 maxlen: 24
2a0d:a6c2::/32 maxlen: 32
2a0d:a6c6::/32 maxlen: 32
2a0d:a6c7::/32 maxlen: 32
2a0d:a6c1::/32 maxlen: 32
2a0d:a6c4::/32 maxlen: 32
2a0d:a6c0::/32 maxlen: 32
2a0d:a6c5::/32 maxlen: 32
2a0d:a6c3::/32 maxlen: 32
2a0d:a6c0::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d4:27:17:3c:c8:20:5f:6b:8f:57:7d:12:cb:c9:c6:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff3ed3d4d47b8e825fbfd079482f7a0c21dc91ef
Validity
Not Before: Aug 8 07:57:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=02c55c0521c71a8032843b92ff4f1666282f4900
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:63:4e:28:56:96:2f:6c:d8:e2:f0:8c:5e:cb:
c6:58:f2:b7:b7:16:08:81:25:9b:27:02:54:22:18:
10:64:d4:d0:1e:b3:41:6a:e8:6f:6c:63:20:03:77:
a9:ad:10:52:64:06:50:37:9b:b6:d6:a9:8a:2d:2f:
4c:83:a6:f4:7c:b0:d9:0c:37:33:c9:74:f2:e3:a2:
92:7e:43:0e:f3:a5:85:71:c4:cb:6f:55:22:7a:25:
8d:99:a2:c9:9f:da:21:59:63:a3:a5:36:16:38:2c:
f1:41:99:bf:bf:6a:59:d5:b3:59:7d:5b:a9:4c:56:
ac:d8:1e:b8:e6:4d:54:e2:ee:ec:9e:46:03:1f:79:
00:57:57:0e:a8:7a:f3:ae:f3:0b:e3:5f:d7:a4:80:
dd:0c:6c:ec:bd:3f:58:62:78:67:f0:e7:e0:b5:02:
ce:96:1f:b9:c0:84:5e:74:29:c4:37:6e:36:89:c3:
ac:69:99:a2:bc:38:00:9a:9b:f7:ac:a2:7c:8f:4a:
08:a0:2a:9f:b3:de:c5:f0:86:68:fa:ce:ff:74:12:
a3:54:af:00:29:5c:fc:52:f4:89:d5:fe:f9:94:4e:
8d:a0:01:ab:dd:2f:50:94:e0:24:c0:36:48:54:a1:
24:ff:c2:2a:f1:b7:e1:72:00:91:d4:97:6d:b0:2f:
65:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:C5:5C:05:21:C7:1A:80:32:84:3B:92:FF:4F:16:66:28:2F:49:00
X509v3 Authority Key Identifier:
keyid:FF:3E:D3:D4:D4:7B:8E:82:5F:BF:D0:79:48:2F:7A:0C:21:DC:91:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_z7T1NR7joJfv9B5SC96DCHcke8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/61ec7d-8df6-4ffe-b637-5b09a6743375/1/AsVcBSHHGoAyhDuS_08WZigvSQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/61ec7d-8df6-4ffe-b637-5b09a6743375/1/_z7T1NR7joJfv9B5SC96DCHcke8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.247.100.0/22
85.222.172.0/22
185.55.156.0/22
IPv6:
2a0d:a6c0::/29
Signature Algorithm: sha256WithRSAEncryption
50:c2:b1:e8:49:cc:e8:e9:d4:60:ff:70:54:76:f1:1c:6e:be:
b9:37:65:c6:88:b3:ed:7c:f1:de:6a:bf:02:c6:01:97:9d:76:
7e:3c:3f:04:12:5c:f0:4a:70:06:2d:58:5a:ff:c3:f4:83:52:
54:ac:ce:76:4c:65:d5:6b:33:e8:4a:62:ea:8a:35:18:fd:79:
bd:4c:00:0f:b0:0f:69:f5:2f:c1:fd:39:4b:df:83:62:32:9f:
82:fc:c7:7a:a0:ac:33:6b:51:e1:eb:69:ac:41:26:fd:98:f4:
1f:58:a0:33:47:4b:33:a3:ed:3d:16:4c:be:f2:99:71:e8:b8:
1b:86:43:2e:f1:eb:ef:dd:ce:31:e1:b7:02:4b:8d:47:8e:d6:
28:a1:11:ac:f8:4b:9e:c9:9a:47:67:52:4f:d6:85:aa:1c:57:
41:80:0a:6f:cc:d0:68:d7:de:6c:c8:02:3f:1d:09:79:cb:f8:
39:e4:10:1e:c2:bd:60:39:22:7c:c6:d4:63:04:b2:d4:62:6d:
7a:c2:1c:e2:6f:92:18:05:29:65:56:ba:55:af:a5:3b:6e:ef:
51:c7:0f:a5:53:f4:01:25:a9:c6:9a:f1:f4:d7:46:95:a1:24:
ac:20:7c:44:ed:39:29:9e:a2:d6:5e:12:48:b8:c6:cd:6c:df:
d0:e1:d3:ca
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYnUJxc8yCBfa49XfRLLycZfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmM2VkM2Q0ZDQ3YjhlODI1ZmJmZDA3OTQ4MmY3YTBjMjFk
YzkxZWYwHhcNMjMwODA4MDc1NzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmM1NWMwNTIxYzcxYTgwMzI4NDNiOTJmZjRmMTY2NjI4MmY0OTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2NOKFaWL2zY4vCMXsvGWPK3txYI
gSWbJwJUIhgQZNTQHrNBauhvbGMgA3eprRBSZAZQN5u21qmKLS9Mg6b0fLDZDDcz
yXTy46KSfkMO86WFccTLb1UieiWNmaLJn9ohWWOjpTYWOCzxQZm/v2pZ1bNZfVup
TFas2B645k1U4u7snkYDH3kAV1cOqHrzrvML41/XpIDdDGzsvT9YYnhn8OfgtQLO
lh+5wIRedCnEN242icOsaZmivDgAmpv3rKJ8j0oIoCqfs97F8IZo+s7/dBKjVK8A
KVz8UvSJ1f75lE6NoAGr3S9QlOAkwDZIVKEk/8Iq8bfhcgCR1JdtsC9lzQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFALFXAUhxxqAMoQ7kv9PFmYoL0kAMB8GA1UdIwQY
MBaAFP8+09TUe46CX7/QeUgvegwh3JHvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3o3VDFOUjdqb0pmdjlCNVNDOTZEQ0hja2U4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS82MWVjN2QtOGRmNi00ZmZlLWI2Mzct
NWIwOWE2NzQzMzc1LzEvQXNWY0JTSEhHb0F5aER1U18wOFdaaWd2U1FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS82MWVjN2QtOGRmNi00ZmZlLWI2MzctNWIwOWE2NzQzMzc1
LzEvX3o3VDFOUjdqb0pmdjlCNVNDOTZEQ0hja2U4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCTfdkAwQC
Vd6sAwQCuTecMA0EAgACMAcDBQMqDabAMA0GCSqGSIb3DQEBCwUAA4IBAQBQwrHo
Sczo6dRg/3BUdvEcbr65N2XGiLPtfPHear8CxgGXnXZ+PD8EElzwSnAGLVha/8P0
g1JUrM52TGXVazPoSmLqijUY/Xm9TAAPsA9p9S/B/TlL34NiMp+C/Md6oKwza1Hh
62msQSb9mPQfWKAzR0szo+09Fky+8plx6LgbhkMu8evv3c4x4bcCS41HjtYooRGs
+EueyZpHZ1JP1oWqHFdBgApvzNBo195syAI/HQl5y/g55BAewr1gOSJ8xtRjBLLU
Ym16whzib5IYBSllVrpVr6U7bu9Rxw+lU/QBJanGmvH010aVoSSsIHxE7TkpnqLW
XhJIuMbNbN/Q4dPK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:26 2024 by rpki-client on console-fra.rpki-client.org