Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/61ec7d-8df6-4ffe-b637-5b09a6743375/1/pI2vdKsmGFyCGkAQZmd3kua0D-Q.roa
File: pI2vdKsmGFyCGkAQZmd3kua0D-Q.roa (raw, json)
Hash identifier: Py+UJqILgWqq+/Eszuahn6Zl9UJCimB1M9rRdRTwp8Y=
Subject key identifier: A4:8D:AF:74:AB:26:18:5C:82:1A:40:10:66:67:77:92:E6:B4:0F:E4
Certificate issuer: /CN=ff3ed3d4d47b8e825fbfd079482f7a0c21dc91ef
Certificate serial: 0B21036D
Authority key identifier: FF:3E:D3:D4:D4:7B:8E:82:5F:BF:D0:79:48:2F:7A:0C:21:DC:91:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_z7T1NR7joJfv9B5SC96DCHcke8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/61ec7d-8df6-4ffe-b637-5b09a6743375/1/pI2vdKsmGFyCGkAQZmd3kua0D-Q.roa
Signing time: Fri 18 Mar 2022 10:10:53 +0000
ROA not before: Fri 18 Mar 2022 10:10:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39724
IP address blocks: 85.222.168.0/21 maxlen: 24
185.55.157.0/24 maxlen: 24
185.55.158.0/24 maxlen: 24
185.55.158.0/23 maxlen: 23
185.55.156.0/23 maxlen: 23
185.55.156.0/24 maxlen: 24
185.55.156.0/22 maxlen: 22
185.55.159.0/24 maxlen: 24
77.247.101.0/24 maxlen: 24
77.247.102.0/24 maxlen: 24
77.247.102.0/23 maxlen: 23
77.247.100.0/22 maxlen: 22
77.247.100.0/23 maxlen: 23
77.247.100.0/24 maxlen: 24
77.247.103.0/24 maxlen: 24
2a0d:a6c2::/32 maxlen: 32
2a0d:a6c6::/32 maxlen: 32
2a0d:a6c7::/32 maxlen: 32
2a0d:a6c1::/32 maxlen: 32
2a0d:a6c4::/32 maxlen: 32
2a0d:a6c0::/32 maxlen: 32
2a0d:a6c5::/32 maxlen: 32
2a0d:a6c3::/32 maxlen: 32
2a0d:a6c0::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 186712941 (0xb21036d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff3ed3d4d47b8e825fbfd079482f7a0c21dc91ef
Validity
Not Before: Mar 18 10:10:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a48daf74ab26185c821a401066677792e6b40fe4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:2f:4b:f4:df:43:8b:67:6f:be:b4:83:c8:2a:
c7:c8:6f:1c:1d:69:b3:34:cc:13:00:f9:bc:2c:da:
05:0b:be:ad:86:d2:dd:f8:5f:05:79:33:ff:42:1e:
12:4a:99:50:38:3f:04:f8:d0:64:bc:6f:d9:d8:74:
0b:af:e2:18:2b:79:9a:db:b1:b2:8f:2e:6e:66:94:
08:19:c5:b4:1d:15:c6:20:46:60:f2:cb:cd:2b:8c:
71:50:f6:7e:e5:1f:29:a0:f4:51:d1:d3:03:89:83:
22:0c:a0:2a:87:6a:d0:d8:27:d9:5b:e4:1b:98:92:
5f:a7:40:cb:72:2f:bd:d9:ca:69:98:d5:73:67:ec:
91:28:17:49:36:53:05:c4:fd:02:36:c9:27:6a:29:
c0:bc:b8:3c:2c:15:2d:8f:7a:89:96:35:7a:6f:cb:
a1:84:39:67:5c:b7:6d:db:38:1d:d3:44:77:09:c0:
6a:bc:81:8e:07:71:db:0e:c3:97:03:5d:8f:15:8f:
81:9c:fd:c6:a8:e8:21:02:ce:e1:24:79:5f:a3:ad:
b3:2d:0a:ab:4c:1c:b3:52:84:19:23:18:af:98:f0:
6d:cb:2f:b3:a0:c7:21:92:d1:aa:b7:6a:e2:0e:3a:
85:7d:3c:6d:ec:23:65:30:ec:51:a6:16:25:18:c7:
cb:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:8D:AF:74:AB:26:18:5C:82:1A:40:10:66:67:77:92:E6:B4:0F:E4
X509v3 Authority Key Identifier:
keyid:FF:3E:D3:D4:D4:7B:8E:82:5F:BF:D0:79:48:2F:7A:0C:21:DC:91:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_z7T1NR7joJfv9B5SC96DCHcke8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/61ec7d-8df6-4ffe-b637-5b09a6743375/1/pI2vdKsmGFyCGkAQZmd3kua0D-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/61ec7d-8df6-4ffe-b637-5b09a6743375/1/_z7T1NR7joJfv9B5SC96DCHcke8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.247.100.0/22
85.222.168.0/21
185.55.156.0/22
IPv6:
2a0d:a6c0::/29
Signature Algorithm: sha256WithRSAEncryption
3a:f5:88:fe:f3:5f:72:db:f9:59:1b:bf:29:8e:13:ca:00:4e:
84:47:52:b3:27:4a:24:9d:b9:5e:70:b9:d3:55:de:fa:5e:a3:
40:55:38:20:f7:88:2d:15:98:e5:58:7e:af:9d:e2:32:ba:97:
f4:54:ad:51:4e:ad:46:e7:5b:6e:8f:b7:04:b2:96:05:ca:3d:
d9:89:e9:f0:1b:1f:f9:b3:48:bb:69:cb:b7:1c:8f:d8:52:29:
ba:2b:18:56:96:db:c6:b0:2e:ad:af:dd:5b:db:1d:fb:07:d2:
ce:a6:6f:d5:8b:0e:31:d2:fd:c5:74:69:ee:58:5e:97:02:a7:
8d:1c:ad:0c:0d:8e:61:05:b4:c3:1c:f5:e5:a8:81:91:0f:c2:
2c:07:d7:5e:8b:54:55:7e:33:59:ad:d7:40:df:4e:6c:c3:9b:
68:59:ae:bc:34:9b:53:0a:d6:6e:b5:f3:9c:0b:d8:bb:75:12:
1d:1b:d7:ce:55:3a:ed:10:4d:52:18:c8:e0:b6:9e:8b:fd:31:
bc:f0:7c:cd:82:f3:5e:d8:15:3c:d8:f6:ae:18:ae:8f:e4:a8:
9b:8d:94:78:57:72:11:b0:c3:31:c7:b4:99:f0:5a:bf:88:87:
9f:41:65:14:a3:03:b3:91:b5:f1:cf:5c:dd:94:15:96:87:8c:
43:99:42:b4
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIECyEDbTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZjNlZDNkNGQ0N2I4ZTgyNWZiZmQwNzk0ODJmN2EwYzIxZGM5MWVmMB4XDTIyMDMx
ODEwMTA1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTQ4ZGFmNzRhYjI2
MTg1YzgyMWE0MDEwNjY2Nzc3OTJlNmI0MGZlNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANgvS/TfQ4tnb760g8gqx8hvHB1pszTMEwD5vCzaBQu+rYbS
3fhfBXkz/0IeEkqZUDg/BPjQZLxv2dh0C6/iGCt5mtuxso8ubmaUCBnFtB0VxiBG
YPLLzSuMcVD2fuUfKaD0UdHTA4mDIgygKodq0Ngn2VvkG5iSX6dAy3IvvdnKaZjV
c2fskSgXSTZTBcT9AjbJJ2opwLy4PCwVLY96iZY1em/LoYQ5Z1y3bds4HdNEdwnA
aryBjgdx2w7DlwNdjxWPgZz9xqjoIQLO4SR5X6Otsy0Kq0wcs1KEGSMYr5jwbcsv
s6DHIZLRqrdq4g46hX08bewjZTDsUaYWJRjHy/sCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBSkja90qyYYXIIaQBBmZ3eS5rQP5DAfBgNVHSMEGDAWgBT/PtPU1HuOgl+/
0HlIL3oMIdyR7zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L196N1QxTlI3am9KZnY5QjVTQzk2RENIY2tlOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTUvNjFlYzdkLThkZjYtNGZmZS1iNjM3LTViMDlhNjc0MzM3NS8x
L3BJMnZkS3NtR0Z5Q0drQVFabWQza3VhMEQtUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTUv
NjFlYzdkLThkZjYtNGZmZS1iNjM3LTViMDlhNjc0MzM3NS8xL196N1QxTlI3am9K
ZnY5QjVTQzk2RENIY2tlOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAk33ZAMEA1XeqAMEArk3nDANBAIA
AjAHAwUDKg2mwDANBgkqhkiG9w0BAQsFAAOCAQEAOvWI/vNfctv5WRu/KY4TygBO
hEdSsydKJJ25XnC501Xe+l6jQFU4IPeILRWY5Vh+r53iMrqX9FStUU6tRudbbo+3
BLKWBco92Ynp8Bsf+bNIu2nLtxyP2FIpuisYVpbbxrAura/dW9sd+wfSzqZv1YsO
MdL9xXRp7lhelwKnjRytDA2OYQW0wxz15aiBkQ/CLAfXXotUVX4zWa3XQN9ObMOb
aFmuvDSbUwrWbrXznAvYu3USHRvXzlU67RBNUhjI4Laei/0xvPB8zYLzXtgVPNj2
rhiuj+Som42UeFdyEbDDMce0mfBav4iHn0FlFKMDs5G18c9c3ZQVloeMQ5lCtA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:32 2025 by rpki-client