Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/a9c0b7-a23a-458f-8f64-ba37511404c2/1/IyYQjxlz9CgnFTVphggbjLlX7So.roa
File: IyYQjxlz9CgnFTVphggbjLlX7So.roa (raw, json)
Hash identifier: sVMTLEfAqszieSN9puap5eG/bSXUPXH2nHwUDJZXwBA=
Subject key identifier: 23:26:10:8F:19:73:F4:28:27:15:35:69:86:08:1B:8C:B9:57:ED:2A
Certificate issuer: /CN=c592786ced6ce597585468bb4f36b31cf6acec6e
Certificate serial: 018ADAF078275C10DF6898A8DA32EAB6808E
Authority key identifier: C5:92:78:6C:ED:6C:E5:97:58:54:68:BB:4F:36:B3:1C:F6:AC:EC:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xZJ4bO1s5ZdYVGi7TzazHPas7G4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/a9c0b7-a23a-458f-8f64-ba37511404c2/1/IyYQjxlz9CgnFTVphggbjLlX7So.roa
Signing time: Thu 28 Sep 2023 08:38:27 +0000
ROA not before: Thu 28 Sep 2023 08:38:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7155
IP address blocks: 81.88.69.0/24 maxlen: 24
81.88.70.0/24 maxlen: 24
81.88.67.0/24 maxlen: 24
81.88.68.0/23 maxlen: 23
81.88.68.0/24 maxlen: 24
81.88.76.0/24 maxlen: 24
81.88.78.0/24 maxlen: 24
81.88.73.0/24 maxlen: 24
81.88.74.0/23 maxlen: 23
81.88.79.0/24 maxlen: 24
185.77.117.0/24 maxlen: 24
185.77.116.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:da:f0:78:27:5c:10:df:68:98:a8:da:32:ea:b6:80:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c592786ced6ce597585468bb4f36b31cf6acec6e
Validity
Not Before: Sep 28 08:38:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2326108f1973f4282715356986081b8cb957ed2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:73:c2:21:29:e8:77:0f:2b:fd:00:e1:8e:07:
ad:a1:0f:87:8d:43:bd:d4:ed:13:99:17:10:ee:70:
f4:7e:e1:75:d8:50:25:ca:7d:83:34:ef:41:43:8f:
30:a1:ec:d8:66:57:3b:05:57:49:36:36:fb:c9:c0:
49:49:60:55:c1:c2:2e:b7:6e:d1:ee:b1:1d:1d:5a:
97:90:b7:9e:fe:c9:40:06:49:dc:fe:c8:97:3f:29:
10:d9:83:c1:3c:59:a7:f8:cc:6a:f5:60:43:4f:ac:
d9:9e:15:c9:56:5f:98:c1:d5:9e:3b:03:ff:09:ec:
b8:96:5d:79:5e:fc:e8:75:70:3c:55:85:8d:4a:fa:
fe:b5:ca:8b:4d:60:1e:a5:4f:9e:65:27:07:01:3a:
dc:c4:0c:57:8a:11:38:b4:d8:e3:db:e8:65:89:9a:
35:dc:3b:ca:8b:aa:63:7d:9e:b9:06:8b:25:33:20:
26:38:2c:63:e6:fb:e9:5d:6a:a4:35:a9:1e:e7:f1:
30:cc:e0:c9:2b:d1:fe:95:44:ca:bb:8a:89:3e:2c:
a6:49:a0:17:75:75:37:1b:84:f9:f9:e0:f2:61:74:
fc:5b:c9:88:8b:41:65:df:5d:78:00:4e:7d:94:2e:
3c:64:94:8e:26:c6:4c:a1:1a:8f:9e:a8:85:b1:38:
f9:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:26:10:8F:19:73:F4:28:27:15:35:69:86:08:1B:8C:B9:57:ED:2A
X509v3 Authority Key Identifier:
keyid:C5:92:78:6C:ED:6C:E5:97:58:54:68:BB:4F:36:B3:1C:F6:AC:EC:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xZJ4bO1s5ZdYVGi7TzazHPas7G4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/a9c0b7-a23a-458f-8f64-ba37511404c2/1/IyYQjxlz9CgnFTVphggbjLlX7So.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/a9c0b7-a23a-458f-8f64-ba37511404c2/1/xZJ4bO1s5ZdYVGi7TzazHPas7G4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.88.67.0-81.88.70.255
81.88.73.0-81.88.76.255
81.88.78.0/23
185.77.116.0/23
Signature Algorithm: sha256WithRSAEncryption
37:e7:00:7d:cb:a8:6c:6f:7a:d3:4e:6e:f4:50:8b:23:ee:c9:
3e:f3:9d:bb:d3:de:bc:89:cf:a3:e6:12:33:a0:b6:25:ca:0a:
e2:e1:2d:c8:71:66:81:04:25:a5:c4:6e:96:00:bc:53:e8:98:
2b:84:53:39:d8:73:1e:70:03:1a:ae:2c:02:e1:4e:84:7c:ef:
02:5b:f6:7e:4f:46:a1:a2:22:f9:a0:98:42:03:c7:aa:b1:5f:
42:ee:65:1b:dc:ad:dc:14:93:39:66:40:3b:0c:dd:8f:b3:85:
b2:3b:c6:4d:6d:78:2c:a1:e3:48:81:f5:81:51:25:fc:0a:bc:
a9:8e:1b:57:a4:ee:ac:e0:05:e4:38:4b:72:8e:82:93:74:61:
5c:c1:05:31:14:60:6c:40:a4:99:68:52:c2:91:ab:52:ae:31:
e2:f5:67:80:19:ff:05:fd:8a:81:89:ab:44:f5:4c:fc:a1:9b:
15:59:92:0a:95:85:ab:81:1d:0a:df:bd:4b:d9:9f:ed:8f:bb:
9d:9d:11:0e:4c:a3:9f:44:24:00:b9:aa:3d:1f:76:7c:b5:09:
38:b2:17:eb:84:16:22:a1:6a:94:5a:61:82:c8:6e:a1:5a:b6:
ef:60:aa:eb:c6:34:0d:e1:6b:6e:82:aa:46:08:8d:4a:91:93:
81:13:8a:31
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYra8HgnXBDfaJio2jLqtoCOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1OTI3ODZjZWQ2Y2U1OTc1ODU0NjhiYjRmMzZiMzFjZjZh
Y2VjNmUwHhcNMjMwOTI4MDgzODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzI2MTA4ZjE5NzNmNDI4MjcxNTM1Njk4NjA4MWI4Y2I5NTdlZDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3PCISnodw8r/QDhjgetoQ+HjUO9
1O0TmRcQ7nD0fuF12FAlyn2DNO9BQ48woezYZlc7BVdJNjb7ycBJSWBVwcIut27R
7rEdHVqXkLee/slABknc/siXPykQ2YPBPFmn+Mxq9WBDT6zZnhXJVl+YwdWeOwP/
Cey4ll15XvzodXA8VYWNSvr+tcqLTWAepU+eZScHATrcxAxXihE4tNjj2+hliZo1
3DvKi6pjfZ65BoslMyAmOCxj5vvpXWqkNake5/EwzODJK9H+lUTKu4qJPiymSaAX
dXU3G4T5+eDyYXT8W8mIi0Fl3114AE59lC48ZJSOJsZMoRqPnqiFsTj5LwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFCMmEI8Zc/QoJxU1aYYIG4y5V+0qMB8GA1UdIwQY
MBaAFMWSeGztbOWXWFRou082sxz2rOxuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFpKNGJPMXM1WmRZVkdpN1R6YXpIUGFzN0c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9hOWMwYjctYTIzYS00NThmLThmNjQt
YmEzNzUxMTQwNGMyLzEvSXlZUWp4bHo5Q2duRlRWcGhnZ2JqTGxYN1NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9hOWMwYjctYTIzYS00NThmLThmNjQtYmEzNzUxMTQwNGMy
LzEveFpKNGJPMXM1WmRZVkdpN1R6YXpIUGFzN0c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBABRWEMD
BABRWEYwDAMEAFFYSQMEAFFYTAMEAVFYTgMEAblNdDANBgkqhkiG9w0BAQsFAAOC
AQEAN+cAfcuobG96005u9FCLI+7JPvOdu9PevInPo+YSM6C2JcoK4uEtyHFmgQQl
pcRulgC8U+iYK4RTOdhzHnADGq4sAuFOhHzvAlv2fk9GoaIi+aCYQgPHqrFfQu5l
G9yt3BSTOWZAOwzdj7OFsjvGTW14LKHjSIH1gVEl/Aq8qY4bV6TurOAF5DhLco6C
k3RhXMEFMRRgbECkmWhSwpGrUq4x4vVngBn/Bf2KgYmrRPVM/KGbFVmSCpWFq4Ed
Ct+9S9mf7Y+7nZ0RDkyjn0QkALmqPR92fLUJOLIX64QWIqFqlFphgshuoVq272Cq
68Y0DeFrboKqRgiNSpGTgROKMQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:23 2024 by rpki-client on console-ams.rpki-client.org