Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/a9c0b7-a23a-458f-8f64-ba37511404c2/1/dfneNmDOJFq4Y1SrW_zV18duMEY.roa
File: dfneNmDOJFq4Y1SrW_zV18duMEY.roa (raw, json)
Hash identifier: wV2VNUY/u2lsoBh+mfYOSrDMoE9ExS3vUEb2j40RZsU=
Subject key identifier: 75:F9:DE:36:60:CE:24:5A:B8:63:54:AB:5B:FC:D5:D7:C7:6E:30:46
Certificate issuer: /CN=c592786ced6ce597585468bb4f36b31cf6acec6e
Certificate serial: 018ADC8E9BBF185B7DBE7762D7DD910E3BD0
Authority key identifier: C5:92:78:6C:ED:6C:E5:97:58:54:68:BB:4F:36:B3:1C:F6:AC:EC:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xZJ4bO1s5ZdYVGi7TzazHPas7G4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/a9c0b7-a23a-458f-8f64-ba37511404c2/1/dfneNmDOJFq4Y1SrW_zV18duMEY.roa
Signing time: Thu 28 Sep 2023 16:10:48 +0000
ROA not before: Thu 28 Sep 2023 16:10:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29300
IP address blocks: 81.88.64.0/20 maxlen: 20
82.148.160.0/19 maxlen: 19
93.184.112.0/20 maxlen: 20
109.169.96.0/19 maxlen: 19
2a02:2828::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:dc:8e:9b:bf:18:5b:7d:be:77:62:d7:dd:91:0e:3b:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c592786ced6ce597585468bb4f36b31cf6acec6e
Validity
Not Before: Sep 28 16:10:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=75f9de3660ce245ab86354ab5bfcd5d7c76e3046
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:51:f3:20:41:4f:68:2f:a3:38:32:98:b3:df:
45:b3:49:9d:c5:99:f9:a9:6f:c4:f4:a9:dd:d4:fd:
98:98:19:63:10:db:fd:87:2b:db:2b:ba:b3:42:1f:
6c:13:23:a3:fd:ac:3e:1f:b6:3c:a2:74:c0:50:78:
84:ac:82:1b:1e:a7:43:b7:0b:29:78:48:72:ca:49:
cc:70:f7:57:77:cd:74:31:e0:c5:37:12:ed:3c:47:
1c:7e:a4:d9:83:e8:7c:ac:b6:34:d0:32:84:6b:df:
f0:f8:3d:f1:68:b4:54:82:cd:c9:f5:2d:02:38:68:
ff:9f:f1:9c:ab:ed:75:10:4e:72:8a:74:57:bf:44:
33:3b:7c:e6:a8:f9:da:c2:e3:91:76:6a:92:5a:ba:
42:f9:89:e8:9f:63:b9:46:e3:ac:34:64:23:a5:5a:
d1:39:8e:df:2f:97:a5:b3:82:ea:75:76:10:9c:dd:
83:b4:de:8b:fb:3e:db:53:ba:13:68:28:56:61:c6:
d5:9d:f4:3a:d0:b9:3a:37:2e:ed:b4:9c:1c:df:26:
b5:ba:f1:9a:53:97:95:80:e9:4a:ae:3b:3a:08:8c:
77:52:28:b2:bc:76:86:5e:8e:d8:dc:65:5e:a6:75:
39:45:6b:30:12:03:8e:4e:69:3a:28:59:66:7b:11:
86:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:F9:DE:36:60:CE:24:5A:B8:63:54:AB:5B:FC:D5:D7:C7:6E:30:46
X509v3 Authority Key Identifier:
keyid:C5:92:78:6C:ED:6C:E5:97:58:54:68:BB:4F:36:B3:1C:F6:AC:EC:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xZJ4bO1s5ZdYVGi7TzazHPas7G4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/a9c0b7-a23a-458f-8f64-ba37511404c2/1/dfneNmDOJFq4Y1SrW_zV18duMEY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/a9c0b7-a23a-458f-8f64-ba37511404c2/1/xZJ4bO1s5ZdYVGi7TzazHPas7G4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.88.64.0/20
82.148.160.0/19
93.184.112.0/20
109.169.96.0/19
IPv6:
2a02:2828::/32
Signature Algorithm: sha256WithRSAEncryption
73:da:f0:48:50:10:fb:2d:50:22:20:0c:7a:ad:92:64:42:05:
ec:53:0b:f8:da:14:5c:39:e2:ac:ca:01:77:9f:1e:ef:ae:0e:
7d:ff:30:f1:09:b7:39:ec:a5:6f:ed:a5:0b:a8:62:fc:46:af:
f3:f4:8c:ed:81:dd:d4:6f:6e:ba:e1:f1:24:ac:b6:0e:e4:e0:
78:7e:ac:b1:fb:46:41:ee:38:c3:7c:88:c3:04:96:bd:28:93:
bd:70:b8:44:fc:6c:8f:da:bd:67:52:d9:1d:34:e7:7c:be:e6:
4f:98:62:a6:1a:1b:ad:be:dc:87:92:e1:0c:7e:25:80:9d:21:
ef:e4:6b:6e:9a:23:80:35:a7:a2:e6:75:3e:2f:82:36:04:78:
64:b4:bb:7d:ec:d5:d1:7a:f6:aa:16:5a:57:80:61:26:f5:cb:
59:92:a7:ed:ce:ae:af:ed:a9:5b:33:ac:f6:96:54:86:e5:10:
9e:c5:05:fa:e2:07:af:f9:28:1b:54:e2:e5:9e:17:5b:f4:3e:
aa:b5:5e:c1:da:b1:82:cb:9c:69:76:cc:dc:8b:8d:83:76:cd:
47:2f:a4:6f:3b:8c:9b:d0:2f:71:c6:26:af:d7:48:b4:bd:ee:
00:9a:e2:28:20:e8:53:63:26:43:a5:09:ec:dd:cd:1c:d6:30:
a2:f9:3d:38
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYrcjpu/GFt9vndi192RDjvQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1OTI3ODZjZWQ2Y2U1OTc1ODU0NjhiYjRmMzZiMzFjZjZh
Y2VjNmUwHhcNMjMwOTI4MTYxMDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWY5ZGUzNjYwY2UyNDVhYjg2MzU0YWI1YmZjZDVkN2M3NmUzMDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhVHzIEFPaC+jODKYs99Fs0mdxZn5
qW/E9Knd1P2YmBljENv9hyvbK7qzQh9sEyOj/aw+H7Y8onTAUHiErIIbHqdDtwsp
eEhyyknMcPdXd810MeDFNxLtPEccfqTZg+h8rLY00DKEa9/w+D3xaLRUgs3J9S0C
OGj/n/Gcq+11EE5yinRXv0QzO3zmqPnawuORdmqSWrpC+Ynon2O5RuOsNGQjpVrR
OY7fL5els4LqdXYQnN2DtN6L+z7bU7oTaChWYcbVnfQ60Lk6Ny7ttJwc3ya1uvGa
U5eVgOlKrjs6CIx3UiiyvHaGXo7Y3GVepnU5RWswEgOOTmk6KFlmexGGBQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFHX53jZgziRauGNUq1v81dfHbjBGMB8GA1UdIwQY
MBaAFMWSeGztbOWXWFRou082sxz2rOxuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFpKNGJPMXM1WmRZVkdpN1R6YXpIUGFzN0c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9hOWMwYjctYTIzYS00NThmLThmNjQt
YmEzNzUxMTQwNGMyLzEvZGZuZU5tRE9KRnE0WTFTcldfelYxOGR1TUVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9hOWMwYjctYTIzYS00NThmLThmNjQtYmEzNzUxMTQwNGMy
LzEveFpKNGJPMXM1WmRZVkdpN1R6YXpIUGFzN0c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEUVhAAwQF
UpSgAwQEXbhwAwQFbalgMA0EAgACMAcDBQAqAigoMA0GCSqGSIb3DQEBCwUAA4IB
AQBz2vBIUBD7LVAiIAx6rZJkQgXsUwv42hRcOeKsygF3nx7vrg59/zDxCbc57KVv
7aULqGL8Rq/z9Iztgd3Ub2664fEkrLYO5OB4fqyx+0ZB7jjDfIjDBJa9KJO9cLhE
/GyP2r1nUtkdNOd8vuZPmGKmGhutvtyHkuEMfiWAnSHv5GtumiOANaei5nU+L4I2
BHhktLt97NXRevaqFlpXgGEm9ctZkqftzq6v7albM6z2llSG5RCexQX64gev+Sgb
VOLlnhdb9D6qtV7B2rGCy5xpdszci42Dds1HL6RvO4yb0C9xxiav10i0ve4AmuIo
IOhTYyZDpQns3c0c1jCi+T04
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:23 2024 by rpki-client on console-ams.rpki-client.org