Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/a9c0b7-a23a-458f-8f64-ba37511404c2/1/tWyFYWJHNMYmwE_TPOJjeqySYT4.roa
File: tWyFYWJHNMYmwE_TPOJjeqySYT4.roa (raw, json)
Hash identifier: HOG36u0Mc1m1WyFoUpeY8EunG/hFsSzrW9MZdbwamoU=
Subject key identifier: B5:6C:85:61:62:47:34:C6:26:C0:4F:D3:3C:E2:63:7A:AC:92:61:3E
Certificate issuer: /CN=c592786ced6ce597585468bb4f36b31cf6acec6e
Certificate serial: 0186C0B879E3B5DBEAF16CF675D97C060F97
Authority key identifier: C5:92:78:6C:ED:6C:E5:97:58:54:68:BB:4F:36:B3:1C:F6:AC:EC:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xZJ4bO1s5ZdYVGi7TzazHPas7G4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/a9c0b7-a23a-458f-8f64-ba37511404c2/1/tWyFYWJHNMYmwE_TPOJjeqySYT4.roa
Signing time: Wed 08 Mar 2023 10:16:00 +0000
ROA not before: Wed 08 Mar 2023 10:16:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7155
IP address blocks: 84.247.151.0/24 maxlen: 24
84.247.152.0/24 maxlen: 24
84.247.146.0/24 maxlen: 24
84.247.148.0/24 maxlen: 24
84.247.168.0/24 maxlen: 24
84.247.169.0/24 maxlen: 24
84.247.173.0/24 maxlen: 24
81.88.67.0/24 maxlen: 24
81.88.68.0/23 maxlen: 23
81.88.70.0/24 maxlen: 24
81.88.76.0/24 maxlen: 24
81.88.78.0/24 maxlen: 24
81.88.73.0/24 maxlen: 24
81.88.74.0/23 maxlen: 23
81.88.79.0/24 maxlen: 24
84.247.130.0/24 maxlen: 24
84.247.132.0/24 maxlen: 24
84.247.142.0/24 maxlen: 24
84.247.145.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c0:b8:79:e3:b5:db:ea:f1:6c:f6:75:d9:7c:06:0f:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c592786ced6ce597585468bb4f36b31cf6acec6e
Validity
Not Before: Mar 8 10:16:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b56c8561624734c626c04fd33ce2637aac92613e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:6e:92:25:60:ff:b0:1f:ae:e1:22:0e:99:6b:
ac:ec:9b:37:3d:cf:85:1c:f3:47:1d:0a:99:36:ce:
ba:a4:82:56:66:0a:e9:10:3d:61:3b:45:ce:c1:a4:
4e:0b:19:82:96:c1:3b:dd:9e:3a:30:3c:d5:cc:e6:
b6:2b:05:b9:f2:a8:31:bb:61:43:c8:a5:f5:73:c8:
a5:c3:3c:b9:7c:b8:d8:6a:92:01:72:9e:da:67:49:
ef:a5:ea:e8:3b:b3:4f:5e:9f:39:3c:6e:56:f3:86:
79:53:91:2f:61:e0:56:26:3e:6e:bb:15:b0:d0:9b:
21:8d:83:d7:45:94:f1:66:e4:bf:53:c1:dd:fa:06:
3f:9e:f2:92:ab:36:11:e2:4f:23:be:3e:c8:79:fa:
3d:be:d6:3b:8c:ea:b2:c9:2f:7b:b7:b2:e2:8c:d6:
a8:c6:47:75:a1:44:b8:2d:47:cf:81:a7:03:50:1b:
77:67:d8:6c:0c:a2:19:41:45:8e:39:d5:e3:7c:86:
98:d6:46:95:e9:22:79:34:16:d1:c7:81:d6:f2:f0:
5e:b5:e9:29:60:15:9d:4b:c6:e2:97:da:0e:55:10:
03:c7:32:15:2f:31:de:12:94:c0:7f:a2:43:de:32:
cb:28:18:ff:9d:2a:f5:0b:56:72:ae:12:e1:82:e2:
63:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:6C:85:61:62:47:34:C6:26:C0:4F:D3:3C:E2:63:7A:AC:92:61:3E
X509v3 Authority Key Identifier:
keyid:C5:92:78:6C:ED:6C:E5:97:58:54:68:BB:4F:36:B3:1C:F6:AC:EC:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xZJ4bO1s5ZdYVGi7TzazHPas7G4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/a9c0b7-a23a-458f-8f64-ba37511404c2/1/tWyFYWJHNMYmwE_TPOJjeqySYT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/a9c0b7-a23a-458f-8f64-ba37511404c2/1/xZJ4bO1s5ZdYVGi7TzazHPas7G4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.88.67.0-81.88.70.255
81.88.73.0-81.88.76.255
81.88.78.0/23
84.247.130.0/24
84.247.132.0/24
84.247.142.0/24
84.247.145.0-84.247.146.255
84.247.148.0/24
84.247.151.0-84.247.152.255
84.247.168.0/23
84.247.173.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:2e:86:45:70:4f:a4:98:a6:f2:b5:53:8b:5a:65:ae:c8:37:
52:44:f8:1f:cd:32:b5:44:74:11:be:02:1c:cc:cb:05:6c:89:
14:23:37:ef:e0:93:23:32:34:29:01:fe:7b:78:97:73:38:ca:
49:62:8c:ae:7d:58:59:f7:61:81:cf:04:c4:71:07:26:85:9c:
40:f1:cb:b1:8c:11:5f:cf:40:54:f1:54:f5:b4:8c:87:83:3a:
32:18:25:88:04:cc:3c:05:15:eb:cc:c2:85:23:e1:3f:38:e7:
a6:66:b2:60:a5:b2:06:ce:61:aa:6a:4f:9b:3a:7b:ec:c1:81:
5f:b0:b6:87:9d:23:a1:8f:86:37:82:c3:63:2f:62:c8:3e:e8:
3e:37:7d:59:27:85:4e:56:3e:b5:b3:16:81:30:5a:15:46:92:
03:42:0c:ee:d2:88:05:23:22:80:1e:b7:40:1f:97:d2:58:97:
46:ef:b1:08:5f:58:c0:bc:a8:90:66:63:e8:06:39:44:71:f4:
c9:d8:bd:06:9b:c6:78:f0:41:b3:e6:a4:0b:1d:e4:20:f4:2f:
d7:34:29:d0:e0:29:71:d7:7f:5a:cd:a5:cb:03:eb:9d:4f:d2:
04:23:5e:58:fb:ec:22:e7:20:0a:c7:6f:30:c5:a5:39:80:1c:
23:8e:c3:59
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAYbAuHnjtdvq8Wz2ddl8Bg+XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1OTI3ODZjZWQ2Y2U1OTc1ODU0NjhiYjRmMzZiMzFjZjZh
Y2VjNmUwHhcNMjMwMzA4MTAxNjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTZjODU2MTYyNDczNGM2MjZjMDRmZDMzY2UyNjM3YWFjOTI2MTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg26SJWD/sB+u4SIOmWus7Js3Pc+F
HPNHHQqZNs66pIJWZgrpED1hO0XOwaROCxmClsE73Z46MDzVzOa2KwW58qgxu2FD
yKX1c8ilwzy5fLjYapIBcp7aZ0nvperoO7NPXp85PG5W84Z5U5EvYeBWJj5uuxWw
0JshjYPXRZTxZuS/U8Hd+gY/nvKSqzYR4k8jvj7Iefo9vtY7jOqyyS97t7LijNao
xkd1oUS4LUfPgacDUBt3Z9hsDKIZQUWOOdXjfIaY1kaV6SJ5NBbRx4HW8vBetekp
YBWdS8bil9oOVRADxzIVLzHeEpTAf6JD3jLLKBj/nSr1C1ZyrhLhguJj+wIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFLVshWFiRzTGJsBP0zziY3qskmE+MB8GA1UdIwQY
MBaAFMWSeGztbOWXWFRou082sxz2rOxuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFpKNGJPMXM1WmRZVkdpN1R6YXpIUGFzN0c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9hOWMwYjctYTIzYS00NThmLThmNjQt
YmEzNzUxMTQwNGMyLzEvdFd5RllXSkhOTVltd0VfVFBPSmplcXlTWVQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9hOWMwYjctYTIzYS00NThmLThmNjQtYmEzNzUxMTQwNGMy
LzEveFpKNGJPMXM1WmRZVkdpN1R6YXpIUGFzN0c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiMAwDBABRWEMD
BABRWEYwDAMEAFFYSQMEAFFYTAMEAVFYTgMEAFT3ggMEAFT3hAMEAFT3jjAMAwQA
VPeRAwQAVPeSAwQAVPeUMAwDBABU95cDBABU95gDBAFU96gDBABU960wDQYJKoZI
hvcNAQELBQADggEBALYuhkVwT6SYpvK1U4taZa7IN1JE+B/NMrVEdBG+AhzMywVs
iRQjN+/gkyMyNCkB/nt4l3M4yklijK59WFn3YYHPBMRxByaFnEDxy7GMEV/PQFTx
VPW0jIeDOjIYJYgEzDwFFevMwoUj4T8456ZmsmClsgbOYapqT5s6e+zBgV+wtoed
I6GPhjeCw2MvYsg+6D43fVknhU5WPrWzFoEwWhVGkgNCDO7SiAUjIoAet0Afl9JY
l0bvsQhfWMC8qJBmY+gGOURx9MnYvQabxnjwQbPmpAsd5CD0L9c0KdDgKXHXf1rN
pcsD651P0gQjXlj77CLnIArHbzDFpTmAHCOOw1k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:23 2024 by rpki-client on console-ams.rpki-client.org