Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/a9c0b7-a23a-458f-8f64-ba37511404c2/1/tuUFhQRSbrQVsJZsRGXQD1DCKrs.roa
File: tuUFhQRSbrQVsJZsRGXQD1DCKrs.roa (raw, json)
Hash identifier: wxw2LspMWmuAd0S4k6s4c7wOzBlAI113c1EI0YFdGN8=
Subject key identifier: B6:E5:05:85:04:52:6E:B4:15:B0:96:6C:44:65:D0:0F:50:C2:2A:BB
Certificate issuer: /CN=c592786ced6ce597585468bb4f36b31cf6acec6e
Certificate serial: 0189E474F9E46C38E47B710B30184D48CE29
Authority key identifier: C5:92:78:6C:ED:6C:E5:97:58:54:68:BB:4F:36:B3:1C:F6:AC:EC:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xZJ4bO1s5ZdYVGi7TzazHPas7G4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/a9c0b7-a23a-458f-8f64-ba37511404c2/1/tuUFhQRSbrQVsJZsRGXQD1DCKrs.roa
Signing time: Fri 11 Aug 2023 11:56:58 +0000
ROA not before: Fri 11 Aug 2023 11:56:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7155
IP address blocks: 84.247.146.0/24 maxlen: 24
81.88.69.0/24 maxlen: 24
81.88.70.0/24 maxlen: 24
81.88.67.0/24 maxlen: 24
81.88.68.0/23 maxlen: 23
81.88.68.0/24 maxlen: 24
81.88.76.0/24 maxlen: 24
81.88.78.0/24 maxlen: 24
81.88.73.0/24 maxlen: 24
81.88.74.0/23 maxlen: 23
81.88.79.0/24 maxlen: 24
185.77.117.0/24 maxlen: 24
84.247.142.0/24 maxlen: 24
185.77.116.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e4:74:f9:e4:6c:38:e4:7b:71:0b:30:18:4d:48:ce:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c592786ced6ce597585468bb4f36b31cf6acec6e
Validity
Not Before: Aug 11 11:56:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b6e5058504526eb415b0966c4465d00f50c22abb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:b1:48:97:3e:ea:be:3b:c1:c4:39:6b:0a:df:
ed:f0:f9:f6:be:da:4c:60:86:d9:36:80:75:27:c9:
21:04:47:a2:df:42:bb:3a:53:86:82:95:85:d3:ac:
aa:51:80:3c:6d:3b:c7:56:76:36:e5:4c:91:f0:1f:
2c:fa:dc:f8:ab:08:3b:ba:53:32:f0:eb:88:9c:05:
3a:6b:46:dd:50:f9:b6:39:8a:7d:0f:86:74:50:a9:
32:95:72:ee:40:2f:b3:c0:96:1e:3b:e0:6f:ad:46:
95:59:bd:ab:90:8a:9d:8f:98:43:85:b8:d3:97:1c:
07:fc:43:80:cd:66:66:4a:04:b9:b6:8a:2e:8d:a3:
eb:6d:6b:ed:7d:49:e9:ed:f5:73:bb:06:32:1a:b7:
e2:ec:72:bc:13:7a:3c:80:67:a7:ac:c8:09:4b:d5:
d2:ec:f3:7e:c6:74:37:91:00:f6:93:98:84:1c:aa:
96:33:46:b9:e5:45:e8:d2:83:5f:bd:52:fb:f2:ea:
1b:c6:f2:36:fa:33:6b:2f:9e:88:a7:bc:ef:a7:a9:
85:bf:0c:5c:cc:98:e4:c3:d7:15:05:3f:6d:cc:c7:
78:2f:9e:d0:fa:51:f6:5f:53:a8:99:87:03:dc:59:
f2:da:36:4b:dd:ce:06:48:90:6a:f6:50:28:b9:17:
96:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:E5:05:85:04:52:6E:B4:15:B0:96:6C:44:65:D0:0F:50:C2:2A:BB
X509v3 Authority Key Identifier:
keyid:C5:92:78:6C:ED:6C:E5:97:58:54:68:BB:4F:36:B3:1C:F6:AC:EC:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xZJ4bO1s5ZdYVGi7TzazHPas7G4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/a9c0b7-a23a-458f-8f64-ba37511404c2/1/tuUFhQRSbrQVsJZsRGXQD1DCKrs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/a9c0b7-a23a-458f-8f64-ba37511404c2/1/xZJ4bO1s5ZdYVGi7TzazHPas7G4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.88.67.0-81.88.70.255
81.88.73.0-81.88.76.255
81.88.78.0/23
84.247.142.0/24
84.247.146.0/24
185.77.116.0/23
Signature Algorithm: sha256WithRSAEncryption
34:94:b4:9b:2f:b9:a9:7a:f7:c2:b7:d1:bf:c6:69:93:5d:ab:
9a:41:50:10:ad:33:d1:f4:80:69:23:e7:3e:f4:f7:85:aa:6c:
2e:dc:44:63:5e:3b:68:77:be:df:80:14:08:82:64:d3:8a:8e:
03:0c:03:9f:e0:43:26:43:e0:36:08:f9:91:07:c2:87:55:d5:
73:77:16:12:1a:b7:0f:bd:e0:08:13:fa:1e:df:4f:81:4e:5c:
e5:bc:94:f0:4e:b4:1b:78:7b:09:ac:5f:38:ed:3b:d0:35:68:
6e:dc:c5:86:fa:23:57:d7:a4:e4:17:9c:81:a4:ba:8a:b4:f2:
ec:17:27:93:42:e5:80:b2:f1:4c:bb:46:79:bb:1f:d1:e0:84:
b4:fa:6b:29:d0:dd:79:7c:bd:09:6a:f9:9a:93:1e:76:4e:80:
0c:81:9f:43:bb:4f:a4:ed:e9:78:a1:00:76:bf:41:32:13:44:
7a:84:4a:9d:42:94:8d:bf:b1:78:19:35:ae:81:f4:b4:af:26:
36:d5:52:db:21:49:b3:59:4e:5f:a2:bc:56:4e:8a:ec:40:5f:
7f:4a:08:49:58:74:ca:a6:fb:16:da:cc:c1:97:87:19:9a:29:
aa:16:9f:35:4d:8a:09:82:7f:8c:b1:8d:d5:d0:bf:fc:f2:14:
c7:bb:63:ce
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYnkdPnkbDjke3ELMBhNSM4pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1OTI3ODZjZWQ2Y2U1OTc1ODU0NjhiYjRmMzZiMzFjZjZh
Y2VjNmUwHhcNMjMwODExMTE1NjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmU1MDU4NTA0NTI2ZWI0MTViMDk2NmM0NDY1ZDAwZjUwYzIyYWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgbFIlz7qvjvBxDlrCt/t8Pn2vtpM
YIbZNoB1J8khBEei30K7OlOGgpWF06yqUYA8bTvHVnY25UyR8B8s+tz4qwg7ulMy
8OuInAU6a0bdUPm2OYp9D4Z0UKkylXLuQC+zwJYeO+BvrUaVWb2rkIqdj5hDhbjT
lxwH/EOAzWZmSgS5tooujaPrbWvtfUnp7fVzuwYyGrfi7HK8E3o8gGenrMgJS9XS
7PN+xnQ3kQD2k5iEHKqWM0a55UXo0oNfvVL78uobxvI2+jNrL56Ip7zvp6mFvwxc
zJjkw9cVBT9tzMd4L57Q+lH2X1OomYcD3Fny2jZL3c4GSJBq9lAouReWrQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFLblBYUEUm60FbCWbERl0A9Qwiq7MB8GA1UdIwQY
MBaAFMWSeGztbOWXWFRou082sxz2rOxuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFpKNGJPMXM1WmRZVkdpN1R6YXpIUGFzN0c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9hOWMwYjctYTIzYS00NThmLThmNjQt
YmEzNzUxMTQwNGMyLzEvdHVVRmhRUlNiclFWc0pac1JHWFFEMURDS3JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9hOWMwYjctYTIzYS00NThmLThmNjQtYmEzNzUxMTQwNGMy
LzEveFpKNGJPMXM1WmRZVkdpN1R6YXpIUGFzN0c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0MAwDBABRWEMD
BABRWEYwDAMEAFFYSQMEAFFYTAMEAVFYTgMEAFT3jgMEAFT3kgMEAblNdDANBgkq
hkiG9w0BAQsFAAOCAQEANJS0my+5qXr3wrfRv8Zpk12rmkFQEK0z0fSAaSPnPvT3
hapsLtxEY147aHe+34AUCIJk04qOAwwDn+BDJkPgNgj5kQfCh1XVc3cWEhq3D73g
CBP6Ht9PgU5c5byU8E60G3h7CaxfOO070DVobtzFhvojV9ek5BecgaS6irTy7Bcn
k0LlgLLxTLtGebsf0eCEtPprKdDdeXy9CWr5mpMedk6ADIGfQ7tPpO3peKEAdr9B
MhNEeoRKnUKUjb+xeBk1roH0tK8mNtVS2yFJs1lOX6K8Vk6K7EBff0oISVh0yqb7
FtrMwZeHGZopqhafNU2KCYJ/jLGN1dC//PIUx7tjzg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:46 2024 by rpki-client on console-fra.rpki-client.org