Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/b7gjwRf3-b2-8F6jEZmkqLVE_lo.roa
File: b7gjwRf3-b2-8F6jEZmkqLVE_lo.roa (raw, json)
Hash identifier: WzRCBfmAVh/0N0vn8pq0spo2YqCb+z00KBJjDKAocxc=
Subject key identifier: 6F:B8:23:C1:17:F7:F9:BD:BE:F0:5E:A3:11:99:A4:A8:B5:44:FE:5A
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 01936E10B9B87B324B831BF0D3DD3D8CDB44
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/b7gjwRf3-b2-8F6jEZmkqLVE_lo.roa
Signing time: Wed 27 Nov 2024 14:40:10 +0000
ROA not before: Wed 27 Nov 2024 14:40:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 83.147.192.0/24 maxlen: 24
83.147.216.0/24 maxlen: 24
83.147.244.0/22 maxlen: 24
91.186.200.0/22 maxlen: 24
91.186.204.0/22 maxlen: 24
94.241.168.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6e:10:b9:b8:7b:32:4b:83:1b:f0:d3:dd:3d:8c:db:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Nov 27 14:40:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6fb823c117f7f9bdbef05ea31199a4a8b544fe5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c2:e1:c8:21:43:85:d0:77:e4:c8:71:ed:d5:
e9:74:b8:e7:da:73:84:4b:c0:1e:08:ed:4e:98:45:
5e:66:e1:43:44:2d:d7:e2:97:10:fd:c9:a7:f1:b0:
84:46:fd:23:73:bc:ef:bf:1f:71:65:b9:76:1a:b3:
07:56:df:0f:c5:10:29:14:c9:bc:4c:da:e7:46:dd:
aa:a5:c6:36:f0:0e:7f:7f:b0:ae:76:52:f9:f0:6b:
f2:52:76:0e:4c:3c:97:53:93:ef:2f:d5:6c:13:b1:
ff:2f:36:0a:c0:52:1c:d7:2e:81:98:b7:62:f9:ab:
7a:eb:58:9a:47:a1:56:b8:26:46:13:c3:63:4f:62:
ed:da:29:a2:bc:e3:66:5e:c5:d4:78:bb:95:2f:53:
9c:1b:b3:ae:65:5f:fe:c4:eb:4e:89:0d:88:da:51:
c2:be:ff:a2:1d:34:e3:77:3f:bd:c9:56:c5:f0:bc:
36:0a:35:ac:48:62:6d:97:54:0f:4c:63:46:b7:4b:
a6:81:2d:96:36:47:1d:19:73:a3:4d:ab:c2:0a:0e:
a9:ef:a8:90:2e:9a:a0:b6:49:42:f9:f1:93:72:0b:
83:6f:9f:68:82:52:4b:7a:5f:0e:b5:1e:9a:34:11:
e8:17:c0:91:a8:9d:ba:2f:85:0f:d9:06:65:c4:0a:
8d:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:B8:23:C1:17:F7:F9:BD:BE:F0:5E:A3:11:99:A4:A8:B5:44:FE:5A
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/b7gjwRf3-b2-8F6jEZmkqLVE_lo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.192.0/24
83.147.216.0/24
83.147.244.0/22
91.186.200.0/21
94.241.168.0/21
Signature Algorithm: sha256WithRSAEncryption
80:87:3c:2e:ed:e6:e0:7b:fe:22:ea:d5:d5:87:d3:04:be:f8:
92:5c:de:80:b8:16:a3:e0:e2:4c:a5:31:0b:15:5f:d1:10:27:
62:38:81:1b:84:f7:13:9a:95:e7:7f:0f:e8:0b:bf:f5:22:a7:
ff:28:a5:cb:c7:67:41:00:d8:da:b4:7f:11:98:37:24:ea:c2:
c5:99:75:04:1f:51:bb:fc:93:07:72:b2:1f:6d:4d:4a:eb:6e:
eb:40:c3:a1:a3:da:d7:41:ff:08:fa:67:2f:e8:68:cf:34:d4:
98:2c:9b:b3:2a:ca:97:21:d2:02:fe:84:ec:2a:61:07:9b:17:
2e:f9:30:6f:b3:fe:be:2a:b2:b8:5d:dd:c8:6d:30:17:2f:f7:
e5:2b:ef:38:75:d6:48:7b:28:80:69:d5:b5:a7:36:a8:fb:8c:
b1:cf:00:f2:d0:5c:c9:3c:a5:72:ee:0a:dd:50:2a:37:b7:cb:
ce:6e:05:9b:df:e4:95:78:58:90:76:06:e3:00:65:6b:9b:63:
4e:44:f3:10:54:a7:79:ae:d2:f0:c8:59:0e:2e:1d:5d:8a:e9:
8e:97:5b:66:6f:ea:45:56:b9:e1:e8:ae:1e:69:aa:b0:f3:6b:
b9:9e:37:80:b2:00:73:27:b0:44:79:d8:78:58:ec:76:16:ae:
ef:17:e1:5a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZNuELm4ezJLgxvw0909jNtEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQxMTI3MTQ0MDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmI4MjNjMTE3ZjdmOWJkYmVmMDVlYTMxMTk5YTRhOGI1NDRmZTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8LhyCFDhdB35Mhx7dXpdLjn2nOE
S8AeCO1OmEVeZuFDRC3X4pcQ/cmn8bCERv0jc7zvvx9xZbl2GrMHVt8PxRApFMm8
TNrnRt2qpcY28A5/f7CudlL58GvyUnYOTDyXU5PvL9VsE7H/LzYKwFIc1y6BmLdi
+at661iaR6FWuCZGE8NjT2Lt2imivONmXsXUeLuVL1OcG7OuZV/+xOtOiQ2I2lHC
vv+iHTTjdz+9yVbF8Lw2CjWsSGJtl1QPTGNGt0umgS2WNkcdGXOjTavCCg6p76iQ
LpqgtklC+fGTcguDb59oglJLel8OtR6aNBHoF8CRqJ26L4UP2QZlxAqNVwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFG+4I8EX9/m9vvBeoxGZpKi1RP5aMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvYjdnandSZjMtYjItOEY2akVabWtxTFZFX2xvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAU5PAAwQA
U5PYAwQCU5P0AwQDW7rIAwQDXvGoMA0GCSqGSIb3DQEBCwUAA4IBAQCAhzwu7ebg
e/4i6tXVh9MEvviSXN6AuBaj4OJMpTELFV/RECdiOIEbhPcTmpXnfw/oC7/1Iqf/
KKXLx2dBANjatH8RmDck6sLFmXUEH1G7/JMHcrIfbU1K627rQMOho9rXQf8I+mcv
6GjPNNSYLJuzKsqXIdIC/oTsKmEHmxcu+TBvs/6+KrK4Xd3IbTAXL/flK+84ddZI
eyiAadW1pzao+4yxzwDy0FzJPKVy7grdUCo3t8vObgWb3+SVeFiQdgbjAGVrm2NO
RPMQVKd5rtLwyFkOLh1diumOl1tmb+pFVrnh6K4eaaqw82u5njeAsgBzJ7BEedh4
WOx2Fq7vF+Fa
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:19:14 2025 by rpki-client