Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/T8UhF78l_bqRfnxD_jy-uqEnPXA.roa
File: T8UhF78l_bqRfnxD_jy-uqEnPXA.roa (raw, json)
Hash identifier: KCndXa5W1GgdBnLaT760LuEPaPduSQgie4YxjxgZqv4=
Subject key identifier: 4F:C5:21:17:BF:25:FD:BA:91:7E:7C:43:FE:3C:BE:BA:A1:27:3D:70
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 01833B8FFFE86E497918193C67B837A1AD31
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/T8UhF78l_bqRfnxD_jy-uqEnPXA.roa
Signing time: Wed 14 Sep 2022 10:33:56 +0000
ROA not before: Wed 14 Sep 2022 10:33:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204084
IP address blocks: 185.102.137.0/24 maxlen: 24
2a0f:7c80::/29 maxlen: 29
2a0b:9800::/29 maxlen: 29
2a0f:3380::/29 maxlen: 29
2a0f:2380::/29 maxlen: 29
2a0b:a300::/29 maxlen: 29
2a0f:a700::/29 maxlen: 29
2a0d:88c0::/29 maxlen: 29
2a0f:7300::/29 maxlen: 29
2a0f:c780::/29 maxlen: 29
2a0f:4580::/29 maxlen: 29
2a0c:7440::/29 maxlen: 29
2a0f:5580::/29 maxlen: 29
2a0c:74c0::/29 maxlen: 29
2a0f:1180::/29 maxlen: 29
2a0f:4680::/29 maxlen: 29
2a0c:7540::/29 maxlen: 29
2a0d:2cc0::/29 maxlen: 29
2a0f:a500::/29 maxlen: 29
2a0f:7100::/29 maxlen: 29
2a07:4a00::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:3b:8f:ff:e8:6e:49:79:18:19:3c:67:b8:37:a1:ad:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Sep 14 10:33:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4fc52117bf25fdba917e7c43fe3cbebaa1273d70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a2:1f:c9:e5:f3:52:c3:4e:7b:c7:dd:8a:44:
97:0d:cd:dc:76:77:4e:bf:da:f9:71:b6:dc:45:65:
25:dc:72:f8:df:61:04:c9:af:93:30:50:0c:08:9b:
ec:c6:78:57:93:10:69:2c:a1:4d:59:b8:35:61:e9:
56:cf:05:41:2d:d9:b8:83:f0:70:0f:fa:22:7b:75:
87:da:27:98:bb:3f:84:36:99:ba:7a:d5:48:8b:5d:
02:c7:79:06:2e:e7:9d:a6:5d:af:55:4d:52:d6:29:
37:71:92:15:82:f5:fa:f0:27:58:db:4f:12:f3:0f:
a8:02:29:f7:33:83:5e:73:f3:a9:16:08:9a:09:38:
98:4b:d4:6d:66:c8:d4:e4:c5:05:bd:17:71:02:33:
4b:bb:24:63:ca:2f:09:e1:97:27:b5:04:da:19:f2:
86:71:6b:6c:2c:96:6e:53:bd:1c:f3:5a:89:0a:d2:
cc:e4:c5:17:8a:2c:87:40:53:a6:91:6e:66:2b:a8:
9d:46:eb:41:f7:17:be:4f:54:df:53:5b:09:29:d6:
7b:56:fa:26:b5:ab:26:b4:05:da:55:3a:fa:76:6e:
06:c8:9e:c4:71:74:22:83:d0:c6:05:3e:d0:8b:54:
68:11:88:d8:c3:b7:a5:3e:0e:e8:2a:7f:91:2b:09:
c4:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:C5:21:17:BF:25:FD:BA:91:7E:7C:43:FE:3C:BE:BA:A1:27:3D:70
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/T8UhF78l_bqRfnxD_jy-uqEnPXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.102.137.0/24
IPv6:
2a07:4a00::/29
2a0b:9800::/29
2a0b:a300::/29
2a0c:7440::/29
2a0c:74c0::/29
2a0c:7540::/29
2a0d:2cc0::/29
2a0d:88c0::/29
2a0f:1180::/29
2a0f:2380::/29
2a0f:3380::/29
2a0f:4580::/29
2a0f:4680::/29
2a0f:5580::/29
2a0f:7100::/29
2a0f:7300::/29
2a0f:7c80::/29
2a0f:a500::/29
2a0f:a700::/29
2a0f:c780::/29
Signature Algorithm: sha256WithRSAEncryption
4b:57:c4:fb:a1:ae:26:bd:8c:57:9b:44:46:70:37:6b:23:f4:
5d:41:92:4c:1b:dd:ed:73:96:f7:a4:c2:73:8f:b9:ab:4b:e3:
b9:ad:45:23:36:c7:b5:26:ac:35:5f:d0:83:9a:c9:ef:b8:74:
44:e9:c9:2c:75:ad:f8:cb:79:2a:5c:00:87:2c:52:7f:0a:87:
ec:31:e2:e3:91:70:fb:37:b4:ab:4b:21:33:c7:ba:06:4e:56:
e5:e2:36:b3:74:a1:03:9d:b7:6c:3d:ae:f4:ae:c4:34:78:f5:
e3:6a:2f:df:9a:b7:3d:30:df:6d:98:86:d8:0b:3a:83:29:c2:
94:26:76:a7:a1:bb:12:47:e4:80:39:42:7f:cf:b8:01:13:17:
bc:56:a9:f6:b3:8c:49:01:49:11:2d:1e:1c:0a:83:1a:a8:c5:
f4:9f:c2:ff:f3:48:6d:ae:14:14:61:48:5f:69:2f:a4:91:23:
6d:af:d3:97:9f:4a:77:c6:de:0e:fc:39:2c:cf:30:2b:2a:3e:
33:9e:6b:d5:e8:ae:6e:9e:02:ca:e9:5d:76:75:09:eb:84:52:
7c:57:cc:fa:cb:f2:f1:01:c2:b6:4d:42:20:cb:7e:ed:f0:6e:
ad:b3:6c:d0:b0:c4:49:30:33:cd:05:91:a4:47:7b:9b:9f:40:
e8:9d:37:56
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAYM7j//obkl5GBk8Z7g3oa0xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjIwOTE0MTAzMzU2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmM1MjExN2JmMjVmZGJhOTE3ZTdjNDNmZTNjYmViYWExMjczZDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKIfyeXzUsNOe8fdikSXDc3cdndO
v9r5cbbcRWUl3HL432EEya+TMFAMCJvsxnhXkxBpLKFNWbg1YelWzwVBLdm4g/Bw
D/oie3WH2ieYuz+ENpm6etVIi10Cx3kGLuedpl2vVU1S1ik3cZIVgvX68CdY208S
8w+oAin3M4Nec/OpFgiaCTiYS9RtZsjU5MUFvRdxAjNLuyRjyi8J4ZcntQTaGfKG
cWtsLJZuU70c81qJCtLM5MUXiiyHQFOmkW5mK6idRutB9xe+T1TfU1sJKdZ7Vvom
tasmtAXaVTr6dm4GyJ7EcXQig9DGBT7Qi1RoEYjYw7elPg7oKn+RKwnEeQIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFE/FIRe/Jf26kX58Q/48vrqhJz1wMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvVDhVaEY3OGxfYnFSZm54RF9qeS11cUVuUFhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDAMBAIAATAGAwQAuWaJ
MIGTBAIAAjCBjAMFAyoHSgADBQMqC5gAAwUDKgujAAMFAyoMdEADBQMqDHTAAwUD
Kgx1QAMFAyoNLMADBQMqDYjAAwUDKg8RgAMFAyoPI4ADBQMqDzOAAwUDKg9FgAMF
AyoPRoADBQMqD1WAAwUDKg9xAAMFAyoPcwADBQMqD3yAAwUDKg+lAAMFAyoPpwAD
BQMqD8eAMA0GCSqGSIb3DQEBCwUAA4IBAQBLV8T7oa4mvYxXm0RGcDdrI/RdQZJM
G93tc5b3pMJzj7mrS+O5rUUjNse1Jqw1X9CDmsnvuHRE6cksda34y3kqXACHLFJ/
CofsMeLjkXD7N7SrSyEzx7oGTlbl4jazdKEDnbdsPa70rsQ0ePXjai/fmrc9MN9t
mIbYCzqDKcKUJnanobsSR+SAOUJ/z7gBExe8Vqn2s4xJAUkRLR4cCoMaqMX0n8L/
80htrhQUYUhfaS+kkSNtr9OXn0p3xt4O/DkszzArKj4znmvV6K5ungLK6V12dQnr
hFJ8V8z6y/LxAcK2TUIgy37t8G6ts2zQsMRJMDPNBZGkR3ubn0DonTdW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:10 2024 by rpki-client on console-ams.rpki-client.org