Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/BAI2G6iN7-Dh08zYYz-W9iqT0Bo.roa
File: BAI2G6iN7-Dh08zYYz-W9iqT0Bo.roa (raw, json)
Hash identifier: ZvmakSLLWN0bPRV6TLOZRX+iIxA5al6QcFoKo/00rHc=
Subject key identifier: 04:02:36:1B:A8:8D:EF:E0:E1:D3:CC:D8:63:3F:96:F6:2A:93:D0:1A
Certificate issuer: /CN=535825ce8bf544170282f720a2484141568b0e7d
Certificate serial: 018570F08C8FF3374797893095F551F0532C
Authority key identifier: 53:58:25:CE:8B:F5:44:17:02:82:F7:20:A2:48:41:41:56:8B:0E:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U1glzov1RBcCgvcgokhBQVaLDn0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/BAI2G6iN7-Dh08zYYz-W9iqT0Bo.roa
Signing time: Mon 02 Jan 2023 05:24:50 +0000
ROA not before: Mon 02 Jan 2023 05:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43545
IP address blocks: 77.74.104.0/21 maxlen: 21
77.74.110.0/24 maxlen: 24
80.84.64.0/21 maxlen: 21
80.84.64.0/19 maxlen: 19
212.84.68.0/24 maxlen: 24
80.84.72.0/21 maxlen: 21
80.84.80.0/21 maxlen: 21
80.84.88.0/21 maxlen: 21
80.84.89.0/24 maxlen: 24
80.84.87.0/24 maxlen: 24
78.40.144.0/21 maxlen: 21
80.84.90.0/24 maxlen: 24
78.40.144.0/24 maxlen: 24
80.84.91.0/24 maxlen: 24
80.84.86.0/24 maxlen: 24
185.113.217.0/24 maxlen: 24
185.113.218.0/24 maxlen: 24
185.113.216.0/24 maxlen: 24
78.40.146.0/24 maxlen: 24
185.113.219.0/24 maxlen: 24
78.40.150.0/24 maxlen: 24
212.84.95.0/24 maxlen: 24
2a02:24d0::/32 maxlen: 32
2a02:24d0::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:8c:8f:f3:37:47:97:89:30:95:f5:51:f0:53:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=535825ce8bf544170282f720a2484141568b0e7d
Validity
Not Before: Jan 2 05:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0402361ba88defe0e1d3ccd8633f96f62a93d01a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:00:6d:f0:75:69:15:95:5d:94:d3:2f:37:9f:
e0:98:be:be:10:c0:29:e1:bc:75:7d:41:d1:30:86:
a1:26:67:ff:89:1a:2e:b2:f1:fe:ec:3f:4f:eb:d2:
e1:8a:c3:43:25:fb:b6:99:3a:0a:a2:da:6c:2d:1e:
ca:ba:3f:aa:db:08:30:c5:37:85:63:ba:f4:3a:28:
11:64:e4:07:1a:7f:84:47:f4:2e:d9:27:bd:79:72:
a8:79:21:df:30:d6:4d:7f:73:da:94:02:5f:ce:4d:
1f:4e:fa:27:15:16:26:22:9c:fb:74:73:79:7c:94:
39:d3:35:4b:90:ae:81:d6:10:3a:14:a8:75:e2:5c:
b2:0b:76:b4:53:87:a9:04:b1:f2:e3:86:15:f4:76:
47:a7:24:34:b5:12:71:a0:4f:30:52:f5:9b:06:4d:
e0:88:96:2f:53:44:84:78:f0:19:cf:27:a9:5b:e9:
40:cf:f3:51:92:cb:22:e9:be:1f:76:5e:7f:2c:b6:
b0:5d:56:f4:1f:ec:e2:da:27:15:5b:83:9e:50:5e:
97:0b:08:7c:1e:cd:5b:5d:02:f4:a3:4f:c3:6c:0c:
6e:12:f7:5c:f7:03:cd:3a:53:fb:d7:b7:a1:b6:14:
15:9b:5b:67:2e:45:29:0a:35:dd:1f:df:73:7d:89:
b2:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:02:36:1B:A8:8D:EF:E0:E1:D3:CC:D8:63:3F:96:F6:2A:93:D0:1A
X509v3 Authority Key Identifier:
keyid:53:58:25:CE:8B:F5:44:17:02:82:F7:20:A2:48:41:41:56:8B:0E:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U1glzov1RBcCgvcgokhBQVaLDn0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/BAI2G6iN7-Dh08zYYz-W9iqT0Bo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/U1glzov1RBcCgvcgokhBQVaLDn0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.74.104.0/21
78.40.144.0/21
80.84.64.0/19
185.113.216.0/22
212.84.68.0/24
212.84.95.0/24
IPv6:
2a02:24d0::/32
Signature Algorithm: sha256WithRSAEncryption
1b:51:02:92:8f:22:3f:ab:ea:25:05:2b:83:c3:cc:60:8f:32:
f1:c2:7f:0e:71:2d:a3:77:6c:98:cb:38:88:df:7c:3f:71:14:
aa:25:46:26:23:25:bb:78:a3:e3:27:68:8b:3d:06:bc:a7:2a:
b2:02:14:7e:54:a6:67:99:bf:bc:b8:a2:7b:88:05:9d:dc:cf:
df:91:94:30:ef:3d:1f:b2:20:f0:99:88:80:78:30:9b:ea:b1:
2a:6e:a8:ff:c5:70:63:9a:e9:55:c2:a3:a5:4a:ba:32:ca:ed:
46:1d:4e:ed:7b:3f:b9:2c:ca:3d:4a:c5:41:cf:2d:24:cf:c0:
89:b6:78:7f:67:6f:a3:47:6f:11:82:0f:5a:5c:9e:fb:6f:a8:
d6:5e:37:b6:21:41:0b:4d:00:f1:57:5e:c5:bb:37:5f:ed:c1:
77:58:7a:d7:e7:72:0a:af:be:22:eb:23:95:ea:d0:31:3c:58:
da:80:c7:d8:de:40:79:30:55:b9:2b:1a:ce:3c:ac:8d:62:f3:
a8:e8:4e:0a:0f:04:0d:f8:04:09:b7:83:ca:e2:98:c2:8f:70:
cd:fa:10:8b:4c:63:26:37:82:bb:fb:a3:e2:36:73:be:16:c1:
1f:b5:f9:42:46:d7:17:5c:3c:2a:4a:39:26:b0:ae:17:c3:d0:
97:f3:57:46
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVw8IyP8zdHl4kwlfVR8FMsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNTgyNWNlOGJmNTQ0MTcwMjgyZjcyMGEyNDg0MTQxNTY4
YjBlN2QwHhcNMjMwMTAyMDUyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDAyMzYxYmE4OGRlZmUwZTFkM2NjZDg2MzNmOTZmNjJhOTNkMDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQBt8HVpFZVdlNMvN5/gmL6+EMAp
4bx1fUHRMIahJmf/iRousvH+7D9P69LhisNDJfu2mToKotpsLR7Kuj+q2wgwxTeF
Y7r0OigRZOQHGn+ER/Qu2Se9eXKoeSHfMNZNf3PalAJfzk0fTvonFRYmIpz7dHN5
fJQ50zVLkK6B1hA6FKh14lyyC3a0U4epBLHy44YV9HZHpyQ0tRJxoE8wUvWbBk3g
iJYvU0SEePAZzyepW+lAz/NRkssi6b4fdl5/LLawXVb0H+zi2icVW4OeUF6XCwh8
Hs1bXQL0o0/DbAxuEvdc9wPNOlP717ehthQVm1tnLkUpCjXdH99zfYmyiQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFAQCNhuoje/g4dPM2GM/lvYqk9AaMB8GA1UdIwQY
MBaAFFNYJc6L9UQXAoL3IKJIQUFWiw59MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTFnbHpvdjFSQmNDZ3ZjZ29raEJRVmFMRG4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS8wMWY3MzYtYWY4My00NTZjLThiNDUt
NTE0NmFiN2VhMDE1LzEvQkFJMkc2aU43LURoMDh6WVl6LVc5aXFUMEJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS8wMWY3MzYtYWY4My00NTZjLThiNDUtNTE0NmFiN2VhMDE1
LzEvVTFnbHpvdjFSQmNDZ3ZjZ29raEJRVmFMRG4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDTUpoAwQD
TiiQAwQFUFRAAwQCuXHYAwQA1FREAwQA1FRfMA0EAgACMAcDBQAqAiTQMA0GCSqG
SIb3DQEBCwUAA4IBAQAbUQKSjyI/q+olBSuDw8xgjzLxwn8OcS2jd2yYyziI33w/
cRSqJUYmIyW7eKPjJ2iLPQa8pyqyAhR+VKZnmb+8uKJ7iAWd3M/fkZQw7z0fsiDw
mYiAeDCb6rEqbqj/xXBjmulVwqOlSroyyu1GHU7tez+5LMo9SsVBzy0kz8CJtnh/
Z2+jR28Rgg9aXJ77b6jWXje2IUELTQDxV17Fuzdf7cF3WHrX53IKr74i6yOV6tAx
PFjagMfY3kB5MFW5KxrOPKyNYvOo6E4KDwQN+AQJt4PK4pjCj3DN+hCLTGMmN4K7
+6PiNnO+FsEftflCRtcXXDwqSjkmsK4Xw9CX81dG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:01 2024 by rpki-client on console-ams.rpki-client.org