Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/a88oxlOE67hz_H0TllOsBPryUns.roa
File: a88oxlOE67hz_H0TllOsBPryUns.roa (raw, json)
Hash identifier: MZpJzUqP6fzkFncMr2Y3Uv2+51KrAlgbHNm1pwg5OlA=
Subject key identifier: 6B:CF:28:C6:53:84:EB:B8:73:FC:7D:13:96:53:AC:04:FA:F2:52:7B
Certificate issuer: /CN=535825ce8bf544170282f720a2484141568b0e7d
Certificate serial: 33E9297C
Authority key identifier: 53:58:25:CE:8B:F5:44:17:02:82:F7:20:A2:48:41:41:56:8B:0E:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U1glzov1RBcCgvcgokhBQVaLDn0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/a88oxlOE67hz_H0TllOsBPryUns.roa
Signing time: Sat 01 Jan 2022 06:56:52 +0000
ROA not before: Sat 01 Jan 2022 06:56:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43545
IP address blocks: 77.74.104.0/21 maxlen: 21
77.74.110.0/24 maxlen: 24
80.84.64.0/21 maxlen: 21
80.84.64.0/19 maxlen: 19
212.84.68.0/24 maxlen: 24
80.84.72.0/21 maxlen: 21
80.84.80.0/21 maxlen: 21
80.84.88.0/21 maxlen: 21
80.84.89.0/24 maxlen: 24
80.84.87.0/24 maxlen: 24
78.40.144.0/21 maxlen: 21
80.84.90.0/24 maxlen: 24
78.40.144.0/24 maxlen: 24
80.84.91.0/24 maxlen: 24
80.84.86.0/24 maxlen: 24
185.113.217.0/24 maxlen: 24
185.113.218.0/24 maxlen: 24
185.113.216.0/24 maxlen: 24
78.40.146.0/24 maxlen: 24
185.113.219.0/24 maxlen: 24
78.40.150.0/24 maxlen: 24
212.84.95.0/24 maxlen: 24
2a02:24d0::/32 maxlen: 32
2a02:24d0::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 870918524 (0x33e9297c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=535825ce8bf544170282f720a2484141568b0e7d
Validity
Not Before: Jan 1 06:56:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6bcf28c65384ebb873fc7d139653ac04faf2527b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:3f:3d:55:30:c5:fb:f8:0f:8b:f0:8d:9e:11:
60:40:b2:7d:34:cc:4b:95:95:8f:37:f2:8c:4b:a9:
6e:58:cb:8b:c6:cc:31:48:ff:02:88:a3:c8:8e:50:
30:aa:bb:ad:b9:8a:fd:b9:eb:2a:42:72:38:78:ce:
ca:02:07:a9:71:bf:46:6e:85:d2:64:fc:f4:59:3a:
1f:5f:b5:c2:be:45:54:50:9b:3f:40:a2:14:3f:77:
ff:64:5c:39:59:01:95:fd:37:fc:1c:5d:6b:36:75:
0c:dc:71:23:e8:cc:8a:19:26:69:a8:c0:9a:bf:62:
81:9b:3c:37:29:fc:b2:43:f8:f6:7f:b8:dc:20:d8:
fc:dc:f6:a7:3f:2b:83:ce:1d:b2:2b:9e:33:2a:2c:
4b:ad:fb:33:58:ff:23:96:a4:79:2d:da:51:5d:8b:
62:0c:ab:59:fb:51:8b:46:b6:a0:32:5f:c7:11:e7:
0c:4a:ae:16:29:68:e5:0a:7c:83:fc:69:c5:60:7d:
ff:fd:a4:25:3b:73:86:c3:91:0d:17:67:1b:75:c8:
22:bb:cd:63:3d:1d:c2:24:57:3d:3d:3d:f9:e8:20:
00:0f:4f:fa:de:69:d1:bd:e3:50:55:60:bd:c6:dc:
d0:ea:07:a7:54:7d:38:d4:29:37:ca:83:7d:25:2f:
d2:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:CF:28:C6:53:84:EB:B8:73:FC:7D:13:96:53:AC:04:FA:F2:52:7B
X509v3 Authority Key Identifier:
keyid:53:58:25:CE:8B:F5:44:17:02:82:F7:20:A2:48:41:41:56:8B:0E:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U1glzov1RBcCgvcgokhBQVaLDn0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/a88oxlOE67hz_H0TllOsBPryUns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/U1glzov1RBcCgvcgokhBQVaLDn0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.74.104.0/21
78.40.144.0/21
80.84.64.0/19
185.113.216.0/22
212.84.68.0/24
212.84.95.0/24
IPv6:
2a02:24d0::/32
Signature Algorithm: sha256WithRSAEncryption
6f:4d:18:dd:71:01:e4:28:f0:c9:5c:52:c5:98:82:00:a7:79:
0e:35:d6:a8:4d:5a:b5:93:b8:0f:83:95:0c:2a:02:c4:fa:45:
db:f1:21:8f:51:b2:59:54:9b:89:dc:09:63:83:c6:6d:c7:a6:
63:9a:7f:f3:61:66:80:18:2d:37:57:db:6a:2c:94:9a:2f:c1:
f8:b5:74:ee:c7:69:ca:54:62:e2:98:df:ac:e7:d8:e5:a6:0c:
cb:f6:63:f0:cb:52:30:bc:43:57:d8:87:f3:cf:c6:2c:60:cb:
4b:2b:14:42:99:84:eb:9f:99:ee:4f:c3:6f:19:d0:07:37:75:
76:83:a6:10:26:f4:62:75:14:bd:00:92:83:e6:e4:c2:a0:57:
f6:7b:f4:c3:da:ee:36:9d:38:6e:d6:0f:17:8a:0a:c9:ba:60:
2a:8c:d2:a0:31:e1:af:eb:6e:39:25:1c:09:36:df:74:23:22:
04:c4:f9:c3:6c:06:0e:ad:46:3f:f6:e3:6e:69:ce:b8:10:b3:
e9:f9:d7:58:41:bb:eb:b4:c0:e2:16:04:6d:01:2f:3a:a3:f0:
b3:28:13:b9:b2:59:65:ea:21:b5:d4:51:8d:35:3c:d3:82:29:
42:c1:51:26:b6:92:a9:74:32:a8:38:e6:3d:f7:9d:ab:a7:98:
42:c5:6c:98
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEM+kpfDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MzU4MjVjZThiZjU0NDE3MDI4MmY3MjBhMjQ4NDE0MTU2OGIwZTdkMB4XDTIyMDEw
MTA2NTY1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmJjZjI4YzY1Mzg0
ZWJiODczZmM3ZDEzOTY1M2FjMDRmYWYyNTI3YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKQ/PVUwxfv4D4vwjZ4RYECyfTTMS5WVjzfyjEupbljLi8bM
MUj/AoijyI5QMKq7rbmK/bnrKkJyOHjOygIHqXG/Rm6F0mT89Fk6H1+1wr5FVFCb
P0CiFD93/2RcOVkBlf03/BxdazZ1DNxxI+jMihkmaajAmr9igZs8Nyn8skP49n+4
3CDY/Nz2pz8rg84dsiueMyosS637M1j/I5akeS3aUV2LYgyrWftRi0a2oDJfxxHn
DEquFilo5Qp8g/xpxWB9//2kJTtzhsORDRdnG3XIIrvNYz0dwiRXPT09+eggAA9P
+t5p0b3jUFVgvcbc0OoHp1R9ONQpN8qDfSUv0mcCAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBRrzyjGU4TruHP8fROWU6wE+vJSezAfBgNVHSMEGDAWgBRTWCXOi/VEFwKC
9yCiSEFBVosOfTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1UxZ2x6b3YxUkJjQ2d2Y2dva2hCUVZhTERuMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzkvMDFmNzM2LWFmODMtNDU2Yy04YjQ1LTUxNDZhYjdlYTAxNS8x
L2E4OG94bE9FNjdoel9IMFRsbE9zQlByeVVucy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzkv
MDFmNzM2LWFmODMtNDU2Yy04YjQ1LTUxNDZhYjdlYTAxNS8xL1UxZ2x6b3YxUkJj
Q2d2Y2dva2hCUVZhTERuMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEA01KaAMEA04okAMEBVBUQAMEArlx
2AMEANRURAMEANRUXzANBAIAAjAHAwUAKgIk0DANBgkqhkiG9w0BAQsFAAOCAQEA
b00Y3XEB5CjwyVxSxZiCAKd5DjXWqE1atZO4D4OVDCoCxPpF2/Ehj1GyWVSbidwJ
Y4PGbcemY5p/82FmgBgtN1fbaiyUmi/B+LV07sdpylRi4pjfrOfY5aYMy/Zj8MtS
MLxDV9iH88/GLGDLSysUQpmE65+Z7k/DbxnQBzd1doOmECb0YnUUvQCSg+bkwqBX
9nv0w9ruNp04btYPF4oKybpgKozSoDHhr+tuOSUcCTbfdCMiBMT5w2wGDq1GP/bj
bmnOuBCz6fnXWEG767TA4hYEbQEvOqPwsygTubJZZeohtdRRjTU804IpQsFRJraS
qXQyqDjmPfedq6eYQsVsmA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:47 2025 by rpki-client