Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/BqwbQ31X-NNzIcExBBRZngQTZWk.roa
File: BqwbQ31X-NNzIcExBBRZngQTZWk.roa (raw, json)
Hash identifier: FSEbhn3c0h0Wdp5t5Ol637PWe8/OVmEcLm68wiEZakc=
Subject key identifier: 06:AC:1B:43:7D:57:F8:D3:73:21:C1:31:04:14:59:9E:04:13:65:69
Certificate issuer: /CN=dbe6ab8e0c46e841b44d2b9c6b03bb65f5621db1
Certificate serial: 0190A1CAB3EA78335C64C03160365807E3FE
Authority key identifier: DB:E6:AB:8E:0C:46:E8:41:B4:4D:2B:9C:6B:03:BB:65:F5:62:1D:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2-arjgxG6EG0TSucawO7ZfViHbE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/BqwbQ31X-NNzIcExBBRZngQTZWk.roa
Signing time: Thu 11 Jul 2024 12:35:34 +0000
ROA not before: Thu 11 Jul 2024 12:35:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208046
IP address blocks: 193.142.59.0/24 maxlen: 24
193.142.146.0/24 maxlen: 24
193.142.147.0/24 maxlen: 24
2a0f:ca80::/48 maxlen: 48
2a0f:ca80:1::/48 maxlen: 48
2a0f:ca80:617::/48 maxlen: 48
2a0f:ca80:618::/48 maxlen: 48
2a0f:ca80:619::/48 maxlen: 48
2a0f:ca80:1100::/40 maxlen: 40
2a0f:ca80:1200::/40 maxlen: 40
2a0f:ca80:1337::/48 maxlen: 48
2a0f:ca80:1338::/48 maxlen: 48
2a0f:ca81:b00b::/48 maxlen: 48
2a0f:ca83:1337::/48 maxlen: 48
2a0f:ca84::/40 maxlen: 40
2a0f:ca86::/40 maxlen: 40
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a1:ca:b3:ea:78:33:5c:64:c0:31:60:36:58:07:e3:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbe6ab8e0c46e841b44d2b9c6b03bb65f5621db1
Validity
Not Before: Jul 11 12:35:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=06ac1b437d57f8d37321c1310414599e04136569
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:f5:57:bd:88:2a:35:a1:b9:3c:41:ca:49:44:
3b:42:c0:56:8d:e5:7e:e0:29:2e:d2:e6:3c:48:35:
4f:eb:af:fb:c1:8d:6a:62:e6:a8:f1:2f:28:8e:e2:
15:08:de:85:ea:75:2b:28:0d:69:7f:76:b6:f9:1b:
40:18:43:69:e0:00:cd:ab:fe:a1:18:57:81:98:b8:
7e:2f:75:87:c2:ca:f4:00:64:8f:25:c6:28:87:bb:
5d:51:97:50:a1:8d:1b:b9:66:b2:1f:cf:86:4a:97:
c4:a7:96:95:75:89:4b:d0:f5:9d:54:b0:08:6b:d5:
89:41:29:29:85:4e:c1:64:88:cb:64:ac:83:9c:7b:
3a:a2:0c:44:b2:76:95:c5:41:30:d7:2c:1c:92:04:
84:06:1f:82:77:21:b7:84:2d:54:4e:e7:9b:50:d4:
ed:3b:1b:cb:f5:15:4b:5b:e8:63:d6:e4:51:dc:f6:
ae:35:f7:16:13:98:9d:ea:1c:bf:07:1f:45:e1:3d:
bc:25:40:28:13:22:0d:be:9c:42:98:ce:55:8f:0b:
16:e4:14:a3:f4:46:53:6b:44:96:62:25:f9:4f:a6:
5c:c5:3e:d5:a2:72:33:a3:5c:2e:b9:cc:1b:e1:6f:
8d:f5:6b:e4:39:68:a1:b4:80:63:c6:5f:1e:cc:73:
61:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:AC:1B:43:7D:57:F8:D3:73:21:C1:31:04:14:59:9E:04:13:65:69
X509v3 Authority Key Identifier:
keyid:DB:E6:AB:8E:0C:46:E8:41:B4:4D:2B:9C:6B:03:BB:65:F5:62:1D:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-arjgxG6EG0TSucawO7ZfViHbE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/BqwbQ31X-NNzIcExBBRZngQTZWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/2-arjgxG6EG0TSucawO7ZfViHbE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.142.59.0/24
193.142.146.0/23
IPv6:
2a0f:ca80::/47
2a0f:ca80:617::-2a0f:ca80:619:ffff:ffff:ffff:ffff:ffff
2a0f:ca80:1100::-2a0f:ca80:12ff:ffff:ffff:ffff:ffff:ffff
2a0f:ca80:1337::-2a0f:ca80:1338:ffff:ffff:ffff:ffff:ffff
2a0f:ca81:b00b::/48
2a0f:ca83:1337::/48
2a0f:ca84::/40
2a0f:ca86::/40
Signature Algorithm: sha256WithRSAEncryption
9d:09:ad:cd:53:3f:f7:e5:2b:41:f8:a2:28:bc:1b:cc:68:ec:
a6:5f:24:f3:ef:03:1f:06:64:b7:65:a0:c1:49:f7:19:bb:5a:
94:d1:05:16:95:c5:b5:23:63:ec:f0:b4:3e:62:71:7d:a2:eb:
68:1f:fe:56:76:c7:4e:f6:4a:36:ac:4a:15:2b:c6:b6:25:f2:
09:93:c4:c8:ed:76:91:bd:37:63:5d:10:03:e6:e8:30:58:8a:
6e:04:6a:10:41:32:d7:bf:e3:63:1c:5e:98:c7:70:a0:56:e0:
19:63:3b:bd:b4:1f:3e:e0:07:e1:d2:48:b8:c5:a0:c5:80:33:
13:4b:80:b7:8d:e3:a6:26:45:f3:e6:b7:75:ee:2c:b4:ba:19:
2d:09:33:c7:68:7b:84:e4:2f:d8:ca:96:33:c6:b9:77:60:96:
3c:a8:99:87:37:f2:f1:4c:37:87:ee:34:a2:46:cc:a6:9e:ee:
17:f0:81:f3:80:2e:24:bc:b4:27:26:66:ae:95:eb:6d:42:80:
35:19:2d:e7:d7:39:6d:97:30:54:44:02:d8:ef:8d:cd:5a:69:
f1:3f:13:4a:63:98:07:db:b2:be:b3:b4:12:da:33:08:23:78:
57:ba:77:e7:d0:5a:97:13:f0:c4:e6:00:c1:ff:18:b0:e2:15:
ce:3f:c6:c6
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZChyrPqeDNcZMAxYDZYB+P+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZTZhYjhlMGM0NmU4NDFiNDRkMmI5YzZiMDNiYjY1ZjU2
MjFkYjEwHhcNMjQwNzExMTIzNTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmFjMWI0MzdkNTdmOGQzNzMyMWMxMzEwNDE0NTk5ZTA0MTM2NTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1fVXvYgqNaG5PEHKSUQ7QsBWjeV+
4Cku0uY8SDVP66/7wY1qYuao8S8ojuIVCN6F6nUrKA1pf3a2+RtAGENp4ADNq/6h
GFeBmLh+L3WHwsr0AGSPJcYoh7tdUZdQoY0buWayH8+GSpfEp5aVdYlL0PWdVLAI
a9WJQSkphU7BZIjLZKyDnHs6ogxEsnaVxUEw1ywckgSEBh+CdyG3hC1UTuebUNTt
OxvL9RVLW+hj1uRR3PauNfcWE5id6hy/Bx9F4T28JUAoEyINvpxCmM5VjwsW5BSj
9EZTa0SWYiX5T6ZcxT7VonIzo1wuucwb4W+N9WvkOWihtIBjxl8ezHNhOwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFAasG0N9V/jTcyHBMQQUWZ4EE2VpMB8GA1UdIwQY
MBaAFNvmq44MRuhBtE0rnGsDu2X1Yh2xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1hcmpneEc2RUcwVFN1Y2F3TzdaZlZpSGJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS85NjQzNmMtZjZmYS00MGJhLWEyN2Mt
ZmIxMDMwNjUxMDY3LzEvQnF3YlEzMVgtTk56SWNFeEJCUlpuZ1FUWldrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS85NjQzNmMtZjZmYS00MGJhLWEyN2MtZmIxMDMwNjUxMDY3
LzEvMi1hcmpneEc2RUcwVFN1Y2F3TzdaZlZpSGJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTASBAIAATAMAwQAwY47
AwQBwY6SMGsEAgACMGUDBwEqD8qAAAAwEgMHACoPyoAGFwMHASoPyoAGGDAQAwYA
Kg/KgBEDBgAqD8qAEjASAwcAKg/KgBM3AwcAKg/KgBM4AwcAKg/KgbALAwcAKg/K
gxM3AwYAKg/KhAADBgAqD8qGADANBgkqhkiG9w0BAQsFAAOCAQEAnQmtzVM/9+Ur
QfiiKLwbzGjspl8k8+8DHwZkt2WgwUn3GbtalNEFFpXFtSNj7PC0PmJxfaLraB/+
VnbHTvZKNqxKFSvGtiXyCZPEyO12kb03Y10QA+boMFiKbgRqEEEy17/jYxxemMdw
oFbgGWM7vbQfPuAH4dJIuMWgxYAzE0uAt43jpiZF8+a3de4stLoZLQkzx2h7hOQv
2MqWM8a5d2CWPKiZhzfy8Uw3h+40okbMpp7uF/CB84AuJLy0JyZmrpXrbUKANRkt
59c5bZcwVEQC2O+NzVpp8T8TSmOYB9uyvrO0EtozCCN4V7p359BalxPwxOYAwf8Y
sOIVzj/Gxg==
-----END CERTIFICATE-----
Generated at Wed Sep 11 10:41:59 2024 by rpki-client on console-ams.rpki-client.org