Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/ccc94b-c287-4e5f-8604-7e594f2494cc/1/TSUvG2V2AiIcKqJnLJ5qkfQEvxU.roa
File: TSUvG2V2AiIcKqJnLJ5qkfQEvxU.roa (raw, json)
Hash identifier: 4Y21SraovXmbDpnaeBN3QhblsCi0I+1u/vfLLX/i3/c=
Subject key identifier: 4D:25:2F:1B:65:76:02:22:1C:2A:A2:67:2C:9E:6A:91:F4:04:BF:15
Certificate issuer: /CN=763d457e5d3cc0acd8a74f8b10e2686bfbc496cb
Certificate serial: 018E3243C3A2A1BA3F687A53F8732B6E116F
Authority key identifier: 76:3D:45:7E:5D:3C:C0:AC:D8:A7:4F:8B:10:E2:68:6B:FB:C4:96:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dj1Ffl08wKzYp0-LEOJoa_vElss.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/ccc94b-c287-4e5f-8604-7e594f2494cc/1/TSUvG2V2AiIcKqJnLJ5qkfQEvxU.roa
Signing time: Tue 12 Mar 2024 10:44:45 +0000
ROA not before: Tue 12 Mar 2024 10:44:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 94.143.230.0/24 maxlen: 24
146.19.111.0/24 maxlen: 24
176.118.38.0/24 maxlen: 24
176.126.98.0/24 maxlen: 24
194.110.251.0/24 maxlen: 24
212.52.30.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:32:43:c3:a2:a1:ba:3f:68:7a:53:f8:73:2b:6e:11:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=763d457e5d3cc0acd8a74f8b10e2686bfbc496cb
Validity
Not Before: Mar 12 10:44:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d252f1b657602221c2aa2672c9e6a91f404bf15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:2e:f0:8d:95:75:ef:0e:dd:fd:f7:1f:c1:51:
10:b4:e2:e8:4c:ba:05:2d:c7:15:52:fe:ce:57:f0:
04:1f:97:79:64:a4:e1:ff:86:01:7f:56:7d:f3:9f:
45:2d:ab:c3:69:61:4e:00:8b:98:d3:11:39:bc:5a:
60:d4:ac:21:e9:31:8c:a1:88:9c:b8:c0:db:42:a7:
e6:04:e4:3e:f9:d4:f7:3d:4a:2b:5c:5d:e3:06:08:
6c:3f:fb:52:e6:5f:b4:66:26:78:ad:e4:4b:9c:19:
40:8d:65:79:70:3f:6f:fa:ba:f8:c1:47:d3:ae:db:
ee:ba:51:95:0a:07:4e:32:48:cf:80:fc:b6:94:df:
72:19:db:cd:0e:eb:c2:30:7d:1d:23:83:eb:43:ad:
ea:7f:ae:5b:a8:4a:55:88:00:44:4c:b2:26:ca:d1:
06:83:2d:2f:f4:44:03:78:02:16:90:4b:83:47:f1:
4c:98:b2:fb:83:46:d2:7a:4b:71:27:ed:f3:c2:e8:
09:26:86:57:e0:fd:18:14:c1:33:27:32:b9:2b:1b:
0f:a5:94:0c:4c:f6:bf:3c:4b:27:80:b6:ee:91:97:
df:d4:35:69:0b:67:ca:46:c6:a4:5e:c9:88:03:ba:
34:ea:6d:3b:c7:5e:44:b8:3e:0e:0e:b3:69:50:46:
08:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:25:2F:1B:65:76:02:22:1C:2A:A2:67:2C:9E:6A:91:F4:04:BF:15
X509v3 Authority Key Identifier:
keyid:76:3D:45:7E:5D:3C:C0:AC:D8:A7:4F:8B:10:E2:68:6B:FB:C4:96:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dj1Ffl08wKzYp0-LEOJoa_vElss.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/ccc94b-c287-4e5f-8604-7e594f2494cc/1/TSUvG2V2AiIcKqJnLJ5qkfQEvxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/ccc94b-c287-4e5f-8604-7e594f2494cc/1/dj1Ffl08wKzYp0-LEOJoa_vElss.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.143.230.0/24
146.19.111.0/24
176.118.38.0/24
176.126.98.0/24
194.110.251.0/24
212.52.30.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:8c:d5:1a:dc:0c:63:46:15:69:fb:1b:8e:43:fb:c5:d6:01:
c2:d8:b2:c2:70:65:47:4a:8b:6c:df:45:1e:56:c4:48:2b:67:
03:4a:02:15:44:fb:ee:c0:b9:50:af:de:44:b1:bd:d4:08:3b:
71:b9:67:47:b0:3e:ad:01:df:18:c5:a7:9a:af:e6:54:8f:7c:
27:fa:49:bc:a5:e3:e7:dc:13:43:7a:77:4a:61:f0:67:23:2d:
db:9a:20:36:49:30:a0:6f:c2:d5:a7:4b:48:da:8e:17:7c:5b:
d8:9c:85:c9:b1:bd:9a:49:92:d1:89:7d:68:5b:52:9c:6b:0f:
e2:e6:4f:10:ae:40:3d:c1:6a:05:23:e8:57:b6:9f:68:72:93:
a6:63:42:b1:a7:9e:ea:9b:17:b1:3b:93:12:10:e0:25:75:fc:
83:69:15:ed:3c:15:81:7b:e5:82:2c:97:d7:09:01:7a:03:34:
59:8a:3a:55:85:8e:6e:c5:21:c9:ef:bd:de:e5:fa:ae:cd:79:
7a:4c:9a:e2:98:f3:c2:8a:70:da:72:f9:20:3a:38:ae:12:22:
95:8c:d9:7b:97:5e:bd:62:27:a0:6c:71:cd:52:e9:ed:12:39:
ac:55:38:f8:08:a1:b0:22:33:2f:6b:6f:22:0a:78:c0:45:d9:
aa:8a:bf:6c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY4yQ8Oiobo/aHpT+HMrbhFvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2M2Q0NTdlNWQzY2MwYWNkOGE3NGY4YjEwZTI2ODZiZmJj
NDk2Y2IwHhcNMjQwMzEyMTA0NDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDI1MmYxYjY1NzYwMjIyMWMyYWEyNjcyYzllNmE5MWY0MDRiZjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhC7wjZV17w7d/fcfwVEQtOLoTLoF
LccVUv7OV/AEH5d5ZKTh/4YBf1Z9859FLavDaWFOAIuY0xE5vFpg1Kwh6TGMoYic
uMDbQqfmBOQ++dT3PUorXF3jBghsP/tS5l+0ZiZ4reRLnBlAjWV5cD9v+rr4wUfT
rtvuulGVCgdOMkjPgPy2lN9yGdvNDuvCMH0dI4PrQ63qf65bqEpViABETLImytEG
gy0v9EQDeAIWkEuDR/FMmLL7g0bSektxJ+3zwugJJoZX4P0YFMEzJzK5KxsPpZQM
TPa/PEsngLbukZff1DVpC2fKRsakXsmIA7o06m07x15EuD4ODrNpUEYIOQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFE0lLxtldgIiHCqiZyyeapH0BL8VMB8GA1UdIwQY
MBaAFHY9RX5dPMCs2KdPixDiaGv7xJbLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGoxRmZsMDh3S3pZcDAtTEVPSm9hX3ZFbHNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9jY2M5NGItYzI4Ny00ZTVmLTg2MDQt
N2U1OTRmMjQ5NGNjLzEvVFNVdkcyVjJBaUljS3FKbkxKNXFrZlFFdnhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9jY2M5NGItYzI4Ny00ZTVmLTg2MDQtN2U1OTRmMjQ5NGNj
LzEvZGoxRmZsMDh3S3pZcDAtTEVPSm9hX3ZFbHNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAXo/mAwQA
khNvAwQAsHYmAwQAsH5iAwQAwm77AwQA1DQeMA0GCSqGSIb3DQEBCwUAA4IBAQA8
jNUa3AxjRhVp+xuOQ/vF1gHC2LLCcGVHSots30UeVsRIK2cDSgIVRPvuwLlQr95E
sb3UCDtxuWdHsD6tAd8Yxaear+ZUj3wn+km8pePn3BNDendKYfBnIy3bmiA2STCg
b8LVp0tI2o4XfFvYnIXJsb2aSZLRiX1oW1Kcaw/i5k8QrkA9wWoFI+hXtp9ocpOm
Y0Kxp57qmxexO5MSEOAldfyDaRXtPBWBe+WCLJfXCQF6AzRZijpVhY5uxSHJ773e
5fquzXl6TJrimPPCinDacvkgOjiuEiKVjNl7l169YiegbHHNUuntEjmsVTj4CKGw
IjMva28iCnjARdmqir9s
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:23 2024 by rpki-client on console-fra.rpki-client.org