Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/b62e77-357a-4aad-bb27-f4485aed7429/1/83-Jcl6pvOCVUU3PlE4XY1r9SJ8.roa
File: 83-Jcl6pvOCVUU3PlE4XY1r9SJ8.roa (raw, json)
Hash identifier: drS+b61l40KzgXWO3mi7mLZQqcv5j56HlXxKHNjkU7w=
Subject key identifier: F3:7F:89:72:5E:A9:BC:E0:95:51:4D:CF:94:4E:17:63:5A:FD:48:9F
Certificate issuer: /CN=f67ed4f7d35575281c176cae3ddcbd40cc5c1dd6
Certificate serial: 018CC79550335DF0406256CDD125326B96EF
Authority key identifier: F6:7E:D4:F7:D3:55:75:28:1C:17:6C:AE:3D:DC:BD:40:CC:5C:1D:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9n7U99NVdSgcF2yuPdy9QMxcHdY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/b62e77-357a-4aad-bb27-f4485aed7429/1/83-Jcl6pvOCVUU3PlE4XY1r9SJ8.roa
Signing time: Tue 02 Jan 2024 00:31:40 +0000
ROA not before: Tue 02 Jan 2024 00:31:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212699
IP address blocks: 89.38.105.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:50:33:5d:f0:40:62:56:cd:d1:25:32:6b:96:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f67ed4f7d35575281c176cae3ddcbd40cc5c1dd6
Validity
Not Before: Jan 2 00:31:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f37f89725ea9bce095514dcf944e17635afd489f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:8d:35:a5:e4:02:61:7f:4b:cb:23:95:09:59:
1d:b4:98:76:5b:16:34:e1:a4:02:95:29:8d:35:d9:
f0:2a:16:92:72:85:fc:c6:22:82:58:0f:90:82:29:
6c:3e:ba:56:f9:6c:5b:d4:bf:08:9b:4a:a1:40:00:
17:1f:8f:27:d5:5d:a2:58:5d:b1:95:db:43:56:c5:
f9:32:54:05:fc:ea:5a:4d:9d:91:ec:90:43:93:e7:
b6:88:34:3c:73:c2:e1:0f:26:29:bb:52:26:c4:52:
a9:5c:e7:bc:ef:cb:fa:58:9e:5f:d6:5a:96:29:b6:
a5:90:54:dd:8b:7f:18:b7:9d:4e:69:1c:26:ab:78:
e8:bd:f7:e4:bd:24:f4:1b:31:1e:d0:19:2f:6b:1e:
72:fd:32:e8:35:1f:fe:36:d1:0d:0d:41:43:66:25:
99:ca:e4:f3:8d:49:34:41:a6:d7:b0:82:0f:80:38:
df:57:36:41:d2:a7:96:f5:f4:ba:9c:29:9a:3f:a1:
7e:10:ee:8c:43:c1:75:91:5a:6a:01:9d:8e:18:17:
e1:40:09:ec:5a:7f:60:85:f2:c9:e3:49:ab:5b:2b:
f4:0a:0f:3b:8d:ce:c0:3a:bc:a2:1a:d5:92:13:54:
94:23:ea:96:45:86:20:14:b0:8e:ba:2d:5c:7f:7d:
c3:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:7F:89:72:5E:A9:BC:E0:95:51:4D:CF:94:4E:17:63:5A:FD:48:9F
X509v3 Authority Key Identifier:
keyid:F6:7E:D4:F7:D3:55:75:28:1C:17:6C:AE:3D:DC:BD:40:CC:5C:1D:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9n7U99NVdSgcF2yuPdy9QMxcHdY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/b62e77-357a-4aad-bb27-f4485aed7429/1/83-Jcl6pvOCVUU3PlE4XY1r9SJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/b62e77-357a-4aad-bb27-f4485aed7429/1/9n7U99NVdSgcF2yuPdy9QMxcHdY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.38.105.0/24
Signature Algorithm: sha256WithRSAEncryption
68:5e:04:29:47:b5:5a:5b:e9:75:51:51:02:40:53:46:8f:2e:
10:3e:a8:eb:61:76:69:e2:54:f9:c1:d1:0e:11:78:b9:ce:90:
39:ae:86:20:da:a3:75:ce:b0:f7:50:87:06:ff:b3:15:ad:e9:
cc:4d:43:49:7c:11:81:0e:ce:da:d8:e6:b9:95:09:31:1c:c4:
a6:ac:db:81:35:5a:91:d4:67:2b:b7:fc:38:fc:31:0b:26:ec:
d6:b1:0e:53:ff:82:bf:2c:cd:46:47:53:03:72:45:61:a6:8d:
27:f3:b6:6e:50:67:41:7e:7c:0a:ac:b0:d8:a6:26:14:90:91:
35:37:75:1f:bd:b5:a9:da:3c:38:9b:c9:2d:d0:0c:6d:57:35:
bb:1b:f6:37:e9:cb:bc:1e:24:04:5e:6c:b3:f6:9f:ef:cb:55:
48:2a:34:b9:6e:67:38:09:f0:78:08:f3:a1:2c:e8:c3:ec:d2:
49:75:76:61:69:83:c8:e1:75:6e:f8:46:6e:7b:3b:a8:8e:98:
2a:59:ee:0d:d6:ac:cc:56:df:46:89:97:fb:92:09:a8:ac:a8:
39:64:14:09:fe:4c:5f:ca:d4:69:69:f1:d9:c1:56:9f:3b:e2:
cd:6f:00:c5:d5:c8:e7:b2:0c:9f:11:3c:93:a7:ad:e8:30:cc:
16:f8:5b:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlVAzXfBAYlbN0SUya5bvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2N2VkNGY3ZDM1NTc1MjgxYzE3NmNhZTNkZGNiZDQwY2M1
YzFkZDYwHhcNMjQwMTAyMDAzMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzdmODk3MjVlYTliY2UwOTU1MTRkY2Y5NDRlMTc2MzVhZmQ0ODlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq401peQCYX9LyyOVCVkdtJh2WxY0
4aQClSmNNdnwKhaScoX8xiKCWA+QgilsPrpW+Wxb1L8Im0qhQAAXH48n1V2iWF2x
ldtDVsX5MlQF/OpaTZ2R7JBDk+e2iDQ8c8LhDyYpu1ImxFKpXOe878v6WJ5f1lqW
KbalkFTdi38Yt51OaRwmq3jovffkvST0GzEe0Bkvax5y/TLoNR/+NtENDUFDZiWZ
yuTzjUk0QabXsIIPgDjfVzZB0qeW9fS6nCmaP6F+EO6MQ8F1kVpqAZ2OGBfhQAns
Wn9ghfLJ40mrWyv0Cg87jc7AOryiGtWSE1SUI+qWRYYgFLCOui1cf33DrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPN/iXJeqbzglVFNz5ROF2Na/UifMB8GA1UdIwQY
MBaAFPZ+1PfTVXUoHBdsrj3cvUDMXB3WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOW43VTk5TlZkU2djRjJ5dVBkeTlRTXhjSGRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9iNjJlNzctMzU3YS00YWFkLWJiMjct
ZjQ0ODVhZWQ3NDI5LzEvODMtSmNsNnB2T0NWVVUzUGxFNFhZMXI5U0o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9iNjJlNzctMzU3YS00YWFkLWJiMjctZjQ0ODVhZWQ3NDI5
LzEvOW43VTk5TlZkU2djRjJ5dVBkeTlRTXhjSGRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSZpMA0G
CSqGSIb3DQEBCwUAA4IBAQBoXgQpR7VaW+l1UVECQFNGjy4QPqjrYXZp4lT5wdEO
EXi5zpA5roYg2qN1zrD3UIcG/7MVrenMTUNJfBGBDs7a2Oa5lQkxHMSmrNuBNVqR
1Gcrt/w4/DELJuzWsQ5T/4K/LM1GR1MDckVhpo0n87ZuUGdBfnwKrLDYpiYUkJE1
N3UfvbWp2jw4m8kt0AxtVzW7G/Y36cu8HiQEXmyz9p/vy1VIKjS5bmc4CfB4CPOh
LOjD7NJJdXZhaYPI4XVu+EZuezuojpgqWe4N1qzMVt9GiZf7kgmorKg5ZBQJ/kxf
ytRpafHZwVafO+LNbwDF1cjnsgyfETyTp63oMMwW+Ftd
-----END CERTIFICATE-----
Generated at Fri Apr 18 07:01:09 2025 by rpki-client