Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/uHq_Iu4XnV0RkoKq84hgUgNSRr8.roa
File: uHq_Iu4XnV0RkoKq84hgUgNSRr8.roa (raw, json)
Hash identifier: fR4n6oFYuovrAzGgQD5aaCjysLgSLaOZMirc/pMP0ts=
Subject key identifier: B8:7A:BF:22:EE:17:9D:5D:11:92:82:AA:F3:88:60:52:03:52:46:BF
Certificate issuer: /CN=1045dacc837798c3e6cf31f4d27946a33b0de661
Certificate serial: 2AA1D315
Authority key identifier: 10:45:DA:CC:83:77:98:C3:E6:CF:31:F4:D2:79:46:A3:3B:0D:E6:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EEXazIN3mMPmzzH00nlGozsN5mE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/uHq_Iu4XnV0RkoKq84hgUgNSRr8.roa
Signing time: Wed 09 Mar 2022 16:56:44 +0000
ROA not before: Wed 09 Mar 2022 16:56:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39150
IP address blocks: 95.85.85.0/24 maxlen: 24
79.133.98.0/23 maxlen: 23
79.133.98.0/24 maxlen: 24
79.133.106.0/24 maxlen: 24
93.179.64.0/23 maxlen: 23
93.179.69.0/24 maxlen: 24
93.179.68.0/23 maxlen: 23
93.179.68.0/24 maxlen: 24
93.179.67.0/24 maxlen: 24
2a02:ec40::/29 maxlen: 29
2a02:ec40::/32 maxlen: 32
2a02:d0c1::/32 maxlen: 32
2a02:d0c0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 715248405 (0x2aa1d315)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1045dacc837798c3e6cf31f4d27946a33b0de661
Validity
Not Before: Mar 9 16:56:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b87abf22ee179d5d119282aaf3886052035246bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:11:23:60:b3:f8:59:01:59:3d:bf:38:f7:b8:
fe:d7:29:91:0d:ea:46:cc:bf:24:7b:94:d2:94:1b:
ff:1c:59:cf:e2:77:84:e0:d8:02:45:84:9e:ae:7a:
17:f2:71:96:28:e0:5d:91:d7:52:7c:e0:f2:1d:cb:
03:f6:ca:cf:98:37:0b:44:d1:d0:34:a9:0f:d4:48:
c0:13:1a:31:84:53:e5:1b:25:55:3b:66:11:25:68:
3a:cb:9a:ab:ba:b1:26:6b:5a:20:8f:77:06:bc:42:
eb:10:ba:6c:66:93:35:9b:e9:b9:b6:13:f9:8e:6c:
48:e6:11:bc:4b:af:51:32:15:2b:64:47:37:c9:f5:
39:4d:a0:84:34:72:55:b0:51:66:80:ad:e1:25:a1:
89:ca:19:d6:65:30:04:6a:16:3c:05:ef:19:1e:5c:
89:93:37:3a:1d:da:dc:20:13:21:37:be:5f:73:16:
eb:7d:94:d9:15:22:21:36:f8:95:76:87:70:de:24:
e6:21:28:5a:cd:3a:66:e9:7b:b2:05:1e:8b:39:d3:
39:d9:f8:9b:6f:29:24:b0:3c:4f:24:e8:87:f9:40:
88:69:d5:19:f5:72:51:a6:75:3f:e9:fc:03:e1:f6:
c1:77:72:91:d4:6d:5a:ec:bc:2d:63:62:c2:29:f5:
89:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:7A:BF:22:EE:17:9D:5D:11:92:82:AA:F3:88:60:52:03:52:46:BF
X509v3 Authority Key Identifier:
keyid:10:45:DA:CC:83:77:98:C3:E6:CF:31:F4:D2:79:46:A3:3B:0D:E6:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EEXazIN3mMPmzzH00nlGozsN5mE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/uHq_Iu4XnV0RkoKq84hgUgNSRr8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/EEXazIN3mMPmzzH00nlGozsN5mE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.133.98.0/23
79.133.106.0/24
93.179.64.0/23
93.179.67.0-93.179.69.255
95.85.85.0/24
IPv6:
2a02:d0c0::/31
2a02:ec40::/29
Signature Algorithm: sha256WithRSAEncryption
7c:6c:62:00:e7:18:da:dc:6c:75:7f:7c:d3:05:47:6e:29:ed:
64:60:73:bb:33:a5:83:d6:e2:b0:b9:f8:db:fe:e2:6d:09:b4:
9f:ed:db:91:b9:3a:7f:95:2d:53:7d:24:80:1d:a2:3b:87:47:
65:b6:fd:c4:3f:1b:4d:d6:bd:10:b8:3b:d3:42:86:13:bb:37:
c1:36:e6:e6:4d:5d:c8:0a:28:d9:f5:9a:54:84:b7:aa:25:fa:
b8:ef:4f:84:a5:57:ed:cb:2e:40:68:92:26:55:cf:6c:7d:bd:
7d:d6:46:20:87:98:96:dd:85:c7:91:18:fb:ee:0f:c7:ea:ee:
fc:6e:3d:83:52:ad:86:21:c7:0b:5d:6a:3d:e0:2d:cf:1e:40:
92:7c:17:00:7a:e6:f6:6e:6e:b9:32:e9:10:e6:29:88:a0:b7:
50:f9:91:5e:6b:ec:09:a6:5b:76:9b:2d:55:23:72:a1:69:92:
20:f2:53:76:7c:86:54:d4:1a:71:a7:9a:88:ca:2e:a6:4d:e2:
2b:c0:51:5e:3b:b5:7f:5b:4c:9e:08:5a:69:b9:ea:c4:c2:e0:
f6:1c:ae:7d:6d:fe:c3:8f:2d:f8:30:09:85:49:00:46:e5:50:
32:5f:6d:dd:db:22:09:54:a5:f3:32:4f:79:8e:4a:a2:e7:03:
3b:86:bd:c8
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgIEKqHTFTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MDQ1ZGFjYzgzNzc5OGMzZTZjZjMxZjRkMjc5NDZhMzNiMGRlNjYxMB4XDTIyMDMw
OTE2NTY0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjg3YWJmMjJlZTE3
OWQ1ZDExOTI4MmFhZjM4ODYwNTIwMzUyNDZiZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALsRI2Cz+FkBWT2/OPe4/tcpkQ3qRsy/JHuU0pQb/xxZz+J3
hODYAkWEnq56F/JxlijgXZHXUnzg8h3LA/bKz5g3C0TR0DSpD9RIwBMaMYRT5Rsl
VTtmESVoOsuaq7qxJmtaII93BrxC6xC6bGaTNZvpubYT+Y5sSOYRvEuvUTIVK2RH
N8n1OU2ghDRyVbBRZoCt4SWhicoZ1mUwBGoWPAXvGR5ciZM3Oh3a3CATITe+X3MW
632U2RUiITb4lXaHcN4k5iEoWs06Zul7sgUeiznTOdn4m28pJLA8TyToh/lAiGnV
GfVyUaZ1P+n8A+H2wXdykdRtWuy8LWNiwin1iekCAwEAAaOCAj8wggI7MB0GA1Ud
DgQWBBS4er8i7hedXRGSgqrziGBSA1JGvzAfBgNVHSMEGDAWgBQQRdrMg3eYw+bP
MfTSeUajOw3mYTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VFWGF6SU4zbU1QbXp6SDAwbmxHb3pzTjVtRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjIvMjY2Y2FmLTNiNDMtNDllMC1iNmUxLTljMTc0ZTUzZTRmZS8x
L3VIcV9JdTRYblYwUmtvS3E4NGhnVWdOU1JyOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjIv
MjY2Y2FmLTNiNDMtNDllMC1iNmUxLTljMTc0ZTUzZTRmZS8xL0VFWGF6SU4zbU1Q
bXp6SDAwbmxHb3pzTjVtRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBV
BggrBgEFBQcBBwEB/wRGMEQwLAQCAAEwJgMEAU+FYgMEAE+FagMEAV2zQDAMAwQA
XbNDAwQBXbNEAwQAX1VVMBQEAgACMA4DBQEqAtDAAwUDKgLsQDANBgkqhkiG9w0B
AQsFAAOCAQEAfGxiAOcY2txsdX980wVHbintZGBzuzOlg9bisLn42/7ibQm0n+3b
kbk6f5UtU30kgB2iO4dHZbb9xD8bTda9ELg700KGE7s3wTbm5k1dyAoo2fWaVIS3
qiX6uO9PhKVX7csuQGiSJlXPbH29fdZGIIeYlt2Fx5EY++4Px+ru/G49g1KthiHH
C11qPeAtzx5AknwXAHrm9m5uuTLpEOYpiKC3UPmRXmvsCaZbdpstVSNyoWmSIPJT
dnyGVNQacaeaiMoupk3iK8BRXju1f1tMnghaabnqxMLg9hyufW3+w48t+DAJhUkA
RuVQMl9t3dsiCVSl8zJPeY5KoucDO4a9yA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:19 2023 by rpki-client on console-fra.rpki-client.org