Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/t--0DuDzI6SqEwYiX4rXuwm9fC4.roa
File: t--0DuDzI6SqEwYiX4rXuwm9fC4.roa (raw, json)
Hash identifier: Mc+NHcgMwocGHKZZ2vUMtpO92hypKa6waMLV3NHVTTs=
Subject key identifier: B7:EF:B4:0E:E0:F3:23:A4:AA:13:06:22:5F:8A:D7:BB:09:BD:7C:2E
Certificate issuer: /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial: 018EE23374B7686EC4601F8A0C1410271686
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/t--0DuDzI6SqEwYiX4rXuwm9fC4.roa
Signing time: Mon 15 Apr 2024 14:40:06 +0000
ROA not before: Mon 15 Apr 2024 14:40:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12615
IP address blocks: 78.108.249.0/24 maxlen: 24
87.246.4.0/24 maxlen: 24
109.160.118.0/24 maxlen: 24
185.43.58.0/24 maxlen: 24
185.43.59.0/24 maxlen: 24
212.70.130.0/23 maxlen: 23
212.70.132.0/24 maxlen: 24
212.70.133.0/24 maxlen: 24
212.70.134.0/24 maxlen: 24
212.70.135.0/24 maxlen: 24
212.70.144.0/22 maxlen: 22
212.70.146.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e2:33:74:b7:68:6e:c4:60:1f:8a:0c:14:10:27:16:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
Validity
Not Before: Apr 15 14:40:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b7efb40ee0f323a4aa1306225f8ad7bb09bd7c2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:9e:c8:5d:e5:df:08:e3:0e:6c:9e:e3:e1:de:
03:ad:35:0d:28:79:c7:bb:43:eb:53:90:21:42:93:
98:87:21:11:79:16:a4:10:ba:ed:5e:a0:d8:4e:b9:
42:a0:87:83:a6:cf:46:43:d5:66:85:10:34:a9:83:
58:46:1b:e2:f1:3b:2b:c3:79:38:e6:4e:84:78:73:
b9:49:63:3e:c5:34:a7:b9:cb:8e:4f:d0:1a:c6:a5:
a4:66:31:ac:41:27:2b:94:08:2e:79:f9:a1:6a:05:
98:2d:ad:30:94:ae:06:9e:8b:8b:c8:eb:b0:5e:63:
e1:07:3d:b6:f3:de:95:b1:64:b3:f0:3b:12:f6:8a:
06:a7:a1:9a:65:75:fd:3d:0c:79:f8:a6:2b:e7:16:
61:56:57:88:ae:2e:e9:e9:5b:c5:29:8d:5d:8c:9e:
20:09:46:f2:b4:27:f4:65:e6:90:62:72:1d:b7:e8:
2a:08:64:8f:53:95:4a:15:d0:9d:01:b4:36:fd:26:
af:cb:1e:06:1f:74:5a:ca:c2:41:38:88:72:5a:c9:
c2:c5:87:fc:6e:61:25:fa:d5:a0:35:01:e2:60:33:
df:69:ef:7f:0d:ad:9f:69:51:dc:74:f5:6f:9b:04:
95:12:c8:da:a7:ac:3f:70:f1:b6:ee:7e:25:ec:1c:
77:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:EF:B4:0E:E0:F3:23:A4:AA:13:06:22:5F:8A:D7:BB:09:BD:7C:2E
X509v3 Authority Key Identifier:
keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/t--0DuDzI6SqEwYiX4rXuwm9fC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.108.249.0/24
87.246.4.0/24
109.160.118.0/24
185.43.58.0/23
212.70.130.0-212.70.135.255
212.70.144.0/22
Signature Algorithm: sha256WithRSAEncryption
52:73:cc:a2:fa:75:f5:8d:0c:dc:7d:32:f5:e7:6e:3e:36:54:
c7:ba:ab:6b:66:7f:6e:d8:f2:ab:82:4f:0a:20:39:a2:61:10:
81:bc:8c:e7:31:3f:3a:6b:27:1e:f6:31:31:65:5c:d8:d0:b7:
f2:5c:53:62:bd:4f:ce:31:3c:2d:21:d3:43:8e:df:5a:3e:c8:
a9:41:56:c0:10:ac:33:cb:b7:a8:2e:72:11:f6:20:89:42:55:
b2:27:88:01:28:be:e4:e8:fe:04:4c:74:8b:67:dd:bc:ab:5c:
4f:3f:36:b6:8d:0f:43:62:37:83:1d:f3:bd:99:a4:03:1a:e4:
89:1d:a8:24:3e:78:10:7e:ba:5b:aa:ff:32:be:66:c8:2b:46:
2d:42:99:d3:1d:b5:f0:fa:ea:f8:5e:d7:e8:e5:4e:ca:3d:88:
67:55:4f:11:4a:06:ff:20:1b:0b:34:86:ac:0d:4d:fc:a6:8c:
57:35:88:a8:28:b3:80:81:2a:e1:f8:00:48:07:81:fd:38:07:
9c:20:d1:30:30:bc:fc:ea:1f:e4:16:fe:e7:56:43:92:cb:ed:
8d:7d:49:3c:2e:3b:b5:22:6c:43:65:1c:56:2a:c9:40:3d:57:
1d:52:cb:e2:c3:09:45:1d:59:d8:c3:f8:4b:fe:95:36:79:ad:
93:d9:b8:6d
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAY7iM3S3aG7EYB+KDBQQJxaGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjQwNDE1MTQ0MDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2VmYjQwZWUwZjMyM2E0YWExMzA2MjI1ZjhhZDdiYjA5YmQ3YzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgJ7IXeXfCOMObJ7j4d4DrTUNKHnH
u0PrU5AhQpOYhyEReRakELrtXqDYTrlCoIeDps9GQ9VmhRA0qYNYRhvi8Tsrw3k4
5k6EeHO5SWM+xTSnucuOT9AaxqWkZjGsQScrlAguefmhagWYLa0wlK4GnouLyOuw
XmPhBz22896VsWSz8DsS9ooGp6GaZXX9PQx5+KYr5xZhVleIri7p6VvFKY1djJ4g
CUbytCf0ZeaQYnIdt+gqCGSPU5VKFdCdAbQ2/Savyx4GH3RaysJBOIhyWsnCxYf8
bmEl+tWgNQHiYDPfae9/Da2faVHcdPVvmwSVEsjap6w/cPG27n4l7Bx3yQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFLfvtA7g8yOkqhMGIl+K17sJvXwuMB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEvdC0tMER1RHpJNlNxRXdZaVg0clh1d205ZkM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQATmz5AwQA
V/YEAwQAbaB2AwQBuSs6MAwDBAHURoIDBAPURoADBALURpAwDQYJKoZIhvcNAQEL
BQADggEBAFJzzKL6dfWNDNx9MvXnbj42VMe6q2tmf27Y8quCTwogOaJhEIG8jOcx
PzprJx72MTFlXNjQt/JcU2K9T84xPC0h00OO31o+yKlBVsAQrDPLt6guchH2IIlC
VbIniAEovuTo/gRMdItn3byrXE8/NraND0NiN4Md872ZpAMa5IkdqCQ+eBB+uluq
/zK+ZsgrRi1CmdMdtfD66vhe1+jlTso9iGdVTxFKBv8gGws0hqwNTfymjFc1iKgo
s4CBKuH4AEgHgf04B5wg0TAwvPzqH+QW/udWQ5LL7Y19STwuO7UibENlHFYqyUA9
Vx1Sy+LDCUUdWdjD+Ev+lTZ5rZPZuG0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:28 2024 by rpki-client on console-ams.rpki-client.org