Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/47a9c9-d457-4579-b2b0-e5212574f9ec/1/d9G8BIAUUK2TFyF2toe0sK-PjV0.roa
File: d9G8BIAUUK2TFyF2toe0sK-PjV0.roa (raw, json)
Hash identifier: yYcZLoggVacd9wDAlryEbPIx5ChVyeIC7gWJ0rkMDSs=
Subject key identifier: 77:D1:BC:04:80:14:50:AD:93:17:21:76:B6:87:B4:B0:AF:8F:8D:5D
Certificate issuer: /CN=add9207994ba9c7d91ea7e479fefd1b8099f62ce
Certificate serial: 0185DEA7CEA8812D7A5A08DDD8511E4E22D9
Authority key identifier: AD:D9:20:79:94:BA:9C:7D:91:EA:7E:47:9F:EF:D1:B8:09:9F:62:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rdkgeZS6nH2R6n5Hn-_RuAmfYs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/47a9c9-d457-4579-b2b0-e5212574f9ec/1/d9G8BIAUUK2TFyF2toe0sK-PjV0.roa
Signing time: Mon 23 Jan 2023 12:43:37 +0000
ROA not before: Mon 23 Jan 2023 12:43:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8400
IP address blocks: 185.125.176.0/23 maxlen: 23
93.92.250.0/23 maxlen: 23
93.92.249.0/24 maxlen: 24
93.92.248.0/21 maxlen: 21
93.92.248.0/24 maxlen: 24
93.92.252.0/22 maxlen: 22
212.57.44.0/22 maxlen: 22
212.57.42.0/23 maxlen: 23
212.57.40.0/21 maxlen: 21
212.57.40.0/23 maxlen: 23
37.35.8.0/22 maxlen: 22
37.35.8.0/21 maxlen: 21
37.35.14.0/23 maxlen: 23
37.35.12.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:de:a7:ce:a8:81:2d:7a:5a:08:dd:d8:51:1e:4e:22:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=add9207994ba9c7d91ea7e479fefd1b8099f62ce
Validity
Not Before: Jan 23 12:43:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=77d1bc04801450ad93172176b687b4b0af8f8d5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:ea:69:41:f4:90:08:02:71:ac:6a:15:fa:ae:
b9:1e:cc:11:15:cf:f2:6e:53:f5:cd:ce:cb:52:87:
bc:37:67:f7:a3:af:49:92:22:80:08:2e:5c:e4:dd:
6e:1d:f3:35:88:6c:89:a5:a8:14:ac:4c:14:52:77:
09:bd:f1:9c:a1:f3:a6:f6:e8:ae:6b:79:f4:bc:f7:
4b:28:b1:44:46:22:90:8b:c5:dc:c9:87:a2:c9:fe:
f3:75:e9:c9:ea:90:2c:e4:e1:f0:c7:5d:86:a1:e4:
3d:36:e5:89:69:fe:f7:e2:fa:fd:9a:90:39:4b:c7:
c4:cc:bb:e0:b0:bc:62:82:aa:e1:b4:9a:71:1d:e2:
4b:18:b4:3f:48:18:77:9b:6d:4e:c8:42:03:51:bd:
90:ec:ff:5a:61:e8:ab:9a:e0:ce:2e:75:8d:8a:d6:
35:1f:c3:81:e2:52:ae:44:fa:00:0c:18:74:3b:40:
92:0b:a1:cf:24:85:47:36:54:e5:83:f1:65:35:76:
3c:e9:b8:1d:dd:24:d0:ab:d4:8c:b2:cc:ee:fa:4b:
dc:a3:26:74:85:55:08:86:8a:a3:ef:bd:8c:81:9f:
3a:c5:57:d4:ad:1e:31:4a:9b:da:31:cd:87:54:d9:
35:1c:c0:a9:b0:98:1c:14:fd:29:8f:b9:87:4c:68:
57:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:D1:BC:04:80:14:50:AD:93:17:21:76:B6:87:B4:B0:AF:8F:8D:5D
X509v3 Authority Key Identifier:
keyid:AD:D9:20:79:94:BA:9C:7D:91:EA:7E:47:9F:EF:D1:B8:09:9F:62:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rdkgeZS6nH2R6n5Hn-_RuAmfYs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/47a9c9-d457-4579-b2b0-e5212574f9ec/1/d9G8BIAUUK2TFyF2toe0sK-PjV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/47a9c9-d457-4579-b2b0-e5212574f9ec/1/rdkgeZS6nH2R6n5Hn-_RuAmfYs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.35.8.0/21
93.92.248.0/21
185.125.176.0/23
212.57.40.0/21
Signature Algorithm: sha256WithRSAEncryption
81:52:cc:27:cd:fb:f6:4f:29:01:0a:02:57:63:72:f6:f2:83:
da:4f:3d:03:f4:da:0d:05:cf:a1:98:99:48:13:cf:ba:ab:54:
1c:8c:41:31:56:dc:5a:0f:ae:8d:f7:4d:5f:72:ce:e9:e5:ed:
d5:57:da:aa:67:e3:46:87:0a:cc:72:85:5d:0e:4b:58:42:d1:
64:30:e1:53:eb:35:d1:7c:a8:01:6e:24:61:69:1a:4a:b1:6b:
b1:41:df:01:16:f1:e4:d9:74:f2:38:cb:c5:88:b6:35:56:47:
32:f4:2f:53:64:1f:1c:6d:79:ca:24:0d:20:06:9f:64:bd:2c:
cf:6a:3e:ed:5c:99:58:6b:f2:8a:be:4b:b6:a7:a9:5a:c1:46:
91:96:44:c0:d6:04:8b:d3:68:58:cb:38:03:21:32:4e:06:86:
22:f4:ad:19:44:b7:86:4b:0e:9c:57:a4:ef:a0:f0:13:ea:be:
9a:8f:fd:8d:9e:fc:a7:15:53:13:eb:d8:53:b3:ab:d6:f6:ae:
2e:16:05:8f:05:e6:64:94:24:62:c5:06:0b:70:3b:fb:47:30:
2b:df:a9:3d:6f:92:07:0e:a1:bc:b4:cb:4d:bd:0e:c7:3a:88:
21:05:70:76:c5:62:69:cd:ce:60:c7:b8:51:74:48:4a:5d:ec:
1f:6b:23:62
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYXep86ogS16Wgjd2FEeTiLZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZDkyMDc5OTRiYTljN2Q5MWVhN2U0NzlmZWZkMWI4MDk5
ZjYyY2UwHhcNMjMwMTIzMTI0MzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2QxYmMwNDgwMTQ1MGFkOTMxNzIxNzZiNjg3YjRiMGFmOGY4ZDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3OppQfSQCAJxrGoV+q65HswRFc/y
blP1zc7LUoe8N2f3o69JkiKACC5c5N1uHfM1iGyJpagUrEwUUncJvfGcofOm9uiu
a3n0vPdLKLFERiKQi8XcyYeiyf7zdenJ6pAs5OHwx12GoeQ9NuWJaf734vr9mpA5
S8fEzLvgsLxigqrhtJpxHeJLGLQ/SBh3m21OyEIDUb2Q7P9aYeirmuDOLnWNitY1
H8OB4lKuRPoADBh0O0CSC6HPJIVHNlTlg/FlNXY86bgd3STQq9SMsszu+kvcoyZ0
hVUIhoqj772MgZ86xVfUrR4xSpvaMc2HVNk1HMCpsJgcFP0pj7mHTGhXHQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHfRvASAFFCtkxchdraHtLCvj41dMB8GA1UdIwQY
MBaAFK3ZIHmUupx9kep+R5/v0bgJn2LOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmRrZ2VaUzZuSDJSNm41SG4tX1J1QW1mWXM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC80N2E5YzktZDQ1Ny00NTc5LWIyYjAt
ZTUyMTI1NzRmOWVjLzEvZDlHOEJJQVVVSzJURnlGMnRvZTBzSy1QalYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC80N2E5YzktZDQ1Ny00NTc5LWIyYjAtZTUyMTI1NzRmOWVj
LzEvcmRrZ2VaUzZuSDJSNm41SG4tX1J1QW1mWXM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDJSMIAwQD
XVz4AwQBuX2wAwQD1DkoMA0GCSqGSIb3DQEBCwUAA4IBAQCBUswnzfv2TykBCgJX
Y3L28oPaTz0D9NoNBc+hmJlIE8+6q1QcjEExVtxaD66N901fcs7p5e3VV9qqZ+NG
hwrMcoVdDktYQtFkMOFT6zXRfKgBbiRhaRpKsWuxQd8BFvHk2XTyOMvFiLY1Vkcy
9C9TZB8cbXnKJA0gBp9kvSzPaj7tXJlYa/KKvku2p6lawUaRlkTA1gSL02hYyzgD
ITJOBoYi9K0ZRLeGSw6cV6TvoPAT6r6aj/2NnvynFVMT69hTs6vW9q4uFgWPBeZk
lCRixQYLcDv7RzAr36k9b5IHDqG8tMtNvQ7HOoghBXB2xWJpzc5gx7hRdEhKXewf
ayNi
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:28:50 2025 by rpki-client