Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/1-6nKODIHuCs38uYVPvFTcSUw40g.roa
File: 1-6nKODIHuCs38uYVPvFTcSUw40g.roa (raw, json)
Hash identifier: 5VO+DMwEoaDwKxrkeYM32IwHqIqeipI6iJXbzGZZ0qg=
Subject key identifier: FB:A9:CA:38:32:07:B8:2B:37:F2:E6:15:3E:F1:53:71:25:30:E3:48
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018BCB12EE2417CCD54BF40E341510E78584
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/1-6nKODIHuCs38uYVPvFTcSUw40g.roa
Signing time: Mon 13 Nov 2023 23:44:57 +0000
ROA not before: Mon 13 Nov 2023 23:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 185.172.20.0/22 maxlen: 24
185.64.100.0/22 maxlen: 24
93.113.184.0/21 maxlen: 24
62.112.12.0/23 maxlen: 24
194.58.64.0/23 maxlen: 24
188.240.40.0/23 maxlen: 24
188.212.104.0/22 maxlen: 24
94.190.248.0/22 maxlen: 24
195.133.202.0/23 maxlen: 24
194.88.96.0/21 maxlen: 24
89.37.216.0/23 maxlen: 24
84.234.24.0/22 maxlen: 24
185.77.250.0/23 maxlen: 24
188.211.252.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:cb:12:ee:24:17:cc:d5:4b:f4:0e:34:15:10:e7:85:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Nov 13 23:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fba9ca383207b82b37f2e6153ef153712530e348
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:df:16:ca:f8:e6:8f:0c:f2:68:95:4e:23:6d:
12:7b:69:97:87:69:ba:d8:dc:ee:05:1f:1d:f9:d5:
ec:83:49:37:59:92:61:96:14:8c:b5:e9:90:1b:fc:
e0:1f:a5:74:f4:6d:39:0e:59:9b:cf:e1:71:e8:ea:
32:8d:7c:04:c9:54:9e:00:e8:f6:d6:7f:04:d3:e3:
82:75:fa:d8:76:5b:32:8c:32:c2:c8:0e:0c:05:ac:
a6:a0:f8:30:c2:26:46:f8:29:9b:f1:e6:35:b8:9d:
64:e4:d2:e0:07:48:41:2a:b1:08:9e:19:19:fd:7b:
da:6c:03:fd:8f:36:58:70:de:6d:7b:c0:42:a1:e2:
71:92:88:ab:e3:34:b9:6a:77:da:dd:4e:d2:c5:9d:
92:88:da:aa:e5:b9:0a:5a:bd:8d:fb:ba:7b:99:40:
bd:b2:bd:ba:00:93:d9:18:33:43:d5:41:e5:ef:15:
e3:57:7a:4f:18:8b:42:5f:50:a3:8b:fe:b3:cd:55:
ed:96:f1:44:10:46:98:21:c3:c8:16:8d:7e:9e:24:
c9:9d:04:08:ef:aa:86:e8:47:e3:9a:d5:5e:92:6a:
40:93:40:7e:ee:ec:30:8b:1e:ee:66:27:3f:4a:87:
fc:1c:80:1d:18:8c:a8:4c:4c:a6:48:13:ab:de:b1:
d0:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:A9:CA:38:32:07:B8:2B:37:F2:E6:15:3E:F1:53:71:25:30:E3:48
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/1-6nKODIHuCs38uYVPvFTcSUw40g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.112.12.0/23
84.234.24.0/22
89.37.216.0/23
93.113.184.0/21
94.190.248.0/22
185.64.100.0/22
185.77.250.0/23
185.172.20.0/22
188.211.252.0/22
188.212.104.0/22
188.240.40.0/23
194.58.64.0/23
194.88.96.0/21
195.133.202.0/23
Signature Algorithm: sha256WithRSAEncryption
22:ad:b8:d9:04:74:17:51:b6:30:94:b0:45:9e:01:62:0f:2c:
e7:a3:ce:d3:82:ea:c2:de:cd:d4:af:f0:4e:5a:22:77:9f:73:
93:3a:0b:fe:ac:75:75:e0:88:8f:11:6a:51:ea:4b:27:65:fb:
8a:19:c3:ec:dd:47:1d:a4:b4:44:2c:61:30:03:9c:73:f2:80:
5d:32:fc:53:97:a5:c5:93:9a:0a:a5:a8:d7:26:fc:df:3a:da:
b4:1f:1d:81:81:f6:66:8d:c3:c5:99:14:85:10:dd:b9:19:bc:
07:ea:ec:10:2c:0c:85:a6:89:99:80:cf:3f:b0:4b:b0:10:d6:
2c:cc:b9:7a:5b:a0:ab:8f:85:aa:13:d1:20:03:61:b3:5a:93:
5a:ca:b7:82:e0:46:01:8f:23:ac:17:c7:ce:40:d0:cc:87:be:
9f:1f:1b:15:b8:f8:67:12:87:3b:96:6c:46:60:4b:32:51:f0:
64:fb:6b:2e:63:c0:e5:81:8c:b0:ba:e2:7d:80:d6:e6:40:e5:
25:34:a0:ed:19:36:b9:b9:54:bf:d7:ab:3f:95:4f:04:62:2b:
b5:f4:3a:67:ec:2d:78:80:1f:d3:e1:dd:ee:33:3e:91:f3:b9:
54:1b:61:42:00:48:d1:19:83:53:ba:fb:1e:d4:a9:d0:d3:17:
a6:6b:06:89
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAYvLEu4kF8zVS/QONBUQ54WEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMxMTEzMjM0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmE5Y2EzODMyMDdiODJiMzdmMmU2MTUzZWYxNTM3MTI1MzBlMzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA798WyvjmjwzyaJVOI20Se2mXh2m6
2NzuBR8d+dXsg0k3WZJhlhSMtemQG/zgH6V09G05Dlmbz+Fx6OoyjXwEyVSeAOj2
1n8E0+OCdfrYdlsyjDLCyA4MBaymoPgwwiZG+Cmb8eY1uJ1k5NLgB0hBKrEInhkZ
/XvabAP9jzZYcN5te8BCoeJxkoir4zS5anfa3U7SxZ2SiNqq5bkKWr2N+7p7mUC9
sr26AJPZGDND1UHl7xXjV3pPGItCX1Cji/6zzVXtlvFEEEaYIcPIFo1+niTJnQQI
76qG6EfjmtVekmpAk0B+7uwwix7uZic/Sof8HIAdGIyoTEymSBOr3rHQRQIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFPupyjgyB7grN/LmFT7xU3ElMONIMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvMS02bktPRElIdUNzMzh1WVZQdkZUY1NVdzQwZy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZmYvODJhN2Q2LTkyYTktNDIwNC05YWUwLTlhNDhlY2Y5ZTE1
ZS8xLzJnRHBnWlV3WVpjc2lXdlcwbmM0MElPcTJ3NC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBtBggrBgEFBQcBBwEB/wReMFwwWgQCAAEwVAMEAT5wDAME
AlTqGAMEAVkl2AMEA11xuAMEAl6++AMEArlAZAMEAblN+gMEArmsFAMEArzT/AME
ArzUaAMEAbzwKAMEAcI6QAMEA8JYYAMEAcOFyjANBgkqhkiG9w0BAQsFAAOCAQEA
Iq242QR0F1G2MJSwRZ4BYg8s56PO04Lqwt7N1K/wTloid59zkzoL/qx1deCIjxFq
UepLJ2X7ihnD7N1HHaS0RCxhMAOcc/KAXTL8U5elxZOaCqWo1yb83zratB8dgYH2
Zo3DxZkUhRDduRm8B+rsECwMhaaJmYDPP7BLsBDWLMy5elugq4+FqhPRIANhs1qT
Wsq3guBGAY8jrBfHzkDQzIe+nx8bFbj4ZxKHO5ZsRmBLMlHwZPtrLmPA5YGMsLri
fYDW5kDlJTSg7Rk2ublUv9erP5VPBGIrtfQ6Z+wteIAf0+Hd7jM+kfO5VBthQgBI
0RmDU7r7HtSp0NMXpmsGiQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:14 2024 by rpki-client on console-fra.rpki-client.org