Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/1-Hb9Hbdqk9u7WhY4rpcb5IKEQp4.roa
File: 1-Hb9Hbdqk9u7WhY4rpcb5IKEQp4.roa (raw, json)
Hash identifier: uL/M7E9yy1Pt09dMj6ifaJL/Dc3Uj/gkEYpz61VFtCc=
Subject key identifier: F8:76:FD:1D:B7:6A:93:DB:BB:5A:16:38:AE:97:1B:E4:82:84:42:9E
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 0188F1E723238C1628DB19F26A048C0E881E
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/1-Hb9Hbdqk9u7WhY4rpcb5IKEQp4.roa
Signing time: Sun 25 Jun 2023 09:33:56 +0000
ROA not before: Sun 25 Jun 2023 09:33:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.37.128.0/24 maxlen: 24
93.114.69.0/24 maxlen: 24
176.223.190.0/24 maxlen: 24
94.177.113.0/24 maxlen: 24
94.177.118.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:f1:e7:23:23:8c:16:28:db:19:f2:6a:04:8c:0e:88:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Jun 25 09:33:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f876fd1db76a93dbbb5a1638ae971be48284429e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:58:27:58:11:a0:0f:87:84:df:b1:60:4a:17:
a1:03:46:f2:fc:75:4e:6a:85:88:b4:6d:d6:07:8f:
95:9e:d1:5e:f9:85:ac:e1:04:e7:2b:9a:41:39:ef:
5f:6d:f5:48:0e:96:b3:dc:ca:46:8e:f0:e6:9c:36:
9e:3a:fc:cf:b8:1a:99:e8:7b:81:0d:aa:0a:da:f1:
25:e5:71:b1:94:de:e6:01:7b:76:6b:12:fd:57:d6:
27:f1:79:31:53:40:34:cc:d6:68:80:2e:e6:75:03:
3a:82:8e:d5:dd:af:f2:4b:49:0f:5c:91:7e:bf:eb:
af:66:b8:bd:5a:5c:84:ec:d1:79:4f:e5:52:20:4a:
62:99:33:ad:3d:ee:50:c8:75:06:5b:db:14:3e:ff:
dc:43:f3:b9:32:e1:13:45:45:c6:f6:49:ab:e8:70:
ab:ba:8a:77:30:b8:53:78:67:f2:55:44:63:b6:9e:
d9:a2:9c:7b:a9:0c:4d:42:f5:0e:52:63:0a:03:03:
1d:19:56:c1:a2:1d:87:ff:ac:5d:4b:dc:a5:60:78:
31:c7:1d:25:93:e3:db:35:9f:82:e3:be:6d:4d:24:
82:ea:e8:db:ef:3e:ed:ec:3b:90:83:46:59:b9:db:
da:92:9f:e2:fb:40:d1:09:cf:77:73:5f:ed:4c:7a:
ee:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:76:FD:1D:B7:6A:93:DB:BB:5A:16:38:AE:97:1B:E4:82:84:42:9E
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/1-Hb9Hbdqk9u7WhY4rpcb5IKEQp4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.37.128.0/24
93.114.69.0/24
94.177.113.0/24
94.177.118.0/24
176.223.190.0/24
Signature Algorithm: sha256WithRSAEncryption
35:2d:74:3f:9e:c1:74:a2:b0:be:94:8e:40:af:62:87:6c:f7:
42:9a:74:62:df:3b:19:07:b4:a8:3f:bb:43:b4:c0:a2:91:f4:
3e:74:cf:53:20:06:90:71:2f:cc:16:de:e8:ec:16:28:89:6f:
b0:6c:f0:89:00:5a:de:89:df:da:7d:2d:fb:f2:b6:59:a2:1f:
ad:8c:fd:ae:b0:1d:09:a6:f3:8e:6c:8a:29:79:e2:63:75:3b:
b4:f4:86:72:58:41:69:f8:91:d4:c5:c7:e7:9a:42:53:e7:2a:
2a:2c:7d:dc:77:af:e9:16:e4:76:af:e5:63:3e:32:bf:f2:66:
8c:a5:d8:19:d7:0e:a3:d8:18:59:fa:b2:cd:57:0f:55:2c:7b:
68:2c:f3:5c:f3:a8:dd:17:bd:14:51:3a:30:7e:45:90:0e:25:
20:d1:69:55:f6:1c:d7:23:d6:7b:a9:20:19:44:95:d0:69:fc:
74:14:9c:fa:0f:51:75:ce:c5:e0:76:54:d1:bf:86:bc:2e:76:
a1:15:00:8d:3e:40:ac:53:57:19:95:8e:5b:65:6d:d9:91:33:
ce:94:23:4d:63:25:48:2b:33:f6:66:eb:39:04:2a:a5:07:5a:
7e:fc:42:ca:0c:0a:93:69:bd:1c:83:1a:db:5e:32:8b:44:0d:
fc:e4:af:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYjx5yMjjBYo2xnyagSMDogeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMwNjI1MDkzMzU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODc2ZmQxZGI3NmE5M2RiYmI1YTE2MzhhZTk3MWJlNDgyODQ0MjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhlgnWBGgD4eE37FgShehA0by/HVO
aoWItG3WB4+VntFe+YWs4QTnK5pBOe9fbfVIDpaz3MpGjvDmnDaeOvzPuBqZ6HuB
DaoK2vEl5XGxlN7mAXt2axL9V9Yn8XkxU0A0zNZogC7mdQM6go7V3a/yS0kPXJF+
v+uvZri9WlyE7NF5T+VSIEpimTOtPe5QyHUGW9sUPv/cQ/O5MuETRUXG9kmr6HCr
uop3MLhTeGfyVURjtp7Zopx7qQxNQvUOUmMKAwMdGVbBoh2H/6xdS9ylYHgxxx0l
k+PbNZ+C475tTSSC6ujb7z7t7DuQg0ZZudvakp/i+0DRCc93c1/tTHruaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPh2/R23apPbu1oWOK6XG+SChEKeMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvMS1IYjlIYmRxazl1N1doWTRycGNiNUlLRVFwNC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZmYvODJhN2Q2LTkyYTktNDIwNC05YWUwLTlhNDhlY2Y5ZTE1
ZS8xLzJnRHBnWlV3WVpjc2lXdlcwbmM0MElPcTJ3NC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAFklgAME
AF1yRQMEAF6xcQMEAF6xdgMEALDfvjANBgkqhkiG9w0BAQsFAAOCAQEANS10P57B
dKKwvpSOQK9ih2z3Qpp0Yt87GQe0qD+7Q7TAopH0PnTPUyAGkHEvzBbe6OwWKIlv
sGzwiQBa3onf2n0t+/K2WaIfrYz9rrAdCabzjmyKKXniY3U7tPSGclhBafiR1MXH
55pCU+cqKix93Hev6Rbkdq/lYz4yv/JmjKXYGdcOo9gYWfqyzVcPVSx7aCzzXPOo
3Re9FFE6MH5FkA4lINFpVfYc1yPWe6kgGUSV0Gn8dBSc+g9Rdc7F4HZU0b+GvC52
oRUAjT5ArFNXGZWOW2Vt2ZEzzpQjTWMlSCsz9mbrOQQqpQdafvxCygwKk2m9HIMa
214yi0QN/OSvdA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:48 2024 by rpki-client on console-ams.rpki-client.org