Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/BeKZrcDjyY88VMch-jeP3PcrE4w.roa
File: BeKZrcDjyY88VMch-jeP3PcrE4w.roa (raw, json)
Hash identifier: 8tUiPCp9/9qctKHruf1oMEBV78DXTJC4pgRKMB9k7vQ=
Subject key identifier: 05:E2:99:AD:C0:E3:C9:8F:3C:54:C7:21:FA:37:8F:DC:F7:2B:13:8C
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018BA0E926B3102DC4CAF55AE7A03C773A4B
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/BeKZrcDjyY88VMch-jeP3PcrE4w.roa
Signing time: Sun 05 Nov 2023 19:15:16 +0000
ROA not before: Sun 05 Nov 2023 19:15:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 93.115.155.0/24 maxlen: 24
94.177.27.0/24 maxlen: 24
89.42.215.0/24 maxlen: 24
86.104.209.0/24 maxlen: 24
217.19.1.0/24 maxlen: 24
185.77.249.0/24 maxlen: 24
84.247.59.0/24 maxlen: 24
176.223.181.0/24 maxlen: 24
77.81.1.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a0:e9:26:b3:10:2d:c4:ca:f5:5a:e7:a0:3c:77:3a:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Nov 5 19:15:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05e299adc0e3c98f3c54c721fa378fdcf72b138c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:3d:a4:29:ff:df:8c:3e:6b:55:03:c9:0c:2d:
ea:f4:72:e4:80:e0:7e:29:f0:d4:e7:b0:0e:9b:18:
1e:18:cb:b8:a5:71:12:53:bf:ce:f7:ff:bf:53:de:
78:91:43:3d:64:3f:33:c0:6a:40:58:8d:28:48:a5:
ca:0d:ac:76:72:33:bb:a2:13:95:3c:78:f8:00:39:
59:7f:79:ef:26:de:1d:41:f9:84:64:af:b4:99:a4:
70:c7:ae:7d:a8:00:ca:ee:69:5d:6a:f1:04:e0:05:
43:c1:26:ae:ae:99:3d:63:4c:a2:ef:1d:db:e5:fd:
64:25:7b:3b:f0:b1:49:be:81:4f:63:c6:d4:d2:78:
c2:e5:27:f1:5e:a9:04:04:ca:79:17:ef:5b:7b:28:
46:0b:8b:05:a6:f1:a5:70:9a:6a:87:6c:be:88:6d:
e3:32:3c:5c:6d:da:69:00:40:59:95:27:54:98:39:
c8:01:71:2f:17:0f:b5:cd:dd:b6:4f:b4:b3:a9:2e:
fb:b3:47:c4:fc:23:65:e2:d3:d6:c5:a4:13:9e:94:
6b:ea:37:3e:d9:3d:e3:56:8f:2f:cd:87:51:f6:f0:
81:f2:12:1c:b6:99:22:d8:f0:ea:1c:1f:96:69:98:
d8:7b:12:34:6e:bc:d7:f9:2b:d7:79:d7:f9:f0:4d:
fe:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:E2:99:AD:C0:E3:C9:8F:3C:54:C7:21:FA:37:8F:DC:F7:2B:13:8C
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/BeKZrcDjyY88VMch-jeP3PcrE4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.1.0/24
84.247.59.0/24
86.104.209.0/24
89.42.215.0/24
93.115.155.0/24
94.177.27.0/24
176.223.181.0/24
185.77.249.0/24
217.19.1.0/24
Signature Algorithm: sha256WithRSAEncryption
97:91:fe:98:e2:5b:b7:81:da:d2:99:7b:1a:ce:b0:f8:a9:ac:
b4:f9:da:1e:29:74:b8:62:df:88:5b:31:bf:2d:ee:b5:38:06:
b7:76:d5:93:22:fc:2b:67:25:3c:28:14:fd:49:c9:fe:2a:ee:
d3:64:7f:99:0d:e5:cc:1a:a4:6d:75:d4:52:33:a6:23:35:67:
d8:c3:0b:2c:4f:7f:16:c3:cf:be:55:45:d2:c6:06:69:e3:b6:
a3:9f:f4:0f:6b:8b:de:ab:a9:08:99:c9:bd:92:27:af:0c:43:
5a:c5:09:9f:d6:d3:fc:c2:00:32:46:68:0d:85:a2:93:52:52:
a2:82:7b:1a:e1:75:5d:08:98:66:5e:24:71:d8:48:80:a3:15:
84:c8:f1:94:dc:0c:24:25:6c:c9:dd:4e:17:93:23:d9:2f:39:
1c:87:bf:bb:e8:9c:e3:d0:6d:b4:c2:7f:c2:27:de:71:aa:f1:
76:3e:3a:f1:2d:e5:eb:14:6d:85:cc:fd:bf:b0:25:27:08:ba:
d4:67:93:54:56:29:37:8e:7d:bd:39:15:08:fb:23:7e:62:58:
4a:a2:00:68:27:01:34:c3:5b:52:4c:39:a7:d3:5e:dc:6a:e2:
34:d0:58:fb:c5:c0:aa:b6:84:a1:44:ea:d7:73:ff:f1:54:a1:
65:f7:24:37
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYug6SazEC3EyvVa56A8dzpLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMxMTA1MTkxNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWUyOTlhZGMwZTNjOThmM2M1NGM3MjFmYTM3OGZkY2Y3MmIxMzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnT2kKf/fjD5rVQPJDC3q9HLkgOB+
KfDU57AOmxgeGMu4pXESU7/O9/+/U954kUM9ZD8zwGpAWI0oSKXKDax2cjO7ohOV
PHj4ADlZf3nvJt4dQfmEZK+0maRwx659qADK7mldavEE4AVDwSaurpk9Y0yi7x3b
5f1kJXs78LFJvoFPY8bU0njC5SfxXqkEBMp5F+9beyhGC4sFpvGlcJpqh2y+iG3j
MjxcbdppAEBZlSdUmDnIAXEvFw+1zd22T7SzqS77s0fE/CNl4tPWxaQTnpRr6jc+
2T3jVo8vzYdR9vCB8hIctpki2PDqHB+WaZjYexI0brzX+SvXedf58E3+owIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFAXima3A48mPPFTHIfo3j9z3KxOMMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvQmVLWnJjRGp5WTg4Vk1jaC1qZVAzUGNyRTR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQATVEBAwQA
VPc7AwQAVmjRAwQAWSrXAwQAXXObAwQAXrEbAwQAsN+1AwQAuU35AwQA2RMBMA0G
CSqGSIb3DQEBCwUAA4IBAQCXkf6Y4lu3gdrSmXsazrD4qay0+doeKXS4Yt+IWzG/
Le61OAa3dtWTIvwrZyU8KBT9Scn+Ku7TZH+ZDeXMGqRtddRSM6YjNWfYwwssT38W
w8++VUXSxgZp47ajn/QPa4veq6kImcm9kievDENaxQmf1tP8wgAyRmgNhaKTUlKi
gnsa4XVdCJhmXiRx2EiAoxWEyPGU3AwkJWzJ3U4XkyPZLzkch7+76Jzj0G20wn/C
J95xqvF2PjrxLeXrFG2FzP2/sCUnCLrUZ5NUVik3jn29ORUI+yN+YlhKogBoJwE0
w1tSTDmn017cauI00Fj7xcCqtoShROrXc//xVKFl9yQ3
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:14 2024 by rpki-client on console-fra.rpki-client.org