Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/CrD2nW3WDWd582xeI1rrz15MPj8.roa
File: CrD2nW3WDWd582xeI1rrz15MPj8.roa (raw, json)
Hash identifier: L/QO2LEIWkJlCpda8OddTGMgx45D3bIlZDlSn7Om3XU=
Subject key identifier: 0A:B0:F6:9D:6D:D6:0D:67:79:F3:6C:5E:23:5A:EB:CF:5E:4C:3E:3F
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 0183A481FF80DF825BDE1BE7AAE525AB0360
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/CrD2nW3WDWd582xeI1rrz15MPj8.roa
Signing time: Tue 04 Oct 2022 19:38:46 +0000
ROA not before: Tue 04 Oct 2022 19:38:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 93.115.155.0/24 maxlen: 24
5.35.192.0/21 maxlen: 24
212.237.224.0/22 maxlen: 24
86.104.209.0/24 maxlen: 24
94.177.65.0/24 maxlen: 24
62.112.0.0/21 maxlen: 24
93.113.184.0/21 maxlen: 24
93.115.111.0/24 maxlen: 24
217.19.1.0/24 maxlen: 24
84.247.59.0/24 maxlen: 24
185.77.249.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:a4:81:ff:80:df:82:5b:de:1b:e7:aa:e5:25:ab:03:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Oct 4 19:38:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0ab0f69d6dd60d6779f36c5e235aebcf5e4c3e3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:6a:21:c7:a3:3a:cc:87:a5:8e:f7:4c:5d:b6:
43:ee:10:b3:ac:5e:ed:5f:8a:c4:55:47:a4:10:d3:
36:dc:21:44:37:60:d5:19:56:7a:4e:3e:c7:9b:fc:
96:e7:f2:5c:b6:a3:0b:df:f4:ec:5c:c2:19:6c:5a:
3d:eb:cf:6a:57:e4:d1:b6:d5:8a:5d:f3:a5:1d:52:
1f:34:e9:49:12:41:6a:cc:75:79:bd:18:6b:4b:76:
9d:8e:49:27:e5:22:25:35:1e:26:79:45:64:8f:c8:
f4:49:30:d7:8a:fd:1a:fc:75:ac:d8:f4:55:a9:21:
33:2b:38:07:d3:cd:ec:ec:2b:1b:b1:98:78:78:41:
89:0c:5c:14:f2:0b:02:79:0d:84:d6:93:f1:00:f9:
5c:f8:e6:52:b9:29:f1:6d:90:29:54:d8:bc:90:16:
3c:ec:b2:be:39:97:94:c4:f7:83:81:f8:37:51:23:
8e:5e:5e:92:e9:be:f2:dc:16:17:53:e1:e8:02:f0:
f2:c4:63:10:d6:5c:23:30:d0:b2:e7:9e:4b:31:9b:
3a:94:e8:c9:2f:06:88:b7:0d:38:24:ac:ab:9d:3b:
3d:bd:08:68:53:ce:81:41:b6:4e:b4:cf:15:54:71:
de:a7:63:d7:a4:e4:c8:32:5b:73:e0:63:fd:97:d4:
d3:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:B0:F6:9D:6D:D6:0D:67:79:F3:6C:5E:23:5A:EB:CF:5E:4C:3E:3F
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/CrD2nW3WDWd582xeI1rrz15MPj8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.192.0/21
62.112.0.0/21
84.247.59.0/24
86.104.209.0/24
93.113.184.0/21
93.115.111.0/24
93.115.155.0/24
94.177.65.0/24
185.77.249.0/24
212.237.224.0/22
217.19.1.0/24
Signature Algorithm: sha256WithRSAEncryption
81:97:9d:5c:c0:3c:cb:36:b1:51:ea:94:b3:09:ef:6f:4e:b0:
79:d3:b2:b2:f3:16:6a:8e:e7:e1:7f:20:53:bc:85:c1:ba:41:
db:5d:3e:85:4a:87:53:d6:53:23:3a:24:62:06:16:1f:ed:e2:
c0:33:57:9e:6c:a9:67:d2:0c:8b:9b:38:51:b6:f1:b5:38:57:
60:a0:37:33:fe:d0:62:e9:a5:c0:2c:85:b6:78:98:d9:df:7d:
d2:bb:c8:89:55:55:14:4f:9f:b9:50:f3:e3:ce:24:9f:8a:44:
8a:dd:09:55:27:f9:fd:0a:16:a8:69:d7:e9:68:e7:80:8b:39:
3e:36:4d:ca:f1:13:7c:79:5c:3a:45:7f:8e:91:23:95:57:e1:
b9:0d:e8:c4:61:01:02:36:ac:d8:6d:fb:37:8d:ad:a5:dd:a0:
be:55:aa:72:ed:6c:4f:be:b0:0b:88:35:fd:6f:f1:54:74:5e:
18:0f:fa:82:e4:33:26:34:09:84:31:a0:91:97:49:d4:1d:39:
60:61:81:42:6d:00:f4:9d:d7:0d:0a:40:cc:78:1c:3c:7d:b2:
7c:2e:a8:f5:4f:09:b2:16:ce:b1:96:1d:e5:bd:56:1b:d8:61:
61:ce:53:22:99:b4:c5:d0:b9:8c:8c:80:8d:95:4a:6e:5f:0b:
10:84:ba:69
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYOkgf+A34Jb3hvnquUlqwNgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjIxMDA0MTkzODQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWIwZjY5ZDZkZDYwZDY3NzlmMzZjNWUyMzVhZWJjZjVlNGMzZTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApGohx6M6zIeljvdMXbZD7hCzrF7t
X4rEVUekENM23CFEN2DVGVZ6Tj7Hm/yW5/JctqML3/TsXMIZbFo9689qV+TRttWK
XfOlHVIfNOlJEkFqzHV5vRhrS3adjkkn5SIlNR4meUVkj8j0STDXiv0a/HWs2PRV
qSEzKzgH083s7CsbsZh4eEGJDFwU8gsCeQ2E1pPxAPlc+OZSuSnxbZApVNi8kBY8
7LK+OZeUxPeDgfg3USOOXl6S6b7y3BYXU+HoAvDyxGMQ1lwjMNCy555LMZs6lOjJ
LwaItw04JKyrnTs9vQhoU86BQbZOtM8VVHHep2PXpOTIMltz4GP9l9TT6wIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFAqw9p1t1g1nefNsXiNa689eTD4/MB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvQ3JEMm5XM1dEV2Q1ODJ4ZUkxcnJ6MTVNUGo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQDBSPAAwQD
PnAAAwQAVPc7AwQAVmjRAwQDXXG4AwQAXXNvAwQAXXObAwQAXrFBAwQAuU35AwQC
1O3gAwQA2RMBMA0GCSqGSIb3DQEBCwUAA4IBAQCBl51cwDzLNrFR6pSzCe9vTrB5
07Ky8xZqjufhfyBTvIXBukHbXT6FSodT1lMjOiRiBhYf7eLAM1eebKln0gyLmzhR
tvG1OFdgoDcz/tBi6aXALIW2eJjZ333Su8iJVVUUT5+5UPPjziSfikSK3QlVJ/n9
ChaoadfpaOeAizk+Nk3K8RN8eVw6RX+OkSOVV+G5DejEYQECNqzYbfs3ja2l3aC+
Vapy7WxPvrALiDX9b/FUdF4YD/qC5DMmNAmEMaCRl0nUHTlgYYFCbQD0ndcNCkDM
eBw8fbJ8Lqj1TwmyFs6xlh3lvVYb2GFhzlMimbTF0LmMjICNlUpuXwsQhLpp
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:04 2023 by rpki-client on console-fra.rpki-client.org