Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/DqltLFWrI0qTvF1Tsb_6z9W3c5o.roa
File: DqltLFWrI0qTvF1Tsb_6z9W3c5o.roa (raw, json)
Hash identifier: 4dd4lBfi6AXwwmNbe/nVd1FaXgM3GqCbZReTxCsuUyU=
Subject key identifier: 0E:A9:6D:2C:55:AB:23:4A:93:BC:5D:53:B1:BF:FA:CF:D5:B7:73:9A
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 0190F0D53C48DFF95F08B98B5EFDE6BFAE30
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/DqltLFWrI0qTvF1Tsb_6z9W3c5o.roa
Signing time: Fri 26 Jul 2024 20:57:04 +0000
ROA not before: Fri 26 Jul 2024 20:57:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 77.81.1.0/24 maxlen: 24
89.42.215.0/24 maxlen: 24
94.177.27.0/24 maxlen: 24
176.223.181.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:f0:d5:3c:48:df:f9:5f:08:b9:8b:5e:fd:e6:bf:ae:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Jul 26 20:57:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ea96d2c55ab234a93bc5d53b1bffacfd5b7739a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d7:47:7a:b7:4d:bb:04:80:ec:fd:88:b2:a3:
05:f0:bd:eb:c9:ea:cf:ee:7c:c0:d1:74:d5:bd:07:
9f:54:53:e9:d4:38:d5:2c:2b:b9:4e:7b:5b:a9:27:
53:38:4d:3f:21:e0:19:47:12:45:96:8a:d5:59:2a:
f8:74:79:bd:ca:66:dc:55:7d:c1:28:1c:be:98:27:
d8:05:21:55:6b:56:39:53:f1:2b:9d:e5:76:56:4a:
1b:1f:80:42:a6:b6:69:5a:2d:16:2b:13:e7:4a:79:
43:50:83:da:2d:d1:4b:a7:7f:8b:f6:57:b2:51:0a:
74:91:83:1a:ee:c4:d2:79:8c:fa:30:4a:a7:68:53:
71:df:7d:49:6c:64:06:4e:c5:90:98:08:49:ba:3e:
52:89:55:57:03:71:84:2f:bd:dc:23:e0:65:95:f6:
09:b8:6a:6b:01:8a:42:3e:8d:64:c1:eb:4f:88:73:
f5:5a:b8:88:8b:c5:e6:0b:e3:ff:85:02:d8:97:ac:
fb:5a:16:77:b7:e2:d6:1b:c0:2f:8d:69:b9:a8:68:
c1:b1:02:78:40:33:d1:b1:55:54:29:6b:b9:91:84:
aa:2c:2f:d0:04:67:01:43:4c:47:a6:02:82:78:fb:
52:9c:77:ca:54:60:3a:41:ea:70:c5:81:0a:be:c7:
33:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:A9:6D:2C:55:AB:23:4A:93:BC:5D:53:B1:BF:FA:CF:D5:B7:73:9A
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/DqltLFWrI0qTvF1Tsb_6z9W3c5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.1.0/24
89.42.215.0/24
94.177.27.0/24
176.223.181.0/24
Signature Algorithm: sha256WithRSAEncryption
83:2f:f7:17:08:55:00:c5:76:06:55:f2:c0:a5:a4:90:a7:15:
8e:89:c3:63:a4:2d:c8:02:07:12:29:ca:fc:a4:db:b2:ce:5f:
e5:51:30:85:0c:5d:f2:84:8a:ff:67:0e:1a:bb:ef:aa:5a:3a:
85:eb:ad:99:9e:45:f5:a8:86:59:81:6e:88:bc:4c:1f:f0:ac:
96:71:44:95:64:2e:10:93:58:c6:09:5d:29:eb:9e:72:c5:b7:
52:4d:de:4f:aa:cc:24:d4:90:ad:a5:de:97:5d:25:6f:79:a4:
c9:67:67:6d:b0:70:fe:b7:53:47:d2:9d:74:8b:b0:7b:d8:1d:
56:99:a2:bc:97:8a:1d:28:d4:3e:8c:ad:d6:25:7b:3b:d1:e3:
15:be:ab:ea:b5:b9:29:3e:c6:bf:ac:c3:5f:81:bf:68:16:65:
c3:3d:23:72:4f:3e:3b:0e:49:b3:4e:a7:21:45:46:98:24:99:
30:a1:11:01:a0:b1:39:a6:da:d5:04:33:ba:67:c6:77:e0:ea:
0f:ec:c8:a6:57:20:48:20:c5:cf:6c:d8:64:e0:b2:5d:2f:fe:
29:f2:22:d1:02:9d:af:a0:3a:a9:d8:fb:e0:c0:ef:f0:4f:9d:
b6:3e:a3:eb:a0:2e:f3:da:70:33:5b:a5:0f:39:80:d4:02:94:
4f:59:3d:ea
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZDw1TxI3/lfCLmLXv3mv64wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjQwNzI2MjA1NzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWE5NmQyYzU1YWIyMzRhOTNiYzVkNTNiMWJmZmFjZmQ1Yjc3MzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwddHerdNuwSA7P2IsqMF8L3ryerP
7nzA0XTVvQefVFPp1DjVLCu5TntbqSdTOE0/IeAZRxJFlorVWSr4dHm9ymbcVX3B
KBy+mCfYBSFVa1Y5U/ErneV2VkobH4BCprZpWi0WKxPnSnlDUIPaLdFLp3+L9ley
UQp0kYMa7sTSeYz6MEqnaFNx331JbGQGTsWQmAhJuj5SiVVXA3GEL73cI+BllfYJ
uGprAYpCPo1kwetPiHP1WriIi8XmC+P/hQLYl6z7WhZ3t+LWG8AvjWm5qGjBsQJ4
QDPRsVVUKWu5kYSqLC/QBGcBQ0xHpgKCePtSnHfKVGA6QepwxYEKvsczWQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFA6pbSxVqyNKk7xdU7G/+s/Vt3OaMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvRHFsdExGV3JJMHFUdkYxVHNiXzZ6OVczYzVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATVEBAwQA
WSrXAwQAXrEbAwQAsN+1MA0GCSqGSIb3DQEBCwUAA4IBAQCDL/cXCFUAxXYGVfLA
paSQpxWOicNjpC3IAgcSKcr8pNuyzl/lUTCFDF3yhIr/Zw4au++qWjqF662ZnkX1
qIZZgW6IvEwf8KyWcUSVZC4Qk1jGCV0p655yxbdSTd5Pqswk1JCtpd6XXSVveaTJ
Z2dtsHD+t1NH0p10i7B72B1WmaK8l4odKNQ+jK3WJXs70eMVvqvqtbkpPsa/rMNf
gb9oFmXDPSNyTz47DkmzTqchRUaYJJkwoREBoLE5ptrVBDO6Z8Z34OoP7MimVyBI
IMXPbNhk4LJdL/4p8iLRAp2voDqp2PvgwO/wT522PqProC7z2nAzW6UPOYDUApRP
WT3q
-----END CERTIFICATE-----
Generated at Fri Aug 2 12:40:41 2024 by rpki-client on console-ams.rpki-client.org