Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/H-lHHIvqmBUnEzlhBUFxT9mZcPA.roa
File: H-lHHIvqmBUnEzlhBUFxT9mZcPA.roa (raw, json)
Hash identifier: pRQTS8ebc5M/9Ro/eD8r2VZaEzUBHXlpIl3bwxWhx2s=
Subject key identifier: 1F:E9:47:1C:8B:EA:98:15:27:13:39:61:05:41:71:4F:D9:99:70:F0
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018A67F5AB0DE4484FD15C4C2EF50443F597
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/H-lHHIvqmBUnEzlhBUFxT9mZcPA.roa
Signing time: Wed 06 Sep 2023 00:47:47 +0000
ROA not before: Wed 06 Sep 2023 00:47:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 37.153.132.0/24 maxlen: 24
188.240.83.0/24 maxlen: 24
84.247.20.0/24 maxlen: 24
89.37.106.0/24 maxlen: 24
91.250.244.0/24 maxlen: 24
89.42.40.0/24 maxlen: 24
62.112.30.0/24 maxlen: 24
77.81.1.0/24 maxlen: 24
89.44.210.0/24 maxlen: 24
89.36.231.0/24 maxlen: 24
89.42.215.0/24 maxlen: 24
46.102.174.0/24 maxlen: 24
89.37.128.0/24 maxlen: 24
93.114.69.0/24 maxlen: 24
89.40.43.0/24 maxlen: 24
176.223.190.0/24 maxlen: 24
188.211.249.0/24 maxlen: 24
94.177.113.0/24 maxlen: 24
94.177.118.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:67:f5:ab:0d:e4:48:4f:d1:5c:4c:2e:f5:04:43:f5:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Sep 6 00:47:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1fe9471c8bea9815271339610541714fd99970f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:bd:09:05:5a:46:03:d8:b9:87:fa:78:00:34:
c6:7b:f0:39:b4:3e:f7:4d:e3:a3:4f:e5:9d:ae:2e:
fc:d8:65:be:d8:dd:5c:54:d7:57:b4:63:a0:48:8b:
98:22:a2:54:53:ad:09:98:6c:e0:23:cd:f8:3f:dc:
cd:e7:9f:ff:94:82:c8:a3:58:e5:54:f5:31:a9:72:
f7:96:1c:a3:0c:52:55:c4:28:a4:41:14:38:e3:55:
e1:ea:5a:9d:84:82:02:1a:97:28:b0:64:e3:a3:af:
70:cb:4e:72:3d:8c:d7:c3:bf:e0:da:43:9d:b5:9d:
5c:7e:af:2a:65:5e:1e:32:96:b5:19:67:86:da:e3:
fd:33:fe:3b:3b:88:b0:3e:c3:3b:78:ef:fd:2e:59:
cb:52:45:15:1a:14:c1:71:03:1e:4d:07:2d:be:44:
1f:66:5c:88:88:19:47:ba:bb:cc:29:80:66:70:47:
e3:87:55:c9:12:20:54:da:10:0f:57:e7:7d:6a:d2:
d5:7c:7b:b7:fd:b2:f9:7f:f0:bc:6d:91:ee:4f:b8:
7c:1a:d3:ad:2d:2e:25:64:17:92:a3:38:de:f9:da:
4b:fc:42:0f:42:55:09:57:3a:4d:4d:df:86:43:18:
46:f5:a3:c9:c5:e9:be:d0:8d:f3:0d:bf:01:82:c8:
11:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:E9:47:1C:8B:EA:98:15:27:13:39:61:05:41:71:4F:D9:99:70:F0
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/H-lHHIvqmBUnEzlhBUFxT9mZcPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.132.0/24
46.102.174.0/24
62.112.30.0/24
77.81.1.0/24
84.247.20.0/24
89.36.231.0/24
89.37.106.0/24
89.37.128.0/24
89.40.43.0/24
89.42.40.0/24
89.42.215.0/24
89.44.210.0/24
91.250.244.0/24
93.114.69.0/24
94.177.113.0/24
94.177.118.0/24
176.223.190.0/24
188.211.249.0/24
188.240.83.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:c7:83:4d:00:40:74:3b:0c:15:d6:30:8e:f4:55:40:ac:df:
92:15:25:28:32:77:2d:f9:b4:ff:d6:9a:c1:2e:2e:d3:b5:38:
6d:13:0e:ad:84:dd:c2:7a:ad:0c:f9:6b:b5:a7:14:02:69:dd:
f6:f7:45:f3:29:97:9c:27:98:2b:d0:74:a9:e8:43:bf:fd:6d:
52:4f:34:61:80:9d:9a:9d:32:a9:eb:cb:37:bb:81:f3:0c:18:
0c:32:9f:3d:f5:33:a4:88:6f:9d:cf:25:bc:55:94:05:06:4c:
99:1c:b6:3b:26:30:f2:03:df:02:0b:77:7c:9f:47:c4:b9:6b:
18:1b:86:04:29:28:9b:6e:1c:f6:0d:c8:fc:72:0e:21:b0:44:
69:04:44:03:eb:90:02:b1:99:d7:4e:63:f3:7e:0d:6d:f1:c6:
19:f8:1c:2a:99:e7:e2:a7:9e:ed:3c:37:be:17:6e:5c:b0:2e:
84:cc:a6:d2:a8:e5:65:74:b3:4f:c5:d7:16:f3:20:18:21:81:
d4:fa:73:39:ef:ee:c9:9c:ab:84:43:83:30:01:6f:92:0e:e3:
d5:0e:d1:bd:3d:46:83:78:3a:1e:da:28:a0:36:8a:92:3d:18:
14:e4:c0:a7:ef:9d:f5:1f:14:d9:67:4b:6e:88:f7:35:1c:c4:
8e:d8:54:5b
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAYpn9asN5EhP0VxMLvUEQ/WXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMwOTA2MDA0NzQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmU5NDcxYzhiZWE5ODE1MjcxMzM5NjEwNTQxNzE0ZmQ5OTk3MGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi70JBVpGA9i5h/p4ADTGe/A5tD73
TeOjT+Wdri782GW+2N1cVNdXtGOgSIuYIqJUU60JmGzgI834P9zN55//lILIo1jl
VPUxqXL3lhyjDFJVxCikQRQ441Xh6lqdhIICGpcosGTjo69wy05yPYzXw7/g2kOd
tZ1cfq8qZV4eMpa1GWeG2uP9M/47O4iwPsM7eO/9LlnLUkUVGhTBcQMeTQctvkQf
ZlyIiBlHurvMKYBmcEfjh1XJEiBU2hAPV+d9atLVfHu3/bL5f/C8bZHuT7h8GtOt
LS4lZBeSozje+dpL/EIPQlUJVzpNTd+GQxhG9aPJxem+0I3zDb8BgsgRrwIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFB/pRxyL6pgVJxM5YQVBcU/ZmXDwMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvSC1sSEhJdnFtQlVuRXpsaEJVRnhUOW1aY1BBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEACWZhAME
AC5mrgMEAD5wHgMEAE1RAQMEAFT3FAMEAFkk5wMEAFklagMEAFklgAMEAFkoKwME
AFkqKAMEAFkq1wMEAFks0gMEAFv69AMEAF1yRQMEAF6xcQMEAF6xdgMEALDfvgME
ALzT+QMEALzwUzANBgkqhkiG9w0BAQsFAAOCAQEALMeDTQBAdDsMFdYwjvRVQKzf
khUlKDJ3Lfm0/9aawS4u07U4bRMOrYTdwnqtDPlrtacUAmnd9vdF8ymXnCeYK9B0
qehDv/1tUk80YYCdmp0yqevLN7uB8wwYDDKfPfUzpIhvnc8lvFWUBQZMmRy2OyYw
8gPfAgt3fJ9HxLlrGBuGBCkom24c9g3I/HIOIbBEaQREA+uQArGZ105j834NbfHG
GfgcKpnn4qee7Tw3vhduXLAuhMym0qjlZXSzT8XXFvMgGCGB1PpzOe/uyZyrhEOD
MAFvkg7j1Q7RvT1Gg3g6HtoooDaKkj0YFOTAp++d9R8U2WdLboj3NRzEjthUWw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:14 2024 by rpki-client on console-fra.rpki-client.org