Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/Nd1m2j84LsS0LB7hGC2gsMx9IuY.roa
File: Nd1m2j84LsS0LB7hGC2gsMx9IuY.roa (raw, json)
Hash identifier: KVHSFVJiQF5WxbEQu6kxxnD+MvvTYLCgA4KjWMUY+Ic=
Subject key identifier: 35:DD:66:DA:3F:38:2E:C4:B4:2C:1E:E1:18:2D:A0:B0:CC:7D:22:E6
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018573C8406D319FEBBA2D523B5B621C79A9
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/Nd1m2j84LsS0LB7hGC2gsMx9IuY.roa
Signing time: Mon 02 Jan 2023 18:39:41 +0000
ROA not before: Mon 02 Jan 2023 18:39:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 93.115.155.0/24 maxlen: 24
86.104.209.0/24 maxlen: 24
217.19.1.0/24 maxlen: 24
89.42.40.0/24 maxlen: 24
185.77.249.0/24 maxlen: 24
84.247.59.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:c8:40:6d:31:9f:eb:ba:2d:52:3b:5b:62:1c:79:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Jan 2 18:39:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35dd66da3f382ec4b42c1ee1182da0b0cc7d22e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:59:a3:6d:a5:d7:2e:9a:bd:ee:bd:c9:1a:18:
27:85:6f:bb:68:c6:2c:1d:ea:74:e0:4b:35:36:3e:
ca:6b:c7:f6:06:6d:51:3c:8d:71:ba:30:1c:4c:51:
41:29:3b:dc:7e:56:5d:0f:0d:dd:24:1e:21:eb:e4:
2b:a2:b6:fd:f7:a6:d9:36:d7:c6:2c:60:86:c3:5d:
ea:9a:ec:4d:8b:22:cd:68:23:36:27:18:18:ec:ed:
16:4a:40:ac:bf:9c:81:4f:e2:2d:e8:a3:f2:a6:9f:
dc:7d:da:3e:d9:d8:ef:32:0c:7a:cf:4d:ff:45:83:
ea:7a:ad:38:a3:4c:88:e5:67:31:c3:42:40:7a:e1:
4b:14:87:d5:07:bc:7c:0a:3f:d5:76:1f:12:0d:2d:
91:8b:bf:be:83:82:80:18:66:05:85:fc:34:f8:e8:
d8:e4:c3:5b:fc:63:25:38:d8:36:e3:3e:3c:fb:ec:
2a:a4:ef:5c:6e:2b:58:39:c5:3a:1b:99:8c:e8:57:
20:26:f9:d3:89:8d:45:82:2a:63:7a:51:ed:18:58:
81:eb:da:60:b9:8f:24:79:ba:89:f6:40:fe:e9:64:
22:0a:14:8b:83:bd:5f:53:eb:53:b4:00:4b:88:1a:
99:92:05:57:3b:d8:e1:7c:0a:5d:f5:d6:0b:df:d8:
25:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:DD:66:DA:3F:38:2E:C4:B4:2C:1E:E1:18:2D:A0:B0:CC:7D:22:E6
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/Nd1m2j84LsS0LB7hGC2gsMx9IuY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.247.59.0/24
86.104.209.0/24
89.42.40.0/24
93.115.155.0/24
185.77.249.0/24
217.19.1.0/24
Signature Algorithm: sha256WithRSAEncryption
66:b3:82:7e:2d:48:b4:65:f7:a7:65:2c:b3:94:a8:6d:bb:e6:
cf:c4:56:a5:30:15:97:eb:c2:4c:ea:e2:19:24:6f:5b:cc:09:
41:45:45:a5:bf:2b:e6:23:ba:a8:96:57:18:c2:7b:f9:25:98:
eb:ae:a4:c5:3b:c5:ff:0d:5b:5b:7b:e7:ac:f8:d1:0b:66:89:
5a:7f:9d:91:6d:f7:f0:61:8b:ea:d5:a5:f7:2e:b2:fb:f2:a1:
71:89:10:7b:89:4e:5d:6b:57:94:02:0c:84:ba:56:76:c0:bc:
f5:59:bd:54:5c:8c:9c:92:ba:88:3d:3b:0c:84:48:29:bc:6d:
06:78:95:4d:36:a4:6f:86:8d:24:83:e9:ce:ce:a2:53:84:8a:
1a:f9:66:56:31:f7:7d:1f:9e:ec:c4:fe:1e:42:26:22:20:8d:
8d:1d:2c:0d:b3:f3:73:45:21:25:f4:a5:05:19:7e:48:c9:9b:
25:99:78:5d:f2:80:28:9e:ab:7a:d6:24:33:23:c4:98:0c:ca:
e5:fa:11:89:96:62:08:b1:3b:10:41:e9:77:e3:1d:0a:a6:79:
6a:bb:6a:83:ba:26:1d:3e:b8:5c:76:4c:05:e7:5d:5d:ba:4a:
d1:dd:32:a3:bb:24:7b:d4:89:e5:94:ea:e5:47:af:0a:c3:64:
a5:0b:c1:b7
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVzyEBtMZ/rui1SO1tiHHmpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMwMTAyMTgzOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWRkNjZkYTNmMzgyZWM0YjQyYzFlZTExODJkYTBiMGNjN2QyMmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgFmjbaXXLpq97r3JGhgnhW+7aMYs
Hep04Es1Nj7Ka8f2Bm1RPI1xujAcTFFBKTvcflZdDw3dJB4h6+Qrorb996bZNtfG
LGCGw13qmuxNiyLNaCM2JxgY7O0WSkCsv5yBT+It6KPypp/cfdo+2djvMgx6z03/
RYPqeq04o0yI5Wcxw0JAeuFLFIfVB7x8Cj/Vdh8SDS2Ri7++g4KAGGYFhfw0+OjY
5MNb/GMlONg24z48++wqpO9cbitYOcU6G5mM6FcgJvnTiY1FgipjelHtGFiB69pg
uY8kebqJ9kD+6WQiChSLg71fU+tTtABLiBqZkgVXO9jhfApd9dYL39glQQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDXdZto/OC7EtCwe4RgtoLDMfSLmMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvTmQxbTJqODRMc1MwTEI3aEdDMmdzTXg5SXVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVPc7AwQA
VmjRAwQAWSooAwQAXXObAwQAuU35AwQA2RMBMA0GCSqGSIb3DQEBCwUAA4IBAQBm
s4J+LUi0ZfenZSyzlKhtu+bPxFalMBWX68JM6uIZJG9bzAlBRUWlvyvmI7qollcY
wnv5JZjrrqTFO8X/DVtbe+es+NELZolaf52RbffwYYvq1aX3LrL78qFxiRB7iU5d
a1eUAgyEulZ2wLz1Wb1UXIyckrqIPTsMhEgpvG0GeJVNNqRvho0kg+nOzqJThIoa
+WZWMfd9H57sxP4eQiYiII2NHSwNs/NzRSEl9KUFGX5IyZslmXhd8oAonqt61iQz
I8SYDMrl+hGJlmIIsTsQQel34x0Kpnlqu2qDuiYdPrhcdkwF511dukrR3TKjuyR7
1InllOrlR68Kw2SlC8G3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:49 2024 by rpki-client on console-ams.rpki-client.org