Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/QGnA6oqKKmO1r0zZLyE0mw0VuR0.roa
File: QGnA6oqKKmO1r0zZLyE0mw0VuR0.roa (raw, json)
Hash identifier: PqsUkU6xn27s21GcEm7q/3sAwrdUPS815qesd4HRg5U=
Subject key identifier: 40:69:C0:EA:8A:8A:2A:63:B5:AF:4C:D9:2F:21:34:9B:0D:15:B9:1D
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 01885045645853AD9ED4568A9AF61917F8C4
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/QGnA6oqKKmO1r0zZLyE0mw0VuR0.roa
Signing time: Thu 25 May 2023 00:18:24 +0000
ROA not before: Thu 25 May 2023 00:18:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 37.153.132.0/24 maxlen: 24
46.102.174.0/24 maxlen: 24
89.37.128.0/24 maxlen: 24
93.114.169.0/24 maxlen: 24
94.177.113.0/24 maxlen: 24
94.177.118.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:50:45:64:58:53:ad:9e:d4:56:8a:9a:f6:19:17:f8:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: May 25 00:18:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4069c0ea8a8a2a63b5af4cd92f21349b0d15b91d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:4e:b9:14:99:1f:33:cd:d4:3d:3e:f7:00:13:
17:9f:00:54:32:a9:59:a2:b7:18:83:1e:03:ec:31:
12:6c:b2:a1:9b:19:a3:1a:81:29:dd:64:d6:65:d7:
a3:22:dc:e3:28:8f:ca:bc:e7:8a:6a:15:4b:d7:fe:
cb:11:02:17:38:c1:4e:51:02:f8:db:5e:da:ac:4c:
ed:ab:05:fa:0f:1b:59:64:c2:79:5e:0d:3a:36:8a:
6b:a6:d9:ac:50:79:d8:8b:5e:43:5b:9d:8f:87:8e:
8c:33:d2:e7:d7:03:1a:54:e8:e3:a4:e5:e0:f7:19:
dd:fb:b1:b9:25:52:de:c6:12:1b:49:d3:0b:32:15:
ca:ac:20:cb:cb:29:31:c6:b9:b6:67:e6:2b:17:b6:
ad:9f:05:b5:fb:27:9b:49:3d:95:e8:e5:dd:f1:55:
d8:b4:3b:79:ff:d7:b0:1a:d9:8a:8d:a2:c4:30:93:
44:ce:f7:29:52:32:2c:00:1c:a3:9d:00:96:42:fd:
2e:15:d3:18:97:0d:d1:7a:a5:de:14:df:47:74:76:
34:a8:be:5e:db:22:8b:36:14:97:5e:c4:f4:76:54:
01:40:22:5d:94:97:41:00:73:8e:62:00:c5:12:f1:
99:85:30:65:05:17:49:cf:49:2f:dc:db:c3:be:af:
9f:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:69:C0:EA:8A:8A:2A:63:B5:AF:4C:D9:2F:21:34:9B:0D:15:B9:1D
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/QGnA6oqKKmO1r0zZLyE0mw0VuR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.132.0/24
46.102.174.0/24
89.37.128.0/24
93.114.169.0/24
94.177.113.0/24
94.177.118.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:55:a9:15:0c:a1:fb:88:59:99:5a:55:ae:83:db:99:a5:05:
84:d7:56:e3:21:24:bc:c7:a4:11:79:4f:06:d9:d8:ed:4c:0e:
fe:85:47:a9:61:71:dc:dd:3a:29:0a:6f:3c:7b:45:37:ae:15:
98:81:a6:88:e4:c6:d7:cf:01:62:29:7c:88:f7:4a:2d:c2:a9:
f9:a4:80:00:23:8e:c6:9d:d9:00:20:f8:f1:f6:cd:90:7f:38:
e6:8d:d2:6e:a2:2b:a1:bf:1b:14:ff:2b:31:9e:4d:51:8f:56:
09:62:f7:0e:2b:0e:56:7f:30:a0:37:83:52:eb:6c:62:58:ea:
f0:fe:de:28:af:27:7b:f7:63:44:a0:0b:9b:03:4e:38:5e:85:
c1:4e:7b:18:a3:68:75:92:89:af:44:1f:fb:1d:58:a2:22:ae:
dd:db:27:61:04:9b:a9:1e:5a:a1:a2:0f:ec:7d:c4:31:03:ff:
d0:d1:9c:08:f0:bf:d9:8f:23:95:5f:67:d1:39:f3:21:57:1c:
58:4b:b7:99:b7:16:4f:ec:7f:5a:20:2f:81:b6:57:4f:5e:8c:
a3:9f:90:3f:82:4a:85:7b:ca:3c:98:8f:01:30:69:6e:06:17:
7b:08:b9:fc:8a:36:21:d1:2e:12:a1:29:d2:28:a4:db:11:d9:
c1:c6:e2:da
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYhQRWRYU62e1FaKmvYZF/jEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMwNTI1MDAxODI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDY5YzBlYThhOGEyYTYzYjVhZjRjZDkyZjIxMzQ5YjBkMTViOTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgk65FJkfM83UPT73ABMXnwBUMqlZ
orcYgx4D7DESbLKhmxmjGoEp3WTWZdejItzjKI/KvOeKahVL1/7LEQIXOMFOUQL4
217arEztqwX6DxtZZMJ5Xg06NoprptmsUHnYi15DW52Ph46MM9Ln1wMaVOjjpOXg
9xnd+7G5JVLexhIbSdMLMhXKrCDLyykxxrm2Z+YrF7atnwW1+yebST2V6OXd8VXY
tDt5/9ewGtmKjaLEMJNEzvcpUjIsAByjnQCWQv0uFdMYlw3ReqXeFN9HdHY0qL5e
2yKLNhSXXsT0dlQBQCJdlJdBAHOOYgDFEvGZhTBlBRdJz0kv3NvDvq+fSQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEBpwOqKiipjta9M2S8hNJsNFbkdMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvUUduQTZvcUtLbU8xcjB6Wkx5RTBtdzBWdVIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAJZmEAwQA
LmauAwQAWSWAAwQAXXKpAwQAXrFxAwQAXrF2MA0GCSqGSIb3DQEBCwUAA4IBAQAf
VakVDKH7iFmZWlWug9uZpQWE11bjISS8x6QReU8G2djtTA7+hUepYXHc3TopCm88
e0U3rhWYgaaI5MbXzwFiKXyI90otwqn5pIAAI47GndkAIPjx9s2QfzjmjdJuoiuh
vxsU/ysxnk1Rj1YJYvcOKw5WfzCgN4NS62xiWOrw/t4oryd792NEoAubA044XoXB
TnsYo2h1komvRB/7HViiIq7d2ydhBJupHlqhog/sfcQxA//Q0ZwI8L/ZjyOVX2fR
OfMhVxxYS7eZtxZP7H9aIC+BtldPXoyjn5A/gkqFe8o8mI8BMGluBhd7CLn8ijYh
0S4SoSnSKKTbEdnBxuLa
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:14 2024 by rpki-client on console-fra.rpki-client.org