Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/UTW2LaiiBbYFf94gN3pPOS_mvME.roa
File: UTW2LaiiBbYFf94gN3pPOS_mvME.roa (raw, json)
Hash identifier: Nxf6VxWUKvmhBO4qdT2934fF4xez/WD2LeRWvsq38ns=
Subject key identifier: 51:35:B6:2D:A8:A2:05:B6:05:7F:DE:20:37:7A:4F:39:2F:E6:BC:C1
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 0184F9C75228D0206ED2F0527F861557D21C
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/UTW2LaiiBbYFf94gN3pPOS_mvME.roa
Signing time: Sat 10 Dec 2022 02:05:00 +0000
ROA not before: Sat 10 Dec 2022 02:05:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 93.115.155.0/24 maxlen: 24
212.237.224.0/22 maxlen: 24
86.104.209.0/24 maxlen: 24
217.19.1.0/24 maxlen: 24
93.115.111.0/24 maxlen: 24
185.77.249.0/24 maxlen: 24
84.247.59.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f9:c7:52:28:d0:20:6e:d2:f0:52:7f:86:15:57:d2:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Dec 10 02:05:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5135b62da8a205b6057fde20377a4f392fe6bcc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:2c:c6:05:53:b4:98:f7:02:ba:89:b2:0b:41:
3b:9b:86:2d:a3:64:f7:36:cb:0c:f7:11:67:18:7a:
e4:4c:7f:e9:9d:3d:35:35:0e:3c:c6:5d:bc:bc:54:
88:3e:44:e6:91:81:f0:14:da:3e:e3:ad:4d:22:b1:
40:55:cf:37:6b:b0:71:45:54:ee:ca:a8:b8:21:ac:
87:0c:35:5e:12:19:71:33:ac:17:00:63:2a:ba:cb:
b9:94:48:b2:cb:f8:6c:52:8b:3f:c0:78:c2:9c:6c:
bf:24:a2:41:49:f3:df:5c:08:05:ed:00:3c:e2:f6:
0b:f3:87:9d:d4:ba:19:f2:99:85:8c:a7:b9:b7:45:
9b:a8:af:9c:41:d2:b2:6f:6c:b5:61:af:bd:4e:bb:
6d:db:e7:95:6c:1e:da:d2:d6:a9:d8:56:5f:8a:31:
da:31:0e:3b:3a:56:1f:a6:dd:72:24:c7:5a:28:7f:
1b:7b:d4:a4:6d:d1:b2:9a:c4:b4:9e:c9:d2:d1:7f:
5d:59:bb:08:9f:e6:dd:dd:98:d9:6b:6d:0f:ea:2f:
13:1a:96:3b:07:27:41:12:e0:8c:c1:0e:88:47:51:
e5:72:d2:9e:18:b8:c6:98:f7:ef:0e:e7:7a:87:37:
8d:b3:fc:b7:f3:f6:46:83:16:7a:6f:4b:1e:ae:d1:
7a:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:35:B6:2D:A8:A2:05:B6:05:7F:DE:20:37:7A:4F:39:2F:E6:BC:C1
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/UTW2LaiiBbYFf94gN3pPOS_mvME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.247.59.0/24
86.104.209.0/24
93.115.111.0/24
93.115.155.0/24
185.77.249.0/24
212.237.224.0/22
217.19.1.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:54:23:6c:96:f3:e2:b8:96:3a:98:06:0b:23:96:50:22:81:
94:b3:ee:82:84:cf:ad:8f:0e:32:62:0f:b0:2e:f3:c9:2e:34:
a5:dd:19:a5:2e:41:01:26:f0:c5:49:d2:1c:0b:90:0a:63:61:
0f:18:2e:2b:1f:d9:24:c9:82:ff:7f:75:aa:ea:24:58:c9:df:
b5:6d:cf:ff:80:2d:46:09:50:3c:aa:c0:db:67:64:54:23:0c:
a7:f6:69:02:5f:af:ec:db:dc:53:31:3f:c6:80:8d:5d:8b:4d:
ec:54:06:82:56:14:20:9f:ca:f6:24:39:be:ca:17:74:0a:e2:
e7:71:19:1f:cd:22:96:0a:03:20:9d:1b:0e:a5:41:00:1c:3a:
40:14:07:44:cd:ae:b2:31:bf:58:7c:88:df:0d:b9:df:bd:dc:
23:d6:a5:b7:e2:7c:63:0e:4f:f0:71:a6:0e:13:60:31:ca:2f:
43:a1:7e:44:a3:b8:d4:c8:86:b4:47:bf:00:8d:c0:28:bb:7a:
78:a5:22:b1:a8:93:0b:0b:69:0b:4b:d1:06:9f:28:4e:30:15:
a0:71:53:0f:a1:bd:8c:97:f1:5d:7a:04:04:31:a9:f9:21:82:
68:48:eb:f8:03:49:65:6c:0b:e4:aa:7f:a9:79:42:73:4c:16:
19:95:6d:78
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYT5x1Io0CBu0vBSf4YVV9IcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjIxMjEwMDIwNTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTM1YjYyZGE4YTIwNWI2MDU3ZmRlMjAzNzdhNGYzOTJmZTZiY2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCzGBVO0mPcCuomyC0E7m4Yto2T3
NssM9xFnGHrkTH/pnT01NQ48xl28vFSIPkTmkYHwFNo+461NIrFAVc83a7BxRVTu
yqi4IayHDDVeEhlxM6wXAGMqusu5lEiyy/hsUos/wHjCnGy/JKJBSfPfXAgF7QA8
4vYL84ed1LoZ8pmFjKe5t0WbqK+cQdKyb2y1Ya+9Trtt2+eVbB7a0tap2FZfijHa
MQ47OlYfpt1yJMdaKH8be9SkbdGymsS0nsnS0X9dWbsIn+bd3ZjZa20P6i8TGpY7
BydBEuCMwQ6IR1HlctKeGLjGmPfvDud6hzeNs/y38/ZGgxZ6b0sertF69QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFFE1ti2oogW2BX/eIDd6Tzkv5rzBMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvVVRXMkxhaWlCYllGZjk0Z04zcFBPU19tdk1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAVPc7AwQA
VmjRAwQAXXNvAwQAXXObAwQAuU35AwQC1O3gAwQA2RMBMA0GCSqGSIb3DQEBCwUA
A4IBAQALVCNslvPiuJY6mAYLI5ZQIoGUs+6ChM+tjw4yYg+wLvPJLjSl3RmlLkEB
JvDFSdIcC5AKY2EPGC4rH9kkyYL/f3Wq6iRYyd+1bc//gC1GCVA8qsDbZ2RUIwyn
9mkCX6/s29xTMT/GgI1di03sVAaCVhQgn8r2JDm+yhd0CuLncRkfzSKWCgMgnRsO
pUEAHDpAFAdEza6yMb9YfIjfDbnfvdwj1qW34nxjDk/wcaYOE2Axyi9DoX5Eo7jU
yIa0R78AjcAou3p4pSKxqJMLC2kLS9EGnyhOMBWgcVMPob2Ml/FdegQEMan5IYJo
SOv4A0llbAvkqn+peUJzTBYZlW14
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:55 2023 by rpki-client on console-ams.rpki-client.org