Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/aIZYVrfMIzjdkIQClwkk16QUmV4.roa
File: aIZYVrfMIzjdkIQClwkk16QUmV4.roa (raw, json)
Hash identifier: VGutKVmNdd4OR8fAuXFjp8jV7eZ8v6AYgytDFwxzVQk=
Subject key identifier: 68:86:58:56:B7:CC:23:38:DD:90:84:02:97:09:24:D7:A4:14:99:5E
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 01887466C4C7029A1DAC340346A05C33516E
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/aIZYVrfMIzjdkIQClwkk16QUmV4.roa
Signing time: Thu 01 Jun 2023 00:41:12 +0000
ROA not before: Thu 01 Jun 2023 00:41:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 93.115.155.0/24 maxlen: 24
46.102.174.0/24 maxlen: 24
86.104.209.0/24 maxlen: 24
217.19.1.0/24 maxlen: 24
89.42.40.0/24 maxlen: 24
185.77.249.0/24 maxlen: 24
84.247.59.0/24 maxlen: 24
93.114.169.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:74:66:c4:c7:02:9a:1d:ac:34:03:46:a0:5c:33:51:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Jun 1 00:41:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68865856b7cc2338dd908402970924d7a414995e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:0a:bf:a6:7e:a7:59:b9:c3:fc:13:95:70:82:
b7:a7:8f:ac:0b:f7:9d:f2:a3:50:11:f0:77:6e:a2:
22:e1:53:a8:63:4b:0d:a3:1c:65:d6:ef:28:60:2b:
14:35:00:b0:a0:79:33:f8:bf:c8:1f:0f:48:af:fd:
48:d9:55:1f:0f:07:ec:f9:93:c0:b4:fd:07:06:1c:
81:67:bf:78:7e:e5:0a:fa:98:f8:e1:f1:6f:91:11:
76:87:fb:ac:04:e7:36:36:2a:2b:67:c3:a6:08:79:
1d:32:16:7f:bd:a0:8d:a1:b9:c6:3c:e0:82:96:b6:
fb:eb:b6:a4:46:45:04:39:5a:26:d6:13:89:a2:ae:
44:69:9a:29:f1:42:e9:6c:cd:cf:0d:ca:61:1e:6d:
a4:73:31:a8:30:f9:92:7a:52:ac:6f:82:1d:1c:be:
5d:12:d3:ca:6f:b8:d7:d0:e8:35:78:d9:bb:16:f0:
99:9f:45:4d:f1:bf:ac:f5:b1:73:0a:2f:2e:85:a8:
4c:9e:3f:39:50:47:d1:ac:24:c1:25:dc:87:f1:10:
50:bc:d9:0b:af:f2:50:42:c1:c8:11:24:fb:8d:9b:
ec:b9:d1:0e:87:10:10:b0:88:3a:46:9f:09:a7:30:
5b:07:bc:c4:00:be:81:c4:36:cc:6d:92:51:0e:d3:
2e:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:86:58:56:B7:CC:23:38:DD:90:84:02:97:09:24:D7:A4:14:99:5E
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/aIZYVrfMIzjdkIQClwkk16QUmV4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.174.0/24
84.247.59.0/24
86.104.209.0/24
89.42.40.0/24
93.114.169.0/24
93.115.155.0/24
185.77.249.0/24
217.19.1.0/24
Signature Algorithm: sha256WithRSAEncryption
16:87:12:88:bd:17:27:5e:59:a0:b2:d3:42:e9:1a:b2:62:49:
20:4c:b1:a1:6b:06:3b:7f:52:5c:28:4a:7a:ba:33:41:16:6f:
ea:59:44:10:93:b6:63:03:86:e4:c1:c2:8f:b1:df:dc:1d:47:
89:a5:1b:72:6f:ce:aa:67:81:b8:d1:ec:34:b1:66:f9:1c:91:
fe:6a:0b:c9:34:cd:36:aa:bc:e3:22:92:17:90:e0:d9:53:01:
95:fe:50:63:d9:dd:53:dd:e4:28:05:8f:69:f5:57:dd:ec:72:
17:c9:fa:15:0e:0f:57:b0:e5:25:18:b0:c1:cf:b0:92:19:9c:
37:19:7c:e1:62:71:b8:66:6c:38:37:be:54:31:17:a2:01:a0:
59:eb:ae:89:e6:28:8a:9f:16:eb:5c:fd:7d:22:23:74:2a:ee:
37:94:34:ab:f3:f9:e3:bb:71:7b:c5:0d:b8:67:b0:3f:e8:da:
3f:ff:5a:d6:da:dd:cd:bc:a5:de:5a:e6:66:ba:b7:5a:72:ad:
63:e1:ad:66:5e:57:c4:ee:53:a4:be:cd:d8:09:db:81:96:34:
8d:be:33:ab:2e:36:62:c2:35:f8:44:e0:7d:8e:81:33:d3:c1:
33:62:c4:73:c8:cd:90:6c:b9:78:b2:fa:12:1b:73:38:d5:49:
4a:fb:48:ab
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYh0ZsTHApodrDQDRqBcM1FuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMwNjAxMDA0MTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODg2NTg1NmI3Y2MyMzM4ZGQ5MDg0MDI5NzA5MjRkN2E0MTQ5OTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgq/pn6nWbnD/BOVcIK3p4+sC/ed
8qNQEfB3bqIi4VOoY0sNoxxl1u8oYCsUNQCwoHkz+L/IHw9Ir/1I2VUfDwfs+ZPA
tP0HBhyBZ794fuUK+pj44fFvkRF2h/usBOc2NiorZ8OmCHkdMhZ/vaCNobnGPOCC
lrb767akRkUEOVom1hOJoq5EaZop8ULpbM3PDcphHm2kczGoMPmSelKsb4IdHL5d
EtPKb7jX0Og1eNm7FvCZn0VN8b+s9bFzCi8uhahMnj85UEfRrCTBJdyH8RBQvNkL
r/JQQsHIEST7jZvsudEOhxAQsIg6Rp8JpzBbB7zEAL6BxDbMbZJRDtMuJwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFGiGWFa3zCM43ZCEApcJJNekFJleMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvYUlaWVZyZk1Jempka0lRQ2x3a2sxNlFVbVY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALmauAwQA
VPc7AwQAVmjRAwQAWSooAwQAXXKpAwQAXXObAwQAuU35AwQA2RMBMA0GCSqGSIb3
DQEBCwUAA4IBAQAWhxKIvRcnXlmgstNC6RqyYkkgTLGhawY7f1JcKEp6ujNBFm/q
WUQQk7ZjA4bkwcKPsd/cHUeJpRtyb86qZ4G40ew0sWb5HJH+agvJNM02qrzjIpIX
kODZUwGV/lBj2d1T3eQoBY9p9Vfd7HIXyfoVDg9XsOUlGLDBz7CSGZw3GXzhYnG4
Zmw4N75UMReiAaBZ666J5iiKnxbrXP19IiN0Ku43lDSr8/nju3F7xQ24Z7A/6No/
/1rW2t3NvKXeWuZmurdacq1j4a1mXlfE7lOkvs3YCduBljSNvjOrLjZiwjX4ROB9
joEz08EzYsRzyM2QbLl4svoSG3M41UlK+0ir
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:14 2024 by rpki-client on console-fra.rpki-client.org