Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/b6oESmlgZQuuxE0nPSW0Bzm78wM.roa
File: b6oESmlgZQuuxE0nPSW0Bzm78wM.roa (raw, json)
Hash identifier: eGZLkovUTGp+oIZm93Umu+T9H7wmHORU+rsKVYuYjzI=
Subject key identifier: 6F:AA:04:4A:69:60:65:0B:AE:C4:4D:27:3D:25:B4:07:39:BB:F3:03
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 01869B58AF75B35617D10B47BC94E8888C54
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/b6oESmlgZQuuxE0nPSW0Bzm78wM.roa
Signing time: Wed 01 Mar 2023 04:05:25 +0000
ROA not before: Wed 01 Mar 2023 04:05:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 93.115.155.0/24 maxlen: 24
86.104.209.0/24 maxlen: 24
217.19.1.0/24 maxlen: 24
89.42.40.0/24 maxlen: 24
185.77.249.0/24 maxlen: 24
84.247.59.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9b:58:af:75:b3:56:17:d1:0b:47:bc:94:e8:88:8c:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Mar 1 04:05:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6faa044a6960650baec44d273d25b40739bbf303
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:71:ed:f4:e9:22:41:4c:95:89:fd:1b:31:0a:
a0:7e:e6:55:87:7a:91:9c:60:c5:ab:1c:18:c7:75:
66:5e:b3:3f:25:82:4d:08:c2:b3:37:be:28:12:55:
da:99:d6:14:4c:e5:5e:0a:13:e0:1f:bc:a0:59:2b:
96:9f:0c:5a:16:1e:e8:8b:0c:90:82:9b:72:40:7a:
80:ff:cd:c4:3f:93:65:cf:8a:d7:1f:ca:82:f4:f5:
d4:bf:ea:ac:50:93:ca:0a:2d:a6:bf:f9:a5:42:36:
89:08:98:49:3d:da:00:b0:a2:93:5f:2b:cf:28:8d:
32:e6:5f:a2:38:03:e3:a0:b9:dc:b8:15:c0:1a:42:
2f:82:91:85:97:20:7e:4c:e3:66:7a:da:6f:fb:92:
9b:b6:50:a5:8f:1a:ef:88:7d:60:68:c5:c3:11:12:
f9:d6:3b:44:1e:31:02:ab:f7:fe:0f:c5:e9:24:8e:
3b:75:f5:9c:6c:e9:0c:ea:a9:97:01:ee:08:b2:25:
83:bc:65:9a:28:c5:5d:fc:4b:20:29:8c:87:90:40:
22:a3:b1:c9:bc:73:64:8b:ce:26:f5:db:60:03:4e:
ad:b3:8f:a9:3e:2e:4c:71:7c:f2:25:e6:45:db:61:
fc:f4:1a:48:4c:a5:74:55:3d:03:bf:d3:8a:9c:81:
cd:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:AA:04:4A:69:60:65:0B:AE:C4:4D:27:3D:25:B4:07:39:BB:F3:03
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/b6oESmlgZQuuxE0nPSW0Bzm78wM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.247.59.0/24
86.104.209.0/24
89.42.40.0/24
93.115.155.0/24
185.77.249.0/24
217.19.1.0/24
Signature Algorithm: sha256WithRSAEncryption
28:89:61:6d:72:e4:6c:73:fa:c4:eb:4d:c8:2a:b2:bc:a3:ca:
35:44:ed:a3:fa:79:8c:da:c0:dd:42:02:9d:b6:15:f0:c0:75:
96:d5:5a:73:d1:e1:3a:5d:7a:28:f1:9c:7d:21:3c:fe:5b:bd:
e0:fe:ad:23:f3:85:3d:92:65:5e:0d:f3:70:64:99:24:27:b2:
e1:fe:e3:a6:78:d2:97:3e:8d:6f:9f:e7:08:72:38:f1:9b:94:
73:f4:38:39:68:77:8e:c7:ac:46:6c:58:ff:3c:e8:72:5d:41:
83:bf:e2:d2:17:36:09:27:9e:33:7c:31:c9:84:91:b1:4b:49:
71:ad:45:f3:7b:59:22:0b:8c:41:31:a4:6b:84:cc:fd:e8:ed:
0e:d8:c0:00:15:c2:cc:b1:82:be:50:7b:f5:61:40:62:f2:b1:
03:87:06:4a:84:6e:00:92:11:7b:43:02:87:44:3c:b0:8a:ba:
b1:d0:13:41:78:0c:59:0e:a6:f9:47:3f:db:0e:e2:32:e4:d5:
2d:0c:a5:35:46:dc:51:1f:79:ae:58:e5:99:62:51:67:83:8a:
bd:c4:ca:84:ad:f9:48:19:bd:f4:76:d8:36:5d:1e:96:46:51:
ba:10:bc:95:92:87:cb:d1:e7:4d:17:2a:b8:69:2b:9e:fb:31:
a1:0d:2c:a2
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYabWK91s1YX0QtHvJToiIxUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMwMzAxMDQwNTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmFhMDQ0YTY5NjA2NTBiYWVjNDRkMjczZDI1YjQwNzM5YmJmMzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHHt9OkiQUyVif0bMQqgfuZVh3qR
nGDFqxwYx3VmXrM/JYJNCMKzN74oElXamdYUTOVeChPgH7ygWSuWnwxaFh7oiwyQ
gptyQHqA/83EP5Nlz4rXH8qC9PXUv+qsUJPKCi2mv/mlQjaJCJhJPdoAsKKTXyvP
KI0y5l+iOAPjoLncuBXAGkIvgpGFlyB+TONmetpv+5KbtlCljxrviH1gaMXDERL5
1jtEHjECq/f+D8XpJI47dfWcbOkM6qmXAe4IsiWDvGWaKMVd/EsgKYyHkEAio7HJ
vHNki84m9dtgA06ts4+pPi5McXzyJeZF22H89BpITKV0VT0Dv9OKnIHN/wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFG+qBEppYGULrsRNJz0ltAc5u/MDMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvYjZvRVNtbGdaUXV1eEUwblBTVzBCem03OHdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVPc7AwQA
VmjRAwQAWSooAwQAXXObAwQAuU35AwQA2RMBMA0GCSqGSIb3DQEBCwUAA4IBAQAo
iWFtcuRsc/rE603IKrK8o8o1RO2j+nmM2sDdQgKdthXwwHWW1Vpz0eE6XXoo8Zx9
ITz+W73g/q0j84U9kmVeDfNwZJkkJ7Lh/uOmeNKXPo1vn+cIcjjxm5Rz9Dg5aHeO
x6xGbFj/POhyXUGDv+LSFzYJJ54zfDHJhJGxS0lxrUXze1kiC4xBMaRrhMz96O0O
2MAAFcLMsYK+UHv1YUBi8rEDhwZKhG4AkhF7QwKHRDywirqx0BNBeAxZDqb5Rz/b
DuIy5NUtDKU1RtxRH3muWOWZYlFng4q9xMqErflIGb30dtg2XR6WRlG6ELyVkofL
0edNFyq4aSue+zGhDSyi
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:49 2024 by rpki-client on console-ams.rpki-client.org