Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/bPj_ds8YcooWLRwk_DMaYmG7uxU.roa
File: bPj_ds8YcooWLRwk_DMaYmG7uxU.roa (raw, json)
Hash identifier: ZFTb034jq0zwVsY1//PNWGrfC49JzwnGNGUOYy1hNgE=
Subject key identifier: 6C:F8:FF:76:CF:18:72:8A:16:2D:1C:24:FC:33:1A:62:61:BB:BB:15
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018CC56EFF8D4C16BBF11972111FAB2724EA
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/bPj_ds8YcooWLRwk_DMaYmG7uxU.roa
Signing time: Mon 01 Jan 2024 14:30:35 +0000
ROA not before: Mon 01 Jan 2024 14:30:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 93.115.155.0/24 maxlen: 24
94.177.27.0/24 maxlen: 24
89.42.215.0/24 maxlen: 24
86.104.209.0/24 maxlen: 24
217.19.1.0/24 maxlen: 24
185.77.249.0/24 maxlen: 24
84.247.59.0/24 maxlen: 24
176.223.181.0/24 maxlen: 24
77.81.1.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:ff:8d:4c:16:bb:f1:19:72:11:1f:ab:27:24:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Jan 1 14:30:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6cf8ff76cf18728a162d1c24fc331a6261bbbb15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:0f:b1:87:f0:26:59:6d:e8:f1:47:ae:7a:7d:
0d:09:83:f7:34:48:68:ce:8c:e9:cb:a9:d4:ea:e8:
3e:80:ce:9d:92:6e:60:40:44:2d:4a:b7:f9:20:9a:
bd:ed:c7:a4:77:69:16:23:c3:e2:ed:22:05:bd:3b:
88:2c:24:a7:d9:8e:8a:cb:0f:89:f9:f5:95:80:6b:
c3:cd:6f:24:2b:82:b2:e2:bf:18:bc:83:79:99:ef:
fa:5e:7b:cc:4f:60:31:cb:78:62:0c:ac:65:c3:b2:
e7:dc:4c:b6:d8:b6:a2:0c:bc:11:96:8f:51:81:9b:
f4:74:1d:5a:8f:55:5f:89:d1:38:ee:e4:50:c2:58:
1d:fe:c7:fc:98:0b:2f:72:df:d0:2d:f6:1c:81:62:
8a:3b:2a:38:23:a2:ae:dd:9c:22:ad:34:86:a1:95:
ac:08:cd:e4:99:67:07:b0:bf:78:bc:67:ac:a0:51:
85:26:70:1a:6d:44:48:20:ff:8a:00:91:8d:27:63:
9e:bc:5a:f1:31:69:30:99:36:95:8d:89:de:a1:fb:
7a:eb:27:a2:16:26:29:b4:1c:14:93:9b:d5:0e:27:
e0:25:3f:e8:bc:ba:a3:26:cb:24:c8:1a:13:ae:68:
05:03:c8:ca:9a:26:f9:69:1a:e4:1b:88:cd:95:df:
39:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:F8:FF:76:CF:18:72:8A:16:2D:1C:24:FC:33:1A:62:61:BB:BB:15
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/bPj_ds8YcooWLRwk_DMaYmG7uxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.1.0/24
84.247.59.0/24
86.104.209.0/24
89.42.215.0/24
93.115.155.0/24
94.177.27.0/24
176.223.181.0/24
185.77.249.0/24
217.19.1.0/24
Signature Algorithm: sha256WithRSAEncryption
77:77:7e:2e:53:b6:70:15:2c:a3:cb:6a:4d:a2:c3:e2:8d:ac:
c6:9b:86:fc:4f:4f:f3:03:7d:01:0c:e7:72:86:a6:e2:83:bd:
35:a6:e5:9a:6d:ac:a0:4c:53:e2:4f:1a:01:ac:45:48:8d:cd:
f6:ef:52:28:8b:b3:ef:7f:c0:0f:bf:aa:9c:cd:dc:71:8e:4a:
c6:d8:47:79:fc:08:0f:88:08:1b:51:be:0a:8c:9a:07:b0:7d:
9e:09:ff:eb:e0:28:98:d2:8d:ea:01:d4:35:82:47:e6:78:0d:
25:32:77:3a:e9:83:c6:7a:0c:fc:b6:1d:e5:12:d8:55:4c:13:
b2:ce:49:f0:37:41:9d:79:31:e9:b0:f8:31:56:1d:83:de:b6:
0b:3d:d1:94:5a:a5:1e:46:20:e4:20:75:3c:34:e7:23:d5:0b:
1a:95:12:d4:8f:5a:e8:b7:cf:45:e4:f0:8c:5b:6e:b8:d6:25:
4c:ff:40:3d:12:ff:8b:2e:85:75:59:96:66:32:b4:0c:2b:59:
77:52:1a:dd:2c:36:14:ec:ab:07:14:ec:17:58:0e:8d:84:2f:
db:2b:c8:5e:b3:08:dd:a3:5c:23:83:3d:c8:7c:bc:21:18:2d:
54:48:20:96:81:77:a1:29:77:69:26:13:84:09:d3:2a:05:44:
84:01:c4:b6
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYzFbv+NTBa78RlyER+rJyTqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjQwMTAxMTQzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2Y4ZmY3NmNmMTg3MjhhMTYyZDFjMjRmYzMzMWE2MjYxYmJiYjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmw+xh/AmWW3o8Ueuen0NCYP3NEho
zozpy6nU6ug+gM6dkm5gQEQtSrf5IJq97cekd2kWI8Pi7SIFvTuILCSn2Y6Kyw+J
+fWVgGvDzW8kK4Ky4r8YvIN5me/6XnvMT2Axy3hiDKxlw7Ln3Ey22LaiDLwRlo9R
gZv0dB1aj1VfidE47uRQwlgd/sf8mAsvct/QLfYcgWKKOyo4I6Ku3ZwirTSGoZWs
CM3kmWcHsL94vGesoFGFJnAabURIIP+KAJGNJ2OevFrxMWkwmTaVjYneoft66yei
FiYptBwUk5vVDifgJT/ovLqjJsskyBoTrmgFA8jKmib5aRrkG4jNld85iwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFGz4/3bPGHKKFi0cJPwzGmJhu7sVMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvYlBqX2RzOFljb29XTFJ3a19ETWFZbUc3dXhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQATVEBAwQA
VPc7AwQAVmjRAwQAWSrXAwQAXXObAwQAXrEbAwQAsN+1AwQAuU35AwQA2RMBMA0G
CSqGSIb3DQEBCwUAA4IBAQB3d34uU7ZwFSyjy2pNosPijazGm4b8T0/zA30BDOdy
hqbig701puWabaygTFPiTxoBrEVIjc3271Ioi7Pvf8APv6qczdxxjkrG2Ed5/AgP
iAgbUb4KjJoHsH2eCf/r4CiY0o3qAdQ1gkfmeA0lMnc66YPGegz8th3lEthVTBOy
zknwN0GdeTHpsPgxVh2D3rYLPdGUWqUeRiDkIHU8NOcj1QsalRLUj1rot89F5PCM
W2641iVM/0A9Ev+LLoV1WZZmMrQMK1l3UhrdLDYU7KsHFOwXWA6NhC/bK8heswjd
o1wjgz3IfLwhGC1USCCWgXehKXdpJhOECdMqBUSEAcS2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:49 2024 by rpki-client on console-ams.rpki-client.org