Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/cHUvs39rL4hSNcYtxxtwyTmYDNw.roa
File: cHUvs39rL4hSNcYtxxtwyTmYDNw.roa (raw, json)
Hash identifier: cZmz4PWlqZ5iw/G0oBClq2aX43mho5p1Y8IQnI7b1Rc=
Subject key identifier: 70:75:2F:B3:7F:6B:2F:88:52:35:C6:2D:C7:1B:70:C9:39:98:0C:DC
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018B683F411D78B2148D01AC421FFC6DBFB7
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/cHUvs39rL4hSNcYtxxtwyTmYDNw.roa
Signing time: Wed 25 Oct 2023 19:10:57 +0000
ROA not before: Wed 25 Oct 2023 19:10:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 37.153.132.0/24 maxlen: 24
188.240.83.0/24 maxlen: 24
84.247.20.0/24 maxlen: 24
89.37.106.0/24 maxlen: 24
91.250.244.0/24 maxlen: 24
89.42.40.0/24 maxlen: 24
62.112.30.0/24 maxlen: 24
89.34.171.0/24 maxlen: 24
89.36.231.0/24 maxlen: 24
89.42.215.0/24 maxlen: 24
46.102.174.0/24 maxlen: 24
89.37.128.0/24 maxlen: 24
176.223.181.0/24 maxlen: 24
93.114.69.0/24 maxlen: 24
89.40.43.0/24 maxlen: 24
176.223.190.0/24 maxlen: 24
188.211.249.0/24 maxlen: 24
94.177.113.0/24 maxlen: 24
94.177.118.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:68:3f:41:1d:78:b2:14:8d:01:ac:42:1f:fc:6d:bf:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Oct 25 19:10:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70752fb37f6b2f885235c62dc71b70c939980cdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:85:c2:08:ea:53:09:b1:e9:f1:07:68:88:f0:
ea:6e:fb:8c:ff:1e:f3:8f:a6:5a:83:50:a7:1d:53:
89:2c:4e:cd:a4:86:36:14:1f:30:d1:ff:da:bd:78:
17:44:e7:42:d6:e8:32:ac:df:82:fb:83:ad:12:cf:
d3:03:ea:8d:8c:97:74:1c:7a:d5:a5:b3:8f:dd:d3:
c0:46:35:2c:dd:da:50:7f:0a:0e:89:04:d5:7b:1e:
23:03:8e:0e:39:62:24:63:da:f9:75:5e:52:1a:18:
c5:cb:11:e6:b1:bf:9e:5a:c5:61:da:c0:6b:53:2d:
f9:ff:0b:b8:06:29:39:df:3c:9b:0e:f3:b1:22:b2:
8b:50:48:15:02:58:0c:36:f8:a2:d3:47:4e:98:1c:
bc:d7:d2:37:ed:06:22:f0:62:56:49:1c:bf:ed:90:
36:a9:34:1a:c0:a0:a0:f3:6b:bb:b5:8a:52:cf:96:
1b:43:76:01:cc:c7:24:b2:2c:2a:41:5d:27:ec:55:
d3:c0:1a:45:ca:c4:f2:a6:e0:95:f4:24:7f:8d:d6:
30:6f:eb:c9:55:29:f7:04:36:2c:8e:f4:28:af:21:
51:2d:73:fa:a5:07:32:59:f2:f8:af:34:e5:76:8a:
87:5d:fd:32:b7:1b:6d:7f:47:80:40:9e:1d:54:c9:
e1:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:75:2F:B3:7F:6B:2F:88:52:35:C6:2D:C7:1B:70:C9:39:98:0C:DC
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/cHUvs39rL4hSNcYtxxtwyTmYDNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.132.0/24
46.102.174.0/24
62.112.30.0/24
84.247.20.0/24
89.34.171.0/24
89.36.231.0/24
89.37.106.0/24
89.37.128.0/24
89.40.43.0/24
89.42.40.0/24
89.42.215.0/24
91.250.244.0/24
93.114.69.0/24
94.177.113.0/24
94.177.118.0/24
176.223.181.0/24
176.223.190.0/24
188.211.249.0/24
188.240.83.0/24
Signature Algorithm: sha256WithRSAEncryption
96:e7:2c:f7:24:ac:bf:bd:fa:dd:68:cf:3b:2a:17:37:d9:ac:
1b:55:e5:41:65:73:48:7f:cf:ce:41:38:64:fb:79:a7:06:80:
69:c8:a8:82:cc:3e:d8:06:f6:3a:80:db:e7:94:cf:90:05:6a:
4e:54:e2:15:ed:5d:bb:49:83:85:fb:4e:19:8f:ef:37:e8:28:
1e:15:c4:65:bd:43:37:61:3b:64:82:29:1e:a5:0a:21:f5:26:
a8:3a:4f:74:40:b7:4a:9d:22:4b:bf:f7:c1:f5:51:17:64:2f:
25:2c:5b:95:b8:66:39:3d:27:61:8e:92:d3:f7:ae:9c:ea:27:
a8:06:a5:c0:5f:00:68:cc:d7:59:ce:73:3e:a1:50:55:ef:12:
c6:0b:8c:c3:f8:e2:6a:86:d1:a4:2c:d8:d5:88:0f:fa:dd:45:
c1:9c:11:3e:7e:52:6e:df:ee:6e:c3:82:c4:91:c1:aa:2d:b4:
9b:18:f9:b1:4b:f4:a7:8d:72:75:10:71:7d:15:93:c2:b9:04:
8f:c3:29:25:33:8d:6c:87:d7:06:9d:4a:00:25:15:4a:62:d0:
2f:37:56:43:9c:f6:5c:e0:dc:db:67:a4:aa:ff:52:5a:cc:2d:
a4:cf:34:3a:1c:1d:31:52:8a:0b:f6:6d:df:7e:63:77:89:f8:
74:ed:c4:a6
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAYtoP0EdeLIUjQGsQh/8bb+3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMxMDI1MTkxMDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDc1MmZiMzdmNmIyZjg4NTIzNWM2MmRjNzFiNzBjOTM5OTgwY2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3IXCCOpTCbHp8QdoiPDqbvuM/x7z
j6Zag1CnHVOJLE7NpIY2FB8w0f/avXgXROdC1ugyrN+C+4OtEs/TA+qNjJd0HHrV
pbOP3dPARjUs3dpQfwoOiQTVex4jA44OOWIkY9r5dV5SGhjFyxHmsb+eWsVh2sBr
Uy35/wu4Bik53zybDvOxIrKLUEgVAlgMNvii00dOmBy819I37QYi8GJWSRy/7ZA2
qTQawKCg82u7tYpSz5YbQ3YBzMcksiwqQV0n7FXTwBpFysTypuCV9CR/jdYwb+vJ
VSn3BDYsjvQoryFRLXP6pQcyWfL4rzTldoqHXf0ytxttf0eAQJ4dVMnhmQIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFHB1L7N/ay+IUjXGLccbcMk5mAzcMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvY0hVdnMzOXJMNGhTTmNZdHh4dHd5VG1ZRE53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEACWZhAME
AC5mrgMEAD5wHgMEAFT3FAMEAFkiqwMEAFkk5wMEAFklagMEAFklgAMEAFkoKwME
AFkqKAMEAFkq1wMEAFv69AMEAF1yRQMEAF6xcQMEAF6xdgMEALDftQMEALDfvgME
ALzT+QMEALzwUzANBgkqhkiG9w0BAQsFAAOCAQEAlucs9ySsv7363WjPOyoXN9ms
G1XlQWVzSH/PzkE4ZPt5pwaAaciogsw+2Ab2OoDb55TPkAVqTlTiFe1du0mDhftO
GY/vN+goHhXEZb1DN2E7ZIIpHqUKIfUmqDpPdEC3Sp0iS7/3wfVRF2QvJSxblbhm
OT0nYY6S0/eunOonqAalwF8AaMzXWc5zPqFQVe8SxguMw/jiaobRpCzY1YgP+t1F
wZwRPn5Sbt/ubsOCxJHBqi20mxj5sUv0p41ydRBxfRWTwrkEj8MpJTONbIfXBp1K
ACUVSmLQLzdWQ5z2XODc22ekqv9SWswtpM80OhwdMVKKC/Zt335jd4n4dO3Epg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:49 2024 by rpki-client on console-ams.rpki-client.org