Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/f5UBefCNCfCrPGdp79MENrhmFRc.roa
File: f5UBefCNCfCrPGdp79MENrhmFRc.roa (raw, json)
Hash identifier: YVfi913e9HL4QAovnNT+evo/ZDoYXJ389vExGwbfYR4=
Subject key identifier: 7F:95:01:79:F0:8D:09:F0:AB:3C:67:69:EF:D3:04:36:B8:66:15:17
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018D7B1A92667BF2F55A6A4F5AD172734B53
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/f5UBefCNCfCrPGdp79MENrhmFRc.roa
Signing time: Mon 05 Feb 2024 21:09:15 +0000
ROA not before: Mon 05 Feb 2024 21:09:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 46.102.174.0/24 maxlen: 24
84.247.20.0/24 maxlen: 24
89.34.171.0/24 maxlen: 24
89.36.231.0/24 maxlen: 24
89.37.106.0/24 maxlen: 24
89.40.43.0/24 maxlen: 24
89.42.40.0/24 maxlen: 24
89.42.213.0/24 maxlen: 24
93.114.69.0/24 maxlen: 24
93.115.155.0/24 maxlen: 24
94.177.113.0/24 maxlen: 24
94.177.118.0/24 maxlen: 24
188.211.249.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7b:1a:92:66:7b:f2:f5:5a:6a:4f:5a:d1:72:73:4b:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Feb 5 21:09:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f950179f08d09f0ab3c6769efd30436b8661517
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:a7:20:cc:07:3e:c6:d9:18:fc:f3:9f:56:51:
14:db:1d:72:31:cd:95:02:d6:e7:32:fa:f9:df:39:
c6:a4:98:a3:65:9b:99:3d:ed:6f:52:5d:e1:1e:45:
d8:f8:2f:f3:4e:a0:36:77:a1:1d:b9:e6:14:fe:92:
36:47:47:49:3a:1c:66:49:2d:41:30:37:0a:b4:8f:
b7:be:a0:8d:7c:e2:5e:f3:0e:a4:a6:53:26:e2:39:
4e:40:78:c3:56:56:ab:76:43:7a:c9:de:5c:94:47:
94:6d:5a:d1:38:b3:8e:ea:d3:3e:27:d7:34:84:69:
46:43:21:a5:c6:9f:59:40:f9:d4:cc:90:4c:5b:02:
0f:66:8d:26:93:67:e5:ae:6d:3b:d5:e0:9a:35:78:
b2:6e:44:aa:81:37:e0:10:53:11:1c:0a:d8:5d:df:
6a:b6:b7:84:86:10:d8:77:da:84:48:0c:6b:36:8d:
33:b3:d8:ff:25:1a:87:e7:97:0b:ef:b8:05:6e:ec:
f3:80:a3:c1:a4:e7:ab:c8:3d:b1:94:52:c9:c2:a4:
bd:17:66:d5:92:1c:bd:41:c5:f5:99:48:ec:9f:42:
fa:82:ac:d4:49:28:08:d2:20:c7:b5:41:35:88:11:
f2:a2:41:df:df:8c:96:b8:f6:37:a1:1e:54:d1:9f:
4e:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:95:01:79:F0:8D:09:F0:AB:3C:67:69:EF:D3:04:36:B8:66:15:17
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/f5UBefCNCfCrPGdp79MENrhmFRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.174.0/24
84.247.20.0/24
89.34.171.0/24
89.36.231.0/24
89.37.106.0/24
89.40.43.0/24
89.42.40.0/24
89.42.213.0/24
93.114.69.0/24
93.115.155.0/24
94.177.113.0/24
94.177.118.0/24
188.211.249.0/24
Signature Algorithm: sha256WithRSAEncryption
63:77:fd:90:22:6b:35:67:2e:ad:0f:0c:8c:e2:cb:cd:f0:16:
10:63:5b:78:70:35:3a:12:81:9d:6b:f1:a3:c6:1c:c6:d9:9a:
d3:bf:3e:59:84:d1:28:a7:29:43:7e:a9:59:2b:e3:1b:18:ac:
b7:f2:b7:51:98:8b:13:0a:3f:02:c3:61:a4:73:a5:88:eb:86:
7d:a4:09:5e:dc:d3:79:03:fc:3a:87:71:2d:4a:6f:f0:8b:26:
32:b6:18:81:42:7e:0e:06:75:92:8a:e2:8c:3f:a9:b1:3e:b4:
27:2c:0b:19:2c:a9:ed:05:f5:b3:26:6f:76:75:de:73:af:17:
82:e1:6a:7e:4c:d3:33:f2:3d:25:18:6c:24:8e:5c:3c:df:93:
4b:90:a6:2b:51:c6:23:b1:2b:e5:c5:22:6c:63:e9:ae:c4:19:
bf:59:3f:bc:46:52:ff:2e:35:b8:f8:c6:a6:b2:90:8c:85:31:
40:e2:b9:69:54:a1:f7:3b:dc:a7:99:89:40:43:f1:18:93:6e:
d1:02:14:19:39:93:6c:01:10:8c:a8:48:ce:22:60:c6:61:14:
41:aa:0d:72:f5:48:59:3d:fa:2a:b4:c9:15:20:e3:20:a7:ad:
ac:cc:33:27:62:a5:d6:51:15:f8:88:0c:d0:89:22:84:14:4c:
6b:3b:fb:11
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAY17GpJme/L1WmpPWtFyc0tTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjQwMjA1MjEwOTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Zjk1MDE3OWYwOGQwOWYwYWIzYzY3NjllZmQzMDQzNmI4NjYxNTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxacgzAc+xtkY/POfVlEU2x1yMc2V
AtbnMvr53znGpJijZZuZPe1vUl3hHkXY+C/zTqA2d6EdueYU/pI2R0dJOhxmSS1B
MDcKtI+3vqCNfOJe8w6kplMm4jlOQHjDVlardkN6yd5clEeUbVrROLOO6tM+J9c0
hGlGQyGlxp9ZQPnUzJBMWwIPZo0mk2flrm071eCaNXiybkSqgTfgEFMRHArYXd9q
treEhhDYd9qESAxrNo0zs9j/JRqH55cL77gFbuzzgKPBpOeryD2xlFLJwqS9F2bV
khy9QcX1mUjsn0L6gqzUSSgI0iDHtUE1iBHyokHf34yWuPY3oR5U0Z9OcwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFH+VAXnwjQnwqzxnae/TBDa4ZhUXMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvZjVVQmVmQ05DZkNyUEdkcDc5TUVOcmhtRlJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQALmauAwQA
VPcUAwQAWSKrAwQAWSTnAwQAWSVqAwQAWSgrAwQAWSooAwQAWSrVAwQAXXJFAwQA
XXObAwQAXrFxAwQAXrF2AwQAvNP5MA0GCSqGSIb3DQEBCwUAA4IBAQBjd/2QIms1
Zy6tDwyM4svN8BYQY1t4cDU6EoGda/GjxhzG2ZrTvz5ZhNEopylDfqlZK+MbGKy3
8rdRmIsTCj8Cw2Gkc6WI64Z9pAle3NN5A/w6h3EtSm/wiyYythiBQn4OBnWSiuKM
P6mxPrQnLAsZLKntBfWzJm92dd5zrxeC4Wp+TNMz8j0lGGwkjlw835NLkKYrUcYj
sSvlxSJsY+muxBm/WT+8RlL/LjW4+MamspCMhTFA4rlpVKH3O9ynmYlAQ/EYk27R
AhQZOZNsARCMqEjOImDGYRRBqg1y9UhZPfoqtMkVIOMgp62szDMnYqXWURX4iAzQ
iSKEFExrO/sR
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:14 2024 by rpki-client on console-fra.rpki-client.org