Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/mvu9QocUjp4P-zMlG1tDpgerFoU.roa
File: mvu9QocUjp4P-zMlG1tDpgerFoU.roa (raw, json)
Hash identifier: U54NiKkMeYAD64hs/d2ubqaq0jP8nw18U6lmytW7Tc0=
Subject key identifier: 9A:FB:BD:42:87:14:8E:9E:0F:FB:33:25:1B:5B:43:A6:07:AB:16:85
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 0463500F
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/mvu9QocUjp4P-zMlG1tDpgerFoU.roa
Signing time: Mon 27 Jun 2022 05:57:29 +0000
ROA not before: Mon 27 Jun 2022 05:57:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 93.115.155.0/24 maxlen: 24
5.35.192.0/21 maxlen: 24
212.237.224.0/22 maxlen: 24
86.104.209.0/24 maxlen: 24
94.177.65.0/24 maxlen: 24
62.112.0.0/21 maxlen: 24
93.113.184.0/21 maxlen: 24
86.107.108.0/23 maxlen: 24
217.19.1.0/24 maxlen: 24
93.115.111.0/24 maxlen: 24
185.77.249.0/24 maxlen: 24
84.247.59.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73617423 (0x463500f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Jun 27 05:57:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9afbbd4287148e9e0ffb33251b5b43a607ab1685
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:b8:31:50:8d:6c:47:18:63:34:f9:51:53:86:
0e:28:62:99:82:30:34:70:67:11:8d:50:dc:ea:8e:
88:36:56:c3:58:4e:09:d0:39:4e:f3:a6:39:e7:40:
a1:3b:6e:c6:f1:cc:68:29:a3:17:34:25:55:2d:93:
5f:d7:ef:30:cb:03:a9:f0:48:17:93:29:ab:dc:bc:
2d:d7:a9:a8:62:66:f5:5e:e9:20:83:ae:6f:1a:c0:
df:c1:04:14:a1:3f:7f:ac:ad:e7:2e:26:64:43:dd:
0e:f8:a0:56:c6:4c:bd:cd:86:a9:b9:70:6d:7d:98:
36:5d:71:18:56:82:7f:bc:2c:e1:85:7b:d3:33:e7:
12:a4:09:c8:b7:af:45:1e:28:b9:7c:42:77:9c:aa:
df:6a:87:85:88:7c:79:13:78:a3:60:e8:42:c4:60:
49:bb:49:8f:a4:b0:77:f2:98:da:82:c0:42:7c:e1:
40:cf:9d:15:b5:e7:a0:5b:06:0d:81:07:6b:8d:53:
d6:da:ef:db:d3:e0:06:03:8d:21:05:06:80:01:f4:
85:11:03:f1:dd:96:95:aa:88:57:5c:ba:77:14:60:
b6:e1:90:de:71:b5:0f:fe:5c:e6:e6:e5:dc:f4:81:
03:78:70:07:f3:45:83:7a:6c:4e:8a:3f:04:e0:bd:
98:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:FB:BD:42:87:14:8E:9E:0F:FB:33:25:1B:5B:43:A6:07:AB:16:85
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/mvu9QocUjp4P-zMlG1tDpgerFoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.192.0/21
62.112.0.0/21
84.247.59.0/24
86.104.209.0/24
86.107.108.0/23
93.113.184.0/21
93.115.111.0/24
93.115.155.0/24
94.177.65.0/24
185.77.249.0/24
212.237.224.0/22
217.19.1.0/24
Signature Algorithm: sha256WithRSAEncryption
49:b8:69:c9:6a:f3:df:de:4d:54:9d:27:01:00:43:b1:85:ff:
37:69:4d:8e:f8:62:ee:c8:79:8a:34:00:e1:b4:af:52:27:47:
ea:66:ed:34:aa:9e:b7:16:17:fb:1b:25:b9:8e:4f:49:49:da:
41:da:2d:aa:5e:2c:8b:b1:b1:8a:e4:90:47:4d:cf:06:d3:cc:
63:89:2c:54:83:1c:1a:40:53:7b:e3:bb:8b:37:ba:60:50:90:
28:29:27:05:d0:6c:0c:67:5a:dc:b0:86:9c:1b:5d:9a:b5:e9:
9b:b7:a9:15:24:9d:06:b5:3c:e4:c6:21:78:18:7a:d1:13:a5:
ab:ee:56:b1:a3:9a:82:74:4a:d9:72:5a:61:5c:e7:de:88:9d:
7a:08:43:bf:f1:f1:75:e2:12:fc:7f:2c:cd:ed:2f:17:54:98:
ab:ad:f0:65:21:19:fa:37:41:9d:63:12:fe:e7:59:04:24:0e:
7f:cb:99:5d:33:82:0e:02:e5:2b:e0:c9:e5:b5:a4:c1:fc:55:
f4:0c:22:3e:a7:36:8f:eb:cf:ec:7c:4e:e7:43:29:cf:e2:5e:
6d:ef:e5:9d:81:b5:bf:03:ca:c5:f2:f7:77:89:5b:16:c3:81:
e1:db:4a:5e:db:f0:cd:ca:14:31:52:54:f4:0b:99:30:0c:db:
26:4e:70:f4
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIEBGNQDzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YTAwZTk4MTk1MzA2MTk3MmM4OTZiZDZkMjc3MzhkMDgzYWFkYjBlMB4XDTIyMDYy
NzA1NTcyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWFmYmJkNDI4NzE0
OGU5ZTBmZmIzMzI1MWI1YjQzYTYwN2FiMTY4NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIu4MVCNbEcYYzT5UVOGDihimYIwNHBnEY1Q3OqOiDZWw1hO
CdA5TvOmOedAoTtuxvHMaCmjFzQlVS2TX9fvMMsDqfBIF5Mpq9y8LdepqGJm9V7p
IIOubxrA38EEFKE/f6yt5y4mZEPdDvigVsZMvc2GqblwbX2YNl1xGFaCf7ws4YV7
0zPnEqQJyLevRR4ouXxCd5yq32qHhYh8eRN4o2DoQsRgSbtJj6Swd/KY2oLAQnzh
QM+dFbXnoFsGDYEHa41T1trv29PgBgONIQUGgAH0hRED8d2WlaqIV1y6dxRgtuGQ
3nG1D/5c5ubl3PSBA3hwB/NFg3psToo/BOC9mMcCAwEAAaOCAkswggJHMB0GA1Ud
DgQWBBSa+71ChxSOng/7MyUbW0OmB6sWhTAfBgNVHSMEGDAWgBTaAOmBlTBhlyyJ
a9bSdzjQg6rbDjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJnRHBnWlV3WVpjc2lXdlcwbmM0MElPcTJ3NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmYvODJhN2Q2LTkyYTktNDIwNC05YWUwLTlhNDhlY2Y5ZTE1ZS8x
L212dTlRb2NVanA0UC16TWxHMXREcGdlckZvVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmYv
ODJhN2Q2LTkyYTktNDIwNC05YWUwLTlhNDhlY2Y5ZTE1ZS8xLzJnRHBnWlV3WVpj
c2lXdlcwbmM0MElPcTJ3NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBh
BggrBgEFBQcBBwEB/wRSMFAwTgQCAAEwSAMEAwUjwAMEAz5wAAMEAFT3OwMEAFZo
0QMEAVZrbAMEA11xuAMEAF1zbwMEAF1zmwMEAF6xQQMEALlN+QMEAtTt4AMEANkT
ATANBgkqhkiG9w0BAQsFAAOCAQEASbhpyWrz395NVJ0nAQBDsYX/N2lNjvhi7sh5
ijQA4bSvUidH6mbtNKqetxYX+xsluY5PSUnaQdotql4si7GxiuSQR03PBtPMY4ks
VIMcGkBTe+O7ize6YFCQKCknBdBsDGda3LCGnBtdmrXpm7epFSSdBrU85MYheBh6
0ROlq+5WsaOagnRK2XJaYVzn3oideghDv/HxdeIS/H8sze0vF1SYq63wZSEZ+jdB
nWMS/udZBCQOf8uZXTOCDgLlK+DJ5bWkwfxV9AwiPqc2j+vP7HxO50Mpz+Jebe/l
nYG1vwPKxfL3d4lbFsOB4dtKXtvwzcoUMVJU9AuZMAzbJk5w9A==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:55 2023 by rpki-client on console-ams.rpki-client.org