Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/nkG7Jq17GYCUxd9n9aT6FN9Acx0.roa
File: nkG7Jq17GYCUxd9n9aT6FN9Acx0.roa (raw, json)
Hash identifier: EVEx40AyVoWFs+FrRTgkxuYmQOLi+gqCBMMgs+yK3Fc=
Subject key identifier: 9E:41:BB:26:AD:7B:19:80:94:C5:DF:67:F5:A4:FA:14:DF:40:73:1D
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018CC56F01356DF881950B7CB481C03576C4
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/nkG7Jq17GYCUxd9n9aT6FN9Acx0.roa
Signing time: Mon 01 Jan 2024 14:30:35 +0000
ROA not before: Mon 01 Jan 2024 14:30:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64267
IP address blocks: 93.115.155.0/24 maxlen: 24
217.19.1.0/24 maxlen: 24
185.77.249.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6f:01:35:6d:f8:81:95:0b:7c:b4:81:c0:35:76:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Jan 1 14:30:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9e41bb26ad7b198094c5df67f5a4fa14df40731d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:80:5b:61:c1:89:60:e1:cb:5a:2a:85:58:27:
90:9e:75:bc:7c:64:83:af:c3:93:ce:e5:27:f3:91:
76:7a:a2:68:04:32:81:35:b2:b3:db:bf:20:6e:f8:
08:86:14:c8:a5:c5:a9:c3:c4:d6:75:f3:4e:0c:44:
5a:67:6f:7b:e9:43:19:8b:22:2a:44:81:9b:4a:02:
fe:0f:da:2a:80:e2:48:30:76:45:ec:34:fa:20:20:
3d:75:d3:4d:69:8b:49:70:c8:1a:08:a8:13:db:ae:
42:1f:f7:d3:0d:5f:61:d7:8d:de:ed:91:e1:6c:16:
0a:00:80:64:3c:01:6a:42:11:6d:48:50:06:50:c9:
cf:8f:e1:8c:63:f1:fb:48:ea:f3:06:cc:de:89:5d:
1c:d1:18:f8:88:a1:8d:c4:da:57:25:c0:ae:85:58:
e0:a3:aa:dd:14:b7:f9:20:50:9c:f6:79:09:67:93:
c9:b5:d1:8d:3b:6b:74:30:ab:c4:6b:5c:33:7b:55:
4c:4e:55:86:6e:09:37:7f:ee:e7:ad:29:87:d7:c1:
79:e9:61:f6:7c:90:81:41:b7:a7:ef:40:5b:9b:84:
ee:98:48:b7:ef:45:ef:1a:6a:86:8b:ee:9d:b9:94:
d7:44:1d:5c:2b:a7:0f:a0:61:16:87:6f:1b:85:04:
8e:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:41:BB:26:AD:7B:19:80:94:C5:DF:67:F5:A4:FA:14:DF:40:73:1D
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/nkG7Jq17GYCUxd9n9aT6FN9Acx0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.115.155.0/24
185.77.249.0/24
217.19.1.0/24
Signature Algorithm: sha256WithRSAEncryption
71:9a:81:d8:93:ff:60:f2:18:d3:9b:07:26:b9:44:ce:0b:fc:
89:ed:8a:80:7d:da:00:f6:75:69:7a:7d:24:39:52:4d:da:b5:
65:89:1d:dd:20:00:bd:7b:af:de:d8:a7:95:f2:7f:bb:f2:1c:
dc:5c:57:bd:d5:d1:fc:88:57:78:55:0d:bf:52:49:80:06:69:
d8:2d:6d:4d:bf:78:42:29:32:6e:df:63:9d:c2:22:8c:64:d2:
3a:62:da:c3:9f:27:a2:52:d9:71:64:92:78:bc:0b:32:92:42:
25:9a:31:cb:b1:13:e0:22:97:5e:b4:fd:4b:4b:b5:bd:16:31:
9c:95:47:eb:c5:af:cd:a5:6b:f2:c1:96:10:08:f5:a6:9e:15:
e0:5c:81:99:26:c9:74:e0:1c:61:6b:da:29:08:5d:c2:50:a1:
c0:02:ae:81:23:5e:a6:17:f2:fa:1e:ab:8c:82:1d:3a:89:31:
94:fe:44:45:0a:b3:41:d2:44:9d:03:25:8b:f1:47:c8:74:95:
48:14:b7:ad:ec:09:b7:c6:de:3c:cd:65:27:d7:f4:19:13:b3:
73:09:7e:5d:e8:36:a6:ad:57:5d:71:1c:89:d0:ed:3a:07:28:
7c:82:8a:fc:37:55:14:26:9d:95:61:e6:2e:59:b8:08:4b:78:
18:85:fc:e9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzFbwE1bfiBlQt8tIHANXbEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjQwMTAxMTQzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTQxYmIyNmFkN2IxOTgwOTRjNWRmNjdmNWE0ZmExNGRmNDA3MzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYBbYcGJYOHLWiqFWCeQnnW8fGSD
r8OTzuUn85F2eqJoBDKBNbKz278gbvgIhhTIpcWpw8TWdfNODERaZ2976UMZiyIq
RIGbSgL+D9oqgOJIMHZF7DT6ICA9ddNNaYtJcMgaCKgT265CH/fTDV9h143e7ZHh
bBYKAIBkPAFqQhFtSFAGUMnPj+GMY/H7SOrzBszeiV0c0Rj4iKGNxNpXJcCuhVjg
o6rdFLf5IFCc9nkJZ5PJtdGNO2t0MKvEa1wze1VMTlWGbgk3f+7nrSmH18F56WH2
fJCBQben70Bbm4TumEi370XvGmqGi+6duZTXRB1cK6cPoGEWh28bhQSO+wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ5BuyatexmAlMXfZ/Wk+hTfQHMdMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvbmtHN0pxMTdHWUNVeGQ5bjlhVDZGTjlBY3gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXXObAwQA
uU35AwQA2RMBMA0GCSqGSIb3DQEBCwUAA4IBAQBxmoHYk/9g8hjTmwcmuUTOC/yJ
7YqAfdoA9nVpen0kOVJN2rVliR3dIAC9e6/e2KeV8n+78hzcXFe91dH8iFd4VQ2/
UkmABmnYLW1Nv3hCKTJu32OdwiKMZNI6YtrDnyeiUtlxZJJ4vAsykkIlmjHLsRPg
IpdetP1LS7W9FjGclUfrxa/NpWvywZYQCPWmnhXgXIGZJsl04Bxha9opCF3CUKHA
Aq6BI16mF/L6HquMgh06iTGU/kRFCrNB0kSdAyWL8UfIdJVIFLet7Am3xt48zWUn
1/QZE7NzCX5d6DamrVddcRyJ0O06Byh8gor8N1UUJp2VYeYuWbgIS3gYhfzp
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:15 2024 by rpki-client on console-fra.rpki-client.org