Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/sTA3PJha9RIpvdkDoOBbjBIF3yM.roa
File: sTA3PJha9RIpvdkDoOBbjBIF3yM.roa (raw, json)
Hash identifier: 4dzk1JlA/dN0bmAYR6s1XenC3K+u5PP3uCBMUllZR0Y=
Subject key identifier: B1:30:37:3C:98:5A:F5:12:29:BD:D9:03:A0:E0:5B:8C:12:05:DF:23
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018A4FA8E9CE0C68CEC9B581DD40EBE026CC
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/sTA3PJha9RIpvdkDoOBbjBIF3yM.roa
Signing time: Fri 01 Sep 2023 07:33:04 +0000
ROA not before: Fri 01 Sep 2023 07:33:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 213.159.10.0/23 maxlen: 24
213.159.12.0/23 maxlen: 24
195.133.202.0/23 maxlen: 24
195.133.208.0/23 maxlen: 24
194.88.96.0/21 maxlen: 24
93.113.184.0/21 maxlen: 24
194.58.64.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4f:a8:e9:ce:0c:68:ce:c9:b5:81:dd:40:eb:e0:26:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Sep 1 07:33:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b130373c985af51229bdd903a0e05b8c1205df23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:01:ad:62:57:06:7e:bd:f6:2d:f1:3b:99:92:
62:e4:52:63:95:f8:dc:3a:52:ca:fd:02:76:ff:71:
b0:eb:0e:ae:47:bd:a3:f7:8a:67:36:bc:f4:cb:ac:
9d:f0:9e:0d:9e:08:5b:c3:2a:7f:bb:97:8e:ef:f0:
48:27:6e:c4:8d:38:fb:46:a8:94:03:16:29:33:8e:
6b:39:10:8a:c9:be:91:cd:3d:01:65:5d:e0:12:61:
4f:a7:67:b4:61:f8:cc:72:6b:0c:bf:30:2b:c5:c1:
d2:8b:8b:55:94:5b:1a:b0:2b:8c:63:bd:49:0c:f6:
94:f6:cb:1c:99:9d:ac:15:f5:f8:5d:2e:b3:1a:38:
c9:aa:0c:77:15:bb:57:80:4a:0c:54:b3:21:71:06:
f9:d4:51:fa:f7:cd:53:ca:24:ba:05:83:a1:af:dd:
6e:3f:85:4a:b5:e2:50:d5:74:4b:bd:32:be:3c:fe:
c4:f6:db:89:6f:96:58:a4:f3:52:b3:1d:78:d8:5e:
d2:b3:01:c5:5f:f0:12:a6:04:ea:ae:1f:4a:32:d4:
85:dc:3d:e7:70:1e:6f:30:ae:36:dc:8f:f1:74:27:
5f:71:11:ad:b0:1b:45:9f:9c:33:a8:6f:93:a4:c0:
09:39:6f:a2:ef:d3:bf:fe:de:f1:b6:b5:af:68:21:
61:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:30:37:3C:98:5A:F5:12:29:BD:D9:03:A0:E0:5B:8C:12:05:DF:23
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/sTA3PJha9RIpvdkDoOBbjBIF3yM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.113.184.0/21
194.58.64.0/23
194.88.96.0/21
195.133.202.0/23
195.133.208.0/23
213.159.10.0-213.159.13.255
Signature Algorithm: sha256WithRSAEncryption
34:1d:af:92:84:74:f3:f7:d1:e6:be:f2:65:96:30:54:ab:17:
28:02:30:91:0d:b0:5e:ce:97:b1:d8:00:23:e5:ed:69:6b:06:
0e:82:95:13:c0:fc:5c:f6:17:29:95:8f:6a:7c:01:d6:78:55:
95:cd:8c:9d:02:ec:2d:cd:e8:6f:19:43:d2:c6:f0:15:7e:e9:
e3:e2:87:77:8e:b8:88:04:0f:c0:99:8d:98:ca:44:48:bb:ab:
ec:fd:25:66:cf:30:fd:92:63:bd:74:ce:1a:d4:e0:7f:85:a4:
e5:4c:d9:97:dc:6a:a1:2a:ad:2e:c4:12:7f:3b:a4:60:f5:23:
bd:62:11:a6:62:fd:15:b6:9a:6b:81:f0:75:87:6c:09:89:b5:
47:15:bf:9c:9e:5f:75:77:61:db:cc:22:5b:39:c7:d8:a3:a3:
66:ed:90:ee:e4:84:ae:02:56:d3:23:cc:a4:06:ad:44:d6:f9:
2a:9d:8c:09:32:94:3d:08:ad:f4:de:14:48:d6:2b:e9:bc:b5:
ca:dc:8d:f8:51:3a:a5:7c:ed:e4:43:dd:5c:4e:75:03:a7:96:
38:94:7b:c4:fc:9d:f8:8e:e3:5d:ad:a5:13:17:d1:e2:c8:04:
7f:90:58:42:12:69:c2:8c:7c:73:8f:3b:51:28:a9:81:e9:18:
17:e9:6f:5d
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYpPqOnODGjOybWB3UDr4CbMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMwOTAxMDczMzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTMwMzczYzk4NWFmNTEyMjliZGQ5MDNhMGUwNWI4YzEyMDVkZjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAGtYlcGfr32LfE7mZJi5FJjlfjc
OlLK/QJ2/3Gw6w6uR72j94pnNrz0y6yd8J4Nnghbwyp/u5eO7/BIJ27EjTj7RqiU
AxYpM45rORCKyb6RzT0BZV3gEmFPp2e0YfjMcmsMvzArxcHSi4tVlFsasCuMY71J
DPaU9sscmZ2sFfX4XS6zGjjJqgx3FbtXgEoMVLMhcQb51FH6981TyiS6BYOhr91u
P4VKteJQ1XRLvTK+PP7E9tuJb5ZYpPNSsx142F7SswHFX/ASpgTqrh9KMtSF3D3n
cB5vMK423I/xdCdfcRGtsBtFn5wzqG+TpMAJOW+i79O//t7xtrWvaCFhnwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFLEwNzyYWvUSKb3ZA6DgW4wSBd8jMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvc1RBM1BKaGE5UklwdmRrRG9PQmJqQklGM3lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQDXXG4AwQB
wjpAAwQDwlhgAwQBw4XKAwQBw4XQMAwDBAHVnwoDBAHVnwwwDQYJKoZIhvcNAQEL
BQADggEBADQdr5KEdPP30ea+8mWWMFSrFygCMJENsF7Ol7HYACPl7WlrBg6ClRPA
/Fz2FymVj2p8AdZ4VZXNjJ0C7C3N6G8ZQ9LG8BV+6ePih3eOuIgED8CZjZjKREi7
q+z9JWbPMP2SY710zhrU4H+FpOVM2ZfcaqEqrS7EEn87pGD1I71iEaZi/RW2mmuB
8HWHbAmJtUcVv5yeX3V3YdvMIls5x9ijo2btkO7khK4CVtMjzKQGrUTW+SqdjAky
lD0IrfTeFEjWK+m8tcrcjfhROqV87eRD3VxOdQOnljiUe8T8nfiO412tpRMX0eLI
BH+QWEISacKMfHOPO1EoqYHpGBfpb10=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:49 2024 by rpki-client on console-ams.rpki-client.org