Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/ye4OmUypVDqOk8xxX_tPybK3Vlw.roa
File: ye4OmUypVDqOk8xxX_tPybK3Vlw.roa (raw, json)
Hash identifier: TiiW8QScgbl4ByMHi7htdkkasknKML3/Yz8Pq6PthyE=
Subject key identifier: C9:EE:0E:99:4C:A9:54:3A:8E:93:CC:71:5F:FB:4F:C9:B2:B7:56:5C
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 01867C97F01355490DC3CC48091035D8E4E3
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/ye4OmUypVDqOk8xxX_tPybK3Vlw.roa
Signing time: Thu 23 Feb 2023 04:46:17 +0000
ROA not before: Thu 23 Feb 2023 04:46:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 93.115.155.0/24 maxlen: 24
89.42.213.0/24 maxlen: 24
86.104.209.0/24 maxlen: 24
217.19.1.0/24 maxlen: 24
89.42.40.0/24 maxlen: 24
185.77.249.0/24 maxlen: 24
84.247.59.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7c:97:f0:13:55:49:0d:c3:cc:48:09:10:35:d8:e4:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Feb 23 04:46:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9ee0e994ca9543a8e93cc715ffb4fc9b2b7565c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:2a:27:46:c8:fb:c3:cb:50:77:a6:47:e0:a7:
88:3d:9e:70:55:fa:58:fe:44:e5:6c:8d:12:fb:b9:
d9:69:14:63:12:a2:be:5b:d1:34:2d:76:b3:7f:b5:
7b:bc:f5:ae:09:9f:93:47:d0:11:71:74:b4:b2:6c:
fe:e9:d0:6d:48:e6:6c:9b:ad:c2:7d:0b:a0:e2:aa:
c1:03:ee:5a:86:c8:33:05:c8:14:c3:63:99:0d:9b:
ec:bd:2f:37:c8:18:e2:4b:26:f0:46:75:61:76:a6:
b4:61:8c:ad:48:2e:71:88:03:61:58:df:3d:7a:ae:
bd:95:5a:6d:59:f1:d1:21:19:65:89:09:0a:94:69:
7c:e0:96:44:c2:38:71:02:60:e6:3c:52:37:1e:13:
1f:14:48:42:ca:4b:2f:f6:3b:ba:99:e4:81:5e:7b:
2f:41:e6:58:fa:be:ea:ff:f3:7b:23:1e:14:30:91:
28:ad:b1:6f:0b:54:d7:52:65:a7:82:46:2e:7b:86:
8a:a3:08:85:d9:6d:7d:8c:d9:1d:5c:40:60:c1:de:
20:80:1e:92:e4:6a:bc:a5:43:2c:05:5b:2f:ac:a9:
a8:5b:50:f4:26:01:4b:e4:10:a8:1b:ba:51:99:2e:
4e:f2:7b:cd:11:8c:e2:44:1a:4a:6c:d6:52:18:37:
13:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:EE:0E:99:4C:A9:54:3A:8E:93:CC:71:5F:FB:4F:C9:B2:B7:56:5C
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/ye4OmUypVDqOk8xxX_tPybK3Vlw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.247.59.0/24
86.104.209.0/24
89.42.40.0/24
89.42.213.0/24
93.115.155.0/24
185.77.249.0/24
217.19.1.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:9c:52:b5:67:0d:fd:a9:b9:c2:c0:b2:19:06:07:0f:75:05:
ea:98:4d:d9:94:cb:b8:bb:d5:1b:15:bd:34:bb:c6:0f:cd:c8:
e7:55:c7:7e:76:2b:a8:d1:cc:8f:ee:03:0c:9a:0b:be:06:5f:
79:d9:51:49:d2:b9:f5:54:4d:60:a2:e2:c8:fb:be:fd:e0:2f:
7f:32:ab:32:9f:0a:77:30:44:be:9d:c6:70:a4:c4:b8:4e:4c:
35:82:9a:9e:9a:85:06:24:e8:d8:e5:c3:f7:4b:ff:65:a4:31:
f4:05:15:ce:57:bd:2f:eb:a4:1c:11:bd:bd:92:2b:32:db:8b:
2c:34:30:e4:78:72:86:18:0e:e9:f0:7a:f3:0c:84:4b:6a:05:
cc:ce:84:15:b2:23:76:2c:00:c6:93:69:1a:11:8f:e5:12:12:
de:3e:62:37:c1:2e:3a:88:97:98:1c:18:b5:3e:10:17:8e:aa:
49:cb:24:ee:12:8a:f1:75:bf:28:d7:c5:7c:a2:73:06:32:ce:
dc:9c:18:8a:15:c1:93:f9:8f:a9:18:7e:e0:62:aa:1f:99:62:
9c:0e:dd:e5:7a:05:98:31:55:a2:f4:cd:4b:be:1c:f1:9e:47:
d7:26:e4:24:55:8d:01:9a:61:16:24:74:96:ec:be:e7:1b:28:
a7:90:70:55
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYZ8l/ATVUkNw8xICRA12OTjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMwMjIzMDQ0NjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWVlMGU5OTRjYTk1NDNhOGU5M2NjNzE1ZmZiNGZjOWIyYjc1NjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsionRsj7w8tQd6ZH4KeIPZ5wVfpY
/kTlbI0S+7nZaRRjEqK+W9E0LXazf7V7vPWuCZ+TR9ARcXS0smz+6dBtSOZsm63C
fQug4qrBA+5ahsgzBcgUw2OZDZvsvS83yBjiSybwRnVhdqa0YYytSC5xiANhWN89
eq69lVptWfHRIRlliQkKlGl84JZEwjhxAmDmPFI3HhMfFEhCyksv9ju6meSBXnsv
QeZY+r7q//N7Ix4UMJEorbFvC1TXUmWngkYue4aKowiF2W19jNkdXEBgwd4ggB6S
5Gq8pUMsBVsvrKmoW1D0JgFL5BCoG7pRmS5O8nvNEYziRBpKbNZSGDcTowIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFMnuDplMqVQ6jpPMcV/7T8myt1ZcMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEveWU0T21VeXBWRHFPazh4eFhfdFB5YkszVmx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAVPc7AwQA
VmjRAwQAWSooAwQAWSrVAwQAXXObAwQAuU35AwQA2RMBMA0GCSqGSIb3DQEBCwUA
A4IBAQCcnFK1Zw39qbnCwLIZBgcPdQXqmE3ZlMu4u9UbFb00u8YPzcjnVcd+diuo
0cyP7gMMmgu+Bl952VFJ0rn1VE1gouLI+7794C9/Mqsynwp3MES+ncZwpMS4Tkw1
gpqemoUGJOjY5cP3S/9lpDH0BRXOV70v66QcEb29kisy24ssNDDkeHKGGA7p8Hrz
DIRLagXMzoQVsiN2LADGk2kaEY/lEhLePmI3wS46iJeYHBi1PhAXjqpJyyTuEorx
db8o18V8onMGMs7cnBiKFcGT+Y+pGH7gYqofmWKcDt3legWYMVWi9M1LvhzxnkfX
JuQkVY0BmmEWJHSW7L7nGyinkHBV
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:15 2024 by rpki-client on console-fra.rpki-client.org