Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/1TaZ35seo07LlHpPWj4_tJp2m9c.roa
File: 1TaZ35seo07LlHpPWj4_tJp2m9c.roa (raw, json)
Hash identifier: 8EOwEsEJb/O0HSbjzaJqOZxnk/yibtXibJ58Aw99yTg=
Subject key identifier: D5:36:99:DF:9B:1E:A3:4E:CB:94:7A:4F:5A:3E:3F:B4:9A:76:9B:D7
Certificate issuer: /CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Certificate serial: 0183464592A7E09FED90A17B2F62341FCB10
Authority key identifier: BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/1TaZ35seo07LlHpPWj4_tJp2m9c.roa
Signing time: Fri 16 Sep 2022 12:28:28 +0000
ROA not before: Fri 16 Sep 2022 12:28:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39783
IP address blocks: 185.35.184.0/22 maxlen: 24
46.226.8.0/21 maxlen: 24
193.93.220.0/22 maxlen: 24
62.122.248.0/21 maxlen: 24
91.192.220.0/22 maxlen: 24
185.7.60.0/22 maxlen: 24
91.189.168.0/21 maxlen: 24
91.189.168.0/24 maxlen: 24
2a02:2690::/32 maxlen: 32
2a01:488:bb06::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:46:45:92:a7:e0:9f:ed:90:a1:7b:2f:62:34:1f:cb:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Validity
Not Before: Sep 16 12:28:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d53699df9b1ea34ecb947a4f5a3e3fb49a769bd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:99:e7:0d:9e:40:8b:c4:b4:7d:6a:24:4f:10:
68:e0:c4:28:f6:35:51:ce:f3:4a:26:e8:2c:48:64:
a0:cc:ad:a1:f6:ab:39:3a:18:f3:69:5d:db:2e:4d:
b1:e9:e9:5e:2b:28:0a:19:f2:32:bb:9a:f0:fd:e7:
b6:a6:4b:12:6b:6c:1f:23:01:82:20:af:be:ee:49:
47:99:e6:30:b6:47:ec:b1:87:ae:b8:8c:88:cf:63:
33:f6:b6:76:5d:c3:d1:05:51:6f:52:ce:b7:d9:49:
89:cf:4c:f6:0d:ca:ca:42:c5:00:cc:d3:3f:f8:52:
d5:f5:42:6f:a0:dc:29:31:70:34:0b:1c:28:44:cb:
a0:6b:05:61:a5:11:2e:93:cc:5f:07:44:cf:e4:33:
3d:77:c0:60:bb:c9:fa:41:20:ca:4b:a0:8b:92:a0:
53:d5:a3:5b:62:88:2e:f9:a5:14:2b:a6:9e:c9:93:
4c:f8:94:12:52:84:0d:df:1b:be:fb:6d:a8:3b:5e:
ee:e6:60:70:a7:d5:ac:dc:ea:49:15:b3:b0:5e:96:
94:89:be:1f:78:a2:da:fe:89:b4:72:6a:23:6e:27:
65:d7:ee:e9:4e:46:2d:df:88:92:d9:62:be:70:c4:
98:a8:4f:20:df:fa:b3:78:aa:89:98:d2:58:78:34:
07:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:36:99:DF:9B:1E:A3:4E:CB:94:7A:4F:5A:3E:3F:B4:9A:76:9B:D7
X509v3 Authority Key Identifier:
keyid:BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/1TaZ35seo07LlHpPWj4_tJp2m9c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.8.0/21
62.122.248.0/21
91.189.168.0/21
91.192.220.0/22
185.7.60.0/22
185.35.184.0/22
193.93.220.0/22
IPv6:
2a01:488:bb06::/48
2a02:2690::/32
Signature Algorithm: sha256WithRSAEncryption
04:1c:ca:46:68:ac:59:64:b1:7c:04:f2:e0:b4:2d:f1:bb:5b:
f3:f8:dd:4a:d5:71:34:aa:a8:73:05:e9:c0:24:39:8c:bf:f3:
af:c7:2a:5d:d3:3b:18:36:f2:7c:2e:4e:df:a4:00:f5:02:d3:
47:70:01:e9:37:a5:3d:3e:8e:ef:25:ee:2c:84:fa:55:e2:a8:
a6:ce:69:db:4e:21:08:58:4d:d3:e7:53:4e:3a:88:91:90:70:
30:16:a4:2c:a5:0e:99:fe:cb:a3:69:4b:8b:3b:14:ac:01:1c:
ea:b0:71:ea:12:c0:12:c9:a1:00:3c:8c:6e:46:17:d0:dc:80:
10:bf:7e:44:0d:8a:9d:7f:01:1e:24:55:7c:51:02:18:4b:6b:
d4:9d:24:90:c4:52:c7:81:c9:b8:9e:5d:76:83:68:57:f5:ec:
60:66:4b:c7:cd:86:71:37:a0:3f:96:c6:5d:83:65:51:92:d5:
2b:b8:87:18:6a:c6:1a:6f:bf:53:62:bc:e4:3c:b9:51:07:a5:
70:f0:80:4d:f2:44:b3:d9:1b:f1:4a:10:66:da:31:7e:01:9e:
75:58:19:6b:93:63:69:b5:24:9a:bd:17:a3:f3:14:bf:0c:e1:
0e:a6:cd:28:51:c9:63:b9:6a:8d:36:25:d3:ed:fd:07:2e:46:
76:33:6a:23
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYNGRZKn4J/tkKF7L2I0H8sQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNmVkMGZiN2IzMjA4MzJhYzE1ODA1MzRjN2IyNjNmMzA0
ZTk4MWIwHhcNMjIwOTE2MTIyODI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTM2OTlkZjliMWVhMzRlY2I5NDdhNGY1YTNlM2ZiNDlhNzY5YmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5nnDZ5Ai8S0fWokTxBo4MQo9jVR
zvNKJugsSGSgzK2h9qs5OhjzaV3bLk2x6eleKygKGfIyu5rw/ee2pksSa2wfIwGC
IK++7klHmeYwtkfssYeuuIyIz2Mz9rZ2XcPRBVFvUs632UmJz0z2DcrKQsUAzNM/
+FLV9UJvoNwpMXA0CxwoRMugawVhpREuk8xfB0TP5DM9d8Bgu8n6QSDKS6CLkqBT
1aNbYogu+aUUK6aeyZNM+JQSUoQN3xu++22oO17u5mBwp9Ws3OpJFbOwXpaUib4f
eKLa/om0cmojbidl1+7pTkYt34iS2WK+cMSYqE8g3/qzeKqJmNJYeDQHQQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFNU2md+bHqNOy5R6T1o+P7SadpvXMB8GA1UdIwQY
MBaAFLpu0Pt7MggyrBWAU0x7Jj8wTpgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQt
MTYxZjM0MjM4N2QxLzEvMVRhWjM1c2VvMDdMbEhwUFdqNF90SnAybTljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQtMTYxZjM0MjM4N2Qx
LzEvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjAwBAIAATAqAwQDLuIIAwQD
Pnr4AwQDW72oAwQCW8DcAwQCuQc8AwQCuSO4AwQCwV3cMBYEAgACMBADBwAqAQSI
uwYDBQAqAiaQMA0GCSqGSIb3DQEBCwUAA4IBAQAEHMpGaKxZZLF8BPLgtC3xu1vz
+N1K1XE0qqhzBenAJDmMv/Ovxypd0zsYNvJ8Lk7fpAD1AtNHcAHpN6U9Po7vJe4s
hPpV4qimzmnbTiEIWE3T51NOOoiRkHAwFqQspQ6Z/sujaUuLOxSsARzqsHHqEsAS
yaEAPIxuRhfQ3IAQv35EDYqdfwEeJFV8UQIYS2vUnSSQxFLHgcm4nl12g2hX9exg
ZkvHzYZxN6A/lsZdg2VRktUruIcYasYab79TYrzkPLlRB6Vw8IBN8kSz2RvxShBm
2jF+AZ51WBlrk2NptSSavRej8xS/DOEOps0oUcljuWqNNiXT7f0HLkZ2M2oj
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:40 2024 by rpki-client on console-ams.rpki-client.org