Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/1-AEwqqEYBaGaRGw_D8Oo3Ya743w.roa
File: 1-AEwqqEYBaGaRGw_D8Oo3Ya743w.roa (raw, json)
Hash identifier: ZV8lANPotu2L7D2OeMhbiPKjzKyxSsbsvivrvPsYev4=
Subject key identifier: F8:01:30:AA:A1:18:05:A1:9A:44:6C:3F:0F:C3:A8:DD:86:BB:E3:7C
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 01898D4EEDDEECCEEB19425B7805D3329272
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/1-AEwqqEYBaGaRGw_D8Oo3Ya743w.roa
Signing time: Tue 25 Jul 2023 13:48:27 +0000
ROA not before: Tue 25 Jul 2023 13:48:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31732
IP address blocks: 188.209.155.0/24 maxlen: 24
185.151.236.0/22 maxlen: 24
188.253.8.0/21 maxlen: 24
188.253.8.0/22 maxlen: 24
103.25.84.0/22 maxlen: 24
82.115.8.0/22 maxlen: 24
188.214.236.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:8d:4e:ed:de:ec:ce:eb:19:42:5b:78:05:d3:32:92:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jul 25 13:48:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f80130aaa11805a19a446c3f0fc3a8dd86bbe37c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:76:19:ec:9f:14:7d:ed:af:7d:f0:a1:57:42:
b1:5e:12:74:93:b3:11:d9:de:05:79:26:09:7f:b5:
2c:48:5a:e6:03:05:b5:49:06:8a:2a:f7:29:50:b4:
e6:6b:6f:02:fe:2d:51:bf:16:77:c9:63:e4:5b:4c:
7b:8e:e6:5a:f5:e8:95:2e:41:ca:29:28:31:9b:0b:
bd:4f:e1:16:88:af:68:48:7d:57:5e:f8:2e:43:a4:
2a:01:b4:6c:e8:dc:58:37:d8:54:ba:ab:97:b4:d8:
bc:05:3b:2f:7a:25:cc:39:1c:62:8b:94:99:e3:42:
35:ef:b3:f4:4d:b0:21:6c:f7:74:e2:e1:b7:b4:84:
12:32:6d:df:af:1e:67:a3:17:ae:bb:f2:d0:8e:21:
d8:38:7c:6e:5a:a6:1e:28:15:5f:90:d3:04:5f:26:
b5:5d:cc:31:7d:9e:65:32:3f:57:94:f4:1f:2b:52:
a0:91:0c:f2:83:c8:c4:83:85:e1:ec:fb:29:bb:fa:
18:b8:56:e2:2a:5f:4a:27:a3:15:0d:03:31:ac:e0:
be:96:8c:18:dc:ed:a6:18:2a:60:72:9c:26:ae:0b:
ef:c8:f1:74:d0:f8:a6:71:a3:c1:ca:89:dd:b1:5a:
83:24:0f:fa:15:5e:54:8a:b6:8f:76:f7:82:4e:44:
d7:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:01:30:AA:A1:18:05:A1:9A:44:6C:3F:0F:C3:A8:DD:86:BB:E3:7C
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/1-AEwqqEYBaGaRGw_D8Oo3Ya743w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.115.8.0/22
103.25.84.0/22
185.151.236.0/22
188.209.155.0/24
188.214.236.0/22
188.253.8.0/21
Signature Algorithm: sha256WithRSAEncryption
15:9d:c5:7d:7a:7e:eb:bc:ba:76:52:e5:77:29:03:39:2b:57:
d8:0f:a8:d2:21:79:36:85:a5:fe:be:db:f5:94:af:27:ea:9f:
fd:ef:d3:dd:a7:ab:6e:04:0c:7e:56:8e:40:f0:77:e7:4f:b8:
d2:65:49:d4:cd:d5:e6:34:f1:7d:7c:62:cf:4e:f0:02:23:7d:
f5:ed:44:02:fd:2d:49:f9:10:32:89:4b:79:d2:b9:d1:bb:e6:
b1:38:9d:ed:8d:35:4f:c6:0d:43:f3:af:44:96:4e:04:6e:4f:
d4:2d:b7:a9:81:06:5c:33:63:5f:dd:0c:62:f3:5b:e9:f0:15:
ed:0f:de:77:cb:bb:f9:31:fc:28:63:e0:45:b8:f0:4c:5c:88:
4c:19:6d:b3:cc:fe:b0:b2:40:50:67:53:52:e7:5c:a2:b5:c4:
75:77:30:6f:7c:2e:4f:08:72:fb:e7:f5:c9:c8:1e:27:34:9f:
01:da:4e:e6:4e:87:00:88:fc:8f:57:ed:6c:d4:88:42:00:85:
39:63:02:76:a3:e7:05:68:0e:77:7e:69:55:fa:1c:56:d6:c7:
ea:41:6a:70:88:0d:51:52:0c:59:9e:b3:54:55:ff:f7:49:cb:
8a:fd:d1:64:2c:bf:11:38:57:44:61:df:cf:b0:3d:02:b9:96:
b8:2a:64:fd
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYmNTu3e7M7rGUJbeAXTMpJyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMwNzI1MTM0ODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODAxMzBhYWExMTgwNWExOWE0NDZjM2YwZmMzYThkZDg2YmJlMzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3YZ7J8Ufe2vffChV0KxXhJ0k7MR
2d4FeSYJf7UsSFrmAwW1SQaKKvcpULTma28C/i1RvxZ3yWPkW0x7juZa9eiVLkHK
KSgxmwu9T+EWiK9oSH1XXvguQ6QqAbRs6NxYN9hUuquXtNi8BTsveiXMORxii5SZ
40I177P0TbAhbPd04uG3tIQSMm3frx5noxeuu/LQjiHYOHxuWqYeKBVfkNMEXya1
XcwxfZ5lMj9XlPQfK1KgkQzyg8jEg4Xh7Pspu/oYuFbiKl9KJ6MVDQMxrOC+lowY
3O2mGCpgcpwmrgvvyPF00PimcaPByondsVqDJA/6FV5UiraPdveCTkTXEQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFPgBMKqhGAWhmkRsPw/DqN2Gu+N8MB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvMS1BRXdxcUVZQmFHYVJHd19EOE9vM1lhNzQzdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzAvNDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1
Ni8xL0tzUGFvYkZJVVBMbUhGa3JJWkdSV2w1bHBIZy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA9BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAlJzCAME
AmcZVAMEArmX7AMEALzRmwMEArzW7AMEA7z9CDANBgkqhkiG9w0BAQsFAAOCAQEA
FZ3FfXp+67y6dlLldykDOStX2A+o0iF5NoWl/r7b9ZSvJ+qf/e/T3aerbgQMflaO
QPB350+40mVJ1M3V5jTxfXxiz07wAiN99e1EAv0tSfkQMolLedK50bvmsTid7Y01
T8YNQ/OvRJZOBG5P1C23qYEGXDNjX90MYvNb6fAV7Q/ed8u7+TH8KGPgRbjwTFyI
TBlts8z+sLJAUGdTUudcorXEdXcwb3wuTwhy++f1ycgeJzSfAdpO5k6HAIj8j1ft
bNSIQgCFOWMCdqPnBWgOd35pVfocVtbH6kFqcIgNUVIMWZ6zVFX/90nLiv3RZCy/
EThXRGHfz7A9ArmWuCpk/Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:15 2024 by rpki-client on console-ams.rpki-client.org