Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/9bdyI8MH0gBiI7bAi9EcDWrEgKo.roa
File: 9bdyI8MH0gBiI7bAi9EcDWrEgKo.roa (raw, json)
Hash identifier: aUilcUavHn0Eb1FF0iVlahADSQzTnZEwWTHz8lwUfCE=
Subject key identifier: F5:B7:72:23:C3:07:D2:00:62:23:B6:C0:8B:D1:1C:0D:6A:C4:80:AA
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 14CAE2B0
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/9bdyI8MH0gBiI7bAi9EcDWrEgKo.roa
Signing time: Mon 02 May 2022 07:22:31 +0000
ROA not before: Mon 02 May 2022 07:22:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31732
IP address blocks: 212.90.100.0/22 maxlen: 24
185.220.236.0/22 maxlen: 24
188.209.155.0/24 maxlen: 24
46.249.104.0/21 maxlen: 21
46.249.100.0/22 maxlen: 22
185.129.108.0/22 maxlen: 24
46.249.112.0/21 maxlen: 21
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 348840624 (0x14cae2b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: May 2 07:22:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f5b77223c307d2006223b6c08bd11c0d6ac480aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:c5:26:4c:e4:e1:b5:ed:ff:11:91:80:d3:cc:
0e:d2:e2:80:a5:df:a0:85:d6:66:5a:4e:64:a3:c3:
aa:76:e2:57:75:0a:d7:ce:07:db:41:75:0b:77:f0:
c0:08:df:07:28:a3:a2:a0:05:69:20:f7:8d:7e:fe:
9e:ad:1a:47:eb:2a:21:f6:d3:6d:35:92:98:35:46:
7c:3d:5c:9d:39:bd:21:f1:fb:86:5b:46:5b:35:85:
cd:c7:ad:e4:c1:73:40:5a:2b:5a:a3:22:24:22:81:
1c:10:6e:e8:36:2b:48:e1:99:aa:49:f2:ba:31:53:
6a:ee:2c:be:ef:59:d1:0f:41:60:27:a5:59:ab:31:
24:3b:8b:a8:2d:c5:02:a0:5a:db:04:23:7d:7f:5b:
ba:a5:8b:37:6b:2a:9c:c9:4d:7f:ca:67:e1:7b:00:
28:d6:31:b0:3f:1b:10:18:e6:e6:3f:a2:d9:31:7a:
6c:2b:42:5c:0b:f2:02:b0:0a:bf:fb:ca:94:74:2d:
89:1b:9a:b3:26:98:bc:e4:6a:a1:9e:f4:e3:2f:36:
6f:b8:4f:bc:4e:41:7f:89:32:85:3d:34:5c:72:81:
34:a7:c1:9b:32:27:ef:fc:a8:d8:bc:58:87:f8:f5:
b0:98:d8:bc:f0:c0:94:36:5a:1c:81:d4:ce:50:b4:
41:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:B7:72:23:C3:07:D2:00:62:23:B6:C0:8B:D1:1C:0D:6A:C4:80:AA
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/9bdyI8MH0gBiI7bAi9EcDWrEgKo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.249.100.0-46.249.119.255
185.129.108.0/22
185.220.236.0/22
188.209.155.0/24
212.90.100.0/22
Signature Algorithm: sha256WithRSAEncryption
cc:76:73:f0:64:53:3d:1d:f4:f6:c6:d4:e4:22:ac:53:94:af:
41:90:c9:1f:f0:8a:85:41:ea:60:cc:57:d1:a7:bf:2d:84:e4:
e7:42:c7:9f:99:99:46:7b:53:3f:be:a0:d4:22:51:6c:54:41:
24:e2:5b:67:3d:fa:b9:14:1c:88:c3:1b:9d:c1:96:97:19:70:
da:6a:bf:28:a5:cb:33:df:ec:67:da:3b:f5:4b:d6:0e:ee:bd:
e4:d5:d5:31:d5:8c:23:7f:92:21:cf:cf:73:d5:f0:21:1e:6c:
06:06:da:b8:14:0a:87:1b:3e:2e:1f:e3:0f:b2:3e:ba:eb:ca:
cb:08:2f:40:10:22:b0:30:8f:14:70:2f:6f:46:74:00:dc:19:
3b:1b:da:8e:8b:79:0b:4a:67:11:70:20:19:ee:b5:8f:a2:69:
d9:d4:b4:40:57:31:23:56:8d:c3:e8:eb:8b:f0:81:b0:0e:c7:
b9:8e:48:ff:c9:42:6e:b9:7f:6c:c8:c7:21:f1:d9:8a:4c:dd:
16:ee:2a:ee:1d:eb:bb:96:fc:89:e9:fc:10:5c:b3:6a:3e:f2:
dc:a1:d6:57:3b:65:88:ab:3f:86:16:28:17:f7:3c:70:f2:03:
d0:10:5a:b4:c1:81:e6:07:45:12:bb:50:0d:ad:35:7b:c2:cb:
2a:11:de:14
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIEFMrisDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YWMzZGFhMWIxNDg1MGYyZTYxYzU5MmIyMTkxOTE1YTVlNjVhNDc4MB4XDTIyMDUw
MjA3MjIzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjViNzcyMjNjMzA3
ZDIwMDYyMjNiNmMwOGJkMTFjMGQ2YWM0ODBhYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALfFJkzk4bXt/xGRgNPMDtLigKXfoIXWZlpOZKPDqnbiV3UK
184H20F1C3fwwAjfByijoqAFaSD3jX7+nq0aR+sqIfbTbTWSmDVGfD1cnTm9IfH7
hltGWzWFzcet5MFzQForWqMiJCKBHBBu6DYrSOGZqknyujFTau4svu9Z0Q9BYCel
WasxJDuLqC3FAqBa2wQjfX9buqWLN2sqnMlNf8pn4XsAKNYxsD8bEBjm5j+i2TF6
bCtCXAvyArAKv/vKlHQtiRuasyaYvORqoZ704y82b7hPvE5Bf4kyhT00XHKBNKfB
mzIn7/yo2LxYh/j1sJjYvPDAlDZaHIHUzlC0QRECAwEAAaOCAikwggIlMB0GA1Ud
DgQWBBT1t3IjwwfSAGIjtsCL0RwNasSAqjAfBgNVHSMEGDAWgBQqw9qhsUhQ8uYc
WSshkZFaXmWkeDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tzUGFvYkZJVVBMbUhGa3JJWkdSV2w1bHBIZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzAvNDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8x
LzliZHlJOE1IMGdCaUk3YkFpOUVjRFdyRWdLby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAv
NDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8xL0tzUGFvYkZJVVBM
bUhGa3JJWkdSV2w1bHBIZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA/
BggrBgEFBQcBBwEB/wQwMC4wLAQCAAEwJjAMAwQCLvlkAwQDLvlwAwQCuYFsAwQC
udzsAwQAvNGbAwQC1FpkMA0GCSqGSIb3DQEBCwUAA4IBAQDMdnPwZFM9HfT2xtTk
IqxTlK9BkMkf8IqFQepgzFfRp78thOTnQsefmZlGe1M/vqDUIlFsVEEk4ltnPfq5
FByIwxudwZaXGXDaar8opcsz3+xn2jv1S9YO7r3k1dUx1Ywjf5Ihz89z1fAhHmwG
Btq4FAqHGz4uH+MPsj6668rLCC9AECKwMI8UcC9vRnQA3Bk7G9qOi3kLSmcRcCAZ
7rWPomnZ1LRAVzEjVo3D6OuL8IGwDse5jkj/yUJuuX9syMch8dmKTN0W7iruHeu7
lvyJ6fwQXLNqPvLcodZXO2WIqz+GFigX9zxw8gPQEFq0wYHmB0USu1ANrTV7wssq
Ed4U
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:15 2024 by rpki-client on console-ams.rpki-client.org