Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/eqNPK6xtocEVV3i5VqFP9irBxNM.roa
File: eqNPK6xtocEVV3i5VqFP9irBxNM.roa (raw, json)
Hash identifier: Kxb5l16w28ysUuEs+mnKftqbwCHY/92cOc9fxmnEUJA=
Subject key identifier: 7A:A3:4F:2B:AC:6D:A1:C1:15:57:78:B9:56:A1:4F:F6:2A:C1:C4:D3
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018259AA362F7CC075961ABCC3770219F843
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/eqNPK6xtocEVV3i5VqFP9irBxNM.roa
Signing time: Mon 01 Aug 2022 13:48:23 +0000
ROA not before: Mon 01 Aug 2022 13:48:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31732
IP address blocks: 185.220.236.0/22 maxlen: 24
188.209.155.0/24 maxlen: 24
185.215.244.0/24 maxlen: 24
185.215.245.0/24 maxlen: 24
185.215.246.0/24 maxlen: 24
5.226.48.0/21 maxlen: 24
185.129.108.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:59:aa:36:2f:7c:c0:75:96:1a:bc:c3:77:02:19:f8:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Aug 1 13:48:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7aa34f2bac6da1c1155778b956a14ff62ac1c4d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:0f:2e:46:37:c7:cd:17:84:ff:d5:eb:3f:c8:
d3:15:fe:a9:bc:f8:e5:ec:78:91:a1:c9:ce:97:ba:
e6:83:6a:dd:0f:f7:02:3d:cf:18:51:e5:e3:cc:d4:
0a:51:65:27:8e:bf:33:38:37:4b:d7:38:ba:50:52:
24:2a:ff:6e:4c:60:a5:2b:be:7b:16:7a:46:df:d6:
31:4b:f1:e5:d2:a3:12:a0:d1:19:e0:c3:f8:01:b9:
22:2c:eb:4c:ee:bc:f0:e5:61:22:58:81:ef:d4:e8:
f9:ea:55:11:1c:26:f7:ae:8e:f5:2c:59:07:05:76:
34:de:25:e7:15:4d:7e:2e:fe:a3:19:fb:92:b2:33:
1d:8f:40:9e:cc:c1:2b:dc:bc:71:79:c6:47:c1:33:
0b:fd:e0:74:cb:5b:8e:d5:0e:79:c7:70:a3:63:81:
f6:89:3c:ca:f9:1f:d3:a0:b0:53:34:c2:40:4f:1c:
e5:2f:51:96:65:f0:05:b1:9d:bc:b9:e5:c6:95:01:
10:0b:ed:34:a1:03:e4:50:1c:40:8a:de:4a:1c:07:
d6:f7:e3:2b:14:0e:c5:7b:8c:e7:ec:0d:5c:7e:a1:
98:1a:d5:c6:a6:2b:35:51:d0:c1:9b:37:81:47:4e:
42:9c:f8:c5:44:d0:e3:ea:46:93:ad:b5:27:c6:64:
d3:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:A3:4F:2B:AC:6D:A1:C1:15:57:78:B9:56:A1:4F:F6:2A:C1:C4:D3
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/eqNPK6xtocEVV3i5VqFP9irBxNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.48.0/21
185.129.108.0/22
185.215.244.0-185.215.246.255
185.220.236.0/22
188.209.155.0/24
Signature Algorithm: sha256WithRSAEncryption
ce:82:09:2f:c9:5b:cb:4f:9a:7c:45:9e:db:14:26:66:87:3b:
8f:7b:9e:44:1d:9f:d1:42:9b:aa:29:74:7c:e6:f1:3c:b0:dd:
ea:cc:f7:31:d2:ef:4b:cc:78:cc:7f:ac:89:9b:d3:7b:32:cd:
16:51:5f:14:de:6a:6a:a7:c7:e2:1c:ba:d9:d9:e2:41:44:76:
ef:88:80:b3:e6:40:99:05:47:15:d6:7a:8c:8d:16:bb:bd:32:
05:18:68:39:cc:d3:16:fe:7b:ef:1a:9c:28:b5:aa:d4:f4:66:
9a:f0:3a:00:13:de:f7:b0:63:0a:94:5c:a6:17:a5:0c:ba:32:
83:a6:5f:74:0b:e2:f8:c1:99:a9:b7:a2:5d:99:2f:92:00:18:
93:b4:7c:47:3f:3a:c9:0e:03:9e:9c:ae:8e:50:6d:f9:11:a4:
43:e8:20:c6:f6:68:cc:8d:27:e6:85:27:94:d2:38:89:8f:61:
07:61:52:57:09:16:74:6e:b7:86:99:70:78:84:52:af:98:19:
8a:79:ab:c4:93:c9:a7:d2:57:37:a0:06:17:7a:67:45:84:58:
be:c5:a2:8b:d7:0f:5f:af:41:9e:87:47:8e:b0:65:05:a7:70:
88:5a:af:4e:bd:3b:5e:10:bb:7b:ea:12:c2:cc:d1:17:0c:8f:
b0:0c:f2:63
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYJZqjYvfMB1lhq8w3cCGfhDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjIwODAxMTM0ODIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWEzNGYyYmFjNmRhMWMxMTU1Nzc4Yjk1NmExNGZmNjJhYzFjNGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjw8uRjfHzReE/9XrP8jTFf6pvPjl
7HiRocnOl7rmg2rdD/cCPc8YUeXjzNQKUWUnjr8zODdL1zi6UFIkKv9uTGClK757
FnpG39YxS/Hl0qMSoNEZ4MP4AbkiLOtM7rzw5WEiWIHv1Oj56lURHCb3ro71LFkH
BXY03iXnFU1+Lv6jGfuSsjMdj0CezMEr3LxxecZHwTML/eB0y1uO1Q55x3CjY4H2
iTzK+R/ToLBTNMJATxzlL1GWZfAFsZ28ueXGlQEQC+00oQPkUBxAit5KHAfW9+Mr
FA7Fe4zn7A1cfqGYGtXGpis1UdDBmzeBR05CnPjFRNDj6kaTrbUnxmTTKwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFHqjTyusbaHBFVd4uVahT/YqwcTTMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvZXFOUEs2eHRvY0VWVjNpNVZxRlA5aXJCeE5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQDBeIwAwQC
uYFsMAwDBAK51/QDBAC51/YDBAK53OwDBAC80ZswDQYJKoZIhvcNAQELBQADggEB
AM6CCS/JW8tPmnxFntsUJmaHO497nkQdn9FCm6opdHzm8Tyw3erM9zHS70vMeMx/
rImb03syzRZRXxTeamqnx+IcutnZ4kFEdu+IgLPmQJkFRxXWeoyNFru9MgUYaDnM
0xb+e+8anCi1qtT0ZprwOgAT3vewYwqUXKYXpQy6MoOmX3QL4vjBmam3ol2ZL5IA
GJO0fEc/OskOA56cro5QbfkRpEPoIMb2aMyNJ+aFJ5TSOImPYQdhUlcJFnRut4aZ
cHiEUq+YGYp5q8STyafSVzegBhd6Z0WEWL7FoovXD1+vQZ6HR46wZQWncIhar069
O14Qu3vqEsLM0RcMj7AM8mM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:16 2024 by rpki-client on console-ams.rpki-client.org