Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/e005c2-affa-458f-aaf8-8af56e733600/1/kjAL-E-jRurx3MIJSzYC4q0hRuQ.roa
File: kjAL-E-jRurx3MIJSzYC4q0hRuQ.roa (raw, json)
Hash identifier: uPCyuhay7gZ5eOWJTSYHbWB2TlstiqxZCR6LARCkm9g=
Subject key identifier: 92:30:0B:F8:4F:A3:46:EA:F1:DC:C2:09:4B:36:02:E2:AD:21:46:E4
Certificate issuer: /CN=4b57725b0a605d4ddcc464b70dcb3a162a5f055b
Certificate serial: 121F193F
Authority key identifier: 4B:57:72:5B:0A:60:5D:4D:DC:C4:64:B7:0D:CB:3A:16:2A:5F:05:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S1dyWwpgXU3cxGS3Dcs6FipfBVs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/e005c2-affa-458f-aaf8-8af56e733600/1/kjAL-E-jRurx3MIJSzYC4q0hRuQ.roa
Signing time: Thu 21 Apr 2022 12:04:05 +0000
ROA not before: Thu 21 Apr 2022 12:04:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51407
IP address blocks: 46.32.216.0/23 maxlen: 23
46.32.214.0/23 maxlen: 23
46.32.218.0/23 maxlen: 23
46.32.220.0/23 maxlen: 23
95.215.131.0/24 maxlen: 24
37.60.144.0/23 maxlen: 23
37.60.144.0/21 maxlen: 21
37.60.148.0/23 maxlen: 23
37.60.146.0/23 maxlen: 23
37.60.150.0/23 maxlen: 23
31.25.74.0/23 maxlen: 23
31.25.72.0/23 maxlen: 23
31.25.78.0/23 maxlen: 23
31.25.76.0/23 maxlen: 23
46.32.192.0/21 maxlen: 21
46.32.192.0/23 maxlen: 23
46.32.194.0/23 maxlen: 23
46.32.198.0/23 maxlen: 23
46.32.196.0/23 maxlen: 23
46.32.202.0/23 maxlen: 23
46.32.201.0/24 maxlen: 24
46.32.200.0/24 maxlen: 24
46.32.206.0/23 maxlen: 23
46.32.204.0/23 maxlen: 23
46.32.208.0/24 maxlen: 24
46.32.212.0/23 maxlen: 23
46.32.210.0/23 maxlen: 23
188.227.233.0/24 maxlen: 24
188.227.232.0/24 maxlen: 24
188.227.232.0/23 maxlen: 23
188.227.238.0/23 maxlen: 23
188.227.236.0/23 maxlen: 23
188.227.235.0/24 maxlen: 24
188.227.234.0/23 maxlen: 23
188.227.234.0/24 maxlen: 24
5.34.163.0/24 maxlen: 24
5.34.162.0/24 maxlen: 24
5.34.162.0/23 maxlen: 23
5.34.164.0/23 maxlen: 23
5.34.166.0/23 maxlen: 23
46.28.138.0/23 maxlen: 23
46.28.142.0/23 maxlen: 23
31.13.163.0/24 maxlen: 24
31.13.162.0/23 maxlen: 23
31.13.162.0/24 maxlen: 24
31.13.160.0/23 maxlen: 23
31.13.164.0/23 maxlen: 23
31.13.166.0/23 maxlen: 23
185.7.120.0/23 maxlen: 23
185.7.122.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 304027967 (0x121f193f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b57725b0a605d4ddcc464b70dcb3a162a5f055b
Validity
Not Before: Apr 21 12:04:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=92300bf84fa346eaf1dcc2094b3602e2ad2146e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:80:6b:3c:95:50:3d:6f:3a:40:fb:a1:c1:5e:
f2:35:a7:c7:f3:af:95:f6:67:38:ab:f7:1d:22:df:
1f:b3:82:bc:53:4d:28:86:fe:c6:0a:d4:cd:7d:8d:
c1:49:d8:b4:fa:67:e2:33:26:29:e4:29:de:1e:72:
0f:19:1f:92:f2:15:52:6e:83:c6:ab:30:1b:ac:2b:
f3:4a:9e:3c:53:02:b4:f0:62:98:1b:52:5b:b7:13:
29:78:86:3b:9e:92:97:17:3f:bb:05:e1:df:34:04:
6c:2d:c3:22:d6:99:a7:a4:67:8b:41:90:12:47:7e:
18:b2:17:e7:1c:9f:0a:7e:15:4b:43:cb:9a:03:61:
38:0f:7e:2e:eb:9c:96:16:95:6f:37:13:90:b2:08:
fe:70:60:14:65:0a:1d:66:48:d1:dd:ad:af:3d:ed:
91:1e:85:3e:87:b3:5a:a3:f8:ea:d0:f7:c7:61:e6:
7c:4a:5b:40:81:62:f9:ea:da:a0:e9:00:ea:20:37:
79:f2:89:32:eb:66:dd:af:a1:1c:8e:33:7b:f8:2e:
bf:32:c8:3f:a4:41:fc:c4:c2:46:5b:c0:4e:b9:6a:
c3:7d:9e:04:88:0c:15:0c:09:4b:fe:c8:23:7d:9e:
ac:57:59:fc:b7:b4:b8:85:b6:28:1d:84:26:74:64:
d2:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:30:0B:F8:4F:A3:46:EA:F1:DC:C2:09:4B:36:02:E2:AD:21:46:E4
X509v3 Authority Key Identifier:
keyid:4B:57:72:5B:0A:60:5D:4D:DC:C4:64:B7:0D:CB:3A:16:2A:5F:05:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S1dyWwpgXU3cxGS3Dcs6FipfBVs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/e005c2-affa-458f-aaf8-8af56e733600/1/kjAL-E-jRurx3MIJSzYC4q0hRuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/e005c2-affa-458f-aaf8-8af56e733600/1/S1dyWwpgXU3cxGS3Dcs6FipfBVs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.162.0-5.34.167.255
31.13.160.0/21
31.25.72.0/21
37.60.144.0/21
46.28.138.0/23
46.28.142.0/23
46.32.192.0-46.32.208.255
46.32.210.0-46.32.221.255
95.215.131.0/24
185.7.120.0/22
188.227.232.0/21
Signature Algorithm: sha256WithRSAEncryption
94:c4:1c:98:f3:8f:40:0c:bc:70:48:7e:24:ad:3d:f8:dc:fe:
5f:15:80:66:55:23:e1:06:55:30:85:74:83:d2:86:28:f8:30:
6f:d7:17:88:7a:24:c9:00:d7:46:03:16:e8:a4:0b:b7:71:b9:
8e:cc:ea:70:f2:47:f7:18:c7:57:9a:2b:6b:84:dc:43:f9:54:
61:d2:4d:1a:48:80:df:2d:a3:1d:96:fc:84:6b:76:0e:ee:3b:
66:be:58:3e:a9:41:91:77:7d:db:1a:23:c9:a9:7d:97:59:83:
6d:7c:7c:de:82:2f:a0:dc:53:bd:f6:63:eb:46:19:f1:65:2d:
84:f0:b8:b1:3b:93:6b:2c:bb:3f:a3:34:7a:b0:fc:4d:c5:85:
d8:6f:e5:a1:00:9c:3b:7e:22:c5:fd:98:2d:50:55:90:e3:2e:
7b:b5:c2:bc:d0:48:64:d3:30:14:c1:c7:4c:f9:03:b0:26:de:
82:04:5a:e4:a4:94:0e:c8:bf:ac:56:cc:5d:48:18:41:20:fb:
e8:f7:a7:71:a4:54:f7:fa:2f:8c:50:a0:82:f5:aa:0d:62:b8:
d2:9b:51:79:6b:69:5b:4b:1f:a6:a9:01:38:3a:68:d7:a1:c7:
d1:13:6f:d9:e7:d3:6a:9e:4f:97:90:fb:7d:b1:e3:11:06:de:
58:49:a0:01
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIEEh8ZPzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YjU3NzI1YjBhNjA1ZDRkZGNjNDY0YjcwZGNiM2ExNjJhNWYwNTViMB4XDTIyMDQy
MTEyMDQwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTIzMDBiZjg0ZmEz
NDZlYWYxZGNjMjA5NGIzNjAyZTJhZDIxNDZlNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKGAazyVUD1vOkD7ocFe8jWnx/OvlfZnOKv3HSLfH7OCvFNN
KIb+xgrUzX2NwUnYtPpn4jMmKeQp3h5yDxkfkvIVUm6DxqswG6wr80qePFMCtPBi
mBtSW7cTKXiGO56Slxc/uwXh3zQEbC3DItaZp6Rni0GQEkd+GLIX5xyfCn4VS0PL
mgNhOA9+LuuclhaVbzcTkLII/nBgFGUKHWZI0d2trz3tkR6FPoezWqP46tD3x2Hm
fEpbQIFi+eraoOkA6iA3efKJMutm3a+hHI4ze/guvzLIP6RB/MTCRlvATrlqw32e
BIgMFQwJS/7II32erFdZ/Le0uIW2KB2EJnRk0gECAwEAAaOCAl0wggJZMB0GA1Ud
DgQWBBSSMAv4T6NG6vHcwglLNgLirSFG5DAfBgNVHSMEGDAWgBRLV3JbCmBdTdzE
ZLcNyzoWKl8FWzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1MxZHlXd3BnWFUzY3hHUzNEY3M2RmlwZkJWcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvZTAwNWMyLWFmZmEtNDU4Zi1hYWY4LThhZjU2ZTczMzYwMC8x
L2tqQUwtRS1qUnVyeDNNSUpTellDNHEwaFJ1US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
ZTAwNWMyLWFmZmEtNDU4Zi1hYWY4LThhZjU2ZTczMzYwMC8xL1MxZHlXd3BnWFUz
Y3hHUzNEY3M2RmlwZkJWcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBz
BggrBgEFBQcBBwEB/wRkMGIwYAQCAAEwWjAMAwQBBSKiAwQDBSKgAwQDHw2gAwQD
HxlIAwQDJTyQAwQBLhyKAwQBLhyOMAwDBAYuIMADBAAuINAwDAMEAS4g0gMEAS4g
3AMEAF/XgwMEArkHeAMEA7zj6DANBgkqhkiG9w0BAQsFAAOCAQEAlMQcmPOPQAy8
cEh+JK09+Nz+XxWAZlUj4QZVMIV0g9KGKPgwb9cXiHokyQDXRgMW6KQLt3G5jszq
cPJH9xjHV5ora4TcQ/lUYdJNGkiA3y2jHZb8hGt2Du47Zr5YPqlBkXd92xojyal9
l1mDbXx83oIvoNxTvfZj60YZ8WUthPC4sTuTayy7P6M0erD8TcWF2G/loQCcO34i
xf2YLVBVkOMue7XCvNBIZNMwFMHHTPkDsCbeggRa5KSUDsi/rFbMXUgYQSD76Pen
caRU9/ovjFCggvWqDWK40ptReWtpW0sfpqkBODpo16HH0RNv2efTap5Pl5D7fbHj
EQbeWEmgAQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:43 2024 by rpki-client on console-ams.rpki-client.org