Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/5AvPt9ncwrBXMiCgq3-d8fgxI8s.roa
File: 5AvPt9ncwrBXMiCgq3-d8fgxI8s.roa (raw, json)
Hash identifier: pBMeIt1RZgHlIlIgjJThiZALW5pcf7fpyUf8gsjcTs4=
Subject key identifier: E4:0B:CF:B7:D9:DC:C2:B0:57:32:20:A0:AB:7F:9D:F1:F8:31:23:CB
Certificate issuer: /CN=ae736cafddb6ebb8d7c76943f4a271e038510aa9
Certificate serial: 04E46A8C
Authority key identifier: AE:73:6C:AF:DD:B6:EB:B8:D7:C7:69:43:F4:A2:71:E0:38:51:0A:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/5AvPt9ncwrBXMiCgq3-d8fgxI8s.roa
Signing time: Sat 01 Jan 2022 15:04:23 +0000
ROA not before: Sat 01 Jan 2022 15:04:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200845
IP address blocks: 185.137.103.0/24 maxlen: 24
185.137.102.0/24 maxlen: 24
185.137.100.0/22 maxlen: 22
185.137.101.0/24 maxlen: 24
185.137.100.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82078348 (0x4e46a8c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae736cafddb6ebb8d7c76943f4a271e038510aa9
Validity
Not Before: Jan 1 15:04:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e40bcfb7d9dcc2b0573220a0ab7f9df1f83123cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:9c:05:2f:09:ed:bd:bf:9b:88:86:17:d1:6c:
8c:ec:3d:f9:eb:79:6a:75:2e:46:54:30:5b:dc:63:
48:3e:b6:25:4b:de:ab:f4:d0:d2:82:b8:92:68:91:
1b:e5:82:39:4a:db:f4:39:ef:c7:ab:e9:d2:47:ba:
ab:eb:56:62:35:d5:da:f3:f6:7a:01:4b:33:9c:23:
3c:67:ba:c8:84:34:4f:00:64:71:96:c9:98:ba:be:
ec:21:fc:4a:99:0c:61:34:f0:00:9f:34:67:89:09:
de:76:63:a7:ee:23:bc:58:5f:01:b1:52:de:00:9f:
25:b9:a5:4b:98:bc:e2:0b:87:05:ed:10:94:23:aa:
3a:f2:95:7e:11:59:e9:61:e8:cf:22:dd:3a:2d:4e:
94:f9:38:de:f3:19:ae:3a:d5:de:d1:19:14:8b:f7:
9f:3b:16:81:09:dc:48:50:14:e6:1e:3d:93:6a:30:
bf:a7:e1:a1:cf:d9:d0:c4:24:10:25:c1:96:bd:c7:
79:b5:bc:fb:e9:51:72:43:8d:45:79:4c:05:04:f2:
88:4a:7e:ec:ac:f0:7a:c5:f6:d2:4c:cc:8f:d1:9d:
9d:20:ab:f5:58:ce:b2:7e:16:cc:af:52:26:8c:c5:
18:2c:46:31:46:79:ed:ee:f9:f1:b7:70:bc:ac:85:
cd:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:0B:CF:B7:D9:DC:C2:B0:57:32:20:A0:AB:7F:9D:F1:F8:31:23:CB
X509v3 Authority Key Identifier:
keyid:AE:73:6C:AF:DD:B6:EB:B8:D7:C7:69:43:F4:A2:71:E0:38:51:0A:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/5AvPt9ncwrBXMiCgq3-d8fgxI8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/rnNsr92267jXx2lD9KJx4DhRCqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.100.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:87:6a:0c:82:02:80:51:48:cb:a2:7d:b0:74:0c:a0:08:60:
4a:e3:87:b4:73:5a:ea:83:c4:1d:d1:c2:94:b2:55:df:62:ed:
87:9d:b7:4c:fb:e1:be:55:d5:df:0b:73:d2:e0:ee:84:c1:9f:
4e:96:9f:13:eb:dd:51:73:b7:c1:7a:2e:f9:8a:71:08:b1:9d:
b4:83:30:68:64:e4:6d:c4:f5:b2:86:50:fd:f1:d1:b4:1e:40:
60:ad:a4:42:1c:13:0b:61:ce:7a:0c:87:a3:5b:8e:3f:28:2a:
2a:ae:30:8c:cd:2a:b6:10:f2:af:98:ad:22:46:8f:05:39:b3:
25:ce:28:13:43:a8:69:37:e6:f6:c9:8f:20:23:96:49:49:c1:
ab:70:2c:cb:6f:2c:51:91:82:10:e8:7d:55:ff:56:2c:3f:0a:
6e:51:6d:64:13:7f:87:81:b1:98:2e:3e:d3:3c:f2:09:11:fd:
77:3c:db:66:d4:22:a8:b9:0b:31:ef:a0:87:85:4d:20:71:33:
e2:57:78:52:70:14:4c:1f:55:ed:68:b5:24:eb:4b:87:ad:f7:
4a:16:7a:a6:35:13:4d:e6:e3:aa:16:b0:e7:b0:be:72:9d:0f:
3f:a5:ad:3a:21:96:3c:26:cb:7a:28:e9:19:af:7f:d6:4f:f5:
d6:97:6a:de
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBORqjDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZTczNmNhZmRkYjZlYmI4ZDdjNzY5NDNmNGEyNzFlMDM4NTEwYWE5MB4XDTIyMDEw
MTE1MDQyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTQwYmNmYjdkOWRj
YzJiMDU3MzIyMGEwYWI3ZjlkZjFmODMxMjNjYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIacBS8J7b2/m4iGF9FsjOw9+et5anUuRlQwW9xjSD62JUve
q/TQ0oK4kmiRG+WCOUrb9Dnvx6vp0ke6q+tWYjXV2vP2egFLM5wjPGe6yIQ0TwBk
cZbJmLq+7CH8SpkMYTTwAJ80Z4kJ3nZjp+4jvFhfAbFS3gCfJbmlS5i84guHBe0Q
lCOqOvKVfhFZ6WHozyLdOi1OlPk43vMZrjrV3tEZFIv3nzsWgQncSFAU5h49k2ow
v6fhoc/Z0MQkECXBlr3HebW8++lRckONRXlMBQTyiEp+7KzwesX20kzMj9GdnSCr
9VjOsn4WzK9SJozFGCxGMUZ57e758bdwvKyFzc8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTkC8+32dzCsFcyIKCrf53x+DEjyzAfBgNVHSMEGDAWgBSuc2yv3bbruNfH
aUP0onHgOFEKqTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JuTnNyOTIyNjdqWHgybEQ5S0p4NERoUkNxay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDUvODZlMzJiLWYwNjctNDUwZi1iNjdjLTNhYTE1MGE5MmFiNy8x
LzVBdlB0OW5jd3JCWE1pQ2dxMy1kOGZneEk4cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDUv
ODZlMzJiLWYwNjctNDUwZi1iNjdjLTNhYTE1MGE5MmFiNy8xL3JuTnNyOTIyNjdq
WHgybEQ5S0p4NERoUkNxay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmJZDANBgkqhkiG9w0BAQsFAAOC
AQEAeodqDIICgFFIy6J9sHQMoAhgSuOHtHNa6oPEHdHClLJV32Lth523TPvhvlXV
3wtz0uDuhMGfTpafE+vdUXO3wXou+YpxCLGdtIMwaGTkbcT1soZQ/fHRtB5AYK2k
QhwTC2HOegyHo1uOPygqKq4wjM0qthDyr5itIkaPBTmzJc4oE0OoaTfm9smPICOW
SUnBq3Asy28sUZGCEOh9Vf9WLD8KblFtZBN/h4GxmC4+0zzyCRH9dzzbZtQiqLkL
Me+gh4VNIHEz4ld4UnAUTB9V7Wi1JOtLh633ShZ6pjUTTebjqhaw57C+cp0PP6Wt
OiGWPCbLeijpGa9/1k/11pdq3g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:27 2024 by rpki-client on console-fra.rpki-client.org