Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/80c568-bd15-4f32-8dd4-066866f2ded0/1/eJJt-eO4we5mHJee7D3oGLnCxGA.roa
File: eJJt-eO4we5mHJee7D3oGLnCxGA.roa (raw, json)
Hash identifier: iUWUhRralXFupwgu5W1jeTfJwgHvLbHIs8Zsuh3DRQQ=
Subject key identifier: 78:92:6D:F9:E3:B8:C1:EE:66:1C:97:9E:EC:3D:E8:18:B9:C2:C4:60
Certificate issuer: /CN=c67e2a46e34f491433c8b62f319b902bddfde831
Certificate serial: 043DF950
Authority key identifier: C6:7E:2A:46:E3:4F:49:14:33:C8:B6:2F:31:9B:90:2B:DD:FD:E8:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xn4qRuNPSRQzyLYvMZuQK9396DE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/80c568-bd15-4f32-8dd4-066866f2ded0/1/eJJt-eO4we5mHJee7D3oGLnCxGA.roa
Signing time: Fri 25 Feb 2022 12:39:38 +0000
ROA not before: Fri 25 Feb 2022 12:39:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208673
IP address blocks: 37.49.231.0/24 maxlen: 24
185.53.91.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 71170384 (0x43df950)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c67e2a46e34f491433c8b62f319b902bddfde831
Validity
Not Before: Feb 25 12:39:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=78926df9e3b8c1ee661c979eec3de818b9c2c460
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:3b:97:5f:ff:48:10:d1:91:79:77:df:c4:c6:
53:c3:93:c8:eb:83:85:52:41:df:a1:ec:da:54:b2:
92:dc:88:70:fc:d7:e2:13:08:18:38:44:d0:df:f3:
ee:c2:8e:5d:d7:19:f9:87:fc:3b:ce:2a:6e:23:1e:
89:e1:ba:60:1d:81:2a:be:1b:88:0a:24:80:a6:b8:
45:8a:88:83:48:6b:36:cb:bc:e4:d4:59:4f:af:25:
51:88:c3:8f:2e:3c:05:1e:8a:e4:1c:72:df:f4:c4:
f5:3b:76:55:8c:ab:95:44:58:61:62:a7:f8:83:86:
37:f9:00:1a:29:d3:fc:c3:4a:3d:4d:4b:53:00:e0:
c9:f0:14:d6:6e:e4:58:50:c6:fc:85:2e:a3:37:a5:
dd:7d:e5:a0:d2:3d:52:45:bb:ff:f6:3e:3e:e3:95:
25:b4:3b:2e:d3:c2:10:b0:5e:37:8f:5d:08:c2:97:
5c:f9:cd:90:34:c5:c3:f0:06:db:85:62:85:e5:cd:
47:dc:7d:27:8e:7e:36:49:37:47:05:a6:6d:1f:f9:
bd:b2:1a:e7:40:65:78:56:cf:49:e8:27:23:b4:76:
5a:93:85:0e:6e:10:70:f1:e4:41:dd:4e:a8:67:e6:
84:da:6a:17:b3:fd:46:fe:77:73:e0:35:e6:28:36:
df:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:92:6D:F9:E3:B8:C1:EE:66:1C:97:9E:EC:3D:E8:18:B9:C2:C4:60
X509v3 Authority Key Identifier:
keyid:C6:7E:2A:46:E3:4F:49:14:33:C8:B6:2F:31:9B:90:2B:DD:FD:E8:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xn4qRuNPSRQzyLYvMZuQK9396DE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/80c568-bd15-4f32-8dd4-066866f2ded0/1/eJJt-eO4we5mHJee7D3oGLnCxGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/80c568-bd15-4f32-8dd4-066866f2ded0/1/xn4qRuNPSRQzyLYvMZuQK9396DE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.231.0/24
185.53.91.0/24
Signature Algorithm: sha256WithRSAEncryption
77:23:74:a5:e0:1e:8a:61:67:8c:e5:fd:fb:d5:de:43:60:8b:
98:d0:b3:16:65:48:21:20:70:34:72:50:0c:20:0e:8e:84:88:
c5:6c:f0:4c:53:4b:25:8f:de:19:fa:32:7e:54:8e:4e:fb:e9:
2e:be:60:f7:48:30:37:56:13:0d:88:ce:7a:da:95:06:1f:56:
0c:13:82:e5:5f:d4:b8:ef:82:0f:11:b2:f6:a8:40:ea:1c:2e:
dc:3e:17:1f:29:2c:96:56:49:4e:11:da:3f:57:a0:5d:b6:69:
b0:45:84:3d:a0:b7:89:21:13:86:92:29:85:c6:87:db:bb:b0:
db:42:ad:2e:7c:0b:7f:ef:59:2a:e9:80:86:21:12:41:ee:ff:
aa:65:3e:8a:61:ad:6b:bd:03:a1:89:60:c1:19:ac:fb:b9:68:
c9:4e:9e:a3:b9:4d:11:50:f6:1f:61:b9:25:9a:d0:86:39:94:
56:41:46:81:9c:6d:9f:46:c0:38:5c:5b:9c:96:ba:d0:e3:4f:
f9:38:2c:4c:96:0e:27:00:7e:e2:a0:99:88:2c:b3:a4:ba:8f:
29:ea:7d:92:97:00:ba:cf:6c:3a:99:9e:f4:49:42:9b:48:b5:
77:7a:02:c8:57:82:75:97:37:13:f4:ab:3c:15:26:85:a4:8f:
0c:e4:55:c8
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBD35UDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NjdlMmE0NmUzNGY0OTE0MzNjOGI2MmYzMTliOTAyYmRkZmRlODMxMB4XDTIyMDIy
NTEyMzkzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzg5MjZkZjllM2I4
YzFlZTY2MWM5NzllZWMzZGU4MThiOWMyYzQ2MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALs7l1//SBDRkXl338TGU8OTyOuDhVJB36Hs2lSyktyIcPzX
4hMIGDhE0N/z7sKOXdcZ+Yf8O84qbiMeieG6YB2BKr4biAokgKa4RYqIg0hrNsu8
5NRZT68lUYjDjy48BR6K5Bxy3/TE9Tt2VYyrlURYYWKn+IOGN/kAGinT/MNKPU1L
UwDgyfAU1m7kWFDG/IUuozel3X3loNI9UkW7//Y+PuOVJbQ7LtPCELBeN49dCMKX
XPnNkDTFw/AG24ViheXNR9x9J45+Nkk3RwWmbR/5vbIa50BleFbPSegnI7R2WpOF
Dm4QcPHkQd1OqGfmhNpqF7P9Rv53c+A15ig23xkCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBR4km3547jB7mYcl57sPegYucLEYDAfBgNVHSMEGDAWgBTGfipG409JFDPI
ti8xm5Ar3f3oMTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3huNHFSdU5QU1JRenlMWXZNWnVRSzkzOTZERS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDcvODBjNTY4LWJkMTUtNGYzMi04ZGQ0LTA2Njg2NmYyZGVkMC8x
L2VKSnQtZU80d2U1bUhKZWU3RDNvR0xuQ3hHQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDcv
ODBjNTY4LWJkMTUtNGYzMi04ZGQ0LTA2Njg2NmYyZGVkMC8xL3huNHFSdU5QU1JR
enlMWXZNWnVRSzkzOTZERS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEACUx5wMEALk1WzANBgkqhkiG9w0B
AQsFAAOCAQEAdyN0peAeimFnjOX9+9XeQ2CLmNCzFmVIISBwNHJQDCAOjoSIxWzw
TFNLJY/eGfoyflSOTvvpLr5g90gwN1YTDYjOetqVBh9WDBOC5V/UuO+CDxGy9qhA
6hwu3D4XHyksllZJThHaP1egXbZpsEWEPaC3iSEThpIphcaH27uw20KtLnwLf+9Z
KumAhiESQe7/qmU+imGta70DoYlgwRms+7loyU6eo7lNEVD2H2G5JZrQhjmUVkFG
gZxtn0bAOFxbnJa60ONP+TgsTJYOJwB+4qCZiCyzpLqPKep9kpcAus9sOpme9ElC
m0i1d3oCyFeCdZc3E/SrPBUmhaSPDORVyA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:39 2024 by rpki-client on console-fra.rpki-client.org