Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/80c568-bd15-4f32-8dd4-066866f2ded0/1/meBfXWwWcqUQallErZAA9Dkh_iQ.roa
File: meBfXWwWcqUQallErZAA9Dkh_iQ.roa (raw, json)
Hash identifier: PpibVb5hFoiaXrMW6efmYNBSjcuW7Y6p9SzULEvzz8o=
Subject key identifier: 99:E0:5F:5D:6C:16:72:A5:10:6A:59:44:AD:90:00:F4:39:21:FE:24
Certificate issuer: /CN=c67e2a46e34f491433c8b62f319b902bddfde831
Certificate serial: 03B9183B
Authority key identifier: C6:7E:2A:46:E3:4F:49:14:33:C8:B6:2F:31:9B:90:2B:DD:FD:E8:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xn4qRuNPSRQzyLYvMZuQK9396DE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/80c568-bd15-4f32-8dd4-066866f2ded0/1/meBfXWwWcqUQallErZAA9Dkh_iQ.roa
Signing time: Sat 01 Jan 2022 06:57:34 +0000
ROA not before: Sat 01 Jan 2022 06:57:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208673
IP address blocks: 37.49.231.0/24 maxlen: 24
77.247.111.0/24 maxlen: 24
185.53.91.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62462011 (0x3b9183b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c67e2a46e34f491433c8b62f319b902bddfde831
Validity
Not Before: Jan 1 06:57:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=99e05f5d6c1672a5106a5944ad9000f43921fe24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:5f:33:89:fe:ad:b6:e9:a3:7c:ab:40:fe:48:
09:65:25:12:73:e4:75:34:9a:7f:8a:7a:5d:87:c3:
98:71:6a:09:83:84:d8:0e:ac:fb:c7:86:82:1e:66:
d4:71:79:35:6d:c2:d0:82:5f:b4:75:bf:26:33:e8:
84:0d:01:99:b4:54:d1:7c:83:4a:99:e5:4b:2b:62:
17:f7:ba:d0:e3:ed:a4:82:53:a3:83:7f:bb:4c:ed:
ce:1e:03:b6:f1:7b:4f:6c:d3:40:fd:34:70:c5:2f:
5f:b7:56:d8:2d:06:19:42:6d:14:55:67:ca:f7:8d:
66:c5:b5:b8:5a:20:48:2d:78:82:1f:6a:ce:c7:0d:
80:15:e0:69:d4:13:bb:e8:38:05:5d:87:ff:31:39:
30:ec:d4:10:ca:c8:d0:93:1f:9b:c9:d5:e7:f9:bd:
ec:29:38:a4:e4:96:68:27:8f:48:11:47:f4:d6:73:
46:cd:8a:56:3f:9b:99:18:61:89:fd:39:bd:9b:41:
56:1e:33:b0:aa:71:c3:6f:2c:1f:9d:c3:7a:6a:66:
fd:6e:5f:85:05:d7:cf:b9:f3:b7:8c:f8:df:28:d3:
13:6f:50:2e:06:e8:6f:d6:dc:08:91:1b:10:56:b2:
e5:f5:ed:4c:4c:ff:42:d0:11:9d:ea:44:17:6f:27:
25:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:E0:5F:5D:6C:16:72:A5:10:6A:59:44:AD:90:00:F4:39:21:FE:24
X509v3 Authority Key Identifier:
keyid:C6:7E:2A:46:E3:4F:49:14:33:C8:B6:2F:31:9B:90:2B:DD:FD:E8:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xn4qRuNPSRQzyLYvMZuQK9396DE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/80c568-bd15-4f32-8dd4-066866f2ded0/1/meBfXWwWcqUQallErZAA9Dkh_iQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/80c568-bd15-4f32-8dd4-066866f2ded0/1/xn4qRuNPSRQzyLYvMZuQK9396DE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.231.0/24
77.247.111.0/24
185.53.91.0/24
Signature Algorithm: sha256WithRSAEncryption
11:e1:8d:18:88:e6:1e:ec:11:4e:db:17:ba:e6:ae:f7:57:11:
e9:f9:25:90:91:00:d3:34:b9:87:69:6c:15:6f:9d:bc:b3:ce:
57:92:5a:77:3c:10:d9:8e:6a:a8:96:f1:73:ef:5f:08:96:ed:
aa:85:68:95:6e:56:fb:26:f8:76:ab:41:42:b9:eb:4f:ce:69:
30:3a:36:d0:76:a6:70:84:31:83:ce:f3:3c:f8:36:66:ed:5b:
8a:aa:82:a0:96:82:f2:b7:76:a8:2b:71:c9:43:57:e1:f2:cc:
8b:71:11:b6:79:87:da:63:68:47:72:1f:6a:d4:aa:20:37:e1:
17:4b:92:a4:42:6c:2a:13:6c:43:7f:9c:9e:70:a1:d3:37:df:
75:83:24:5a:b0:fa:e7:dd:15:db:6c:35:e3:ce:7b:e0:65:6b:
8f:69:83:00:e0:31:34:a1:bc:84:78:cf:75:fb:4c:3c:f6:29:
4e:e1:c4:35:78:fd:df:b4:67:3d:1c:5c:bc:5b:8c:2f:dd:94:
b4:fd:1b:b7:cd:70:87:2c:d5:74:f6:e9:f3:35:8a:6a:e1:b5:
37:8d:c9:46:35:e7:93:a2:21:f0:80:09:50:16:52:65:e0:0d:
27:99:51:b2:e1:2b:e2:00:12:7f:63:79:00:50:90:cc:f0:b7:
45:67:b3:7e
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEA7kYOzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NjdlMmE0NmUzNGY0OTE0MzNjOGI2MmYzMTliOTAyYmRkZmRlODMxMB4XDTIyMDEw
MTA2NTczNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTllMDVmNWQ2YzE2
NzJhNTEwNmE1OTQ0YWQ5MDAwZjQzOTIxZmUyNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK1fM4n+rbbpo3yrQP5ICWUlEnPkdTSaf4p6XYfDmHFqCYOE
2A6s+8eGgh5m1HF5NW3C0IJftHW/JjPohA0BmbRU0XyDSpnlSytiF/e60OPtpIJT
o4N/u0ztzh4DtvF7T2zTQP00cMUvX7dW2C0GGUJtFFVnyveNZsW1uFogSC14gh9q
zscNgBXgadQTu+g4BV2H/zE5MOzUEMrI0JMfm8nV5/m97Ck4pOSWaCePSBFH9NZz
Rs2KVj+bmRhhif05vZtBVh4zsKpxw28sH53Dempm/W5fhQXXz7nzt4z43yjTE29Q
Lgbob9bcCJEbEFay5fXtTEz/QtARnepEF28nJSMCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSZ4F9dbBZypRBqWUStkAD0OSH+JDAfBgNVHSMEGDAWgBTGfipG409JFDPI
ti8xm5Ar3f3oMTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3huNHFSdU5QU1JRenlMWXZNWnVRSzkzOTZERS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDcvODBjNTY4LWJkMTUtNGYzMi04ZGQ0LTA2Njg2NmYyZGVkMC8x
L21lQmZYV3dXY3FVUWFsbEVyWkFBOURraF9pUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDcv
ODBjNTY4LWJkMTUtNGYzMi04ZGQ0LTA2Njg2NmYyZGVkMC8xL3huNHFSdU5QU1JR
enlMWXZNWnVRSzkzOTZERS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEACUx5wMEAE33bwMEALk1WzANBgkq
hkiG9w0BAQsFAAOCAQEAEeGNGIjmHuwRTtsXuuau91cR6fklkJEA0zS5h2lsFW+d
vLPOV5JadzwQ2Y5qqJbxc+9fCJbtqoVolW5W+yb4dqtBQrnrT85pMDo20HamcIQx
g87zPPg2Zu1biqqCoJaC8rd2qCtxyUNX4fLMi3ERtnmH2mNoR3IfatSqIDfhF0uS
pEJsKhNsQ3+cnnCh0zffdYMkWrD6590V22w148574GVrj2mDAOAxNKG8hHjPdftM
PPYpTuHENXj937RnPRxcvFuML92UtP0bt81whyzVdPbp8zWKauG1N43JRjXnk6Ih
8IAJUBZSZeANJ5lRsuEr4gASf2N5AFCQzPC3RWezfg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:39 2024 by rpki-client on console-fra.rpki-client.org