Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/1834ac-2030-441f-82e2-681dbff8515e/1/UqifNpi92-Srt-oyARgS6r4NQ2c.roa
File: UqifNpi92-Srt-oyARgS6r4NQ2c.roa (raw, json)
Hash identifier: A7YW4ON4ohIcW1545bFbsH7f+uJbD/x+6vQIoqzeEPE=
Subject key identifier: 52:A8:9F:36:98:BD:DB:E4:AB:B7:EA:32:01:18:12:EA:BE:0D:43:67
Certificate issuer: /CN=8c3ccf93f7c807dde0420ad5486ae29eb5dc75f9
Certificate serial: 018570FBE3E1F5D969F04289DC53B7FFCC8B
Authority key identifier: 8C:3C:CF:93:F7:C8:07:DD:E0:42:0A:D5:48:6A:E2:9E:B5:DC:75:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jDzPk_fIB93gQgrVSGrinrXcdfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/1834ac-2030-441f-82e2-681dbff8515e/1/UqifNpi92-Srt-oyARgS6r4NQ2c.roa
Signing time: Mon 02 Jan 2023 05:37:14 +0000
ROA not before: Mon 02 Jan 2023 05:37:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200651
IP address blocks: 37.228.128.0/24 maxlen: 24
185.247.225.0/24 maxlen: 24
185.247.226.0/24 maxlen: 24
37.228.129.0/24 maxlen: 24
185.247.224.0/24 maxlen: 24
185.146.232.0/24 maxlen: 24
185.246.188.0/24 maxlen: 24
185.100.84.0/23 maxlen: 23
185.100.86.0/24 maxlen: 24
185.100.87.0/24 maxlen: 24
185.10.68.0/24 maxlen: 24
37.156.68.0/24 maxlen: 24
185.165.170.0/24 maxlen: 24
185.165.171.0/24 maxlen: 24
185.165.168.0/24 maxlen: 24
185.165.169.0/24 maxlen: 24
2a06:1700:100::/48 maxlen: 48
2a06:1700::/48 maxlen: 48
2a06:1700:1::/48 maxlen: 48
2a06:1700:3::/48 maxlen: 48
2a06:1700:2::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:e3:e1:f5:d9:69:f0:42:89:dc:53:b7:ff:cc:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c3ccf93f7c807dde0420ad5486ae29eb5dc75f9
Validity
Not Before: Jan 2 05:37:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52a89f3698bddbe4abb7ea32011812eabe0d4367
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:23:53:bd:c5:74:4c:31:17:62:5b:94:64:96:
47:b6:68:03:6e:88:b4:7e:76:b4:06:79:2a:0e:b8:
1b:ed:8f:e7:8d:40:a9:c8:0c:72:58:c4:82:ae:80:
98:bd:29:e8:3e:44:42:c5:55:f1:ea:60:8c:6e:41:
ad:82:71:5d:b7:f9:f2:2a:d3:0b:49:57:b4:d8:44:
b0:02:d8:da:e3:66:ba:f1:6a:df:3b:d5:e5:68:29:
a2:c5:7d:ba:25:f9:ed:6c:34:1c:7a:97:6c:0b:4a:
b4:6e:f4:cf:f8:55:fe:6e:0e:28:40:79:f0:bb:ca:
5c:bd:f9:10:0a:af:0a:08:31:58:c4:3e:d3:04:f2:
60:fd:05:e8:5d:00:c7:cd:83:ec:45:61:e5:e2:e0:
46:d7:6c:59:ab:3b:19:26:8f:76:87:d4:db:57:3c:
24:ab:6b:b2:16:07:e3:b1:e9:b7:00:0c:bf:68:91:
ae:60:8f:ab:26:1c:e1:a4:10:53:d0:89:fd:94:43:
47:30:22:4f:20:56:bd:e2:1e:8a:0d:07:f2:0c:d0:
e9:f6:11:06:5d:74:3b:0a:76:9a:fa:6b:7d:64:89:
ac:14:f3:1c:32:73:b6:c7:4f:4d:32:94:1b:33:9a:
6d:dc:40:bd:01:65:62:18:18:20:eb:d6:7d:87:43:
d4:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:A8:9F:36:98:BD:DB:E4:AB:B7:EA:32:01:18:12:EA:BE:0D:43:67
X509v3 Authority Key Identifier:
keyid:8C:3C:CF:93:F7:C8:07:DD:E0:42:0A:D5:48:6A:E2:9E:B5:DC:75:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jDzPk_fIB93gQgrVSGrinrXcdfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/1834ac-2030-441f-82e2-681dbff8515e/1/UqifNpi92-Srt-oyARgS6r4NQ2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/1834ac-2030-441f-82e2-681dbff8515e/1/jDzPk_fIB93gQgrVSGrinrXcdfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.68.0/24
37.228.128.0/23
185.10.68.0/24
185.100.84.0/22
185.146.232.0/24
185.165.168.0/22
185.246.188.0/24
185.247.224.0-185.247.226.255
IPv6:
2a06:1700::/46
2a06:1700:100::/48
Signature Algorithm: sha256WithRSAEncryption
9d:44:ca:fa:7f:3b:ec:f8:2d:20:09:db:e9:d5:cf:9a:16:b0:
25:b1:c5:4f:dc:21:4e:13:1a:de:35:3c:fe:72:2a:58:87:00:
39:45:e0:c2:60:74:3a:1b:96:20:f8:0d:ca:1e:42:27:d1:5e:
c0:8e:17:67:c5:a5:e1:d1:e3:f2:d1:7e:30:79:b5:b3:e9:c0:
28:22:29:a0:95:f0:a1:ef:f9:81:f3:e0:2f:d0:54:23:2c:7b:
d2:1a:70:3e:4f:9b:aa:86:24:57:c3:ff:2d:a3:ab:cd:30:15:
c8:ed:f3:5f:3f:a1:c4:92:02:e3:19:5b:76:3d:0b:fc:4e:6d:
ef:66:26:ae:cf:1d:ee:89:4f:7f:b5:f3:e0:d5:8f:9b:5e:80:
c2:51:1e:6b:c9:87:b6:37:4b:ca:93:7e:ed:49:ec:08:0a:e8:
5a:7d:e5:7c:d3:b6:31:00:23:e0:55:b9:58:84:8c:d9:2b:13:
4d:d7:45:60:bd:fb:e6:ac:bc:56:58:de:38:ee:cb:3a:40:74:
2a:34:88:6a:98:db:f4:b4:3e:44:1b:f6:41:3e:23:94:c6:c9:
f4:72:3f:f6:5a:6a:02:36:fb:33:5b:7d:eb:c9:5b:57:6b:93:
65:53:fa:62:fe:fd:02:aa:aa:10:4e:62:27:59:d7:69:44:9e:
e5:6c:33:76
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAYVw++Ph9dlp8EKJ3FO3/8yLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjM2NjZjkzZjdjODA3ZGRlMDQyMGFkNTQ4NmFlMjllYjVk
Yzc1ZjkwHhcNMjMwMTAyMDUzNzE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmE4OWYzNjk4YmRkYmU0YWJiN2VhMzIwMTE4MTJlYWJlMGQ0MzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtCNTvcV0TDEXYluUZJZHtmgDboi0
fna0BnkqDrgb7Y/njUCpyAxyWMSCroCYvSnoPkRCxVXx6mCMbkGtgnFdt/nyKtML
SVe02ESwAtja42a68WrfO9XlaCmixX26JfntbDQcepdsC0q0bvTP+FX+bg4oQHnw
u8pcvfkQCq8KCDFYxD7TBPJg/QXoXQDHzYPsRWHl4uBG12xZqzsZJo92h9TbVzwk
q2uyFgfjsem3AAy/aJGuYI+rJhzhpBBT0In9lENHMCJPIFa94h6KDQfyDNDp9hEG
XXQ7Cnaa+mt9ZImsFPMcMnO2x09NMpQbM5pt3EC9AWViGBgg69Z9h0PUNQIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFFKonzaYvdvkq7fqMgEYEuq+DUNnMB8GA1UdIwQY
MBaAFIw8z5P3yAfd4EIK1Uhq4p613HX5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakR6UGtfZklCOTNnUWdyVlNHcmluclhjZGZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8xODM0YWMtMjAzMC00NDFmLTgyZTIt
NjgxZGJmZjg1MTVlLzEvVXFpZk5waTkyLVNydC1veUFSZ1M2cjROUTJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8xODM0YWMtMjAzMC00NDFmLTgyZTItNjgxZGJmZjg1MTVl
LzEvakR6UGtfZklCOTNnUWdyVlNHcmluclhjZGZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjA+BAIAATA4AwQAJZxEAwQB
JeSAAwQAuQpEAwQCuWRUAwQAuZLoAwQCuaWoAwQAufa8MAwDBAW59+ADBAC59+Iw
GAQCAAIwEgMHAioGFwAAAAMHACoGFwABADANBgkqhkiG9w0BAQsFAAOCAQEAnUTK
+n877PgtIAnb6dXPmhawJbHFT9whThMa3jU8/nIqWIcAOUXgwmB0OhuWIPgNyh5C
J9FewI4XZ8Wl4dHj8tF+MHm1s+nAKCIpoJXwoe/5gfPgL9BUIyx70hpwPk+bqoYk
V8P/LaOrzTAVyO3zXz+hxJIC4xlbdj0L/E5t72Ymrs8d7olPf7Xz4NWPm16AwlEe
a8mHtjdLypN+7UnsCAroWn3lfNO2MQAj4FW5WISM2SsTTddFYL375qy8VljeOO7L
OkB0KjSIapjb9LQ+RBv2QT4jlMbJ9HI/9lpqAjb7M1t968lbV2uTZVP6Yv79Aqqq
EE5iJ1nXaUSe5Wwzdg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:22 2024 by rpki-client on console-fra.rpki-client.org