Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/1834ac-2030-441f-82e2-681dbff8515e/1/qBzlVgiVKzJAnbnhVaMfTC3yKwg.roa
File: qBzlVgiVKzJAnbnhVaMfTC3yKwg.roa (raw, json)
Hash identifier: 3Jv606MOrWSssDvbYifYEmQ3PzCVuvGea7prozKq5cg=
Subject key identifier: A8:1C:E5:56:08:95:2B:32:40:9D:B9:E1:55:A3:1F:4C:2D:F2:2B:08
Certificate issuer: /CN=8c3ccf93f7c807dde0420ad5486ae29eb5dc75f9
Certificate serial: 0EA8014B
Authority key identifier: 8C:3C:CF:93:F7:C8:07:DD:E0:42:0A:D5:48:6A:E2:9E:B5:DC:75:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jDzPk_fIB93gQgrVSGrinrXcdfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/1834ac-2030-441f-82e2-681dbff8515e/1/qBzlVgiVKzJAnbnhVaMfTC3yKwg.roa
Signing time: Thu 02 Jun 2022 17:41:51 +0000
ROA not before: Thu 02 Jun 2022 17:41:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200651
IP address blocks: 37.228.128.0/24 maxlen: 24
185.247.225.0/24 maxlen: 24
185.247.226.0/24 maxlen: 24
37.228.129.0/24 maxlen: 24
185.247.224.0/24 maxlen: 24
185.146.232.0/24 maxlen: 24
185.246.188.0/24 maxlen: 24
185.100.84.0/23 maxlen: 23
185.100.86.0/24 maxlen: 24
185.100.87.0/24 maxlen: 24
185.10.68.0/24 maxlen: 24
37.156.68.0/24 maxlen: 24
185.165.170.0/24 maxlen: 24
185.165.171.0/24 maxlen: 24
185.165.168.0/24 maxlen: 24
185.165.169.0/24 maxlen: 24
2a06:1700:100::/48 maxlen: 48
2a06:1700::/48 maxlen: 48
2a06:1700:1::/48 maxlen: 48
2a06:1700:3::/48 maxlen: 48
2a06:1700:2::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 245891403 (0xea8014b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c3ccf93f7c807dde0420ad5486ae29eb5dc75f9
Validity
Not Before: Jun 2 17:41:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a81ce55608952b32409db9e155a31f4c2df22b08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:39:93:27:db:50:84:92:26:ff:6c:a9:be:d4:
75:85:c5:d0:39:7f:68:aa:6f:ec:96:dd:00:91:e0:
a0:53:f9:5f:51:71:3b:97:0e:fd:ca:50:12:7a:90:
77:70:5a:80:e4:34:70:20:d5:3d:70:7e:fe:13:8a:
48:14:f1:f5:fc:c2:1d:31:f5:ef:d1:91:62:40:1e:
d4:76:22:21:6a:6b:60:8e:0c:76:ff:37:b6:2f:03:
c0:83:37:1f:da:bc:34:d4:08:7a:66:2b:16:1e:d9:
7b:5a:18:af:35:77:b3:ed:4a:c4:fe:64:08:fe:72:
20:f3:59:fe:74:7e:13:e4:7c:b6:0f:f8:19:cc:be:
f9:4d:8d:6f:29:c8:e5:39:5e:37:5c:76:73:47:50:
71:ea:7d:d9:c6:a4:4a:2f:54:10:87:33:de:a2:5c:
6a:fd:be:2b:5e:37:bf:45:42:f0:77:4a:1e:76:42:
a8:3e:c8:c2:95:c5:33:8f:bb:b2:78:2b:f2:a6:c9:
2d:25:b0:d7:e6:bb:18:8a:33:80:0a:91:a2:34:97:
87:9c:51:63:4d:18:7f:14:bb:9c:6b:32:72:45:de:
6e:ac:3d:53:04:80:8d:99:7f:54:15:db:e2:d6:8a:
86:f4:bf:6b:6a:8c:4e:55:bd:9f:04:2f:8f:a0:c5:
87:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:1C:E5:56:08:95:2B:32:40:9D:B9:E1:55:A3:1F:4C:2D:F2:2B:08
X509v3 Authority Key Identifier:
keyid:8C:3C:CF:93:F7:C8:07:DD:E0:42:0A:D5:48:6A:E2:9E:B5:DC:75:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jDzPk_fIB93gQgrVSGrinrXcdfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/1834ac-2030-441f-82e2-681dbff8515e/1/qBzlVgiVKzJAnbnhVaMfTC3yKwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/1834ac-2030-441f-82e2-681dbff8515e/1/jDzPk_fIB93gQgrVSGrinrXcdfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.68.0/24
37.228.128.0/23
185.10.68.0/24
185.100.84.0/22
185.146.232.0/24
185.165.168.0/22
185.246.188.0/24
185.247.224.0-185.247.226.255
IPv6:
2a06:1700::/46
2a06:1700:100::/48
Signature Algorithm: sha256WithRSAEncryption
71:5b:46:42:61:15:27:36:0d:e8:af:c8:b1:10:02:71:b7:60:
11:fe:3d:78:34:33:5f:03:55:13:36:77:c5:48:1e:38:9c:84:
5d:cd:56:45:86:b7:5f:9a:3b:17:ef:91:34:60:a5:a0:d4:60:
2e:55:e7:e8:69:e2:9e:df:cd:cf:7b:32:f3:51:8d:09:0f:db:
8e:60:a6:ad:dc:4e:9b:33:0f:01:7a:ae:8d:95:d5:58:5b:65:
a0:ab:d3:08:ce:0c:ba:c5:89:1c:f2:5a:4a:7b:29:5a:31:ea:
86:95:55:96:8c:25:dc:fe:83:17:fb:cb:21:bb:de:2d:90:7c:
2b:05:1f:2c:e1:0f:2e:cb:ee:4b:78:cd:4a:5e:75:bb:db:17:
db:98:b5:6a:d7:f8:54:f4:66:a0:e1:88:83:e9:77:19:3e:ef:
a4:2d:3e:f9:e3:79:c5:fd:3b:27:d6:e7:02:81:25:70:da:29:
ed:e0:1b:06:6a:0f:a2:5b:3c:fa:90:f6:41:e1:36:50:95:e9:
ca:33:5b:81:d3:d3:4c:ae:ba:5f:49:d0:0f:10:85:68:a0:a7:
e0:3f:95:e1:8b:79:0f:11:61:28:b4:14:98:db:aa:c2:48:93:
bb:06:f2:6b:67:4e:9b:3e:d6:7e:9f:c2:f7:8b:8a:6f:9d:b0:
76:88:aa:f3
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgIEDqgBSzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YzNjY2Y5M2Y3YzgwN2RkZTA0MjBhZDU0ODZhZTI5ZWI1ZGM3NWY5MB4XDTIyMDYw
MjE3NDE1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTgxY2U1NTYwODk1
MmIzMjQwOWRiOWUxNTVhMzFmNGMyZGYyMmIwODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOM5kyfbUISSJv9sqb7UdYXF0Dl/aKpv7JbdAJHgoFP5X1Fx
O5cO/cpQEnqQd3BagOQ0cCDVPXB+/hOKSBTx9fzCHTH179GRYkAe1HYiIWprYI4M
dv83ti8DwIM3H9q8NNQIemYrFh7Ze1oYrzV3s+1KxP5kCP5yIPNZ/nR+E+R8tg/4
Gcy++U2NbynI5TleN1x2c0dQcep92cakSi9UEIcz3qJcav2+K143v0VC8HdKHnZC
qD7IwpXFM4+7sngr8qbJLSWw1+a7GIozgAqRojSXh5xRY00YfxS7nGsyckXebqw9
UwSAjZl/VBXb4taKhvS/a2qMTlW9nwQvj6DFh5kCAwEAAaOCAlUwggJRMB0GA1Ud
DgQWBBSoHOVWCJUrMkCdueFVox9MLfIrCDAfBgNVHSMEGDAWgBSMPM+T98gH3eBC
CtVIauKetdx1+TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pEelBrX2ZJQjkzZ1FnclZTR3JpbnJYY2Rmay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTQvMTgzNGFjLTIwMzAtNDQxZi04MmUyLTY4MWRiZmY4NTE1ZS8x
L3FCemxWZ2lWS3pKQW5ibmhWYU1mVEMzeUt3Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTQv
MTgzNGFjLTIwMzAtNDQxZi04MmUyLTY4MWRiZmY4NTE1ZS8xL2pEelBrX2ZJQjkz
Z1FnclZTR3JpbnJYY2Rmay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBr
BggrBgEFBQcBBwEB/wRcMFowPgQCAAEwOAMEACWcRAMEASXkgAMEALkKRAMEArlk
VAMEALmS6AMEArmlqAMEALn2vDAMAwQFuffgAwQAuffiMBgEAgACMBIDBwIqBhcA
AAADBwAqBhcAAQAwDQYJKoZIhvcNAQELBQADggEBAHFbRkJhFSc2DeivyLEQAnG3
YBH+PXg0M18DVRM2d8VIHjichF3NVkWGt1+aOxfvkTRgpaDUYC5V5+hp4p7fzc97
MvNRjQkP245gpq3cTpszDwF6ro2V1VhbZaCr0wjODLrFiRzyWkp7KVox6oaVVZaM
Jdz+gxf7yyG73i2QfCsFHyzhDy7L7kt4zUpedbvbF9uYtWrX+FT0ZqDhiIPpdxk+
76QtPvnjecX9OyfW5wKBJXDaKe3gGwZqD6JbPPqQ9kHhNlCV6cozW4HT00yuul9J
0A8QhWigp+A/leGLeQ8RYSi0FJjbqsJIk7sG8mtnTps+1n6fwveLim+dsHaIqvM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:22 2024 by rpki-client on console-fra.rpki-client.org