Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/1ccf25-20de-4b2e-a0e1-de4acf447fae/1/Ap1VWG0TLC2R6NCPCExIVb3vUzk.roa
File: Ap1VWG0TLC2R6NCPCExIVb3vUzk.roa (raw, json)
Hash identifier: e6IcXFZjKbR8GbQ9te/as5Vi+STEVwXzhllaxm1XWH0=
Subject key identifier: 02:9D:55:58:6D:13:2C:2D:91:E8:D0:8F:08:4C:48:55:BD:EF:53:39
Certificate issuer: /CN=7979863cea82aeb8e9df384b39aa5176f4bcfa61
Certificate serial: 0189DA5F2E9C98FDDA9B62BC629B05E70E8E
Authority key identifier: 79:79:86:3C:EA:82:AE:B8:E9:DF:38:4B:39:AA:51:76:F4:BC:FA:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eXmGPOqCrrjp3zhLOapRdvS8-mE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/1ccf25-20de-4b2e-a0e1-de4acf447fae/1/Ap1VWG0TLC2R6NCPCExIVb3vUzk.roa
Signing time: Wed 09 Aug 2023 12:56:58 +0000
ROA not before: Wed 09 Aug 2023 12:56:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43370
IP address blocks: 185.244.132.0/24 maxlen: 24
185.244.132.0/22 maxlen: 22
62.32.84.0/23 maxlen: 23
37.221.202.0/24 maxlen: 24
37.221.207.0/24 maxlen: 24
62.32.92.0/23 maxlen: 23
37.77.128.0/24 maxlen: 24
95.161.184.0/22 maxlen: 22
79.142.94.0/23 maxlen: 23
46.34.146.0/23 maxlen: 23
79.142.93.0/24 maxlen: 24
95.161.196.0/22 maxlen: 24
95.161.224.0/22 maxlen: 22
37.46.48.0/22 maxlen: 22
46.34.130.0/23 maxlen: 23
178.16.157.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:da:5f:2e:9c:98:fd:da:9b:62:bc:62:9b:05:e7:0e:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7979863cea82aeb8e9df384b39aa5176f4bcfa61
Validity
Not Before: Aug 9 12:56:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=029d55586d132c2d91e8d08f084c4855bdef5339
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:d3:c2:60:22:2e:76:3f:ba:cd:98:62:9b:4e:
ce:9a:71:26:ad:ce:dd:54:50:1f:10:7d:09:81:eb:
b6:78:4c:2a:4c:a9:bb:41:88:75:2e:2b:f6:82:f6:
7d:17:26:76:70:47:d5:53:ec:32:0b:c1:14:b7:ac:
2d:b8:ca:e5:80:c9:f1:21:4c:9b:b3:33:9f:b9:1d:
b0:c1:95:05:fa:e7:a0:90:a2:b2:ac:86:b3:48:e9:
a8:49:33:e8:ed:e7:7d:d0:16:4b:5b:c5:fb:a0:cc:
05:29:62:0a:8e:5a:a3:7d:3e:2f:a6:fa:fa:3b:19:
75:db:65:8d:3e:38:22:af:ae:52:71:35:ec:e8:56:
38:66:5a:9c:e0:13:b1:86:8d:4f:0d:1b:ab:a5:f9:
20:11:7e:6a:f8:fd:5e:9f:8c:80:94:4e:55:49:85:
3b:24:2e:64:19:e5:f6:32:db:29:ac:32:64:ef:ac:
e8:84:08:4a:fe:b1:0d:a6:98:69:e3:02:d6:02:f6:
d6:2b:a1:43:25:c8:4f:fe:ff:4b:26:33:3f:b3:90:
cb:6c:58:78:e8:39:47:c7:bc:2f:e1:86:b6:c7:d0:
81:38:7c:31:e2:cf:37:09:da:1b:8b:18:51:fd:6e:
16:20:a4:07:33:c6:a6:f9:ec:fd:4f:e5:1c:4e:2a:
a6:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:9D:55:58:6D:13:2C:2D:91:E8:D0:8F:08:4C:48:55:BD:EF:53:39
X509v3 Authority Key Identifier:
keyid:79:79:86:3C:EA:82:AE:B8:E9:DF:38:4B:39:AA:51:76:F4:BC:FA:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eXmGPOqCrrjp3zhLOapRdvS8-mE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/1ccf25-20de-4b2e-a0e1-de4acf447fae/1/Ap1VWG0TLC2R6NCPCExIVb3vUzk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/1ccf25-20de-4b2e-a0e1-de4acf447fae/1/eXmGPOqCrrjp3zhLOapRdvS8-mE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.48.0/22
37.77.128.0/24
37.221.202.0/24
37.221.207.0/24
46.34.130.0/23
46.34.146.0/23
62.32.84.0/23
62.32.92.0/23
79.142.93.0-79.142.95.255
95.161.184.0/22
95.161.196.0/22
95.161.224.0/22
178.16.157.0/24
185.244.132.0/22
Signature Algorithm: sha256WithRSAEncryption
81:49:99:41:90:2f:22:cb:aa:5b:23:79:ec:4b:e1:c9:04:e4:
4f:92:a7:fc:f7:81:c3:2c:e3:8a:4f:ed:7d:b1:6a:f8:24:d8:
23:6e:a1:70:4c:e8:09:6d:a3:b5:32:5a:ca:3e:19:7c:c6:2d:
b4:f1:03:b4:68:08:4d:7b:8e:39:ca:cf:5f:3b:84:23:95:c0:
11:e1:32:18:95:b3:e9:71:50:1e:05:b3:64:bf:a5:ce:b2:1b:
ea:ec:d5:39:7d:73:4e:49:d6:13:c6:b5:cf:fd:4f:1f:71:48:
ce:bb:82:05:5c:3e:44:c0:09:7f:8b:8a:f9:8f:5c:50:52:d2:
97:74:3e:5c:f1:e2:10:63:27:eb:1d:43:a8:95:7f:63:bc:2d:
5d:a3:84:ca:2c:5f:12:21:ed:e7:fc:4a:57:c3:53:b9:35:00:
da:16:ab:c4:76:37:86:7a:24:14:74:0a:6e:91:b6:4d:01:25:
b4:73:1b:a9:d3:4a:be:8c:ef:07:e1:58:de:d7:5f:66:97:f8:
5a:70:80:99:14:47:a4:28:6b:dd:eb:29:f1:34:8b:dc:88:d1:
58:c9:d6:ab:60:70:8f:ab:1a:64:9b:30:ca:95:55:02:16:31:
ef:5d:dc:f0:30:d3:eb:41:59:f6:2b:df:ab:33:ae:31:3f:35:
b4:27:24:07
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAYnaXy6cmP3am2K8YpsF5w6OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5Nzk4NjNjZWE4MmFlYjhlOWRmMzg0YjM5YWE1MTc2ZjRi
Y2ZhNjEwHhcNMjMwODA5MTI1NjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjlkNTU1ODZkMTMyYzJkOTFlOGQwOGYwODRjNDg1NWJkZWY1MzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtPCYCIudj+6zZhim07OmnEmrc7d
VFAfEH0Jgeu2eEwqTKm7QYh1Liv2gvZ9FyZ2cEfVU+wyC8EUt6wtuMrlgMnxIUyb
szOfuR2wwZUF+uegkKKyrIazSOmoSTPo7ed90BZLW8X7oMwFKWIKjlqjfT4vpvr6
Oxl122WNPjgir65ScTXs6FY4Zlqc4BOxho1PDRurpfkgEX5q+P1en4yAlE5VSYU7
JC5kGeX2MtsprDJk76zohAhK/rENpphp4wLWAvbWK6FDJchP/v9LJjM/s5DLbFh4
6DlHx7wv4Ya2x9CBOHwx4s83CdobixhR/W4WIKQHM8am+ez9T+UcTiqm0wIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFAKdVVhtEywtkejQjwhMSFW971M5MB8GA1UdIwQY
MBaAFHl5hjzqgq646d84SzmqUXb0vPphMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVhtR1BPcUNycmpwM3poTE9hcFJkdlM4LW1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC8xY2NmMjUtMjBkZS00YjJlLWEwZTEt
ZGU0YWNmNDQ3ZmFlLzEvQXAxVldHMFRMQzJSNk5DUENFeElWYjN2VXprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC8xY2NmMjUtMjBkZS00YjJlLWEwZTEtZGU0YWNmNDQ3ZmFl
LzEvZVhtR1BPcUNycmpwM3poTE9hcFJkdlM4LW1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQCJS4wAwQA
JU2AAwQAJd3KAwQAJd3PAwQBLiKCAwQBLiKSAwQBPiBUAwQBPiBcMAwDBABPjl0D
BAVPjkADBAJfobgDBAJfocQDBAJfoeADBACyEJ0DBAK59IQwDQYJKoZIhvcNAQEL
BQADggEBAIFJmUGQLyLLqlsjeexL4ckE5E+Sp/z3gcMs44pP7X2xavgk2CNuoXBM
6Alto7UyWso+GXzGLbTxA7RoCE17jjnKz187hCOVwBHhMhiVs+lxUB4Fs2S/pc6y
G+rs1Tl9c05J1hPGtc/9Tx9xSM67ggVcPkTACX+LivmPXFBS0pd0Plzx4hBjJ+sd
Q6iVf2O8LV2jhMosXxIh7ef8SlfDU7k1ANoWq8R2N4Z6JBR0Cm6Rtk0BJbRzG6nT
Sr6M7wfhWN7XX2aX+FpwgJkUR6Qoa93rKfE0i9yI0VjJ1qtgcI+rGmSbMMqVVQIW
Me9d3PAw0+tBWfYr36szrjE/NbQnJAc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:51 2024 by rpki-client on console-fra.rpki-client.org