Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/AogmlL-XLROD144WClNPK0r3nLY.roa
File: AogmlL-XLROD144WClNPK0r3nLY.roa (raw, json)
Hash identifier: Ogzuzg32CsVWi0g7qr+3h9UGqmy6rCXSHJ1khVVBQ10=
Subject key identifier: 02:88:26:94:BF:97:2D:13:83:D7:8E:16:0A:53:4F:2B:4A:F7:9C:B6
Certificate issuer: /CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Certificate serial: 06D05F46
Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/AogmlL-XLROD144WClNPK0r3nLY.roa
Signing time: Mon 04 Jul 2022 19:35:26 +0000
ROA not before: Mon 04 Jul 2022 19:35:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57844
IP address blocks: 194.113.34.0/24 maxlen: 24
45.83.180.0/24 maxlen: 24
45.83.181.0/24 maxlen: 24
45.83.182.0/24 maxlen: 24
45.83.183.0/24 maxlen: 24
2.58.124.0/22 maxlen: 22
37.44.192.0/22 maxlen: 22
194.110.246.0/24 maxlen: 24
5.181.0.0/22 maxlen: 22
45.66.250.0/23 maxlen: 23
45.143.165.0/24 maxlen: 24
139.28.73.0/24 maxlen: 24
139.28.74.0/24 maxlen: 24
139.28.75.0/24 maxlen: 24
139.28.72.0/24 maxlen: 24
45.150.109.0/24 maxlen: 24
45.150.110.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114319174 (0x6d05f46)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Validity
Not Before: Jul 4 19:35:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=02882694bf972d1383d78e160a534f2b4af79cb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:68:9b:a5:5d:17:61:b3:b7:90:b5:20:ca:43:
56:4e:bf:67:31:f8:9c:82:9d:29:ce:f0:e2:32:71:
58:94:e5:98:85:75:d4:69:7f:27:7a:76:ff:26:07:
89:b1:ef:82:5c:4f:be:cf:84:d3:2d:23:04:80:3f:
5c:61:e9:9e:60:95:8a:ae:cd:ff:80:1c:9a:5c:2c:
aa:78:f1:f5:c0:72:8d:df:13:88:5c:a2:b3:e3:ad:
86:c2:e3:33:de:ed:a3:ce:6c:6c:ca:34:8c:62:ba:
5f:94:e1:d3:5a:a7:ee:e0:a1:74:77:8e:c3:5c:5f:
ac:30:f3:d2:5a:6a:13:9e:6b:e8:f4:55:99:39:35:
47:63:96:e6:63:c2:f6:46:31:d2:b7:24:47:0a:19:
4c:78:34:1b:28:ab:31:19:75:33:d7:22:f7:17:12:
e9:f6:b7:b3:5c:7a:ac:40:6a:25:f8:7c:25:76:4e:
20:36:4b:6e:38:2f:70:6a:f3:c3:35:13:70:33:28:
0d:a0:ed:b9:64:fb:e1:83:d1:6f:66:11:c5:fc:16:
1f:81:a6:a7:3a:33:b0:08:23:97:8d:cf:d6:f9:12:
ea:fd:81:5a:de:24:f3:b7:d6:f2:54:00:ae:23:59:
b9:d2:1f:a4:99:9e:1f:9e:88:c4:24:95:e3:66:63:
f0:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:88:26:94:BF:97:2D:13:83:D7:8E:16:0A:53:4F:2B:4A:F7:9C:B6
X509v3 Authority Key Identifier:
keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/AogmlL-XLROD144WClNPK0r3nLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.124.0/22
5.181.0.0/22
37.44.192.0/22
45.66.250.0/23
45.83.180.0/22
45.143.165.0/24
45.150.109.0-45.150.111.255
139.28.72.0/22
194.110.246.0/24
194.113.34.0/24
Signature Algorithm: sha256WithRSAEncryption
34:98:df:21:f0:37:0c:1a:88:d4:dd:3e:7e:03:04:cb:c4:de:
40:73:94:fd:d8:ee:27:06:ed:c2:8d:22:e9:97:26:87:77:b2:
99:1f:19:b0:da:9d:e0:51:b2:65:83:eb:59:e2:3d:87:a3:c1:
bf:cb:3a:2e:c4:29:53:13:06:18:22:bb:c8:32:b9:6e:ae:2d:
e2:c5:64:9f:2a:e0:be:d6:4c:d8:47:61:63:9f:97:b3:f4:bb:
b3:31:a2:a1:00:a1:86:2f:e1:52:58:00:34:7d:18:76:c4:91:
b5:0c:15:01:26:30:9f:f2:3a:bc:3e:3c:28:d6:0f:b5:5e:52:
37:b6:63:3c:70:13:fc:f2:ad:74:e3:dc:39:89:6e:8d:98:94:
e1:9c:8c:df:2e:e9:10:ad:ea:ff:53:22:0e:bd:1a:e8:5e:45:
7d:4b:79:f3:a1:b3:d5:ed:ef:8d:8a:fc:00:d4:5f:05:d1:05:
0b:ca:4f:20:38:b5:28:c7:87:b6:70:a7:77:a6:6d:0a:04:0d:
2b:44:29:75:65:b2:a3:3b:f6:54:5a:cf:20:86:67:eb:6d:0d:
74:4c:74:e1:6f:c3:46:0e:2b:08:7d:07:71:57:34:19:ed:c3:
98:f6:2d:36:ca:1b:71:f6:45:cd:b1:fc:ac:47:8c:36:81:92:
ab:b0:9d:bb
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIEBtBfRjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZDIwZGRkMzk4ZGFjOGY2MmNjMTI1MjYzMjVmMTgyMWZiNzI0Zjc1MB4XDTIyMDcw
NDE5MzUyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDI4ODI2OTRiZjk3
MmQxMzgzZDc4ZTE2MGE1MzRmMmI0YWY3OWNiNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJVom6VdF2Gzt5C1IMpDVk6/ZzH4nIKdKc7w4jJxWJTlmIV1
1Gl/J3p2/yYHibHvglxPvs+E0y0jBIA/XGHpnmCViq7N/4Acmlwsqnjx9cByjd8T
iFyis+OthsLjM97to85sbMo0jGK6X5Th01qn7uChdHeOw1xfrDDz0lpqE55r6PRV
mTk1R2OW5mPC9kYx0rckRwoZTHg0GyirMRl1M9ci9xcS6fa3s1x6rEBqJfh8JXZO
IDZLbjgvcGrzwzUTcDMoDaDtuWT74YPRb2YRxfwWH4GmpzozsAgjl43P1vkS6v2B
Wt4k87fW8lQAriNZudIfpJmeH56IxCSV42Zj8LcCAwEAAaOCAkcwggJDMB0GA1Ud
DgQWBBQCiCaUv5ctE4PXjhYKU08rSvectjAfBgNVHSMEGDAWgBRtIN3TmNrI9izB
JSYyXxgh+3JPdTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JTRGQwNWpheVBZc3dTVW1NbDhZSWZ0eVQzVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDEvYTFhODhmLTFkZmYtNGVmZi04MjZiLTM2ZGU2NTcyMzJiZS8x
L0FvZ21sTC1YTFJPRDE0NFdDbE5QSzByM25MWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDEv
YTFhODhmLTFkZmYtNGVmZi04MjZiLTM2ZGU2NTcyMzJiZS8xL2JTRGQwNWpheVBZ
c3dTVW1NbDhZSWZ0eVQzVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBd
BggrBgEFBQcBBwEB/wROMEwwSgQCAAEwRAMEAgI6fAMEAgW1AAMEAiUswAMEAS1C
+gMEAi1TtAMEAC2PpTAMAwQALZZtAwQELZZgAwQCixxIAwQAwm72AwQAwnEiMA0G
CSqGSIb3DQEBCwUAA4IBAQA0mN8h8DcMGojU3T5+AwTLxN5Ac5T92O4nBu3CjSLp
lyaHd7KZHxmw2p3gUbJlg+tZ4j2Ho8G/yzouxClTEwYYIrvIMrluri3ixWSfKuC+
1kzYR2Fjn5ez9LuzMaKhAKGGL+FSWAA0fRh2xJG1DBUBJjCf8jq8Pjwo1g+1XlI3
tmM8cBP88q1049w5iW6NmJThnIzfLukQrer/UyIOvRroXkV9S3nzobPV7e+NivwA
1F8F0QULyk8gOLUox4e2cKd3pm0KBA0rRCl1ZbKjO/ZUWs8ghmfrbQ10THThb8NG
DisIfQdxVzQZ7cOY9i02yhtx9kXNsfysR4w2gZKrsJ27
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:37 2024 by rpki-client on console-fra.rpki-client.org