Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/AgWjmbXfknL7rc9xiiAE_ljlnZ0.roa
File: AgWjmbXfknL7rc9xiiAE_ljlnZ0.roa (raw, json)
Hash identifier: DQrpJN6iQCAVXwTVtSk+DuvMgso97RJKjLQwoks2KzE=
Subject key identifier: 02:05:A3:99:B5:DF:92:72:FB:AD:CF:71:8A:20:04:FE:58:E5:9D:9D
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 091BE519
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/AgWjmbXfknL7rc9xiiAE_ljlnZ0.roa
Signing time: Wed 06 Apr 2022 15:06:45 +0000
ROA not before: Wed 06 Apr 2022 15:06:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9009
IP address blocks: 37.221.126.0/23 maxlen: 23
213.185.90.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 152823065 (0x91be519)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Apr 6 15:06:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0205a399b5df9272fbadcf718a2004fe58e59d9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:3b:9b:43:69:6d:34:b1:33:b5:30:c1:93:b3:
6b:f3:be:68:e8:af:97:cf:4c:ab:f9:7f:51:37:1a:
18:4a:9c:c5:25:43:05:90:4f:95:29:cb:ec:44:0b:
54:a6:58:1e:d8:bb:80:12:86:e4:ef:b6:96:6b:5e:
11:9d:ff:54:63:7a:04:88:f3:b0:24:a6:7f:55:61:
7b:d1:ce:fc:da:0e:0b:24:11:13:46:49:06:cb:cd:
6b:6e:8f:ea:0b:b7:8e:cd:7e:18:b2:d5:4c:1b:18:
e4:bd:cd:11:90:99:df:8e:45:a8:cd:ab:9d:33:1a:
54:4a:ee:ef:35:f4:a9:44:b5:ec:dc:51:5c:12:db:
ad:0a:a7:85:d9:d6:6c:02:b2:eb:bd:c3:71:2b:b0:
77:f7:a4:7d:70:26:2e:5d:cb:28:e7:cd:26:61:f3:
5b:48:51:a0:05:64:7c:ee:4f:cc:9f:84:2c:ce:ac:
da:c4:ce:51:ae:58:5d:d3:53:bb:02:eb:c9:30:3e:
90:88:0b:c2:4f:e3:89:1c:e7:d0:0b:ea:b0:0d:e5:
99:73:36:52:43:72:8a:9c:a3:5d:2f:3d:c7:5a:0b:
47:8f:df:2b:e2:4b:f5:09:5f:5c:19:58:ae:0c:18:
9f:61:cb:f9:02:40:16:ce:32:bf:2f:f4:af:12:2e:
6d:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:05:A3:99:B5:DF:92:72:FB:AD:CF:71:8A:20:04:FE:58:E5:9D:9D
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/AgWjmbXfknL7rc9xiiAE_ljlnZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.126.0/23
213.185.90.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:4a:46:ab:bd:66:2a:40:cf:55:3a:4c:fe:f4:f2:22:ba:fb:
ca:e5:a0:2a:3e:10:fe:87:6e:22:58:4a:c5:08:9f:fd:57:07:
e5:79:4a:68:9e:ea:33:ef:fa:82:d3:ae:48:a1:c9:67:2c:c1:
80:2c:16:3c:8e:07:78:2d:ff:c2:bc:09:07:d9:be:74:de:a2:
a6:a2:86:31:72:3c:68:63:2e:97:18:a6:3a:5d:b8:2e:cb:32:
d8:ab:c5:6c:05:3b:b6:c0:8e:6c:bd:0e:39:ca:c3:e1:5b:4a:
31:78:58:1f:19:7e:5e:2d:37:d9:24:c4:3c:c4:f4:8f:be:be:
99:94:f1:af:f7:cb:b4:8a:18:06:ac:b1:00:56:33:19:42:fa:
ab:bb:10:62:4d:17:89:86:ba:02:0f:17:9d:2e:b5:a2:d1:91:
20:e1:a6:75:98:ed:85:0c:00:3b:a9:63:ce:4b:29:81:f6:b2:
fa:fe:be:2d:60:75:bb:4a:d6:43:00:31:a6:be:73:56:37:90:
bf:81:cb:7b:9b:8f:96:f6:f6:6a:a6:2c:37:b5:d8:0b:43:8b:
6f:c9:93:60:e2:f1:9a:b5:3f:9b:c7:80:53:68:48:9c:03:29:
b5:bf:1b:0b:0e:d9:f6:1e:32:f1:48:aa:0d:82:f9:d1:be:f0:
56:7d:44:8a
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECRvlGTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NTU3Y2NkNDNhZmU4MTZlNDk1MzIyOGJmMTRhNzVkYzI5MDE0YjhkMB4XDTIyMDQw
NjE1MDY0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDIwNWEzOTliNWRm
OTI3MmZiYWRjZjcxOGEyMDA0ZmU1OGU1OWQ5ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJI7m0NpbTSxM7UwwZOza/O+aOivl89Mq/l/UTcaGEqcxSVD
BZBPlSnL7EQLVKZYHti7gBKG5O+2lmteEZ3/VGN6BIjzsCSmf1Vhe9HO/NoOCyQR
E0ZJBsvNa26P6gu3js1+GLLVTBsY5L3NEZCZ345FqM2rnTMaVEru7zX0qUS17NxR
XBLbrQqnhdnWbAKy673DcSuwd/ekfXAmLl3LKOfNJmHzW0hRoAVkfO5PzJ+ELM6s
2sTOUa5YXdNTuwLryTA+kIgLwk/jiRzn0AvqsA3lmXM2UkNyipyjXS89x1oLR4/f
K+JL9QlfXBlYrgwYn2HL+QJAFs4yvy/0rxIubW0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQCBaOZtd+Scvutz3GKIAT+WOWdnTAfBgNVHSMEGDAWgBS1V8zUOv6BbklT
IovxSnXcKQFLjTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RWZk0xRHItZ1c1SlV5S0w4VXAxM0NrQlM0MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGIvMTkwODQzLTE4MDMtNDQ2Mi1hNzk1LTZiYzc1NTc4YjRjMy8x
L0FnV2ptYlhma25MN3JjOXhpaUFFX2xqbG5aMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGIv
MTkwODQzLTE4MDMtNDQ2Mi1hNzk1LTZiYzc1NTc4YjRjMy8xL3RWZk0xRHItZ1c1
SlV5S0w4VXAxM0NrQlM0MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEASXdfgMEAdW5WjANBgkqhkiG9w0B
AQsFAAOCAQEAmkpGq71mKkDPVTpM/vTyIrr7yuWgKj4Q/oduIlhKxQif/VcH5XlK
aJ7qM+/6gtOuSKHJZyzBgCwWPI4HeC3/wrwJB9m+dN6ipqKGMXI8aGMulximOl24
Lssy2KvFbAU7tsCObL0OOcrD4VtKMXhYHxl+Xi032STEPMT0j76+mZTxr/fLtIoY
BqyxAFYzGUL6q7sQYk0XiYa6Ag8XnS61otGRIOGmdZjthQwAO6ljzkspgfay+v6+
LWB1u0rWQwAxpr5zVjeQv4HLe5uPlvb2aqYsN7XYC0OLb8mTYOLxmrU/m8eAU2hI
nAMptb8bCw7Z9h4y8UiqDYL50b7wVn1Eig==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:17 2024 by rpki-client on console-ams.rpki-client.org