Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/75216d-684b-47cc-a95e-db4d39dc4ec7/1/R_l-aiB7EfSGp47ysDfq6H9MNa0.roa
File: R_l-aiB7EfSGp47ysDfq6H9MNa0.roa (raw, json)
Hash identifier: YjCCuIWAnaDlKEC8CMEO24/d/JNXPnXC5gNnah3oFVY=
Subject key identifier: 47:F9:7E:6A:20:7B:11:F4:86:A7:8E:F2:B0:37:EA:E8:7F:4C:35:AD
Certificate issuer: /CN=d44de659759b0274124a7b481d0976840b7ade06
Certificate serial: 15D1B9B5
Authority key identifier: D4:4D:E6:59:75:9B:02:74:12:4A:7B:48:1D:09:76:84:0B:7A:DE:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1E3mWXWbAnQSSntIHQl2hAt63gY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/75216d-684b-47cc-a95e-db4d39dc4ec7/1/R_l-aiB7EfSGp47ysDfq6H9MNa0.roa
Signing time: Sat 01 Jan 2022 04:58:41 +0000
ROA not before: Sat 01 Jan 2022 04:58:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34714
IP address blocks: 193.238.56.0/22 maxlen: 22
185.238.56.0/22 maxlen: 22
91.201.76.0/22 maxlen: 22
91.213.34.0/24 maxlen: 24
37.143.168.0/24 maxlen: 24
37.143.175.0/24 maxlen: 24
192.145.100.0/22 maxlen: 22
193.32.140.0/22 maxlen: 22
2a03:8f80::/32 maxlen: 32
2a03:8f81::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 366066101 (0x15d1b9b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d44de659759b0274124a7b481d0976840b7ade06
Validity
Not Before: Jan 1 04:58:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=47f97e6a207b11f486a78ef2b037eae87f4c35ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:0e:f0:0c:f0:d6:2f:b4:e3:38:19:40:e5:b2:
1d:be:87:e4:96:8f:9f:17:fc:79:50:4b:ae:4e:b5:
61:6c:d7:43:f7:a4:d4:cb:50:ad:d3:94:aa:97:98:
48:e2:85:83:13:60:e4:90:d9:b1:95:ff:e4:a1:c0:
e8:4f:88:de:d0:fc:a5:eb:46:ca:4d:a6:a0:38:fc:
33:ed:96:16:ce:e1:d6:9a:0a:7a:04:55:e2:26:2f:
5a:1f:f7:c4:1e:3d:fb:1e:a0:58:e7:bc:b7:ab:02:
9d:53:9f:88:c5:ae:e9:3f:d7:54:d4:50:b2:25:56:
61:20:a1:30:34:03:f1:f9:0e:d7:ca:17:b2:95:47:
7e:16:7c:35:60:bc:5d:e9:6a:fa:10:42:33:58:b3:
ee:95:53:33:6a:70:9e:bb:55:88:4d:e4:e2:49:27:
88:97:f4:76:43:a7:a5:d2:f8:bb:a7:3e:7d:a0:f0:
01:6a:f8:9e:47:94:e4:2e:bb:cf:d5:cf:c7:ea:19:
b3:83:97:f8:17:86:70:67:85:73:3e:eb:13:20:be:
a2:d1:13:e7:46:65:8c:24:fa:db:a4:62:be:09:83:
6d:be:e7:4b:86:dc:95:93:e7:3d:5b:06:bb:f4:37:
28:b9:c9:21:ab:2b:52:fe:b8:31:0a:21:47:4b:ad:
6b:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:F9:7E:6A:20:7B:11:F4:86:A7:8E:F2:B0:37:EA:E8:7F:4C:35:AD
X509v3 Authority Key Identifier:
keyid:D4:4D:E6:59:75:9B:02:74:12:4A:7B:48:1D:09:76:84:0B:7A:DE:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1E3mWXWbAnQSSntIHQl2hAt63gY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/75216d-684b-47cc-a95e-db4d39dc4ec7/1/R_l-aiB7EfSGp47ysDfq6H9MNa0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/75216d-684b-47cc-a95e-db4d39dc4ec7/1/1E3mWXWbAnQSSntIHQl2hAt63gY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.143.168.0/24
37.143.175.0/24
91.201.76.0/22
91.213.34.0/24
185.238.56.0/22
192.145.100.0/22
193.32.140.0/22
193.238.56.0/22
IPv6:
2a03:8f80::/31
Signature Algorithm: sha256WithRSAEncryption
b0:b1:ac:05:54:32:6b:95:be:55:f1:4f:35:6e:59:ac:59:29:
f7:a3:df:77:7b:6a:01:9b:a6:6f:36:fa:7f:ee:9d:19:02:e2:
20:09:13:1a:57:90:42:30:ef:ba:4f:2e:c1:7c:ef:06:d3:6d:
0b:55:30:11:ae:8a:9f:35:7c:e7:2f:e8:03:a1:9b:7f:da:b0:
ef:fc:b4:e9:ce:51:29:d2:b7:bb:6f:b4:d3:99:a5:60:52:d3:
fc:ee:21:fc:fa:aa:a3:f3:c2:b1:41:7c:91:10:0b:23:88:72:
fe:8c:fd:de:69:2f:e7:ad:90:be:eb:e5:f4:bc:a7:98:58:a8:
bf:07:94:97:1a:b5:77:19:c6:5c:b6:06:a8:a3:f0:e6:8e:78:
a8:6a:ec:c4:4b:c7:8a:b5:3d:af:67:c0:ff:68:58:b3:2d:51:
5d:a1:2e:e1:ef:84:a6:ed:71:7b:fc:16:f7:d4:f1:a6:fc:ef:
3e:32:f2:7b:05:eb:fc:0f:b1:30:b2:2f:c1:5a:30:5e:bc:22:
2a:18:da:59:b3:df:90:48:75:b7:b7:8e:d5:c4:b7:c0:cc:bd:
c9:f3:32:21:61:7d:2f:ea:15:8c:64:aa:b7:c2:cd:6d:d6:a8:
74:4a:79:d0:90:82:36:25:c4:97:b1:7a:db:56:77:50:d0:b3:
2f:e9:b2:49
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIEFdG5tTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NDRkZTY1OTc1OWIwMjc0MTI0YTdiNDgxZDA5NzY4NDBiN2FkZTA2MB4XDTIyMDEw
MTA0NTg0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDdmOTdlNmEyMDdi
MTFmNDg2YTc4ZWYyYjAzN2VhZTg3ZjRjMzVhZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK0O8Azw1i+04zgZQOWyHb6H5JaPnxf8eVBLrk61YWzXQ/ek
1MtQrdOUqpeYSOKFgxNg5JDZsZX/5KHA6E+I3tD8petGyk2moDj8M+2WFs7h1poK
egRV4iYvWh/3xB49+x6gWOe8t6sCnVOfiMWu6T/XVNRQsiVWYSChMDQD8fkO18oX
spVHfhZ8NWC8Xelq+hBCM1iz7pVTM2pwnrtViE3k4kkniJf0dkOnpdL4u6c+faDw
AWr4nkeU5C67z9XPx+oZs4OX+BeGcGeFcz7rEyC+otET50ZljCT626RivgmDbb7n
S4bclZPnPVsGu/Q3KLnJIasrUv64MQohR0uta5UCAwEAAaOCAkIwggI+MB0GA1Ud
DgQWBBRH+X5qIHsR9IanjvKwN+rof0w1rTAfBgNVHSMEGDAWgBTUTeZZdZsCdBJK
e0gdCXaEC3reBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFFM21XWFdiQW5RU1NudElIUWwyaEF0NjNnWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTcvNzUyMTZkLTY4NGItNDdjYy1hOTVlLWRiNGQzOWRjNGVjNy8x
L1JfbC1haUI3RWZTR3A0N3lzRGZxNkg5TU5hMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcv
NzUyMTZkLTY4NGItNDdjYy1hOTVlLWRiNGQzOWRjNGVjNy8xLzFFM21XWFdiQW5R
U1NudElIUWwyaEF0NjNnWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBY
BggrBgEFBQcBBwEB/wRJMEcwNgQCAAEwMAMEACWPqAMEACWPrwMEAlvJTAMEAFvV
IgMEArnuOAMEAsCRZAMEAsEgjAMEAsHuODANBAIAAjAHAwUBKgOPgDANBgkqhkiG
9w0BAQsFAAOCAQEAsLGsBVQya5W+VfFPNW5ZrFkp96Pfd3tqAZumbzb6f+6dGQLi
IAkTGleQQjDvuk8uwXzvBtNtC1UwEa6KnzV85y/oA6Gbf9qw7/y06c5RKdK3u2+0
05mlYFLT/O4h/Pqqo/PCsUF8kRALI4hy/oz93mkv562Qvuvl9LynmFiovweUlxq1
dxnGXLYGqKPw5o54qGrsxEvHirU9r2fA/2hYsy1RXaEu4e+Epu1xe/wW99Txpvzv
PjLyewXr/A+xMLIvwVowXrwiKhjaWbPfkEh1t7eO1cS3wMy9yfMyIWF9L+oVjGSq
t8LNbdaodEp50JCCNiXEl7F621Z3UNCzL+mySQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:25 2023 by rpki-client on console-ams.rpki-client.org