Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/S6C5rAG5vZynvsSX4EI6sxRjPWA.roa
File: S6C5rAG5vZynvsSX4EI6sxRjPWA.roa (raw, json)
Hash identifier: /JlW1t3EMEKiOezEIeeC2Dxw/cwEZQzRpe2cp7zjWR0=
Subject key identifier: 4B:A0:B9:AC:01:B9:BD:9C:A7:BE:C4:97:E0:42:3A:B3:14:63:3D:60
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 0C073221
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/S6C5rAG5vZynvsSX4EI6sxRjPWA.roa
Signing time: Tue 01 Feb 2022 16:23:00 +0000
ROA not before: Tue 01 Feb 2022 16:23:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34549
IP address blocks: 195.180.132.0/22 maxlen: 22
195.180.140.0/22 maxlen: 22
194.64.88.0/21 maxlen: 24
212.224.0.0/22 maxlen: 24
195.252.160.0/22 maxlen: 24
194.233.16.0/22 maxlen: 24
194.233.20.0/22 maxlen: 22
194.163.68.0/22 maxlen: 22
194.163.72.0/22 maxlen: 22
194.163.76.0/22 maxlen: 22
194.64.148.0/22 maxlen: 22
195.179.32.0/21 maxlen: 24
194.64.156.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 201798177 (0xc073221)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: Feb 1 16:23:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4ba0b9ac01b9bd9ca7bec497e0423ab314633d60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:43:5c:61:95:cf:d4:e1:77:19:46:d0:5a:02:
a7:77:49:fd:eb:98:1b:c4:8b:fc:d0:57:3a:e6:58:
d1:0d:f6:c6:ba:82:5b:19:f0:73:49:34:59:b4:9a:
a7:38:dd:6f:48:a6:38:c3:61:10:d8:66:c8:c8:f2:
81:93:a8:d1:68:bb:50:99:58:e5:1e:09:74:f2:64:
35:e0:bf:28:7d:b1:db:88:61:24:58:25:b6:60:83:
e7:c6:87:ce:8d:2d:99:a8:52:a0:48:01:60:eb:6a:
d4:06:dd:85:cb:30:e5:1e:bd:fa:c3:43:7f:45:e0:
75:41:62:1d:25:cc:25:d8:e8:80:43:ee:3c:80:a3:
c6:34:05:54:85:ed:8d:c6:95:45:64:6a:22:12:2a:
88:1e:8c:80:f6:e5:dd:de:b4:7b:a8:49:7e:05:de:
66:fc:51:69:ed:68:10:99:e4:ff:d1:ea:43:8b:71:
64:b8:a1:05:d0:68:03:48:e1:a1:eb:cb:5d:bb:d7:
66:68:36:d7:20:fd:04:ee:d2:6c:63:54:63:8e:be:
7c:c7:99:e5:7b:50:b8:38:b3:b6:94:b1:f1:4f:c9:
ef:55:1c:97:31:35:0e:0a:12:98:d9:53:21:72:e8:
6c:95:29:40:b8:46:7d:e2:ed:3c:0d:c8:8c:6b:3a:
4a:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:A0:B9:AC:01:B9:BD:9C:A7:BE:C4:97:E0:42:3A:B3:14:63:3D:60
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/S6C5rAG5vZynvsSX4EI6sxRjPWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.64.88.0/21
194.64.148.0/22
194.64.156.0/22
194.163.68.0-194.163.79.255
194.233.16.0/21
195.179.32.0/21
195.180.132.0/22
195.180.140.0/22
195.252.160.0/22
212.224.0.0/22
Signature Algorithm: sha256WithRSAEncryption
ab:f1:08:ca:da:f8:95:28:28:48:66:90:30:68:25:18:f7:06:
f1:ca:fc:fb:e9:48:db:d5:3f:db:da:d8:4b:16:b0:10:84:02:
76:75:00:a9:52:9b:7b:8a:33:f5:44:41:f2:3a:a0:42:ae:97:
ec:55:a5:3a:db:69:e5:0e:87:08:7c:2c:1b:1a:04:f5:0d:67:
0c:a3:60:c6:15:d4:e1:9d:63:12:ac:f7:b9:67:0b:77:6e:92:
13:fd:c5:11:67:bc:fd:b1:ac:67:92:9b:e5:c6:c6:3f:74:e3:
14:d5:e4:8e:c3:d1:39:b7:51:ce:9a:83:f7:74:72:e9:3c:4a:
5d:6e:8d:c9:06:b5:e9:31:8d:c1:9a:ae:da:b8:29:97:b7:05:
49:16:e9:a9:8e:fe:c9:e9:f7:73:b9:81:63:32:94:24:fc:00:
62:4e:ff:ea:0b:bc:c4:df:f5:7d:6a:08:34:89:25:2c:2c:e3:
30:f3:f9:46:b7:02:5f:26:55:a5:3c:c0:b5:e8:3b:95:38:78:
ee:6b:4a:14:aa:90:1c:8f:78:8f:20:90:2e:72:b6:d6:d3:0a:
cd:64:b0:64:76:a5:1a:81:fe:79:e3:ac:13:e9:45:c8:da:b2:
5a:a7:21:1e:61:62:16:44:a1:be:e5:c5:e3:5d:05:53:b5:1f:
b7:ef:7b:f0
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIEDAcyITANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NzQ3MDE3NTY0YzcxMWJjYmQ1NzY4MGEwZGZkMDBmMmE1ZDA5OWRiMB4XDTIyMDIw
MTE2MjMwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGJhMGI5YWMwMWI5
YmQ5Y2E3YmVjNDk3ZTA0MjNhYjMxNDYzM2Q2MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOBDXGGVz9ThdxlG0FoCp3dJ/euYG8SL/NBXOuZY0Q32xrqC
Wxnwc0k0WbSapzjdb0imOMNhENhmyMjygZOo0Wi7UJlY5R4JdPJkNeC/KH2x24hh
JFgltmCD58aHzo0tmahSoEgBYOtq1Abdhcsw5R69+sNDf0XgdUFiHSXMJdjogEPu
PICjxjQFVIXtjcaVRWRqIhIqiB6MgPbl3d60e6hJfgXeZvxRae1oEJnk/9HqQ4tx
ZLihBdBoA0jhoevLXbvXZmg21yD9BO7SbGNUY46+fMeZ5XtQuDiztpSx8U/J71Uc
lzE1DgoSmNlTIXLobJUpQLhGfeLtPA3IjGs6SrECAwEAAaOCAkcwggJDMB0GA1Ud
DgQWBBRLoLmsAbm9nKe+xJfgQjqzFGM9YDAfBgNVHSMEGDAWgBTXRwF1ZMcRvL1X
aAoN/QDypdCZ2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEwY0JkV1RIRWJ5OVYyZ0tEZjBBOHFYUW1kcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTgvYmEyMzYyLTBjYzUtNDliZC1hNTIyLTRmMGU4Y2UxMWE3ZC8x
L1M2QzVyQUc1dlp5bnZzU1g0RUk2c3hSalBXQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgv
YmEyMzYyLTBjYzUtNDliZC1hNTIyLTRmMGU4Y2UxMWE3ZC8xLzEwY0JkV1RIRWJ5
OVYyZ0tEZjBBOHFYUW1kcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBd
BggrBgEFBQcBBwEB/wROMEwwSgQCAAEwRAMEA8JAWAMEAsJAlAMEAsJAnDAMAwQC
wqNEAwQEwqNAAwQDwukQAwQDw7MgAwQCw7SEAwQCw7SMAwQCw/ygAwQC1OAAMA0G
CSqGSIb3DQEBCwUAA4IBAQCr8QjK2viVKChIZpAwaCUY9wbxyvz76Ujb1T/b2thL
FrAQhAJ2dQCpUpt7ijP1REHyOqBCrpfsVaU622nlDocIfCwbGgT1DWcMo2DGFdTh
nWMSrPe5Zwt3bpIT/cURZ7z9saxnkpvlxsY/dOMU1eSOw9E5t1HOmoP3dHLpPEpd
bo3JBrXpMY3Bmq7auCmXtwVJFumpjv7J6fdzuYFjMpQk/ABiTv/qC7zE3/V9agg0
iSUsLOMw8/lGtwJfJlWlPMC16DuVOHjua0oUqpAcj3iPIJAucrbW0wrNZLBkdqUa
gf5546wT6UXI2rJapyEeYWIWRKG+5cXjXQVTtR+373vw
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:42 2023 by rpki-client on console-fra.rpki-client.org