Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a0450e-5634-458d-918f-103d93d251ab/1/opGqhRikzEoIiGgE7vGI6CTC1B0.roa
File: opGqhRikzEoIiGgE7vGI6CTC1B0.roa (raw, json)
Hash identifier: SF/0J4vSJCm05cnFdV7I9BOIZVWrUaNj43jf8ALTpws=
Subject key identifier: A2:91:AA:85:18:A4:CC:4A:08:88:68:04:EE:F1:88:E8:24:C2:D4:1D
Certificate issuer: /CN=1034068b5e9f7314277e2be9726c732131b1756c
Certificate serial: 01A787C6
Authority key identifier: 10:34:06:8B:5E:9F:73:14:27:7E:2B:E9:72:6C:73:21:31:B1:75:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EDQGi16fcxQnfivpcmxzITGxdWw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a0450e-5634-458d-918f-103d93d251ab/1/opGqhRikzEoIiGgE7vGI6CTC1B0.roa
Signing time: Sat 01 Jan 2022 12:57:23 +0000
ROA not before: Sat 01 Jan 2022 12:57:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8529
IP address blocks: 213.202.0.0/21 maxlen: 21
134.0.216.0/22 maxlen: 22
82.178.32.0/24 maxlen: 24
185.200.124.0/24 maxlen: 24
82.178.158.0/24 maxlen: 24
82.178.159.0/24 maxlen: 24
82.178.158.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27756486 (0x1a787c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1034068b5e9f7314277e2be9726c732131b1756c
Validity
Not Before: Jan 1 12:57:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a291aa8518a4cc4a08886804eef188e824c2d41d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ce:ee:93:a9:f4:10:ab:de:2e:cd:7a:74:f1:
e3:4d:d1:c0:30:c9:73:27:47:ac:7f:32:bf:37:4a:
8e:8d:76:94:4b:ad:2d:3f:a1:d4:b2:ab:d6:e1:0d:
6e:7b:4f:42:3f:4c:f9:44:02:f8:83:ee:17:a6:53:
d4:ad:8d:03:65:90:a9:4c:2f:6c:af:a6:da:1f:01:
e7:82:c3:1e:51:8e:2f:56:96:37:f3:8e:ba:ec:d6:
45:4a:74:f6:82:c3:fd:eb:15:86:4b:d2:3a:8e:56:
55:61:c7:08:b6:92:42:b6:c6:55:a9:80:0e:ca:68:
85:1a:61:a8:00:81:bb:31:08:61:51:ec:87:6c:9d:
aa:2a:6e:3c:5c:cf:4b:8c:b4:c5:c6:6e:e9:02:de:
dc:d1:d3:f6:64:09:37:ed:54:82:3c:95:2b:fd:59:
92:b2:fb:cf:84:27:7f:81:7b:70:b5:8d:17:f2:b2:
09:c9:c6:07:ec:bb:4e:6a:5b:74:d9:f8:a6:0e:4b:
4c:d1:b3:05:f8:32:16:98:27:41:2c:b6:b7:75:07:
f6:c0:ef:65:91:98:17:5d:7b:3b:59:17:57:21:1d:
a8:25:fe:c4:9b:fd:8b:c9:30:7e:fa:50:d3:73:f0:
84:d6:39:b2:bd:b8:4f:e6:c5:dd:1d:2e:31:a6:fc:
ff:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:91:AA:85:18:A4:CC:4A:08:88:68:04:EE:F1:88:E8:24:C2:D4:1D
X509v3 Authority Key Identifier:
keyid:10:34:06:8B:5E:9F:73:14:27:7E:2B:E9:72:6C:73:21:31:B1:75:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EDQGi16fcxQnfivpcmxzITGxdWw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a0450e-5634-458d-918f-103d93d251ab/1/opGqhRikzEoIiGgE7vGI6CTC1B0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a0450e-5634-458d-918f-103d93d251ab/1/EDQGi16fcxQnfivpcmxzITGxdWw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.178.32.0/24
82.178.158.0/23
134.0.216.0/22
185.200.124.0/24
213.202.0.0/21
Signature Algorithm: sha256WithRSAEncryption
24:c1:03:59:b9:56:dc:c8:04:9c:75:76:07:d8:7e:e6:c5:6d:
7b:02:8d:9a:f1:74:30:e5:cd:ca:48:52:91:0a:82:0b:83:40:
22:fb:b6:05:8c:8c:21:1e:ea:05:71:c9:59:fb:75:94:40:e4:
b5:89:d2:8a:b3:1f:04:15:ce:b0:23:90:16:8f:4d:dd:4b:6e:
65:5e:c9:62:44:df:21:de:c4:72:98:f2:38:8b:13:3a:45:40:
83:ec:e0:a7:24:a0:9b:52:40:3f:a8:99:1e:0e:ef:03:fe:21:
bd:b9:03:08:32:a5:cc:a9:74:ec:d3:99:e8:22:60:38:7b:a3:
a8:78:e5:69:ac:86:d2:1d:8d:f4:56:1c:84:47:1d:f6:86:2b:
6f:c2:dc:5d:36:2f:03:e1:8f:72:bc:31:3f:cd:5b:e2:41:d7:
f7:36:4d:3b:f3:60:5b:3a:95:da:73:e3:31:0f:7d:06:f6:c8:
15:2e:63:79:7d:5e:27:b6:06:f7:de:fe:17:0f:a1:96:3c:1c:
aa:00:d2:b3:da:06:cf:0a:f8:2a:ee:26:d0:9a:f2:28:06:f8:
24:9b:fa:fd:ad:cb:6c:d4:89:07:79:ba:45:00:3f:94:3e:da:
f7:f4:2a:c7:da:0b:2a:e7:26:52:43:73:4c:00:05:e5:97:6e:
45:65:fc:9e
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEAaeHxjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MDM0MDY4YjVlOWY3MzE0Mjc3ZTJiZTk3MjZjNzMyMTMxYjE3NTZjMB4XDTIyMDEw
MTEyNTcyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTI5MWFhODUxOGE0
Y2M0YTA4ODg2ODA0ZWVmMTg4ZTgyNGMyZDQxZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJjO7pOp9BCr3i7NenTx403RwDDJcydHrH8yvzdKjo12lEut
LT+h1LKr1uENbntPQj9M+UQC+IPuF6ZT1K2NA2WQqUwvbK+m2h8B54LDHlGOL1aW
N/OOuuzWRUp09oLD/esVhkvSOo5WVWHHCLaSQrbGVamADspohRphqACBuzEIYVHs
h2ydqipuPFzPS4y0xcZu6QLe3NHT9mQJN+1UgjyVK/1ZkrL7z4Qnf4F7cLWNF/Ky
CcnGB+y7TmpbdNn4pg5LTNGzBfgyFpgnQSy2t3UH9sDvZZGYF117O1kXVyEdqCX+
xJv9i8kwfvpQ03PwhNY5sr24T+bF3R0uMab8/+0CAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBSikaqFGKTMSgiIaATu8YjoJMLUHTAfBgNVHSMEGDAWgBQQNAaLXp9zFCd+
K+lybHMhMbF1bDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VEUUdpMTZmY3hRbmZpdnBjbXh6SVRHeGRXdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvYTA0NTBlLTU2MzQtNDU4ZC05MThmLTEwM2Q5M2QyNTFhYi8x
L29wR3FoUmlrekVvSWlHZ0U3dkdJNkNUQzFCMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
YTA0NTBlLTU2MzQtNDU4ZC05MThmLTEwM2Q5M2QyNTFhYi8xL0VEUUdpMTZmY3hR
bmZpdnBjbXh6SVRHeGRXdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAFKyIAMEAVKyngMEAoYA2AMEALnI
fAMEA9XKADANBgkqhkiG9w0BAQsFAAOCAQEAJMEDWblW3MgEnHV2B9h+5sVtewKN
mvF0MOXNykhSkQqCC4NAIvu2BYyMIR7qBXHJWft1lEDktYnSirMfBBXOsCOQFo9N
3UtuZV7JYkTfId7EcpjyOIsTOkVAg+zgpySgm1JAP6iZHg7vA/4hvbkDCDKlzKl0
7NOZ6CJgOHujqHjlaayG0h2N9FYchEcd9oYrb8LcXTYvA+GPcrwxP81b4kHX9zZN
O/NgWzqV2nPjMQ99BvbIFS5jeX1eJ7YG997+Fw+hljwcqgDSs9oGzwr4Ku4m0Jry
KAb4JJv6/a3LbNSJB3m6RQA/lD7a9/Qqx9oLKucmUkNzTAAF5ZduRWX8ng==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:22 2024 by rpki-client on console-fra.rpki-client.org