Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/33w__-9J4QBHQu62h7EWR8iazyU.roa
File: 33w__-9J4QBHQu62h7EWR8iazyU.roa (raw, json)
Hash identifier: eGlyaWcBYvVA/Fwu4/99cN8BpsKW6RyAtfB4j6gv65I=
Subject key identifier: DF:7C:3F:FF:EF:49:E1:00:47:42:EE:B6:87:B1:16:47:C8:9A:CF:25
Certificate issuer: /CN=e5a1b36552f9daccb92ac5c3b44b426d643749e2
Certificate serial: 0186E54CE5C86468D1692C64F6AD77DEEFEE
Authority key identifier: E5:A1:B3:65:52:F9:DA:CC:B9:2A:C5:C3:B4:4B:42:6D:64:37:49:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5aGzZVL52sy5KsXDtEtCbWQ3SeI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/33w__-9J4QBHQu62h7EWR8iazyU.roa
Signing time: Wed 15 Mar 2023 12:44:27 +0000
ROA not before: Wed 15 Mar 2023 12:44:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62453
IP address blocks: 94.103.48.0/20 maxlen: 20
82.193.95.0/24 maxlen: 24
82.193.94.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e5:4c:e5:c8:64:68:d1:69:2c:64:f6:ad:77:de:ef:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5a1b36552f9daccb92ac5c3b44b426d643749e2
Validity
Not Before: Mar 15 12:44:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df7c3fffef49e1004742eeb687b11647c89acf25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:48:df:50:5b:49:ab:2c:6d:5b:d8:03:34:b6:
5e:79:21:47:7e:0d:a2:6d:dc:25:93:86:6d:7a:b9:
75:f3:dd:f0:4e:77:b3:e5:18:ce:3f:98:6a:d5:75:
27:ed:31:54:cb:fa:f9:4f:5c:6b:59:5e:f4:f2:85:
83:1e:8c:ae:5a:12:55:45:71:65:01:b7:46:45:05:
15:0d:5d:ee:70:10:44:22:65:e6:5a:8c:d7:b1:e4:
b2:f9:e8:14:83:59:f6:44:62:60:86:5a:54:ab:7b:
c8:6d:ec:45:6f:42:27:b4:b8:a4:88:0f:23:28:08:
ff:5e:da:ce:b4:2e:e4:3e:a9:06:b3:b3:6d:3d:05:
f9:4a:bc:29:cc:6a:7d:20:c3:93:3d:17:42:54:a3:
7d:db:39:a6:fb:5d:a7:c6:31:95:ea:cc:40:b8:61:
8d:7e:5e:7c:9e:0c:2c:6f:d1:3a:73:aa:18:96:c7:
b4:78:6b:da:bc:23:67:d0:82:e9:30:cb:8d:74:fd:
53:17:03:dd:28:d6:2c:59:87:30:39:56:4f:18:05:
38:52:c1:d3:33:a2:1a:2d:b8:45:46:69:7c:1c:77:
5c:cf:73:c5:9c:a8:cc:e2:5f:ad:56:51:ef:89:6b:
18:c0:b1:06:13:2a:52:e5:71:65:fa:29:11:e3:f0:
2c:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:7C:3F:FF:EF:49:E1:00:47:42:EE:B6:87:B1:16:47:C8:9A:CF:25
X509v3 Authority Key Identifier:
keyid:E5:A1:B3:65:52:F9:DA:CC:B9:2A:C5:C3:B4:4B:42:6D:64:37:49:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5aGzZVL52sy5KsXDtEtCbWQ3SeI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/33w__-9J4QBHQu62h7EWR8iazyU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/5aGzZVL52sy5KsXDtEtCbWQ3SeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.193.94.0/23
94.103.48.0/20
Signature Algorithm: sha256WithRSAEncryption
95:ab:a1:fd:d0:16:d0:bb:d2:1b:77:17:d8:6c:1a:23:f6:6d:
6a:13:77:59:66:7d:14:a8:fb:0a:7b:68:35:87:1d:96:94:61:
9b:b5:0c:c0:f0:4b:29:9f:aa:e2:67:02:64:50:4e:fb:d0:07:
28:6b:b9:e6:d4:4d:0f:e3:4b:19:b5:c6:3c:02:a3:bd:fe:9c:
98:9a:98:19:2d:b8:ba:e3:eb:41:a7:1d:9a:de:09:73:c2:60:
a3:7a:a7:3e:a4:d2:41:2d:32:ab:52:0c:01:37:67:0a:65:42:
1f:45:b8:60:b9:d2:8e:b2:f4:9c:2e:e0:ef:a0:5e:7f:9f:54:
12:70:26:d0:ff:31:33:b8:44:0c:06:4e:40:34:d5:9d:48:c3:
b3:89:ea:26:2f:d5:28:58:7e:c3:2c:7f:6c:c4:b9:ca:3e:db:
bc:f6:6e:71:76:80:1c:b7:dc:2a:56:72:25:6c:c0:40:84:03:
55:ba:8c:5d:e6:de:84:18:dd:35:e5:98:8c:3b:1a:ca:23:d3:
1f:8d:e1:93:42:e7:af:3f:32:4b:e9:91:6f:96:5c:ce:46:aa:
29:2b:b1:ab:c0:e3:26:de:c4:b1:81:73:0e:0e:45:ce:5c:0d:
c4:d0:7d:d2:41:f8:2d:11:c8:3f:ed:1b:f7:b2:27:dc:ca:a4:
25:b4:a6:3f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYblTOXIZGjRaSxk9q133u/uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YTFiMzY1NTJmOWRhY2NiOTJhYzVjM2I0NGI0MjZkNjQz
NzQ5ZTIwHhcNMjMwMzE1MTI0NDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjdjM2ZmZmVmNDllMTAwNDc0MmVlYjY4N2IxMTY0N2M4OWFjZjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwEjfUFtJqyxtW9gDNLZeeSFHfg2i
bdwlk4Zterl1893wTnez5RjOP5hq1XUn7TFUy/r5T1xrWV708oWDHoyuWhJVRXFl
AbdGRQUVDV3ucBBEImXmWozXseSy+egUg1n2RGJghlpUq3vIbexFb0IntLikiA8j
KAj/XtrOtC7kPqkGs7NtPQX5SrwpzGp9IMOTPRdCVKN92zmm+12nxjGV6sxAuGGN
fl58ngwsb9E6c6oYlse0eGvavCNn0ILpMMuNdP1TFwPdKNYsWYcwOVZPGAU4UsHT
M6IaLbhFRml8HHdcz3PFnKjM4l+tVlHviWsYwLEGEypS5XFl+ikR4/AsHQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN98P//vSeEAR0LutoexFkfIms8lMB8GA1UdIwQY
MBaAFOWhs2VS+drMuSrFw7RLQm1kN0niMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWFHelpWTDUyc3k1S3NYRHRFdENiV1EzU2VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9iOGVhNWItM2RkNC00Mzc0LWE3OTMt
YzVlNmQyM2Y4YjA5LzEvMzN3X18tOUo0UUJIUXU2Mmg3RVdSOGlhenlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9iOGVhNWItM2RkNC00Mzc0LWE3OTMtYzVlNmQyM2Y4YjA5
LzEvNWFHelpWTDUyc3k1S3NYRHRFdENiV1EzU2VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBUsFeAwQE
XmcwMA0GCSqGSIb3DQEBCwUAA4IBAQCVq6H90BbQu9IbdxfYbBoj9m1qE3dZZn0U
qPsKe2g1hx2WlGGbtQzA8Espn6riZwJkUE770Acoa7nm1E0P40sZtcY8AqO9/pyY
mpgZLbi64+tBpx2a3glzwmCjeqc+pNJBLTKrUgwBN2cKZUIfRbhgudKOsvScLuDv
oF5/n1QScCbQ/zEzuEQMBk5ANNWdSMOzieomL9UoWH7DLH9sxLnKPtu89m5xdoAc
t9wqVnIlbMBAhANVuoxd5t6EGN015ZiMOxrKI9MfjeGTQuevPzJL6ZFvllzORqop
K7GrwOMm3sSxgXMODkXOXA3E0H3SQfgtEcg/7Rv3sifcyqQltKY/
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:47 2023 by rpki-client on console-ams.rpki-client.org