Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/692b1e-c9fe-43e0-b722-53a60480761d/1/pvrU2E5dlioCSyFuHIRxLNmtEfQ.roa
File: pvrU2E5dlioCSyFuHIRxLNmtEfQ.roa (raw, json)
Hash identifier: 0aXzpu/OB3oWvV5ZtH1a/Ip5fqfrro7XGIXyEMH+Pbc=
Subject key identifier: A6:FA:D4:D8:4E:5D:96:2A:02:4B:21:6E:1C:84:71:2C:D9:AD:11:F4
Certificate issuer: /CN=efa70cb849e3837451bd79af7dc7e035963e6043
Certificate serial: AE8719
Authority key identifier: EF:A7:0C:B8:49:E3:83:74:51:BD:79:AF:7D:C7:E0:35:96:3E:60:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/76cMuEnjg3RRvXmvfcfgNZY-YEM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/692b1e-c9fe-43e0-b722-53a60480761d/1/pvrU2E5dlioCSyFuHIRxLNmtEfQ.roa
Signing time: Sat 01 Jan 2022 01:56:37 +0000
ROA not before: Sat 01 Jan 2022 01:56:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34916
IP address blocks: 91.246.38.0/24 maxlen: 24
89.44.238.0/23 maxlen: 23
89.42.118.0/23 maxlen: 23
86.106.27.0/24 maxlen: 24
89.43.206.0/23 maxlen: 23
86.104.231.0/24 maxlen: 24
86.105.204.0/23 maxlen: 23
85.204.193.0/24 maxlen: 24
86.105.226.0/24 maxlen: 24
89.35.250.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11437849 (0xae8719)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efa70cb849e3837451bd79af7dc7e035963e6043
Validity
Not Before: Jan 1 01:56:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a6fad4d84e5d962a024b216e1c84712cd9ad11f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:d0:8d:b4:65:81:5b:ed:4c:04:6d:ab:1c:52:
0a:47:78:ec:51:74:25:01:23:1a:99:46:86:3b:a8:
2f:ad:83:f7:84:71:f8:a9:96:3c:bf:a4:8d:7b:18:
b4:f8:b8:52:78:ab:2e:e1:1f:c3:d1:59:39:52:b8:
5f:5f:71:84:23:0f:6e:8f:7b:66:b7:9d:46:51:c0:
69:af:52:90:64:8c:82:cc:55:46:a3:03:05:d7:22:
2f:fa:dc:79:61:3e:da:bb:01:c3:cb:2c:de:dd:b7:
7a:0d:9e:92:f6:a7:2e:79:fe:49:c2:d0:fb:7b:f5:
f1:bc:59:02:ae:15:9b:2a:cb:e8:87:3e:ac:c4:8c:
44:5c:5c:54:10:a4:11:04:9d:5b:52:8d:fa:b2:01:
3e:43:34:53:36:7a:44:28:92:0a:ca:61:78:f5:27:
d8:43:e5:67:4d:51:11:6a:bc:7b:61:a4:0b:14:03:
a2:95:83:06:b9:ab:74:75:85:8c:72:8f:02:e5:45:
4a:c9:27:64:e0:94:f4:7d:da:05:c8:df:45:98:0e:
fe:5d:9e:51:cb:c9:2a:a4:43:0c:d9:1d:2b:ca:49:
fe:5c:bd:d0:03:f5:4d:63:e2:fb:de:f8:21:8c:62:
bd:fb:66:43:7d:8c:4d:36:32:bc:ca:71:49:65:13:
29:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:FA:D4:D8:4E:5D:96:2A:02:4B:21:6E:1C:84:71:2C:D9:AD:11:F4
X509v3 Authority Key Identifier:
keyid:EF:A7:0C:B8:49:E3:83:74:51:BD:79:AF:7D:C7:E0:35:96:3E:60:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/76cMuEnjg3RRvXmvfcfgNZY-YEM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/692b1e-c9fe-43e0-b722-53a60480761d/1/pvrU2E5dlioCSyFuHIRxLNmtEfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/692b1e-c9fe-43e0-b722-53a60480761d/1/76cMuEnjg3RRvXmvfcfgNZY-YEM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.193.0/24
86.104.231.0/24
86.105.204.0/23
86.105.226.0/24
86.106.27.0/24
89.35.250.0/23
89.42.118.0/23
89.43.206.0/23
89.44.238.0/23
91.246.38.0/24
Signature Algorithm: sha256WithRSAEncryption
77:51:b7:86:ba:6e:17:2a:bf:94:30:c5:4a:2b:86:b2:79:34:
51:4a:fe:00:f2:2d:62:f2:9e:c0:52:a4:82:60:5a:6d:41:32:
b3:c7:c4:bf:f6:bf:69:b5:cb:ee:05:85:8c:77:2f:aa:b0:ec:
4d:dc:7e:4e:65:b7:19:83:d9:0d:f5:bd:f6:74:06:29:8b:90:
58:35:6b:28:e8:eb:67:f1:27:f8:98:52:0e:ca:4b:47:a0:84:
33:c4:07:b5:5f:8b:4a:84:ac:bd:6b:7c:a3:21:52:67:eb:6e:
98:5a:58:f3:6b:10:d1:31:9c:06:5b:79:d2:f8:6e:f7:72:76:
87:13:5d:88:06:76:20:17:df:9d:6c:7c:d1:f2:d3:67:51:a3:
f7:7a:02:58:c2:a6:67:86:31:20:78:0b:8d:13:af:40:a2:07:
89:81:d1:ed:34:b8:07:14:7e:fc:04:51:fe:40:d0:03:d9:1e:
56:1f:74:10:28:06:1a:21:91:da:64:a4:7d:55:f6:7d:fb:7d:
ec:d8:57:30:b6:42:63:6d:93:da:f2:87:46:0e:44:64:f8:c3:
9f:ba:44:e4:e8:fa:19:57:7b:c8:73:6e:aa:5f:95:cd:83:22:
d2:11:f3:65:2e:c0:7c:26:17:96:0f:6a:13:81:dd:ba:ec:4e:
37:a0:4e:d7
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgIEAK6HGTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZmE3MGNiODQ5ZTM4Mzc0NTFiZDc5YWY3ZGM3ZTAzNTk2M2U2MDQzMB4XDTIyMDEw
MTAxNTYzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTZmYWQ0ZDg0ZTVk
OTYyYTAyNGIyMTZlMWM4NDcxMmNkOWFkMTFmNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALfQjbRlgVvtTARtqxxSCkd47FF0JQEjGplGhjuoL62D94Rx
+KmWPL+kjXsYtPi4UnirLuEfw9FZOVK4X19xhCMPbo97ZredRlHAaa9SkGSMgsxV
RqMDBdciL/rceWE+2rsBw8ss3t23eg2ekvanLnn+ScLQ+3v18bxZAq4VmyrL6Ic+
rMSMRFxcVBCkEQSdW1KN+rIBPkM0UzZ6RCiSCsphePUn2EPlZ01REWq8e2GkCxQD
opWDBrmrdHWFjHKPAuVFSsknZOCU9H3aBcjfRZgO/l2eUcvJKqRDDNkdK8pJ/ly9
0AP1TWPi+974IYxivftmQ32MTTYyvMpxSWUTKWMCAwEAAaOCAj8wggI7MB0GA1Ud
DgQWBBSm+tTYTl2WKgJLIW4chHEs2a0R9DAfBgNVHSMEGDAWgBTvpwy4SeODdFG9
ea99x+A1lj5gQzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
Lzc2Y011RW5qZzNSUnZYbXZmY2ZnTlpZLVlFTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTUvNjkyYjFlLWM5ZmUtNDNlMC1iNzIyLTUzYTYwNDgwNzYxZC8x
L3B2clUyRTVkbGlvQ1N5RnVISVJ4TE5tdEVmUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTUv
NjkyYjFlLWM5ZmUtNDNlMC1iNzIyLTUzYTYwNDgwNzYxZC8xLzc2Y011RW5qZzNS
UnZYbXZmY2ZnTlpZLVlFTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBV
BggrBgEFBQcBBwEB/wRGMEQwQgQCAAEwPAMEAFXMwQMEAFZo5wMEAVZpzAMEAFZp
4gMEAFZqGwMEAVkj+gMEAVkqdgMEAVkrzgMEAVks7gMEAFv2JjANBgkqhkiG9w0B
AQsFAAOCAQEAd1G3hrpuFyq/lDDFSiuGsnk0UUr+APItYvKewFKkgmBabUEys8fE
v/a/abXL7gWFjHcvqrDsTdx+TmW3GYPZDfW99nQGKYuQWDVrKOjrZ/En+JhSDspL
R6CEM8QHtV+LSoSsvWt8oyFSZ+tumFpY82sQ0TGcBlt50vhu93J2hxNdiAZ2IBff
nWx80fLTZ1Gj93oCWMKmZ4YxIHgLjROvQKIHiYHR7TS4BxR+/ARR/kDQA9keVh90
ECgGGiGR2mSkfVX2fft97NhXMLZCY22T2vKHRg5EZPjDn7pE5Oj6GVd7yHNuql+V
zYMi0hHzZS7AfCYXlg9qE4HduuxON6BO1w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:17 2024 by rpki-client on console-ams.rpki-client.org