Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/IEeySwTvj8EtNWrqjV1itbKaENI.roa
File: IEeySwTvj8EtNWrqjV1itbKaENI.roa (raw, json)
Hash identifier: +2+0PHpb8MZHXUeuQlIJ54ar7rjp/Lg/ZySp/ttVBnM=
Subject key identifier: 20:47:B2:4B:04:EF:8F:C1:2D:35:6A:EA:8D:5D:62:B5:B2:9A:10:D2
Certificate issuer: /CN=7d7b4bcabeb29605ea511de973e4675c4b8a29df
Certificate serial: 018B5C282200524F714BD0F47B6525CD30E1
Authority key identifier: 7D:7B:4B:CA:BE:B2:96:05:EA:51:1D:E9:73:E4:67:5C:4B:8A:29:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fXtLyr6ylgXqUR3pc-RnXEuKKd8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/IEeySwTvj8EtNWrqjV1itbKaENI.roa
Signing time: Mon 23 Oct 2023 10:50:15 +0000
ROA not before: Mon 23 Oct 2023 10:50:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198482
IP address blocks: 151.237.0.0/24 maxlen: 24
151.237.0.0/20 maxlen: 20
151.237.1.0/24 maxlen: 24
151.237.2.0/24 maxlen: 24
151.237.3.0/24 maxlen: 24
151.237.4.0/24 maxlen: 24
151.237.8.0/24 maxlen: 24
151.237.9.0/24 maxlen: 24
151.237.10.0/24 maxlen: 24
151.237.11.0/24 maxlen: 24
151.237.5.0/24 maxlen: 24
151.237.6.0/24 maxlen: 24
85.187.208.0/24 maxlen: 24
85.187.209.0/24 maxlen: 24
85.187.210.0/24 maxlen: 24
85.187.211.0/24 maxlen: 24
85.187.212.0/24 maxlen: 24
85.187.221.0/24 maxlen: 24
85.187.220.0/24 maxlen: 24
151.237.94.0/23 maxlen: 23
151.237.94.0/24 maxlen: 24
151.237.95.0/24 maxlen: 24
151.237.12.0/24 maxlen: 24
151.237.13.0/24 maxlen: 24
151.237.14.0/24 maxlen: 24
151.237.15.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:5c:28:22:00:52:4f:71:4b:d0:f4:7b:65:25:cd:30:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d7b4bcabeb29605ea511de973e4675c4b8a29df
Validity
Not Before: Oct 23 10:50:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2047b24b04ef8fc12d356aea8d5d62b5b29a10d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:39:46:f8:81:9f:c3:bc:a5:01:8a:02:28:6a:
6b:20:e7:e9:08:bb:89:3e:86:33:8b:6a:13:89:9c:
96:58:c1:05:eb:c4:c0:8e:30:fa:10:98:84:64:b7:
37:00:10:d4:7e:7c:78:2c:03:d6:12:af:42:1f:a1:
f8:27:52:d6:c6:74:00:71:68:12:e6:c4:1a:4a:aa:
58:3c:51:82:1d:e1:90:d6:b5:39:af:13:26:02:76:
6f:a5:e8:bb:e8:cb:9d:b8:eb:4d:e9:70:82:22:08:
4e:64:63:8e:f5:e8:38:53:63:1e:67:c8:6d:43:14:
43:dd:d6:9b:22:77:1a:a1:aa:84:8b:8d:b2:33:37:
40:91:2c:4d:ce:2b:ab:b9:23:aa:84:a8:fe:88:cc:
30:a5:bc:7b:3e:92:58:2a:c0:8a:b8:06:5b:29:7e:
ec:ca:31:b2:80:e9:b2:2d:95:0c:e6:eb:88:7e:d4:
9e:65:ad:31:21:fb:cb:2b:89:5b:35:22:3c:5e:31:
e1:df:28:d7:55:ec:05:3f:1a:f0:2d:2c:e8:16:87:
82:78:78:cb:82:69:fd:9a:a5:53:3a:35:98:6f:89:
ea:d9:76:61:e9:30:f3:7f:37:b2:a6:e0:bb:67:1e:
44:25:3f:aa:29:3a:05:ae:74:7c:a7:80:9a:f5:19:
8e:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:47:B2:4B:04:EF:8F:C1:2D:35:6A:EA:8D:5D:62:B5:B2:9A:10:D2
X509v3 Authority Key Identifier:
keyid:7D:7B:4B:CA:BE:B2:96:05:EA:51:1D:E9:73:E4:67:5C:4B:8A:29:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fXtLyr6ylgXqUR3pc-RnXEuKKd8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/IEeySwTvj8EtNWrqjV1itbKaENI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/fXtLyr6ylgXqUR3pc-RnXEuKKd8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.187.208.0-85.187.212.255
85.187.220.0/23
151.237.0.0/20
151.237.94.0/23
Signature Algorithm: sha256WithRSAEncryption
16:6d:68:01:0b:69:e0:30:f7:79:12:ab:77:d9:15:d4:32:d9:
11:4a:db:d0:5f:1c:b4:5f:97:d0:5a:ef:ff:b2:7a:53:a0:76:
d7:88:59:7f:c0:bf:02:ad:81:6a:08:c5:99:c2:b0:07:bc:0a:
75:f9:65:f5:cc:19:81:5e:00:3d:d0:cf:b6:b6:22:a0:3e:96:
1e:37:f6:3e:9b:2d:d6:12:68:86:ba:33:65:ea:92:a5:e2:68:
a6:37:5f:bf:43:93:5e:85:64:60:55:6e:7a:b0:fb:9b:93:e9:
66:2b:5f:38:11:ae:16:c0:29:c7:e3:0f:5c:4b:0f:30:f6:25:
6a:e0:5f:d2:80:dc:aa:95:78:30:a3:d6:38:6a:7d:68:95:96:
d9:2f:26:41:b0:35:79:3f:a7:64:3b:d0:20:87:53:9a:5d:b5:
39:5b:ca:6f:e0:d8:1f:02:e4:43:ae:7e:83:0f:63:48:fc:69:
60:52:c9:79:c3:ed:d3:03:79:fe:ac:ba:ed:da:5b:ec:5c:f4:
8f:0b:d3:51:1b:4d:4d:c6:2f:88:76:6e:be:a4:30:c9:8f:09:
df:5d:a1:fd:ac:f6:d4:38:ca:ce:8b:e5:b6:b8:2b:f3:f9:a0:
ec:9d:6c:15:d5:88:40:05:a3:17:0c:ea:39:51:df:87:9d:2f:
80:4f:8a:30
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYtcKCIAUk9xS9D0e2UlzTDhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkN2I0YmNhYmViMjk2MDVlYTUxMWRlOTczZTQ2NzVjNGI4
YTI5ZGYwHhcNMjMxMDIzMTA1MDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDQ3YjI0YjA0ZWY4ZmMxMmQzNTZhZWE4ZDVkNjJiNWIyOWExMGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTlG+IGfw7ylAYoCKGprIOfpCLuJ
PoYzi2oTiZyWWMEF68TAjjD6EJiEZLc3ABDUfnx4LAPWEq9CH6H4J1LWxnQAcWgS
5sQaSqpYPFGCHeGQ1rU5rxMmAnZvpei76MuduOtN6XCCIghOZGOO9eg4U2MeZ8ht
QxRD3dabIncaoaqEi42yMzdAkSxNziuruSOqhKj+iMwwpbx7PpJYKsCKuAZbKX7s
yjGygOmyLZUM5uuIftSeZa0xIfvLK4lbNSI8XjHh3yjXVewFPxrwLSzoFoeCeHjL
gmn9mqVTOjWYb4nq2XZh6TDzfzeypuC7Zx5EJT+qKToFrnR8p4Ca9RmOBQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFCBHsksE74/BLTVq6o1dYrWymhDSMB8GA1UdIwQY
MBaAFH17S8q+spYF6lEd6XPkZ1xLiinfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlh0THlyNnlsZ1hxVVIzcGMtUm5YRXVLS2Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny84ODk3ZmQtMTg2Mi00MzkzLWFhNGIt
NDQ3NjE3YTRhNzQ0LzEvSUVleVN3VHZqOEV0TldycWpWMWl0YkthRU5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny84ODk3ZmQtMTg2Mi00MzkzLWFhNGItNDQ3NjE3YTRhNzQ0
LzEvZlh0THlyNnlsZ1hxVVIzcGMtUm5YRXVLS2Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBARVu9AD
BABVu9QDBAFVu9wDBASX7QADBAGX7V4wDQYJKoZIhvcNAQELBQADggEBABZtaAEL
aeAw93kSq3fZFdQy2RFK29BfHLRfl9Ba7/+yelOgdteIWX/AvwKtgWoIxZnCsAe8
CnX5ZfXMGYFeAD3Qz7a2IqA+lh439j6bLdYSaIa6M2XqkqXiaKY3X79Dk16FZGBV
bnqw+5uT6WYrXzgRrhbAKcfjD1xLDzD2JWrgX9KA3KqVeDCj1jhqfWiVltkvJkGw
NXk/p2Q70CCHU5pdtTlbym/g2B8C5EOufoMPY0j8aWBSyXnD7dMDef6suu3aW+xc
9I8L01EbTU3GL4h2br6kMMmPCd9dof2s9tQ4ys6L5ba4K/P5oOydbBXViEAFoxcM
6jlR34edL4BPijA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:42 2024 by rpki-client on console-ams.rpki-client.org