Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/eUq_DfOSOUIcGwQ5_MRLsZsAE3Y.roa
File: eUq_DfOSOUIcGwQ5_MRLsZsAE3Y.roa (raw, json)
Hash identifier: vmrJjoiBKd86oAJvXEK5OY7uHSC5XAZaM3NqZL0PHhY=
Subject key identifier: 79:4A:BF:0D:F3:92:39:42:1C:1B:04:39:FC:C4:4B:B1:9B:00:13:76
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 0189545D5CF170C0A981FB772BA24928AEA1
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/eUq_DfOSOUIcGwQ5_MRLsZsAE3Y.roa
Signing time: Fri 14 Jul 2023 12:25:52 +0000
ROA not before: Fri 14 Jul 2023 12:25:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 171.22.146.0/24 maxlen: 24
91.103.120.0/21 maxlen: 24
185.235.71.0/24 maxlen: 24
95.111.128.0/20 maxlen: 20
95.111.144.0/20 maxlen: 20
185.149.12.0/23 maxlen: 24
185.149.13.0/24 maxlen: 24
185.149.14.0/23 maxlen: 24
185.149.14.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:54:5d:5c:f1:70:c0:a9:81:fb:77:2b:a2:49:28:ae:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Jul 14 12:25:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=794abf0df39239421c1b0439fcc44bb19b001376
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:c7:57:2a:a9:7a:15:dc:5c:98:85:9d:29:03:
e2:9a:81:6d:f8:91:0a:f7:3d:53:00:6a:4c:88:51:
2c:e1:4b:17:e0:7e:22:52:66:cb:d2:7c:4a:e3:09:
0b:5e:1e:34:76:d8:39:6e:9a:37:4d:b7:55:95:57:
47:4b:7c:b1:c7:f2:71:21:01:08:02:89:39:b6:4e:
72:ac:50:69:20:3e:81:1a:8f:a0:0e:e5:a1:73:3f:
d5:b9:23:4a:e9:5c:d1:22:55:76:df:a8:df:ed:40:
f5:b2:f3:f9:b3:3a:a4:73:57:57:15:3e:75:dc:78:
1f:1b:4e:6b:32:ac:54:17:9a:f0:52:64:c1:5d:53:
53:3c:6e:d8:27:e5:7b:69:2e:a1:d5:97:f9:ee:e4:
82:0c:1a:f6:73:a6:dc:d1:a7:59:b1:47:16:16:ae:
ad:2b:d2:ac:c0:60:86:43:23:9e:51:50:73:df:17:
35:8f:da:23:10:d6:7b:b4:5f:62:72:4e:b8:10:a9:
7a:0c:fa:6a:e6:af:76:f4:aa:e2:eb:a9:40:5a:05:
1e:48:09:97:ed:9c:a3:29:df:0a:0d:fb:f1:39:2e:
8a:b6:8b:10:98:72:54:e0:45:3f:39:9b:50:54:3e:
a2:22:07:8c:3d:19:ce:7e:32:c9:ca:bb:aa:a8:23:
0d:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:4A:BF:0D:F3:92:39:42:1C:1B:04:39:FC:C4:4B:B1:9B:00:13:76
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/eUq_DfOSOUIcGwQ5_MRLsZsAE3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.103.120.0/21
95.111.128.0/19
171.22.146.0/24
185.149.12.0/22
185.235.71.0/24
Signature Algorithm: sha256WithRSAEncryption
89:05:e4:08:32:83:7c:52:26:ec:4d:ca:87:be:18:4f:69:04:
fd:fb:59:12:da:c3:d0:2b:f8:1c:35:e1:90:c8:c0:3f:2c:fb:
fb:15:85:de:3c:58:bf:e5:64:10:3e:78:44:a5:6b:02:f1:6e:
f3:a7:45:33:56:78:dc:55:85:5b:d7:32:ef:3d:28:da:fc:4e:
7b:67:31:e6:08:16:5b:3d:df:89:00:a3:9f:34:6c:70:d8:16:
f2:15:97:17:dd:21:e0:af:ec:a6:03:1b:ca:1b:9b:10:c9:66:
4b:4a:ac:82:ac:a8:2d:59:b9:f6:76:2a:3f:87:d4:e2:54:28:
1a:2b:fd:d0:48:b6:75:ec:83:bf:70:fd:49:c2:bc:50:0e:48:
7b:11:18:bf:c0:18:40:d2:44:4c:24:fa:0b:92:59:3e:03:c0:
f9:65:ce:eb:ea:83:6d:58:30:c9:03:10:69:e7:9b:8d:6e:3e:
51:7b:c6:9a:c3:94:17:f6:16:d0:3d:ae:06:2b:86:27:0a:a1:
25:c9:3c:d2:55:e2:bb:e1:b9:ce:ee:b5:65:84:26:b8:21:9a:
bb:a4:a6:99:78:98:86:4d:66:d1:6e:6a:98:00:a2:8d:82:2d:
89:5e:b8:33:e9:2c:71:0d:d1:d6:88:bb:49:47:90:11:d3:c1:
73:f9:01:a1
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYlUXVzxcMCpgft3K6JJKK6hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4
MjAwYTIwHhcNMjMwNzE0MTIyNTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTRhYmYwZGYzOTIzOTQyMWMxYjA0MzlmY2M0NGJiMTliMDAxMzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzMdXKql6FdxcmIWdKQPimoFt+JEK
9z1TAGpMiFEs4UsX4H4iUmbL0nxK4wkLXh40dtg5bpo3TbdVlVdHS3yxx/JxIQEI
Aok5tk5yrFBpID6BGo+gDuWhcz/VuSNK6VzRIlV236jf7UD1svP5szqkc1dXFT51
3HgfG05rMqxUF5rwUmTBXVNTPG7YJ+V7aS6h1Zf57uSCDBr2c6bc0adZsUcWFq6t
K9KswGCGQyOeUVBz3xc1j9ojENZ7tF9ick64EKl6DPpq5q929Kri66lAWgUeSAmX
7ZyjKd8KDfvxOS6KtosQmHJU4EU/OZtQVD6iIgeMPRnOfjLJyruqqCMNXwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHlKvw3zkjlCHBsEOfzES7GbABN2MB8GA1UdIwQY
MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt
NGJlMThlZjEyOGI0LzEvZVVxX0RmT1NPVUljR3dRNV9NUkxzWnNBRTNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0
LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDW2d4AwQF
X2+AAwQAqxaSAwQCuZUMAwQAuetHMA0GCSqGSIb3DQEBCwUAA4IBAQCJBeQIMoN8
UibsTcqHvhhPaQT9+1kS2sPQK/gcNeGQyMA/LPv7FYXePFi/5WQQPnhEpWsC8W7z
p0UzVnjcVYVb1zLvPSja/E57ZzHmCBZbPd+JAKOfNGxw2BbyFZcX3SHgr+ymAxvK
G5sQyWZLSqyCrKgtWbn2dio/h9TiVCgaK/3QSLZ17IO/cP1JwrxQDkh7ERi/wBhA
0kRMJPoLklk+A8D5Zc7r6oNtWDDJAxBp55uNbj5Re8aaw5QX9hbQPa4GK4YnCqEl
yTzSVeK74bnO7rVlhCa4IZq7pKaZeJiGTWbRbmqYAKKNgi2JXrgz6SxxDdHWiLtJ
R5AR08Fz+QGh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:25 2024 by rpki-client on console-ams.rpki-client.org