Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/39081f-5003-41ed-b80a-3fae034c489e/1/vyYeFo9cEOLVOfp4fJLux_asFIM.roa
File: vyYeFo9cEOLVOfp4fJLux_asFIM.roa (raw, json)
Hash identifier: KPiGBr9vHpmuQS+Gmy7g71EPRWztm/dU4jKrHHndVKw=
Subject key identifier: BF:26:1E:16:8F:5C:10:E2:D5:39:FA:78:7C:92:EE:C7:F6:AC:14:83
Certificate issuer: /CN=b169a49700e0c3b8e39a79130c987a5000ccffe2
Certificate serial: 028E6FD5
Authority key identifier: B1:69:A4:97:00:E0:C3:B8:E3:9A:79:13:0C:98:7A:50:00:CC:FF:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sWmklwDgw7jjmnkTDJh6UADM_-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/39081f-5003-41ed-b80a-3fae034c489e/1/vyYeFo9cEOLVOfp4fJLux_asFIM.roa
Signing time: Sat 01 Jan 2022 08:57:30 +0000
ROA not before: Sat 01 Jan 2022 08:57:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206364
IP address blocks: 37.153.133.0/24 maxlen: 24
185.163.13.0/24 maxlen: 24
2a00:1197::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42889173 (0x28e6fd5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b169a49700e0c3b8e39a79130c987a5000ccffe2
Validity
Not Before: Jan 1 08:57:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bf261e168f5c10e2d539fa787c92eec7f6ac1483
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:5d:eb:c3:bd:b2:2f:ef:fb:d6:e1:77:4a:c7:
32:c3:d4:54:0c:3d:3b:89:ec:5a:30:9b:55:6a:a7:
cb:04:64:78:c7:69:66:f3:92:3e:5a:b7:88:95:40:
d6:7a:d2:d9:36:c7:78:07:33:64:63:05:34:d6:d0:
3a:8c:50:4c:88:3e:c2:f3:1e:79:d1:2d:73:b4:c6:
ce:3e:aa:1f:11:74:87:37:18:8f:98:67:c1:ae:78:
54:35:9e:9d:b4:3f:99:70:85:43:4b:8c:ee:46:a4:
06:34:4b:15:87:a5:74:58:7d:41:19:c4:5e:4b:86:
ac:50:8b:c8:bb:be:b8:ba:f0:fd:83:87:da:10:51:
fb:63:9c:03:bf:af:bf:0c:21:60:66:bf:96:54:a0:
35:4b:98:d4:ff:ab:9e:90:38:a9:1c:56:c0:82:54:
75:10:ae:2e:dc:42:96:66:41:6a:f8:33:c4:21:72:
3c:13:47:b2:00:7a:31:0c:92:61:59:59:3f:8d:51:
bd:60:a2:60:66:d1:b0:ad:e6:43:b9:8d:24:64:d5:
3f:65:0a:1a:80:47:2c:0a:e0:98:f3:f3:b1:a1:da:
e9:67:3a:dd:5b:cd:e2:0c:92:68:9e:4c:2d:47:58:
f5:5d:45:ac:59:f4:cc:d6:fa:36:01:bb:58:c5:c9:
7d:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:26:1E:16:8F:5C:10:E2:D5:39:FA:78:7C:92:EE:C7:F6:AC:14:83
X509v3 Authority Key Identifier:
keyid:B1:69:A4:97:00:E0:C3:B8:E3:9A:79:13:0C:98:7A:50:00:CC:FF:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sWmklwDgw7jjmnkTDJh6UADM_-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/39081f-5003-41ed-b80a-3fae034c489e/1/vyYeFo9cEOLVOfp4fJLux_asFIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/39081f-5003-41ed-b80a-3fae034c489e/1/sWmklwDgw7jjmnkTDJh6UADM_-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.133.0/24
185.163.13.0/24
IPv6:
2a00:1197::/32
Signature Algorithm: sha256WithRSAEncryption
7c:5e:7a:60:91:39:34:f2:34:93:75:b8:51:cf:75:51:b4:11:
18:b0:e8:6b:e1:ec:5e:43:89:db:3b:18:50:45:be:f9:2d:dc:
7a:21:5b:fc:de:db:1d:24:9d:c6:76:c4:8e:20:ec:d6:92:bb:
7e:11:0f:df:32:d9:94:20:5f:ca:db:0e:90:f7:07:14:4c:d6:
eb:24:79:b1:a6:f5:bc:a5:4b:8a:5f:2d:33:8e:a6:30:54:f5:
10:a1:fa:bd:9d:8d:d7:4d:9a:7d:ac:ee:be:b2:f2:d2:b2:d1:
39:dd:c0:03:7d:b5:f0:6c:1f:82:ad:21:d9:37:c4:b8:1b:c4:
16:4e:09:a2:da:65:de:bd:01:19:70:19:72:c5:6b:b0:cb:c8:
e6:6b:c8:53:66:58:c3:57:5c:9c:f1:50:d5:f9:67:6d:0f:78:
a4:ba:25:c2:fa:ec:5b:45:ae:e0:e0:41:13:fe:79:e0:86:69:
d7:f8:fd:5f:80:0d:ff:de:95:77:94:7b:52:a9:d9:b7:f4:63:
a6:20:40:4e:6a:7b:f7:94:3a:11:f4:01:39:58:fe:de:ec:db:
6d:a4:b4:cb:51:0c:64:95:38:a9:cd:89:51:77:12:e4:35:de:
49:8c:98:35:2a:98:4e:af:a5:9b:fe:84:06:53:e3:17:31:b4:
9d:59:7b:23
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEAo5v1TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MTY5YTQ5NzAwZTBjM2I4ZTM5YTc5MTMwYzk4N2E1MDAwY2NmZmUyMB4XDTIyMDEw
MTA4NTczMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmYyNjFlMTY4ZjVj
MTBlMmQ1MzlmYTc4N2M5MmVlYzdmNmFjMTQ4MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKZd68O9si/v+9bhd0rHMsPUVAw9O4nsWjCbVWqnywRkeMdp
ZvOSPlq3iJVA1nrS2TbHeAczZGMFNNbQOoxQTIg+wvMeedEtc7TGzj6qHxF0hzcY
j5hnwa54VDWenbQ/mXCFQ0uM7kakBjRLFYeldFh9QRnEXkuGrFCLyLu+uLrw/YOH
2hBR+2OcA7+vvwwhYGa/llSgNUuY1P+rnpA4qRxWwIJUdRCuLtxClmZBavgzxCFy
PBNHsgB6MQySYVlZP41RvWCiYGbRsK3mQ7mNJGTVP2UKGoBHLArgmPPzsaHa6Wc6
3VvN4gySaJ5MLUdY9V1FrFn0zNb6NgG7WMXJfeMCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBS/Jh4Wj1wQ4tU5+nh8ku7H9qwUgzAfBgNVHSMEGDAWgBSxaaSXAODDuOOa
eRMMmHpQAMz/4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NXbWtsd0Rndzdqam1ua1RESmg2VUFETV8tSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjUvMzkwODFmLTUwMDMtNDFlZC1iODBhLTNmYWUwMzRjNDg5ZS8x
L3Z5WWVGbzljRU9MVk9mcDRmSkx1eF9hc0ZJTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjUv
MzkwODFmLTUwMDMtNDFlZC1iODBhLTNmYWUwMzRjNDg5ZS8xL3NXbWtsd0Rndzdq
am1ua1RESmg2VUFETV8tSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEACWZhQMEALmjDTANBAIAAjAHAwUA
KgARlzANBgkqhkiG9w0BAQsFAAOCAQEAfF56YJE5NPI0k3W4Uc91UbQRGLDoa+Hs
XkOJ2zsYUEW++S3ceiFb/N7bHSSdxnbEjiDs1pK7fhEP3zLZlCBfytsOkPcHFEzW
6yR5sab1vKVLil8tM46mMFT1EKH6vZ2N102afazuvrLy0rLROd3AA3218Gwfgq0h
2TfEuBvEFk4Jotpl3r0BGXAZcsVrsMvI5mvIU2ZYw1dcnPFQ1flnbQ94pLolwvrs
W0Wu4OBBE/554IZp1/j9X4AN/96Vd5R7UqnZt/RjpiBATmp795Q6EfQBOVj+3uzb
baS0y1EMZJU4qc2JUXcS5DXeSYyYNSqYTq+lm/6EBlPjFzG0nVl7Iw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:58 2024 by rpki-client on console-fra.rpki-client.org