Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/866b6b-f56c-4a2f-902d-fbc36e4348f5/1/E_u2xxEWgZ9mgFNH23M6v-VKp-Y.roa
File: E_u2xxEWgZ9mgFNH23M6v-VKp-Y.roa (raw, json)
Hash identifier: drOBoV2xvsQtW7nAyi6o5of37zI91ts16N85nKCO8Is=
Subject key identifier: 13:FB:B6:C7:11:16:81:9F:66:80:53:47:DB:73:3A:BF:E5:4A:A7:E6
Certificate issuer: /CN=002fa6e19056838905bc32b53ab0d1047d78e4d4
Certificate serial: 0184A9EF6B89B1014CC15C780A1AFBDEA72A
Authority key identifier: 00:2F:A6:E1:90:56:83:89:05:BC:32:B5:3A:B0:D1:04:7D:78:E4:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AC-m4ZBWg4kFvDK1OrDRBH145NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/866b6b-f56c-4a2f-902d-fbc36e4348f5/1/E_u2xxEWgZ9mgFNH23M6v-VKp-Y.roa
Signing time: Thu 24 Nov 2022 13:59:10 +0000
ROA not before: Thu 24 Nov 2022 13:59:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39049
IP address blocks: 94.231.36.0/22 maxlen: 23
94.231.36.0/23 maxlen: 23
94.231.32.0/21 maxlen: 23
94.231.38.0/24 maxlen: 24
94.231.32.0/22 maxlen: 22
195.66.136.0/24 maxlen: 24
195.66.136.0/23 maxlen: 23
195.66.137.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a9:ef:6b:89:b1:01:4c:c1:5c:78:0a:1a:fb:de:a7:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=002fa6e19056838905bc32b53ab0d1047d78e4d4
Validity
Not Before: Nov 24 13:59:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=13fbb6c71116819f66805347db733abfe54aa7e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:07:81:43:db:b1:3a:2e:0a:97:a0:40:bc:d3:
4f:95:80:53:19:27:db:f2:3a:dc:55:f1:cd:73:fe:
e8:08:30:5f:3a:be:d3:08:c8:ba:09:28:60:a9:40:
f5:76:35:a0:05:09:4e:30:ab:7e:8f:99:70:6a:84:
e9:4a:fa:bd:37:ab:be:c2:78:a8:74:62:28:4c:80:
5e:49:60:1a:80:fe:a5:78:61:2b:e6:c9:e5:3c:9c:
6f:fa:d8:44:1f:4d:bf:58:20:2c:04:0b:77:b5:07:
ef:94:39:35:0f:e1:05:ce:55:10:34:76:f9:0e:91:
d5:b7:59:04:63:c7:cb:3d:f8:8a:2e:22:0b:c4:08:
12:66:3c:a1:b4:15:ba:94:76:8f:08:0f:ba:e9:04:
d7:08:41:e1:3c:df:b6:ed:67:ef:8d:46:be:fb:9c:
5a:9a:3d:67:ee:69:55:b8:fc:71:df:c9:44:73:96:
16:dc:38:a7:83:29:c3:44:29:8f:de:e9:32:cb:b1:
15:6f:50:78:15:58:6f:ca:14:8b:bc:08:ed:0e:54:
56:f0:a4:12:6e:e2:56:a7:4b:81:80:25:39:62:7e:
4f:15:64:9e:8b:f2:75:4b:b0:52:52:bb:1d:5b:1f:
07:72:d2:49:ff:d5:6f:6b:70:ba:81:3c:2c:90:88:
bc:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:FB:B6:C7:11:16:81:9F:66:80:53:47:DB:73:3A:BF:E5:4A:A7:E6
X509v3 Authority Key Identifier:
keyid:00:2F:A6:E1:90:56:83:89:05:BC:32:B5:3A:B0:D1:04:7D:78:E4:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AC-m4ZBWg4kFvDK1OrDRBH145NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/866b6b-f56c-4a2f-902d-fbc36e4348f5/1/E_u2xxEWgZ9mgFNH23M6v-VKp-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/866b6b-f56c-4a2f-902d-fbc36e4348f5/1/AC-m4ZBWg4kFvDK1OrDRBH145NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.231.32.0/21
195.66.136.0/23
Signature Algorithm: sha256WithRSAEncryption
9c:bf:d5:35:24:f9:3e:80:d5:91:d1:ee:df:56:fd:0f:b5:a0:
a7:89:a0:cc:68:fd:e2:93:6d:ae:07:1f:c2:32:d4:40:78:69:
88:ea:f2:65:26:da:57:20:f8:6d:4b:be:36:51:43:f2:39:22:
9a:79:5b:79:1e:52:b3:ba:51:16:27:e3:67:85:a8:d0:66:92:
92:8b:0d:34:ff:b7:0f:29:04:41:17:d3:23:8c:4e:51:cd:1b:
7a:3e:36:1b:e7:3a:3e:50:66:1a:d4:20:13:03:b8:bb:c7:16:
ad:52:9e:af:10:77:19:6d:59:5e:29:c1:e9:2b:b1:59:3d:95:
68:15:17:7d:b0:45:a1:7f:ae:7f:7c:08:5f:11:18:2e:a6:74:
d6:88:01:d7:44:cb:c8:1a:34:f2:79:6a:ec:7a:d0:63:80:8a:
a1:4a:c9:07:03:6c:89:4b:b7:b1:3c:f3:da:e3:d2:c2:f1:80:
45:68:76:76:3b:59:5a:d5:c0:3a:c9:f8:98:3a:16:32:01:cf:
5d:3a:a9:60:04:09:05:55:6e:88:c2:9a:bd:20:2a:58:bf:16:
3c:95:6d:ea:9b:40:b8:29:0d:96:95:e2:87:ce:8f:99:59:d6:
30:36:d3:04:83:c6:85:56:2c:c9:af:a5:f3:7f:f4:0f:69:c7:
96:d8:c4:85
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYSp72uJsQFMwVx4Chr73qcqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMmZhNmUxOTA1NjgzODkwNWJjMzJiNTNhYjBkMTA0N2Q3
OGU0ZDQwHhcNMjIxMTI0MTM1OTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2ZiYjZjNzExMTY4MTlmNjY4MDUzNDdkYjczM2FiZmU1NGFhN2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwweBQ9uxOi4Kl6BAvNNPlYBTGSfb
8jrcVfHNc/7oCDBfOr7TCMi6CShgqUD1djWgBQlOMKt+j5lwaoTpSvq9N6u+wnio
dGIoTIBeSWAagP6leGEr5snlPJxv+thEH02/WCAsBAt3tQfvlDk1D+EFzlUQNHb5
DpHVt1kEY8fLPfiKLiILxAgSZjyhtBW6lHaPCA+66QTXCEHhPN+27WfvjUa++5xa
mj1n7mlVuPxx38lEc5YW3DingynDRCmP3ukyy7EVb1B4FVhvyhSLvAjtDlRW8KQS
buJWp0uBgCU5Yn5PFWSei/J1S7BSUrsdWx8HctJJ/9Vva3C6gTwskIi8fQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBP7tscRFoGfZoBTR9tzOr/lSqfmMB8GA1UdIwQY
MBaAFAAvpuGQVoOJBbwytTqw0QR9eOTUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUMtbTRaQldnNGtGdkRLMU9yRFJCSDE0NU5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny84NjZiNmItZjU2Yy00YTJmLTkwMmQt
ZmJjMzZlNDM0OGY1LzEvRV91Mnh4RVdnWjltZ0ZOSDIzTTZ2LVZLcC1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny84NjZiNmItZjU2Yy00YTJmLTkwMmQtZmJjMzZlNDM0OGY1
LzEvQUMtbTRaQldnNGtGdkRLMU9yRFJCSDE0NU5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDXucgAwQB
w0KIMA0GCSqGSIb3DQEBCwUAA4IBAQCcv9U1JPk+gNWR0e7fVv0PtaCniaDMaP3i
k22uBx/CMtRAeGmI6vJlJtpXIPhtS742UUPyOSKaeVt5HlKzulEWJ+NnhajQZpKS
iw00/7cPKQRBF9MjjE5RzRt6PjYb5zo+UGYa1CATA7i7xxatUp6vEHcZbVleKcHp
K7FZPZVoFRd9sEWhf65/fAhfERgupnTWiAHXRMvIGjTyeWrsetBjgIqhSskHA2yJ
S7exPPPa49LC8YBFaHZ2O1la1cA6yfiYOhYyAc9dOqlgBAkFVW6Iwpq9ICpYvxY8
lW3qm0C4KQ2WleKHzo+ZWdYwNtMEg8aFVizJr6Xzf/QPaceW2MSF
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:58 2023 by rpki-client on console-ams.rpki-client.org