Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/V-pb2aQNyw0kPswhd9L7wvPcWWY.roa
File: V-pb2aQNyw0kPswhd9L7wvPcWWY.roa (raw, json)
Hash identifier: QB7OxYGxDXl3LcX6fdjlShgLU9oxpRV/Ms3BIb5Jhbw=
Subject key identifier: 57:EA:5B:D9:A4:0D:CB:0D:24:3E:CC:21:77:D2:FB:C2:F3:DC:59:66
Certificate issuer: /CN=4d88eb730ab1a501ea36ea3482d764544e141111
Certificate serial: 09C06B5C
Authority key identifier: 4D:88:EB:73:0A:B1:A5:01:EA:36:EA:34:82:D7:64:54:4E:14:11:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TYjrcwqxpQHqNuo0gtdkVE4UERE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/V-pb2aQNyw0kPswhd9L7wvPcWWY.roa
Signing time: Sat 01 Jan 2022 14:57:53 +0000
ROA not before: Sat 01 Jan 2022 14:57:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 36351
IP address blocks: 109.199.96.0/19 maxlen: 24
37.60.224.0/19 maxlen: 24
185.225.236.0/22 maxlen: 24
185.56.84.0/22 maxlen: 24
77.104.128.0/18 maxlen: 24
146.66.64.0/18 maxlen: 24
93.187.136.0/21 maxlen: 24
109.73.224.0/20 maxlen: 24
185.62.236.0/22 maxlen: 24
2a04:f280::/40 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 163605340 (0x9c06b5c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d88eb730ab1a501ea36ea3482d764544e141111
Validity
Not Before: Jan 1 14:57:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=57ea5bd9a40dcb0d243ecc2177d2fbc2f3dc5966
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:26:6b:1f:90:92:9d:42:29:dd:dc:ae:d4:3f:
b4:8f:da:e5:3a:73:44:8e:8e:59:19:f4:6e:cb:a6:
65:cc:e5:d3:e8:09:13:8c:ac:75:33:75:6b:22:9e:
f5:38:1d:2e:1c:ff:00:2f:43:00:f9:bd:e1:ad:56:
d7:ab:b0:7f:20:01:ee:a5:72:a3:b8:c7:e5:78:21:
a1:15:49:45:ac:3b:8a:db:1b:20:cc:d1:37:3d:20:
2d:f3:5f:31:e3:b7:0f:dc:16:59:81:75:b1:46:a7:
85:86:a0:d6:02:cf:60:99:13:1c:07:6b:66:29:0e:
1f:53:3d:4e:30:4b:c6:4e:ed:0c:71:c9:70:29:7e:
7f:d1:05:14:e6:66:26:78:f5:d3:86:41:8c:8b:39:
be:c5:4e:56:26:c9:dc:34:88:60:5a:18:6d:d7:05:
bc:05:7d:50:5a:f7:1d:f7:9c:40:4a:95:b6:0c:4f:
83:fb:19:38:ef:94:91:30:10:18:f1:c3:98:c3:6e:
d0:58:e8:07:55:7e:0c:95:21:0e:9c:a1:0e:91:ec:
31:4f:3d:fe:b4:ae:74:89:d8:b0:ec:ba:72:30:be:
b8:15:7a:84:22:3a:16:4e:c9:2c:c3:b8:15:4f:1b:
23:54:70:de:03:a2:da:2e:dd:2e:79:83:76:98:39:
40:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:EA:5B:D9:A4:0D:CB:0D:24:3E:CC:21:77:D2:FB:C2:F3:DC:59:66
X509v3 Authority Key Identifier:
keyid:4D:88:EB:73:0A:B1:A5:01:EA:36:EA:34:82:D7:64:54:4E:14:11:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TYjrcwqxpQHqNuo0gtdkVE4UERE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/V-pb2aQNyw0kPswhd9L7wvPcWWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/TYjrcwqxpQHqNuo0gtdkVE4UERE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.60.224.0/19
77.104.128.0/18
93.187.136.0/21
109.73.224.0/20
109.199.96.0/19
146.66.64.0/18
185.56.84.0/22
185.62.236.0/22
185.225.236.0/22
IPv6:
2a04:f280::/40
Signature Algorithm: sha256WithRSAEncryption
26:07:f0:92:00:05:a4:77:ef:23:7e:71:b9:fe:ea:11:bb:2b:
51:6a:85:da:41:34:43:ad:50:32:c8:67:ad:10:4d:c2:81:c0:
7a:b6:3c:32:5c:2d:5a:c2:30:04:32:35:8d:3d:c1:e0:7e:02:
f3:f0:bb:1a:98:b4:ad:a1:bb:bc:11:b1:70:4f:92:9f:ba:dc:
d2:b3:f6:0d:2a:ac:ef:a4:e6:8f:7c:36:ea:00:ce:47:aa:da:
49:ec:bf:f4:5b:6b:c5:66:88:50:2a:2d:0c:31:4a:b7:f2:aa:
b3:9a:c5:7b:1c:5f:40:2a:06:80:86:25:06:5a:f6:fb:c2:aa:
38:46:f6:6c:e7:3a:d9:db:70:fb:d8:2f:df:d1:6b:1b:9a:91:
4a:61:f9:f8:c0:05:de:67:a7:b6:a3:18:d6:9a:73:ee:1b:12:
0a:44:79:c9:cb:c5:1c:09:59:b8:46:15:d5:ac:84:29:5f:a5:
e6:87:26:9f:3f:bd:13:f6:b9:e0:04:60:6f:f5:2d:0a:f3:f5:
97:3f:ee:d2:6f:54:bf:3c:b6:4d:2a:72:c5:e7:70:bf:20:ba:
5b:e1:7a:c4:00:26:87:a4:91:63:57:1b:aa:5f:39:0b:1b:5c:
52:0c:5d:09:05:8c:6c:ab:47:8c:fe:4a:35:53:03:ed:94:1c:
7c:10:0b:2e
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIECcBrXDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZDg4ZWI3MzBhYjFhNTAxZWEzNmVhMzQ4MmQ3NjQ1NDRlMTQxMTExMB4XDTIyMDEw
MTE0NTc1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTdlYTViZDlhNDBk
Y2IwZDI0M2VjYzIxNzdkMmZiYzJmM2RjNTk2NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL4max+Qkp1CKd3crtQ/tI/a5TpzRI6OWRn0bsumZczl0+gJ
E4ysdTN1ayKe9TgdLhz/AC9DAPm94a1W16uwfyAB7qVyo7jH5XghoRVJRaw7itsb
IMzRNz0gLfNfMeO3D9wWWYF1sUanhYag1gLPYJkTHAdrZikOH1M9TjBLxk7tDHHJ
cCl+f9EFFOZmJnj104ZBjIs5vsVOVibJ3DSIYFoYbdcFvAV9UFr3HfecQEqVtgxP
g/sZOO+UkTAQGPHDmMNu0FjoB1V+DJUhDpyhDpHsMU89/rSudInYsOy6cjC+uBV6
hCI6Fk7JLMO4FU8bI1Rw3gOi2i7dLnmDdpg5QK0CAwEAAaOCAkkwggJFMB0GA1Ud
DgQWBBRX6lvZpA3LDSQ+zCF30vvC89xZZjAfBgNVHSMEGDAWgBRNiOtzCrGlAeo2
6jSC12RUThQRETAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RZanJjd3F4cFFIcU51bzBndGRrVkU0VUVSRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmEvYzQ5M2VlLWY2NmUtNDIwOC1hMzFkLTcyNmY4M2QyMzg5Mi8x
L1YtcGIyYVFOeXcwa1Bzd2hkOUw3d3ZQY1dXWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmEv
YzQ5M2VlLWY2NmUtNDIwOC1hMzFkLTcyNmY4M2QyMzg5Mi8xL1RZanJjd3F4cFFI
cU51bzBndGRrVkU0VUVSRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBf
BggrBgEFBQcBBwEB/wRQME4wPAQCAAEwNgMEBSU84AMEBk1ogAMEA127iAMEBG1J
4AMEBW3HYAMEBpJCQAMEArk4VAMEArk+7AMEArnh7DAOBAIAAjAIAwYAKgTygAAw
DQYJKoZIhvcNAQELBQADggEBACYH8JIABaR37yN+cbn+6hG7K1FqhdpBNEOtUDLI
Z60QTcKBwHq2PDJcLVrCMAQyNY09weB+AvPwuxqYtK2hu7wRsXBPkp+63NKz9g0q
rO+k5o98NuoAzkeq2knsv/Rba8VmiFAqLQwxSrfyqrOaxXscX0AqBoCGJQZa9vvC
qjhG9mznOtnbcPvYL9/RaxuakUph+fjABd5np7ajGNaac+4bEgpEecnLxRwJWbhG
FdWshClfpeaHJp8/vRP2ueAEYG/1LQrz9Zc/7tJvVL88tk0qcsXncL8gulvhesQA
JoekkWNXG6pfOQsbXFIMXQkFjGyrR4z+SjVTA+2UHHwQCy4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:48 2024 by rpki-client on console-fra.rpki-client.org