Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/Z0ilR9Mz2gCNBJ8YmWLK_i-q8Hs.roa
File: Z0ilR9Mz2gCNBJ8YmWLK_i-q8Hs.roa (raw, json)
Hash identifier: tcy7tm9vvAP/ynF1WZaKqjhtXgzEDfTsSk+OAH0Zb2I=
Subject key identifier: 67:48:A5:47:D3:33:DA:00:8D:04:9F:18:99:62:CA:FE:2F:AA:F0:7B
Certificate issuer: /CN=4d88eb730ab1a501ea36ea3482d764544e141111
Certificate serial: 09BF71F9
Authority key identifier: 4D:88:EB:73:0A:B1:A5:01:EA:36:EA:34:82:D7:64:54:4E:14:11:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TYjrcwqxpQHqNuo0gtdkVE4UERE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/Z0ilR9Mz2gCNBJ8YmWLK_i-q8Hs.roa
Signing time: Sat 01 Jan 2022 14:57:52 +0000
ROA not before: Sat 01 Jan 2022 14:57:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 32475
IP address blocks: 37.60.224.0/19 maxlen: 24
185.225.236.0/22 maxlen: 24
77.104.128.0/18 maxlen: 24
109.199.96.0/19 maxlen: 24
185.56.84.0/22 maxlen: 24
185.197.129.0/24 maxlen: 24
185.197.130.0/24 maxlen: 24
185.197.128.0/24 maxlen: 24
185.197.131.0/24 maxlen: 24
146.66.64.0/18 maxlen: 24
93.187.136.0/21 maxlen: 24
185.62.236.0/22 maxlen: 24
109.73.224.0/20 maxlen: 24
2a04:f280::/40 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 163541497 (0x9bf71f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d88eb730ab1a501ea36ea3482d764544e141111
Validity
Not Before: Jan 1 14:57:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6748a547d333da008d049f189962cafe2faaf07b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:e7:63:cb:6d:16:39:3d:b7:f1:37:b3:3e:4b:
8b:54:2b:cf:3b:a6:e2:ef:2c:7c:b8:6e:9d:7e:04:
a1:a8:19:24:a2:76:4f:9f:74:75:f0:c7:e5:32:e1:
ba:82:0c:96:b4:3a:9e:e1:94:00:ec:c4:f0:5b:7c:
8f:6f:cc:1c:1c:1a:0d:25:d5:a1:30:e2:a3:78:e9:
58:74:8c:e5:36:50:0b:83:7a:3c:57:18:d4:6b:b6:
a2:2a:05:92:04:90:45:51:ef:95:f8:62:9e:f4:63:
67:dd:78:42:9e:30:17:46:29:a5:7d:f9:b5:8b:08:
42:a1:35:2b:83:43:42:45:8f:1b:7c:03:cc:f6:11:
4e:0f:6d:dc:56:72:0b:f9:3a:49:ce:1f:36:66:92:
75:00:d5:92:cb:35:57:e6:30:f8:da:94:3d:10:72:
84:a7:1d:c3:54:aa:00:a0:55:44:15:bf:12:07:ab:
a8:4a:58:17:70:c3:95:4f:e5:08:d8:eb:31:56:59:
94:01:cf:ad:32:0f:80:87:61:ef:2d:75:9b:94:a1:
75:b9:6d:ac:f4:c7:ba:20:9d:6f:ee:86:1c:8c:08:
68:ed:c0:50:c9:f5:ab:5b:53:a1:97:a2:5d:76:95:
76:dc:75:c1:ab:cf:cb:92:59:48:f1:ad:2f:65:00:
0c:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:48:A5:47:D3:33:DA:00:8D:04:9F:18:99:62:CA:FE:2F:AA:F0:7B
X509v3 Authority Key Identifier:
keyid:4D:88:EB:73:0A:B1:A5:01:EA:36:EA:34:82:D7:64:54:4E:14:11:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TYjrcwqxpQHqNuo0gtdkVE4UERE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/Z0ilR9Mz2gCNBJ8YmWLK_i-q8Hs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/TYjrcwqxpQHqNuo0gtdkVE4UERE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.60.224.0/19
77.104.128.0/18
93.187.136.0/21
109.73.224.0/20
109.199.96.0/19
146.66.64.0/18
185.56.84.0/22
185.62.236.0/22
185.197.128.0/22
185.225.236.0/22
IPv6:
2a04:f280::/40
Signature Algorithm: sha256WithRSAEncryption
36:c9:c3:0f:1c:73:cc:cf:fc:fe:cd:3e:0b:10:53:d3:72:1a:
06:03:57:d7:4f:85:b5:9b:aa:a2:1b:74:68:1e:4d:3c:df:c0:
03:79:c0:f2:5b:94:3c:3f:0f:87:90:e8:30:5f:6b:0d:a9:82:
87:2e:cd:c2:7b:44:88:80:11:4f:de:4b:34:b4:90:f5:f2:5f:
75:ac:b0:f3:a3:73:a0:61:89:53:73:90:5a:4d:d1:44:cf:d7:
c5:74:cf:7a:15:7c:bc:f3:20:c4:6d:e9:8e:2f:c1:82:da:20:
a7:a3:3a:62:76:eb:33:ad:5a:d4:a9:3e:43:57:aa:ee:94:86:
8e:6d:5f:33:1b:04:20:d5:e9:5e:70:69:82:74:9c:56:d5:a7:
79:88:4b:be:a8:fe:26:78:52:61:29:56:42:c6:b4:bf:0f:38:
a2:a1:be:93:95:31:33:97:37:49:a5:bb:b9:6b:4b:d8:4d:51:
4a:42:f4:ac:b6:be:14:bf:6d:65:3c:e4:66:bb:e8:d9:91:ec:
bf:f6:20:e0:32:ba:e9:a3:7c:5a:71:b6:b5:7c:f1:c6:1a:ed:
0d:18:4f:01:b6:84:5a:73:23:3f:e1:f7:0c:42:e5:4e:2a:4a:
11:f2:3d:70:91:9d:17:a8:a3:24:73:6f:ee:c3:79:53:84:cf:
8b:d3:bd:81
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIECb9x+TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZDg4ZWI3MzBhYjFhNTAxZWEzNmVhMzQ4MmQ3NjQ1NDRlMTQxMTExMB4XDTIyMDEw
MTE0NTc1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjc0OGE1NDdkMzMz
ZGEwMDhkMDQ5ZjE4OTk2MmNhZmUyZmFhZjA3YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMjnY8ttFjk9t/E3sz5Li1Qrzzum4u8sfLhunX4EoagZJKJ2
T590dfDH5TLhuoIMlrQ6nuGUAOzE8Ft8j2/MHBwaDSXVoTDio3jpWHSM5TZQC4N6
PFcY1Gu2oioFkgSQRVHvlfhinvRjZ914Qp4wF0YppX35tYsIQqE1K4NDQkWPG3wD
zPYRTg9t3FZyC/k6Sc4fNmaSdQDVkss1V+Yw+NqUPRByhKcdw1SqAKBVRBW/Eger
qEpYF3DDlU/lCNjrMVZZlAHPrTIPgIdh7y11m5ShdbltrPTHuiCdb+6GHIwIaO3A
UMn1q1tToZeiXXaVdtx1wavPy5JZSPGtL2UADMsCAwEAAaOCAk8wggJLMB0GA1Ud
DgQWBBRnSKVH0zPaAI0EnxiZYsr+L6rwezAfBgNVHSMEGDAWgBRNiOtzCrGlAeo2
6jSC12RUThQRETAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RZanJjd3F4cFFIcU51bzBndGRrVkU0VUVSRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmEvYzQ5M2VlLWY2NmUtNDIwOC1hMzFkLTcyNmY4M2QyMzg5Mi8x
L1owaWxSOU16MmdDTkJKOFltV0xLX2ktcThIcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmEv
YzQ5M2VlLWY2NmUtNDIwOC1hMzFkLTcyNmY4M2QyMzg5Mi8xL1RZanJjd3F4cFFI
cU51bzBndGRrVkU0VUVSRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBl
BggrBgEFBQcBBwEB/wRWMFQwQgQCAAEwPAMEBSU84AMEBk1ogAMEA127iAMEBG1J
4AMEBW3HYAMEBpJCQAMEArk4VAMEArk+7AMEArnFgAMEArnh7DAOBAIAAjAIAwYA
KgTygAAwDQYJKoZIhvcNAQELBQADggEBADbJww8cc8zP/P7NPgsQU9NyGgYDV9dP
hbWbqqIbdGgeTTzfwAN5wPJblDw/D4eQ6DBfaw2pgocuzcJ7RIiAEU/eSzS0kPXy
X3WssPOjc6BhiVNzkFpN0UTP18V0z3oVfLzzIMRt6Y4vwYLaIKejOmJ26zOtWtSp
PkNXqu6Uho5tXzMbBCDV6V5waYJ0nFbVp3mIS76o/iZ4UmEpVkLGtL8POKKhvpOV
MTOXN0mlu7lrS9hNUUpC9Ky2vhS/bWU85Ga76NmR7L/2IOAyuumjfFpxtrV88cYa
7Q0YTwG2hFpzIz/h9wxC5U4qShHyPXCRnReooyRzb+7DeVOEz4vTvYE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:48 2024 by rpki-client on console-fra.rpki-client.org