Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/E-apHnNiHqEvQIXT2FBR8HbHOi0.roa
File: E-apHnNiHqEvQIXT2FBR8HbHOi0.roa (raw, json)
Hash identifier: TdvsxvyJGyjMcug4zjH2xcGy90rHmMQRALIBWMb+AdU=
Subject key identifier: 13:E6:A9:1E:73:62:1E:A1:2F:40:85:D3:D8:50:51:F0:76:C7:3A:2D
Certificate issuer: /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Certificate serial: 018A23F9AF8973E9D9CCC039CBA91D4C6B22
Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/E-apHnNiHqEvQIXT2FBR8HbHOi0.roa
Signing time: Wed 23 Aug 2023 19:58:00 +0000
ROA not before: Wed 23 Aug 2023 19:58:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6079
IP address blocks: 192.46.184.0/22 maxlen: 22
192.46.184.0/21 maxlen: 21
198.151.95.0/24 maxlen: 24
198.151.93.0/24 maxlen: 24
192.46.188.0/24 maxlen: 24
192.46.200.0/22 maxlen: 22
198.151.71.0/24 maxlen: 24
198.151.67.0/24 maxlen: 24
198.151.65.0/24 maxlen: 24
198.151.69.0/24 maxlen: 24
198.151.73.0/24 maxlen: 24
198.151.77.0/24 maxlen: 24
198.151.75.0/24 maxlen: 24
198.151.81.0/24 maxlen: 24
198.151.79.0/24 maxlen: 24
198.151.83.0/24 maxlen: 24
198.151.85.0/24 maxlen: 24
198.151.87.0/24 maxlen: 24
198.151.91.0/24 maxlen: 24
198.151.89.0/24 maxlen: 24
158.120.53.0/24 maxlen: 24
158.120.57.0/24 maxlen: 24
158.120.55.0/24 maxlen: 24
158.120.61.0/24 maxlen: 24
158.120.59.0/24 maxlen: 24
158.120.63.0/24 maxlen: 24
158.120.51.0/24 maxlen: 24
158.120.49.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:23:f9:af:89:73:e9:d9:cc:c0:39:cb:a9:1d:4c:6b:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Validity
Not Before: Aug 23 19:58:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=13e6a91e73621ea12f4085d3d85051f076c73a2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:90:a7:86:72:76:d1:d7:ab:1c:91:37:f8:f0:
4a:9b:25:25:88:95:fc:93:6c:a2:a6:62:9b:9b:31:
30:a1:80:28:7a:b1:75:58:23:3f:ad:81:a8:3c:bc:
1e:c0:7b:62:70:07:32:1f:4d:e8:4f:7f:48:2e:1b:
4e:11:14:83:59:87:62:fe:e7:26:07:96:71:00:40:
dd:4e:cd:8b:d8:c0:9c:76:f2:02:d7:d7:c2:28:13:
70:45:8b:d5:d7:5c:54:44:c2:7d:b0:9e:99:cd:01:
52:f6:ee:71:7e:a6:5d:b3:03:98:ad:87:9d:76:31:
94:0d:03:8f:8f:4c:69:81:62:08:ac:93:8d:28:37:
a1:31:22:77:01:fc:74:b7:5e:d5:90:8c:18:2b:4b:
74:47:a6:6b:4b:0f:99:bc:5a:1a:f9:41:a9:a9:5c:
1d:a6:a8:8b:1c:20:64:ea:b5:f5:c5:c7:66:03:23:
b2:e1:dd:69:2c:5a:85:c1:9f:75:32:3b:8b:17:b5:
c5:5c:d7:5c:c4:0a:b7:5b:9b:84:55:a0:ef:60:4a:
4c:63:d5:c0:f9:da:6c:68:9f:68:d9:52:2e:46:ec:
e0:be:c1:c7:b4:46:94:ba:79:93:6b:6c:34:0f:a5:
0f:2f:fa:05:8f:e2:a6:53:c9:d6:a0:a6:4f:3e:f1:
25:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:E6:A9:1E:73:62:1E:A1:2F:40:85:D3:D8:50:51:F0:76:C7:3A:2D
X509v3 Authority Key Identifier:
keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/E-apHnNiHqEvQIXT2FBR8HbHOi0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.120.49.0/24
158.120.51.0/24
158.120.53.0/24
158.120.55.0/24
158.120.57.0/24
158.120.59.0/24
158.120.61.0/24
158.120.63.0/24
192.46.184.0/21
192.46.200.0/22
198.151.65.0/24
198.151.67.0/24
198.151.69.0/24
198.151.71.0/24
198.151.73.0/24
198.151.75.0/24
198.151.77.0/24
198.151.79.0/24
198.151.81.0/24
198.151.83.0/24
198.151.85.0/24
198.151.87.0/24
198.151.89.0/24
198.151.91.0/24
198.151.93.0/24
198.151.95.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:f0:bb:06:5b:7c:e3:ea:39:fe:23:67:e7:a5:b5:c1:3d:2f:
39:03:7c:ce:e8:e2:f5:a6:5c:1f:31:e1:68:36:44:c6:b9:12:
8f:4b:e2:e3:b8:47:b3:83:f3:45:70:42:71:a8:e7:49:b0:e1:
68:70:d3:00:8c:5e:5e:3b:2a:7e:80:b9:f1:ee:00:6f:cf:23:
30:b2:c2:3c:de:5f:fd:16:7e:fe:bf:d2:ab:d3:16:26:b1:cc:
1b:b0:69:7f:7d:09:79:33:ef:0c:b1:1b:06:de:64:43:82:1f:
9b:e8:6e:df:35:ef:05:98:47:94:60:72:b8:27:ef:1e:5a:35:
4d:df:8c:02:dd:f5:6c:f5:89:df:14:0c:99:41:77:2a:e9:e0:
37:84:d8:3c:09:fa:68:b4:2c:03:cb:31:57:10:04:89:0f:b1:
b2:d3:59:e4:69:f3:a5:1b:84:3e:be:04:eb:31:f7:33:ef:5f:
15:e9:53:1e:0c:5c:8c:2f:dc:49:a5:aa:f7:e8:c3:d2:ed:06:
e6:0a:ff:07:00:3a:31:0e:7f:cd:e8:e7:e0:91:8d:27:f5:e1:
07:32:ab:42:8f:43:e3:6b:cf:9e:47:2a:2d:56:f5:81:15:77:
07:65:8a:1a:1b:85:62:0a:79:97:24:db:1c:b5:17:a5:b7:eb:
7c:97:9f:1d
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAYoj+a+Jc+nZzMA5y6kdTGsiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0M2U0NDdlZGI4YTVlMGUxYjFkN2Y1Y2RjMjg3YzM2NGE1
ZmIwYjUwHhcNMjMwODIzMTk1ODAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2U2YTkxZTczNjIxZWExMmY0MDg1ZDNkODUwNTFmMDc2YzczYTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJCnhnJ20derHJE3+PBKmyUliJX8
k2yipmKbmzEwoYAoerF1WCM/rYGoPLwewHticAcyH03oT39ILhtOERSDWYdi/ucm
B5ZxAEDdTs2L2MCcdvIC19fCKBNwRYvV11xURMJ9sJ6ZzQFS9u5xfqZdswOYrYed
djGUDQOPj0xpgWIIrJONKDehMSJ3Afx0t17VkIwYK0t0R6ZrSw+ZvFoa+UGpqVwd
pqiLHCBk6rX1xcdmAyOy4d1pLFqFwZ91MjuLF7XFXNdcxAq3W5uEVaDvYEpMY9XA
+dpsaJ9o2VIuRuzgvsHHtEaUunmTa2w0D6UPL/oFj+KmU8nWoKZPPvEloQIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFBPmqR5zYh6hL0CF09hQUfB2xzotMB8GA1UdIwQY
MBaAFHQ+RH7bil4OGx1/XNwofDZKX7C1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDct
NWUwZjRhYjgwOWJiLzEvRS1hcEhuTmlIcUV2UUlYVDJGQlI4SGJIT2kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDctNWUwZjRhYjgwOWJi
LzEvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjCBowQCAAEwgZwDBACe
eDEDBACeeDMDBACeeDUDBACeeDcDBACeeDkDBACeeDsDBACeeD0DBACeeD8DBAPA
LrgDBALALsgDBADGl0EDBADGl0MDBADGl0UDBADGl0cDBADGl0kDBADGl0sDBADG
l00DBADGl08DBADGl1EDBADGl1MDBADGl1UDBADGl1cDBADGl1kDBADGl1sDBADG
l10DBADGl18wDQYJKoZIhvcNAQELBQADggEBAH7wuwZbfOPqOf4jZ+eltcE9LzkD
fM7o4vWmXB8x4Wg2RMa5Eo9L4uO4R7OD80VwQnGo50mw4Whw0wCMXl47Kn6AufHu
AG/PIzCywjzeX/0Wfv6/0qvTFiaxzBuwaX99CXkz7wyxGwbeZEOCH5vobt817wWY
R5Rgcrgn7x5aNU3fjALd9Wz1id8UDJlBdyrp4DeE2DwJ+mi0LAPLMVcQBIkPsbLT
WeRp86UbhD6+BOsx9zPvXxXpUx4MXIwv3Emlqvfow9LtBuYK/wcAOjEOf83o5+CR
jSf14Qcyq0KPQ+Nrz55HKi1W9YEVdwdlihobhWIKeZck2xy1F6W363yXnx0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:17 2024 by rpki-client on console-ams.rpki-client.org