Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/nARYoHXtIOiFBjJbC9nWLi084nE.roa
File: nARYoHXtIOiFBjJbC9nWLi084nE.roa (raw, json)
Hash identifier: h2qNu43PIaasO8SQT77F9q7glMDrhYiL3NcKt7lzlSk=
Subject key identifier: 9C:04:58:A0:75:ED:20:E8:85:06:32:5B:0B:D9:D6:2E:2D:3C:E2:71
Certificate issuer: /CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Certificate serial: 018AA33453BB75422373C87439D485E27F95
Authority key identifier: E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/nARYoHXtIOiFBjJbC9nWLi084nE.roa
Signing time: Sun 17 Sep 2023 12:53:50 +0000
ROA not before: Sun 17 Sep 2023 12:53:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42216
IP address blocks: 188.132.229.0/24 maxlen: 24
188.132.240.0/24 maxlen: 24
188.132.242.0/24 maxlen: 24
77.92.145.0/24 maxlen: 24
77.92.142.0/24 maxlen: 24
77.92.147.0/24 maxlen: 24
212.68.48.0/24 maxlen: 24
212.68.55.0/24 maxlen: 24
188.132.184.0/24 maxlen: 24
31.210.48.0/24 maxlen: 24
188.132.200.0/24 maxlen: 24
188.132.210.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a3:34:53:bb:75:42:23:73:c8:74:39:d4:85:e2:7f:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Validity
Not Before: Sep 17 12:53:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c0458a075ed20e88506325b0bd9d62e2d3ce271
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:88:01:bc:9f:9a:bb:27:bd:2f:eb:e5:a7:39:
97:3c:f4:01:4d:8f:06:f6:6f:09:77:9b:0e:8e:e2:
1d:55:d7:d6:d0:47:5b:8a:ca:66:82:46:9d:a0:c8:
f4:d4:c6:55:b7:89:63:bd:b0:8a:cc:4c:ed:13:03:
91:13:fc:21:d8:1b:8b:72:5a:5c:09:7c:e3:c4:ae:
52:1b:98:61:a2:25:04:02:27:2a:74:05:b6:73:6b:
63:19:2e:58:c9:7a:8d:8a:52:e4:4f:9d:0a:0a:eb:
3b:13:27:cd:94:fd:72:0b:14:ca:54:e2:e7:08:7d:
5d:80:1f:c9:66:86:34:d7:dd:e8:37:c0:b8:08:b8:
ed:8d:83:97:c2:f6:72:dd:00:85:18:c3:96:c8:31:
4e:09:81:af:9f:df:fc:7e:10:a9:d8:13:c5:cb:61:
50:cc:0b:ff:fd:c8:b7:64:3c:20:9c:a7:5f:a8:06:
05:62:8d:94:7d:f8:9f:c4:b6:58:25:22:64:de:7a:
6a:d5:89:4d:db:2b:35:cf:d7:fe:70:cc:f4:49:b0:
13:e3:2d:2f:fb:cc:92:9a:c1:60:00:7b:e0:01:8f:
2a:0e:8d:c8:01:a3:f0:94:1f:45:27:99:31:75:08:
38:a8:b2:d4:a1:ae:4a:28:2e:9c:52:d3:a5:fb:dd:
53:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:04:58:A0:75:ED:20:E8:85:06:32:5B:0B:D9:D6:2E:2D:3C:E2:71
X509v3 Authority Key Identifier:
keyid:E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/nARYoHXtIOiFBjJbC9nWLi084nE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/5KK46Q0VfqAi-OcAAkqT3DVqUU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.48.0/24
77.92.142.0/24
77.92.145.0/24
77.92.147.0/24
188.132.184.0/24
188.132.200.0/24
188.132.210.0/24
188.132.229.0/24
188.132.240.0/24
188.132.242.0/24
212.68.48.0/24
212.68.55.0/24
Signature Algorithm: sha256WithRSAEncryption
87:8a:8b:3e:7d:e8:6f:72:db:60:48:e5:8e:7b:0b:41:a2:e4:
4b:c3:ee:35:b6:af:80:48:da:d4:3f:ee:a6:cd:2d:38:0f:d5:
bb:32:01:e5:58:36:02:4a:fb:c3:05:3f:6c:0d:c7:f3:1e:13:
c5:e4:e3:5f:aa:7a:de:a2:d8:a9:1f:09:bc:3f:db:d8:21:9a:
b5:87:64:46:51:92:34:2e:a7:59:66:4a:4d:02:2f:1c:ae:a6:
ef:7c:40:f7:1a:53:5c:51:72:9d:0f:4d:c1:dc:a8:83:20:18:
b9:9a:f1:e8:99:a5:46:0a:9b:5e:42:88:61:16:b8:41:31:c1:
4c:98:dc:7e:02:98:b5:4f:de:e6:2a:44:cb:e4:9c:34:41:38:
39:70:bd:ed:a3:f8:54:8f:00:94:66:bb:49:c6:2c:ab:a6:6d:
23:e9:86:99:78:25:2e:92:97:16:c0:1b:7d:cb:2c:4e:69:06:
72:d5:84:3f:b8:d9:3e:f2:5d:c7:d7:be:e8:66:74:7a:7e:93:
87:b7:96:96:32:a7:1b:76:b4:60:30:6d:0a:71:9c:da:ca:36:
43:16:36:3d:5d:c1:84:9c:40:79:7b:79:40:55:ba:36:6e:08:
91:f8:93:99:0e:2e:1a:68:58:38:96:d0:78:7e:39:ec:11:d0:
f3:44:15:bc
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYqjNFO7dUIjc8h0OdSF4n+VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTJiOGU5MGQxNTdlYTAyMmY4ZTcwMDAyNGE5M2RjMzU2
YTUxNGQwHhcNMjMwOTE3MTI1MzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzA0NThhMDc1ZWQyMGU4ODUwNjMyNWIwYmQ5ZDYyZTJkM2NlMjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoogBvJ+auye9L+vlpzmXPPQBTY8G
9m8Jd5sOjuIdVdfW0EdbispmgkadoMj01MZVt4ljvbCKzEztEwORE/wh2BuLclpc
CXzjxK5SG5hhoiUEAicqdAW2c2tjGS5YyXqNilLkT50KCus7EyfNlP1yCxTKVOLn
CH1dgB/JZoY0193oN8C4CLjtjYOXwvZy3QCFGMOWyDFOCYGvn9/8fhCp2BPFy2FQ
zAv//ci3ZDwgnKdfqAYFYo2UffifxLZYJSJk3npq1YlN2ys1z9f+cMz0SbAT4y0v
+8ySmsFgAHvgAY8qDo3IAaPwlB9FJ5kxdQg4qLLUoa5KKC6cUtOl+91TjQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFJwEWKB17SDohQYyWwvZ1i4tPOJxMB8GA1UdIwQY
MBaAFOSiuOkNFX6gIvjnAAJKk9w1alFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTct
ZGY0YTJlNzYwY2NiLzEvbkFSWW9IWHRJT2lGQmpKYkM5bldMaTA4NG5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTctZGY0YTJlNzYwY2Ni
LzEvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAH9IwAwQA
TVyOAwQATVyRAwQATVyTAwQAvIS4AwQAvITIAwQAvITSAwQAvITlAwQAvITwAwQA
vITyAwQA1EQwAwQA1EQ3MA0GCSqGSIb3DQEBCwUAA4IBAQCHios+fehvcttgSOWO
ewtBouRLw+41tq+ASNrUP+6mzS04D9W7MgHlWDYCSvvDBT9sDcfzHhPF5ONfqnre
otipHwm8P9vYIZq1h2RGUZI0LqdZZkpNAi8crqbvfED3GlNcUXKdD03B3KiDIBi5
mvHomaVGCpteQohhFrhBMcFMmNx+Api1T97mKkTL5Jw0QTg5cL3to/hUjwCUZrtJ
xiyrpm0j6YaZeCUukpcWwBt9yyxOaQZy1YQ/uNk+8l3H177oZnR6fpOHt5aWMqcb
drRgMG0KcZzayjZDFjY9XcGEnEB5e3lAVbo2bgiR+JOZDi4aaFg4ltB4fjnsEdDz
RBW8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:53 2024 by rpki-client on console-ams.rpki-client.org