Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/ym1h3LLLh7xnBI_iWzfaawaRqOA.roa
File: ym1h3LLLh7xnBI_iWzfaawaRqOA.roa (raw, json)
Hash identifier: E/3LlXinQBgldID1Y8t6wjWV/oPu9/FOWIkoe4e4pZk=
Subject key identifier: CA:6D:61:DC:B2:CB:87:BC:67:04:8F:E2:5B:37:DA:6B:06:91:A8:E0
Certificate issuer: /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial: 1154159E
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/ym1h3LLLh7xnBI_iWzfaawaRqOA.roa
Signing time: Mon 23 May 2022 11:18:06 +0000
ROA not before: Mon 23 May 2022 11:18:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200753
IP address blocks: 185.133.210.0/24 maxlen: 24
2a06:e880:c0::/46 maxlen: 48
2001:67c:4e0::/48 maxlen: 48
2a06:e880::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 290723230 (0x1154159e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Validity
Not Before: May 23 11:18:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ca6d61dcb2cb87bc67048fe25b37da6b0691a8e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:27:f0:c1:92:16:9e:54:48:d9:88:68:75:0e:
bc:bf:37:ca:f2:73:5e:e8:73:1b:09:1a:99:22:8d:
31:d9:0b:5c:92:12:3c:dd:ad:58:2c:34:9b:b7:dc:
2c:d7:9b:26:0a:cd:c9:df:39:37:9b:6c:b4:cc:a2:
98:cc:a3:4d:d6:cd:48:28:97:38:c3:50:22:fc:5d:
4e:5e:54:a2:5b:99:2e:94:f7:a7:a0:0c:00:59:ac:
43:d1:6a:c7:01:0a:8a:86:4a:26:b9:8e:25:68:36:
f7:ae:cb:3d:1d:8b:97:ad:f7:40:8b:62:b9:2b:40:
76:a0:f3:76:db:ca:50:e1:79:6c:3e:f7:d1:0d:ac:
ab:d9:4a:41:7e:23:60:d2:ac:5c:dd:a9:56:6a:ec:
06:c6:02:71:a8:15:2e:fc:c2:97:8f:cb:9b:07:f8:
98:ac:4a:1a:80:e8:c0:1f:b9:96:9c:12:c8:71:01:
1d:24:f2:0d:67:d1:39:bb:99:50:ac:a9:7b:11:7d:
c9:73:ff:e1:25:73:7c:ae:72:ba:03:a1:82:ce:e8:
1e:4a:17:b1:62:f2:59:14:2a:96:a8:e7:67:81:a3:
bb:fc:66:9a:9c:5e:be:fc:6a:68:29:2a:46:3e:a5:
f3:67:35:1f:e3:45:6c:4e:d1:f4:93:b4:bd:51:6f:
f6:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:6D:61:DC:B2:CB:87:BC:67:04:8F:E2:5B:37:DA:6B:06:91:A8:E0
X509v3 Authority Key Identifier:
keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/ym1h3LLLh7xnBI_iWzfaawaRqOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.210.0/24
IPv6:
2001:67c:4e0::/48
2a06:e880::/32
Signature Algorithm: sha256WithRSAEncryption
86:cf:77:9a:3c:f1:5d:9d:62:68:e1:91:ab:d9:ce:52:66:56:
2e:da:72:c7:09:1d:f2:88:83:a9:ed:34:bd:1c:ff:3c:7b:72:
b4:c4:0c:3f:0e:64:ef:94:ca:cf:80:ad:8d:de:c9:37:87:97:
53:93:3a:1a:ba:ee:c9:31:a1:df:46:2b:20:5f:c2:f4:a6:bb:
bf:08:25:92:c4:27:7b:89:89:16:ea:62:43:9a:ba:f3:31:1f:
fc:14:8c:47:cf:df:8d:70:29:9b:ba:f8:e9:17:d5:70:4f:70:
06:2a:29:7e:c6:09:79:5b:7e:48:8d:55:51:1b:3f:2a:de:ff:
b7:bb:88:27:7c:22:12:78:92:40:9b:25:76:41:40:7b:7e:5b:
80:9d:c8:d1:aa:89:1f:f3:f3:f5:81:42:f3:1f:b9:d0:50:66:
5b:ba:ad:53:85:93:af:87:29:7b:c8:d9:7f:46:94:19:01:8d:
29:07:0c:81:c9:4d:8c:8b:0e:f9:b9:dd:3f:e0:1b:c4:0f:0f:
b5:4b:a9:b2:3b:42:9f:14:14:81:09:c7:aa:a5:aa:f2:e7:23:
45:23:69:4a:33:63:f6:5c:9d:6a:49:34:51:63:85:64:7c:5b:
5c:83:52:24:2a:a2:93:a4:79:88:bc:00:d4:41:5c:64:68:ba:
12:ef:6a:6d
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEEVQVnjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ODA3NGI0MTllYWQ0Y2VmZWEyZjJhZDJjMjU5ZDk3OGM1ZWQ3OTU0MB4XDTIyMDUy
MzExMTgwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2E2ZDYxZGNiMmNi
ODdiYzY3MDQ4ZmUyNWIzN2RhNmIwNjkxYThlMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKgn8MGSFp5USNmIaHUOvL83yvJzXuhzGwkamSKNMdkLXJIS
PN2tWCw0m7fcLNebJgrNyd85N5tstMyimMyjTdbNSCiXOMNQIvxdTl5UoluZLpT3
p6AMAFmsQ9FqxwEKioZKJrmOJWg2967LPR2Ll633QItiuStAdqDzdtvKUOF5bD73
0Q2sq9lKQX4jYNKsXN2pVmrsBsYCcagVLvzCl4/Lmwf4mKxKGoDowB+5lpwSyHEB
HSTyDWfRObuZUKypexF9yXP/4SVzfK5yugOhgs7oHkoXsWLyWRQqlqjnZ4Gju/xm
mpxevvxqaCkqRj6l82c1H+NFbE7R9JO0vVFv9rsCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBTKbWHcssuHvGcEj+JbN9prBpGo4DAfBgNVHSMEGDAWgBS4B0tBnq1M7+ov
KtLCWdl4xe15VDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VBZExRWjZ0VE9fcUx5clN3bG5aZU1YdGVWUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWIvMWU0M2U0LWQwNmUtNGE1NS1iZGI2LTNkOTFlZGU1YjJiMS8x
L3ltMWgzTExMaDd4bkJJX2lXemZhYXdhUnFPQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIv
MWU0M2U0LWQwNmUtNGE1NS1iZGI2LTNkOTFlZGU1YjJiMS8xL3VBZExRWjZ0VE9f
cUx5clN3bG5aZU1YdGVWUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwDAQCAAEwBgMEALmF0jAWBAIAAjAQAwcAIAEGfATg
AwUAKgbogDANBgkqhkiG9w0BAQsFAAOCAQEAhs93mjzxXZ1iaOGRq9nOUmZWLtpy
xwkd8oiDqe00vRz/PHtytMQMPw5k75TKz4Ctjd7JN4eXU5M6GrruyTGh30YrIF/C
9Ka7vwglksQne4mJFupiQ5q68zEf/BSMR8/fjXApm7r46RfVcE9wBiopfsYJeVt+
SI1VURs/Kt7/t7uIJ3wiEniSQJsldkFAe35bgJ3I0aqJH/Pz9YFC8x+50FBmW7qt
U4WTr4cpe8jZf0aUGQGNKQcMgclNjIsO+bndP+AbxA8PtUupsjtCnxQUgQnHqqWq
8ucjRSNpSjNj9lydakk0UWOFZHxbXINSJCqik6R5iLwA1EFcZGi6Eu9qbQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:40 2024 by rpki-client on console-ams.rpki-client.org