Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/AAlvMzFckei51xFomhEoJOjuzqw.roa
File: AAlvMzFckei51xFomhEoJOjuzqw.roa (raw, json)
Hash identifier: Kub/xHgTbPu2X05iSkJ43dUfHtBverWs7AaryJhyKh0=
Subject key identifier: 00:09:6F:33:31:5C:91:E8:B9:D7:11:68:9A:11:28:24:E8:EE:CE:AC
Certificate issuer: /CN=2dd596c1ea7ecbb1be1777fc0d38ed06ca40eabe
Certificate serial: 025F1B6B
Authority key identifier: 2D:D5:96:C1:EA:7E:CB:B1:BE:17:77:FC:0D:38:ED:06:CA:40:EA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LdWWwep-y7G-F3f8DTjtBspA6r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/AAlvMzFckei51xFomhEoJOjuzqw.roa
Signing time: Fri 06 May 2022 20:15:25 +0000
ROA not before: Fri 06 May 2022 20:15:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50873
IP address blocks: 37.228.130.0/24 maxlen: 24
94.247.143.0/24 maxlen: 24
151.216.2.0/24 maxlen: 24
194.104.114.0/23 maxlen: 23
185.97.4.0/22 maxlen: 22
194.104.149.0/24 maxlen: 24
185.97.6.0/24 maxlen: 24
2a06:1c0::/30 maxlen: 30
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 39787371 (0x25f1b6b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2dd596c1ea7ecbb1be1777fc0d38ed06ca40eabe
Validity
Not Before: May 6 20:15:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=00096f33315c91e8b9d711689a112824e8eeceac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:97:11:8f:a8:21:3d:e7:80:8a:31:bc:9e:45:
ad:55:42:d9:dc:89:e2:93:ce:41:ee:d7:10:ce:96:
43:24:ec:78:ca:e1:2f:6b:8a:f3:ce:e1:6f:7a:f3:
91:d6:5b:6f:24:dc:33:23:77:f4:72:9d:eb:50:65:
4f:22:73:cf:e5:9a:aa:48:75:b9:67:56:fd:a8:69:
7e:eb:42:1f:78:80:19:74:3a:00:c5:cd:c0:b5:53:
26:77:f9:bc:e8:ae:eb:48:a9:57:af:0e:1f:2b:f3:
25:06:e1:bd:b4:59:2a:e8:03:c9:c1:08:b2:86:83:
cf:9a:cd:aa:26:db:37:0a:86:25:be:a1:b7:41:a9:
b7:81:78:67:3b:1f:82:61:c8:8e:fb:d1:60:1d:a5:
5a:0c:50:b0:73:52:ab:94:98:d5:74:ec:51:77:5a:
0a:db:21:a8:c2:8f:1f:6e:17:28:d1:99:d0:9d:34:
9b:29:79:d9:77:18:7a:46:ae:41:d5:1f:b4:8b:07:
d3:7a:fd:15:bb:12:fc:fc:31:43:55:b3:b1:e1:2d:
01:7d:40:18:25:d4:70:9c:26:a7:ea:15:13:53:91:
a8:ce:53:f5:14:2c:71:42:31:0d:9b:39:63:97:64:
a6:71:6d:a1:b0:28:a4:c1:38:d4:58:97:8b:1d:34:
98:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:09:6F:33:31:5C:91:E8:B9:D7:11:68:9A:11:28:24:E8:EE:CE:AC
X509v3 Authority Key Identifier:
keyid:2D:D5:96:C1:EA:7E:CB:B1:BE:17:77:FC:0D:38:ED:06:CA:40:EA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LdWWwep-y7G-F3f8DTjtBspA6r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/AAlvMzFckei51xFomhEoJOjuzqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/LdWWwep-y7G-F3f8DTjtBspA6r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.228.130.0/24
94.247.143.0/24
151.216.2.0/24
185.97.4.0/22
194.104.114.0/23
194.104.149.0/24
IPv6:
2a06:1c0::/30
Signature Algorithm: sha256WithRSAEncryption
05:0f:79:57:e4:4e:cf:ef:18:bd:1f:b3:8a:97:65:21:91:17:
81:04:0c:15:0e:a8:5a:c4:c1:37:d9:3b:4d:23:4f:2c:83:15:
58:3f:81:d2:2d:f2:e3:12:97:7e:10:79:df:0f:13:0f:c7:aa:
21:19:88:af:3a:20:82:5f:ce:9e:21:95:26:02:7b:d7:1c:3b:
a3:f2:f2:6c:60:84:ed:47:43:52:04:ca:04:d9:fc:6f:2c:1d:
80:7f:76:24:00:dd:3f:a2:b2:b2:ef:b3:f0:f0:dd:89:e6:db:
6b:14:25:51:ab:96:4b:b8:6d:92:16:5f:b3:79:22:5e:3b:eb:
56:5e:0e:d0:ef:bf:b3:21:41:c1:6a:77:7d:25:40:19:0b:dc:
a2:24:9f:d2:b3:55:9c:57:b5:52:12:ca:91:d7:a4:6d:68:93:
5f:72:de:dc:e1:a5:8b:a5:ec:3d:c7:7a:47:22:6c:20:9e:77:
1f:fb:8c:b5:c8:f1:6b:1c:dd:6d:71:7d:0b:a7:9c:b7:a7:18:
da:02:63:70:7b:68:ba:23:fd:ca:bb:8f:b8:e6:c1:ec:af:fa:
ca:18:28:f2:8b:75:32:d4:69:c6:27:b7:98:a4:b4:bf:e6:8d:
68:01:00:96:3c:2d:7f:36:c4:76:aa:b8:4b:32:c0:22:91:8b:
db:82:48:80
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEAl8bazANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZGQ1OTZjMWVhN2VjYmIxYmUxNzc3ZmMwZDM4ZWQwNmNhNDBlYWJlMB4XDTIyMDUw
NjIwMTUyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDAwOTZmMzMzMTVj
OTFlOGI5ZDcxMTY4OWExMTI4MjRlOGVlY2VhYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOCXEY+oIT3ngIoxvJ5FrVVC2dyJ4pPOQe7XEM6WQyTseMrh
L2uK887hb3rzkdZbbyTcMyN39HKd61BlTyJzz+Waqkh1uWdW/ahpfutCH3iAGXQ6
AMXNwLVTJnf5vOiu60ipV68OHyvzJQbhvbRZKugDycEIsoaDz5rNqibbNwqGJb6h
t0Gpt4F4ZzsfgmHIjvvRYB2lWgxQsHNSq5SY1XTsUXdaCtshqMKPH24XKNGZ0J00
myl52XcYekauQdUftIsH03r9FbsS/PwxQ1WzseEtAX1AGCXUcJwmp+oVE1ORqM5T
9RQscUIxDZs5Y5dkpnFtobAopME41FiXix00mAUCAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBQACW8zMVyR6LnXEWiaESgk6O7OrDAfBgNVHSMEGDAWgBQt1ZbB6n7Lsb4X
d/wNOO0GykDqvjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xkV1d3ZXAteTdHLUYzZjhEVGp0QnNwQTZyNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWIvMzYzZWNjLTJhYTEtNDI4MS05NWIxLThiMGZjMDc4NThkNi8x
L0FBbHZNekZja2VpNTF4Rm9taEVvSk9qdXpxdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIv
MzYzZWNjLTJhYTEtNDI4MS05NWIxLThiMGZjMDc4NThkNi8xL0xkV1d3ZXAteTdH
LUYzZjhEVGp0QnNwQTZyNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEACXkggMEAF73jwMEAJfYAgMEArlh
BAMEAcJocgMEAMJolTANBAIAAjAHAwUCKgYBwDANBgkqhkiG9w0BAQsFAAOCAQEA
BQ95V+ROz+8YvR+zipdlIZEXgQQMFQ6oWsTBN9k7TSNPLIMVWD+B0i3y4xKXfhB5
3w8TD8eqIRmIrzoggl/OniGVJgJ71xw7o/LybGCE7UdDUgTKBNn8bywdgH92JADd
P6Kysu+z8PDdiebbaxQlUauWS7htkhZfs3kiXjvrVl4O0O+/syFBwWp3fSVAGQvc
oiSf0rNVnFe1UhLKkdekbWiTX3Le3OGli6XsPcd6RyJsIJ53H/uMtcjxaxzdbXF9
C6ect6cY2gJjcHtouiP9yruPuObB7K/6yhgo8ot1MtRpxie3mKS0v+aNaAEAljwt
fzbEdqq4SzLAIpGL24JIgA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:43 2023 by rpki-client on console-ams.rpki-client.org