Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/b7bf94-377b-4400-8b9c-cbf164e8be01/1/A6AxC0hZOfI_vI7dro6xRuPV-eE.roa
File: A6AxC0hZOfI_vI7dro6xRuPV-eE.roa (raw, json)
Hash identifier: rB8f9r8y+Uro/BRq0ABu+IFs+ig5Z41xASzSuoll+JQ=
Subject key identifier: 03:A0:31:0B:48:59:39:F2:3F:BC:8E:DD:AE:8E:B1:46:E3:D5:F9:E1
Certificate issuer: /CN=cdc84082be96e609d9de9808fbc37866feb4c54b
Certificate serial: 018746422C28737B0B55C6112871436525E2
Authority key identifier: CD:C8:40:82:BE:96:E6:09:D9:DE:98:08:FB:C3:78:66:FE:B4:C5:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zchAgr6W5gnZ3pgI-8N4Zv60xUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/b7bf94-377b-4400-8b9c-cbf164e8be01/1/A6AxC0hZOfI_vI7dro6xRuPV-eE.roa
Signing time: Mon 03 Apr 2023 08:35:54 +0000
ROA not before: Mon 03 Apr 2023 08:35:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 37.235.121.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:46:42:2c:28:73:7b:0b:55:c6:11:28:71:43:65:25:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdc84082be96e609d9de9808fbc37866feb4c54b
Validity
Not Before: Apr 3 08:35:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=03a0310b485939f23fbc8eddae8eb146e3d5f9e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:dc:7d:87:8d:c2:27:4c:cc:35:5c:1b:52:aa:
4b:bf:b3:27:83:6d:e6:43:b0:b2:3e:11:b9:cd:28:
73:74:d0:26:32:fd:13:ce:96:16:fe:a0:93:35:df:
81:8e:53:93:1f:54:1b:c7:0f:52:24:9b:39:85:01:
c1:ff:2c:46:92:73:64:16:14:24:7d:b4:1e:da:14:
86:62:8a:d3:14:e3:ac:9c:e8:a7:6d:8f:16:61:bb:
5d:42:ae:70:4e:78:5e:4b:ca:10:4d:f9:ab:86:8b:
f2:96:90:90:1e:98:58:06:61:76:61:30:a7:03:c7:
b2:d0:46:ce:3d:86:cb:4a:3b:91:ee:07:1f:d3:d5:
bb:56:6a:54:c4:61:50:3b:97:6a:d1:b8:49:e9:ad:
8c:ca:be:0c:6c:9d:12:ea:ee:0c:c2:65:e4:45:a7:
42:1d:70:5d:d6:46:0c:9e:6f:c3:bc:d0:53:3a:0b:
54:44:b9:1d:fb:28:ba:f8:9d:3d:5d:ee:b3:d8:36:
12:0d:e6:5d:8a:61:dc:65:3c:5f:43:c1:d5:03:d6:
70:b9:e0:0b:9e:ce:90:22:0a:13:fc:94:37:9d:df:
dc:e9:a6:1f:d6:59:a2:36:21:13:b6:06:eb:38:39:
07:9f:8e:3d:ba:c2:d8:d7:f6:db:e8:9e:3b:d3:20:
83:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:A0:31:0B:48:59:39:F2:3F:BC:8E:DD:AE:8E:B1:46:E3:D5:F9:E1
X509v3 Authority Key Identifier:
keyid:CD:C8:40:82:BE:96:E6:09:D9:DE:98:08:FB:C3:78:66:FE:B4:C5:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zchAgr6W5gnZ3pgI-8N4Zv60xUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/b7bf94-377b-4400-8b9c-cbf164e8be01/1/A6AxC0hZOfI_vI7dro6xRuPV-eE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/b7bf94-377b-4400-8b9c-cbf164e8be01/1/zchAgr6W5gnZ3pgI-8N4Zv60xUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.121.0/24
Signature Algorithm: sha256WithRSAEncryption
50:21:84:07:85:b6:fd:98:6f:e0:e3:07:c6:0f:80:ca:71:e1:
9e:fe:7d:b8:dd:1f:b8:17:98:51:46:70:6e:6a:e3:6b:f3:d5:
55:41:d1:45:d6:1f:9e:47:ff:27:ff:4f:67:0c:5d:1a:34:c1:
56:4e:b9:3f:f8:53:54:ce:6a:d9:e1:76:2d:c9:32:22:23:b4:
2d:69:a8:29:36:57:5c:5c:e1:f5:95:03:15:1d:da:72:86:4e:
98:1b:87:97:44:de:27:bd:03:5b:a0:d1:74:c8:ed:0f:b4:1c:
8e:2f:cc:83:d2:e9:09:48:40:81:66:b3:df:42:98:37:3d:3f:
31:eb:3f:03:cd:fb:f5:c0:7f:c4:76:69:ff:59:88:1b:66:a5:
00:0a:86:7b:03:fe:40:63:d7:38:de:1f:65:31:0b:cc:3f:f1:
95:43:e2:5c:7e:47:84:d3:91:92:0c:59:80:2a:27:5f:36:8e:
04:0c:e3:ee:65:fb:26:8d:36:40:1d:09:35:c8:57:2c:74:4d:
1f:10:bb:7c:85:00:45:f8:80:d2:b4:7b:70:5e:ba:5b:b0:75:
78:aa:57:a1:86:b2:0d:d3:c9:e5:df:1d:78:2c:52:96:68:7e:
35:b9:1e:ea:59:d8:e5:6f:71:99:41:32:dc:e3:da:bf:46:00:
bf:9e:7e:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdGQiwoc3sLVcYRKHFDZSXiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYzg0MDgyYmU5NmU2MDlkOWRlOTgwOGZiYzM3ODY2ZmVi
NGM1NGIwHhcNMjMwNDAzMDgzNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2EwMzEwYjQ4NTkzOWYyM2ZiYzhlZGRhZThlYjE0NmUzZDVmOWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtx9h43CJ0zMNVwbUqpLv7Mng23m
Q7CyPhG5zShzdNAmMv0TzpYW/qCTNd+BjlOTH1Qbxw9SJJs5hQHB/yxGknNkFhQk
fbQe2hSGYorTFOOsnOinbY8WYbtdQq5wTnheS8oQTfmrhovylpCQHphYBmF2YTCn
A8ey0EbOPYbLSjuR7gcf09W7VmpUxGFQO5dq0bhJ6a2Myr4MbJ0S6u4MwmXkRadC
HXBd1kYMnm/DvNBTOgtURLkd+yi6+J09Xe6z2DYSDeZdimHcZTxfQ8HVA9ZwueAL
ns6QIgoT/JQ3nd/c6aYf1lmiNiETtgbrODkHn449usLY1/bb6J470yCD6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAOgMQtIWTnyP7yO3a6OsUbj1fnhMB8GA1UdIwQY
MBaAFM3IQIK+luYJ2d6YCPvDeGb+tMVLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemNoQWdyNlc1Z25aM3BnSS04TjRadjYweFVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9iN2JmOTQtMzc3Yi00NDAwLThiOWMt
Y2JmMTY0ZThiZTAxLzEvQTZBeEMwaFpPZklfdkk3ZHJvNnhSdVBWLWVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9iN2JmOTQtMzc3Yi00NDAwLThiOWMtY2JmMTY0ZThiZTAx
LzEvemNoQWdyNlc1Z25aM3BnSS04TjRadjYweFVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJet5MA0G
CSqGSIb3DQEBCwUAA4IBAQBQIYQHhbb9mG/g4wfGD4DKceGe/n243R+4F5hRRnBu
auNr89VVQdFF1h+eR/8n/09nDF0aNMFWTrk/+FNUzmrZ4XYtyTIiI7QtaagpNldc
XOH1lQMVHdpyhk6YG4eXRN4nvQNboNF0yO0PtByOL8yD0ukJSECBZrPfQpg3PT8x
6z8Dzfv1wH/Edmn/WYgbZqUACoZ7A/5AY9c43h9lMQvMP/GVQ+JcfkeE05GSDFmA
KidfNo4EDOPuZfsmjTZAHQk1yFcsdE0fELt8hQBF+IDStHtwXrpbsHV4qlehhrIN
08nl3x14LFKWaH41uR7qWdjlb3GZQTLc49q/RgC/nn6d
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:51 2024 by rpki-client on console-fra.rpki-client.org