Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/b7bf94-377b-4400-8b9c-cbf164e8be01/1/XlGG9U6U1UB0wWneeW7r0gq_swg.roa
File: XlGG9U6U1UB0wWneeW7r0gq_swg.roa (raw, json)
Hash identifier: jSZCuTrsWebIHv2aiZvWPyc52UgIdnLp7fPGbFU0CN4=
Subject key identifier: 5E:51:86:F5:4E:94:D5:40:74:C1:69:DE:79:6E:EB:D2:0A:BF:B3:08
Certificate issuer: /CN=cdc84082be96e609d9de9808fbc37866feb4c54b
Certificate serial: 0186A796269C186AEA6BB6820B6BE2FF700D
Authority key identifier: CD:C8:40:82:BE:96:E6:09:D9:DE:98:08:FB:C3:78:66:FE:B4:C5:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zchAgr6W5gnZ3pgI-8N4Zv60xUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/b7bf94-377b-4400-8b9c-cbf164e8be01/1/XlGG9U6U1UB0wWneeW7r0gq_swg.roa
Signing time: Fri 03 Mar 2023 13:08:00 +0000
ROA not before: Fri 03 Mar 2023 13:08:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61138
IP address blocks: 37.235.121.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a7:96:26:9c:18:6a:ea:6b:b6:82:0b:6b:e2:ff:70:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdc84082be96e609d9de9808fbc37866feb4c54b
Validity
Not Before: Mar 3 13:08:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e5186f54e94d54074c169de796eebd20abfb308
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:e1:39:0a:9f:b8:cb:3e:7e:5d:24:f5:d7:40:
3a:92:7c:9d:1e:a0:8a:64:4f:88:36:9d:9f:c0:2d:
0a:65:5b:18:c4:87:03:50:b2:e2:3d:46:3d:df:eb:
76:f4:3d:23:99:2d:c3:65:70:e7:07:45:53:a8:65:
20:4b:de:b8:e7:d2:98:85:a9:fa:4f:9a:7e:ca:87:
fa:b7:ff:ee:cc:4a:4b:10:ae:1b:41:8b:a4:ee:18:
db:bf:41:7c:13:18:7c:30:57:f8:2b:9c:29:a2:d0:
8f:53:59:ef:3a:d9:25:eb:9f:d4:71:ec:38:89:01:
77:11:e6:8a:2f:58:c1:ff:2a:9c:8a:33:4b:ab:3b:
7f:b6:1b:d5:4e:b7:82:1c:2c:b2:f8:e3:f4:3e:cc:
86:a5:76:76:9b:ba:51:c3:64:a8:8f:4d:d4:59:97:
8a:73:eb:61:ee:43:9e:0a:a7:35:73:90:0e:56:61:
58:83:97:b3:7f:85:6a:a0:5e:b1:b9:e3:11:9d:25:
92:fe:2c:b6:fb:04:c7:47:d9:53:3e:87:58:19:c4:
27:1f:0e:48:1d:19:90:ee:5d:07:c3:7d:06:43:c9:
cc:a7:1f:3a:a7:15:e1:dc:d2:72:e1:f2:b0:c4:00:
42:de:ff:fa:80:6f:76:46:75:a6:2a:cd:39:5c:cf:
e4:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:51:86:F5:4E:94:D5:40:74:C1:69:DE:79:6E:EB:D2:0A:BF:B3:08
X509v3 Authority Key Identifier:
keyid:CD:C8:40:82:BE:96:E6:09:D9:DE:98:08:FB:C3:78:66:FE:B4:C5:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zchAgr6W5gnZ3pgI-8N4Zv60xUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/b7bf94-377b-4400-8b9c-cbf164e8be01/1/XlGG9U6U1UB0wWneeW7r0gq_swg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/b7bf94-377b-4400-8b9c-cbf164e8be01/1/zchAgr6W5gnZ3pgI-8N4Zv60xUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.121.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:d3:ba:88:0e:e7:88:39:15:bf:d4:4d:ea:3e:56:c7:c2:0a:
d9:cf:29:5f:e1:35:63:a1:07:75:24:03:4a:74:18:c9:16:5e:
24:f2:b7:f8:f2:77:a9:cd:f3:56:84:55:af:57:01:23:07:fb:
6f:1d:1a:81:f4:b6:a0:b8:32:94:50:98:db:2a:9c:12:d3:f4:
f6:1b:1c:99:b7:58:4b:15:b0:cb:76:60:fd:d7:d6:74:e2:c6:
af:6d:84:49:af:94:dc:6e:3d:6a:dd:96:d7:af:d3:3b:ff:4e:
f1:f6:98:24:20:89:ae:36:81:3e:ac:b1:24:98:7a:6f:26:fa:
d9:16:87:4d:36:83:f5:1f:63:69:58:f7:89:0f:99:09:69:ae:
bf:1d:d7:ed:38:fa:50:a4:cc:29:37:8a:4c:2a:88:32:34:df:
34:0e:c8:e6:e4:e5:7c:12:0d:54:a3:10:7f:a4:67:67:8b:9f:
cf:2e:d0:9d:eb:41:25:d9:21:2f:8c:f8:00:de:60:ed:6b:a3:
f1:95:48:04:7f:45:0d:5c:91:e0:96:9c:5a:19:74:8f:d3:be:
d0:86:6d:d1:c9:d1:69:e7:ed:53:98:9c:aa:f3:11:d2:06:22:
1b:ee:fa:c9:69:c9:a7:02:8a:b1:da:59:af:2f:5b:b0:32:50:
74:ee:30:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYanliacGGrqa7aCC2vi/3ANMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYzg0MDgyYmU5NmU2MDlkOWRlOTgwOGZiYzM3ODY2ZmVi
NGM1NGIwHhcNMjMwMzAzMTMwODAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTUxODZmNTRlOTRkNTQwNzRjMTY5ZGU3OTZlZWJkMjBhYmZiMzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3eE5Cp+4yz5+XST110A6knydHqCK
ZE+INp2fwC0KZVsYxIcDULLiPUY93+t29D0jmS3DZXDnB0VTqGUgS96459KYhan6
T5p+yof6t//uzEpLEK4bQYuk7hjbv0F8Exh8MFf4K5wpotCPU1nvOtkl65/Ucew4
iQF3EeaKL1jB/yqcijNLqzt/thvVTreCHCyy+OP0PsyGpXZ2m7pRw2Soj03UWZeK
c+th7kOeCqc1c5AOVmFYg5ezf4VqoF6xueMRnSWS/iy2+wTHR9lTPodYGcQnHw5I
HRmQ7l0Hw30GQ8nMpx86pxXh3NJy4fKwxABC3v/6gG92RnWmKs05XM/kgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF5RhvVOlNVAdMFp3nlu69IKv7MIMB8GA1UdIwQY
MBaAFM3IQIK+luYJ2d6YCPvDeGb+tMVLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemNoQWdyNlc1Z25aM3BnSS04TjRadjYweFVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9iN2JmOTQtMzc3Yi00NDAwLThiOWMt
Y2JmMTY0ZThiZTAxLzEvWGxHRzlVNlUxVUIwd1duZWVXN3IwZ3Ffc3dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9iN2JmOTQtMzc3Yi00NDAwLThiOWMtY2JmMTY0ZThiZTAx
LzEvemNoQWdyNlc1Z25aM3BnSS04TjRadjYweFVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJet5MA0G
CSqGSIb3DQEBCwUAA4IBAQDC07qIDueIORW/1E3qPlbHwgrZzylf4TVjoQd1JANK
dBjJFl4k8rf48nepzfNWhFWvVwEjB/tvHRqB9LaguDKUUJjbKpwS0/T2GxyZt1hL
FbDLdmD919Z04savbYRJr5Tcbj1q3ZbXr9M7/07x9pgkIImuNoE+rLEkmHpvJvrZ
FodNNoP1H2NpWPeJD5kJaa6/HdftOPpQpMwpN4pMKogyNN80Dsjm5OV8Eg1UoxB/
pGdni5/PLtCd60El2SEvjPgA3mDta6PxlUgEf0UNXJHglpxaGXSP077Qhm3RydFp
5+1TmJyq8xHSBiIb7vrJacmnAoqx2lmvL1uwMlB07jD6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:51 2024 by rpki-client on console-fra.rpki-client.org