Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/f5c020-e1d7-4fe9-83c0-a3be63b8572f/1/Ee4IGlw90YQPLwbpgVzWeoUpQqM.roa
File: Ee4IGlw90YQPLwbpgVzWeoUpQqM.roa (raw, json)
Hash identifier: mMtyCAHgol0M0FRAVTNGJ92m2ExwyrqiL48TRuq957k=
Subject key identifier: 11:EE:08:1A:5C:3D:D1:84:0F:2F:06:E9:81:5C:D6:7A:85:29:42:A3
Certificate issuer: /CN=6b85894a84baa0eca0e6ef44a992fc2ba00f5277
Certificate serial: 018CC801285868A9B089EEADA027E2C22FBF
Authority key identifier: 6B:85:89:4A:84:BA:A0:EC:A0:E6:EF:44:A9:92:FC:2B:A0:0F:52:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a4WJSoS6oOyg5u9EqZL8K6APUnc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/f5c020-e1d7-4fe9-83c0-a3be63b8572f/1/Ee4IGlw90YQPLwbpgVzWeoUpQqM.roa
Signing time: Tue 02 Jan 2024 02:29:28 +0000
ROA not before: Tue 02 Jan 2024 02:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9121
IP address blocks: 37.77.3.0/24 maxlen: 24
37.77.4.0/24 maxlen: 24
37.77.0.0/24 maxlen: 24
37.77.1.0/24 maxlen: 24
37.77.2.0/24 maxlen: 24
37.77.5.0/24 maxlen: 24
37.77.6.0/24 maxlen: 24
37.77.7.0/24 maxlen: 24
37.77.8.0/24 maxlen: 24
37.77.9.0/24 maxlen: 24
37.77.17.0/24 maxlen: 24
37.77.12.0/24 maxlen: 24
37.77.24.0/24 maxlen: 24
37.77.21.0/24 maxlen: 24
37.77.22.0/24 maxlen: 24
37.77.23.0/24 maxlen: 24
37.77.18.0/24 maxlen: 24
37.77.19.0/24 maxlen: 24
37.77.20.0/24 maxlen: 24
37.77.25.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:28:58:68:a9:b0:89:ee:ad:a0:27:e2:c2:2f:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b85894a84baa0eca0e6ef44a992fc2ba00f5277
Validity
Not Before: Jan 2 02:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=11ee081a5c3dd1840f2f06e9815cd67a852942a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a6:e0:36:49:56:a3:d0:12:eb:d7:f9:c7:d1:
98:e8:41:bd:30:97:6b:7f:33:3e:de:4a:22:a2:0a:
93:39:0e:6d:e5:0a:d7:61:eb:71:30:38:84:ce:1a:
54:00:60:16:a0:cc:92:ed:75:8d:b6:87:6a:02:50:
bc:0b:8f:d3:3c:1e:df:1c:5c:21:ad:4e:36:c8:0d:
ce:25:bf:43:f5:b1:7b:01:79:5f:7c:c3:f6:06:e9:
84:f3:78:04:5c:5b:38:81:46:1a:35:24:3a:0e:67:
b4:26:63:fb:db:af:50:7b:7c:6f:48:bc:70:83:88:
d4:ab:9f:7a:41:2e:8c:ec:2f:fc:a5:8d:0c:a7:d9:
81:cd:22:c4:73:2a:22:53:68:3f:0e:46:60:9c:7f:
9c:0d:83:99:86:e7:e5:ba:9e:c1:43:9d:27:77:c3:
52:d6:e2:2c:19:ef:e9:4f:e8:77:db:e8:c0:9c:1c:
13:b7:b1:d9:88:4b:4f:42:51:8c:86:f1:b5:1b:0e:
b8:ce:af:64:d9:17:38:36:96:f8:fa:1e:10:f4:5b:
ea:cd:78:ec:a7:3f:39:88:d1:80:16:a5:66:cf:39:
96:92:55:50:0c:f8:9c:79:ce:d6:cb:fd:39:8f:c3:
19:fc:23:cf:81:0c:20:d5:4b:5f:ca:53:8f:1d:58:
d6:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:EE:08:1A:5C:3D:D1:84:0F:2F:06:E9:81:5C:D6:7A:85:29:42:A3
X509v3 Authority Key Identifier:
keyid:6B:85:89:4A:84:BA:A0:EC:A0:E6:EF:44:A9:92:FC:2B:A0:0F:52:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4WJSoS6oOyg5u9EqZL8K6APUnc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/f5c020-e1d7-4fe9-83c0-a3be63b8572f/1/Ee4IGlw90YQPLwbpgVzWeoUpQqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/f5c020-e1d7-4fe9-83c0-a3be63b8572f/1/a4WJSoS6oOyg5u9EqZL8K6APUnc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.77.0.0-37.77.9.255
37.77.12.0/24
37.77.17.0-37.77.25.255
Signature Algorithm: sha256WithRSAEncryption
5a:c1:4b:44:3c:11:53:17:07:93:9f:47:86:97:ea:fc:0f:ec:
d8:41:37:06:2e:55:a4:fe:99:a5:f3:48:f5:b0:35:56:33:d9:
55:34:d5:8e:9e:0b:dd:94:e8:d7:7b:34:33:f8:78:61:21:1a:
7f:44:4d:29:18:9f:6e:03:cd:bc:22:76:5f:e0:f5:58:bd:f8:
78:03:a2:c8:0c:6e:63:16:2e:e3:77:f9:3a:34:cd:c3:84:09:
73:5e:4d:3a:c8:ab:86:6d:9c:d8:f9:c8:b8:07:ed:c0:57:59:
6b:ed:b2:9b:2b:83:16:3a:e2:e7:39:c4:f0:3c:79:7d:1f:8d:
68:0f:d8:ad:7a:76:e5:99:79:7c:68:16:77:b9:86:b4:1d:aa:
70:d5:08:7a:e9:79:3a:36:1e:42:53:95:6d:69:fb:74:65:5a:
a7:0f:8b:5e:f8:d5:11:6a:0e:9f:11:5c:9a:2f:27:ef:02:54:
e4:6d:be:6d:53:08:0c:cf:b6:f0:0e:f3:51:0c:25:39:ad:03:
18:42:8f:32:fa:3f:58:a0:0d:61:f1:56:0e:70:9c:a1:6d:f9:
15:cc:32:43:d5:02:9d:8a:85:4b:5b:29:fd:0c:75:89:8e:c8:
7d:51:63:08:98:55:02:ce:ae:0e:7f:e9:50:df:18:ec:67:dd:
c8:c6:f3:9a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzIAShYaKmwie6toCfiwi+/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiODU4OTRhODRiYWEwZWNhMGU2ZWY0NGE5OTJmYzJiYTAw
ZjUyNzcwHhcNMjQwMTAyMDIyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWVlMDgxYTVjM2RkMTg0MGYyZjA2ZTk4MTVjZDY3YTg1Mjk0MmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqabgNklWo9AS69f5x9GY6EG9MJdr
fzM+3koiogqTOQ5t5QrXYetxMDiEzhpUAGAWoMyS7XWNtodqAlC8C4/TPB7fHFwh
rU42yA3OJb9D9bF7AXlffMP2BumE83gEXFs4gUYaNSQ6Dme0JmP7269Qe3xvSLxw
g4jUq596QS6M7C/8pY0Mp9mBzSLEcyoiU2g/DkZgnH+cDYOZhuflup7BQ50nd8NS
1uIsGe/pT+h32+jAnBwTt7HZiEtPQlGMhvG1Gw64zq9k2Rc4Npb4+h4Q9FvqzXjs
pz85iNGAFqVmzzmWklVQDPicec7Wy/05j8MZ/CPPgQwg1UtfylOPHVjWDwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFBHuCBpcPdGEDy8G6YFc1nqFKUKjMB8GA1UdIwQY
MBaAFGuFiUqEuqDsoObvRKmS/CugD1J3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTRXSlNvUzZvT3lnNXU5RXFaTDhLNkFQVW5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9mNWMwMjAtZTFkNy00ZmU5LTgzYzAt
YTNiZTYzYjg1NzJmLzEvRWU0SUdsdzkwWVFQTHdicGdWeldlb1VwUXFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9mNWMwMjAtZTFkNy00ZmU5LTgzYzAtYTNiZTYzYjg1NzJm
LzEvYTRXSlNvUzZvT3lnNXU5RXFaTDhLNkFQVW5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAnBAIAATAhMAsDAwAlTQME
ASVNCAMEACVNDDAMAwQAJU0RAwQBJU0YMA0GCSqGSIb3DQEBCwUAA4IBAQBawUtE
PBFTFweTn0eGl+r8D+zYQTcGLlWk/pml80j1sDVWM9lVNNWOngvdlOjXezQz+Hhh
IRp/RE0pGJ9uA828InZf4PVYvfh4A6LIDG5jFi7jd/k6NM3DhAlzXk06yKuGbZzY
+ci4B+3AV1lr7bKbK4MWOuLnOcTwPHl9H41oD9itenblmXl8aBZ3uYa0Hapw1Qh6
6Xk6Nh5CU5Vtaft0ZVqnD4te+NURag6fEVyaLyfvAlTkbb5tUwgMz7bwDvNRDCU5
rQMYQo8y+j9YoA1h8VYOcJyhbfkVzDJD1QKdioVLWyn9DHWJjsh9UWMImFUCzq4O
f+lQ3xjsZ93IxvOa
-----END CERTIFICATE-----
Generated at Mon Aug 12 17:33:29 2024 by rpki-client on console-ams.rpki-client.org