Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/1c24ad-24b4-4c98-a659-592c0dcdaf79/1/6zarLmaRBVNwAXwSmxZ1OFY_eMo.roa
File: 6zarLmaRBVNwAXwSmxZ1OFY_eMo.roa (raw, json)
Hash identifier: dm1svAK+dkCvZzQqNmWE0fm0Gf9OVEb3Mo2XyuFOcso=
Subject key identifier: EB:36:AB:2E:66:91:05:53:70:01:7C:12:9B:16:75:38:56:3F:78:CA
Certificate issuer: /CN=0283a8c69a2630cd8f6fa70af2a53fe019f2cc07
Certificate serial: 042FB1CE
Authority key identifier: 02:83:A8:C6:9A:26:30:CD:8F:6F:A7:0A:F2:A5:3F:E0:19:F2:CC:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AoOoxpomMM2Pb6cK8qU_4BnyzAc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/1c24ad-24b4-4c98-a659-592c0dcdaf79/1/6zarLmaRBVNwAXwSmxZ1OFY_eMo.roa
Signing time: Sat 01 Jan 2022 07:04:25 +0000
ROA not before: Sat 01 Jan 2022 07:04:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16322
IP address blocks: 77.42.96.0/19 maxlen: 19
46.225.32.0/19 maxlen: 19
46.224.224.0/19 maxlen: 19
77.42.32.0/19 maxlen: 19
46.225.192.0/19 maxlen: 19
77.42.64.0/19 maxlen: 19
46.225.0.0/19 maxlen: 19
77.42.64.0/18 maxlen: 18
46.224.160.0/19 maxlen: 19
77.42.0.0/17 maxlen: 17
77.42.0.0/18 maxlen: 18
77.42.0.0/19 maxlen: 19
46.224.192.0/19 maxlen: 19
46.167.128.0/19 maxlen: 19
46.225.160.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70234574 (0x42fb1ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0283a8c69a2630cd8f6fa70af2a53fe019f2cc07
Validity
Not Before: Jan 1 07:04:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=eb36ab2e6691055370017c129b167538563f78ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f3:21:53:eb:66:94:13:b4:16:b8:6b:fb:29:
76:f5:cf:ab:83:16:bf:49:27:d8:82:b6:5e:43:9e:
07:35:9d:55:e8:f1:2d:35:d8:56:a1:e4:34:a5:01:
ed:de:27:d9:d9:2c:f2:d4:88:01:9b:d4:06:d0:20:
e8:44:d4:57:6c:5d:cf:96:04:37:57:ff:b2:4c:1f:
df:68:90:4a:55:df:fc:ff:90:c0:3b:6a:5d:e1:41:
30:47:7b:5d:25:15:56:43:fb:76:cf:6a:48:8c:45:
34:15:74:1d:b0:31:cc:2b:5f:55:1d:62:62:1f:4e:
06:76:e4:13:79:0f:bf:79:7d:b7:3c:6c:4f:fc:3f:
d0:de:1b:ed:d3:3f:90:b1:f6:2b:2b:f2:32:1e:a1:
0a:b8:4d:7a:f8:a1:3a:65:db:dc:9d:ec:ae:0a:33:
fe:a3:29:5c:75:f4:2d:9e:f2:4a:8c:2d:b8:dc:bc:
32:88:34:19:ec:d6:d6:9f:a7:c7:c9:36:b6:fe:b4:
67:a2:fb:10:f7:44:7d:94:5d:ff:b9:65:22:e9:b8:
08:6a:dc:4c:a4:25:87:20:0f:ae:7c:59:7c:03:f8:
d7:eb:d0:b9:f6:34:4d:09:fa:0d:5f:79:aa:9e:ac:
f4:6e:d2:5d:9a:1d:1c:8a:1d:01:07:71:63:e9:d4:
09:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:36:AB:2E:66:91:05:53:70:01:7C:12:9B:16:75:38:56:3F:78:CA
X509v3 Authority Key Identifier:
keyid:02:83:A8:C6:9A:26:30:CD:8F:6F:A7:0A:F2:A5:3F:E0:19:F2:CC:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AoOoxpomMM2Pb6cK8qU_4BnyzAc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/1c24ad-24b4-4c98-a659-592c0dcdaf79/1/6zarLmaRBVNwAXwSmxZ1OFY_eMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/1c24ad-24b4-4c98-a659-592c0dcdaf79/1/AoOoxpomMM2Pb6cK8qU_4BnyzAc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.167.128.0/19
46.224.160.0-46.225.63.255
46.225.160.0-46.225.223.255
77.42.0.0/17
Signature Algorithm: sha256WithRSAEncryption
2d:8e:39:e3:48:e9:09:7e:11:a8:77:b3:b0:5a:0d:07:9f:f7:
94:14:45:f2:fb:5b:85:64:e4:c8:d2:13:f3:4e:58:50:09:9b:
96:d5:e0:25:30:50:a5:f4:27:9f:2f:40:54:79:10:83:5f:f5:
bd:49:b8:6c:04:18:1f:82:62:46:2d:30:5f:ea:fd:6d:a2:2f:
17:a7:30:8b:b0:b2:64:e4:e1:65:c5:c5:2e:1d:6a:29:44:5f:
3f:ac:91:0e:28:ce:5d:cf:b6:f3:bb:f3:3f:b1:1b:9a:b0:49:
e8:07:de:66:38:4e:39:b2:2c:85:8a:97:9a:d2:df:cf:00:b6:
d6:62:63:48:a2:e3:03:a0:d4:69:c6:b9:7e:29:34:fe:61:e5:
49:0a:4d:91:56:ce:d2:40:bf:be:53:31:07:af:08:44:40:bb:
26:3d:49:ff:eb:4e:65:1c:0c:3f:37:53:4d:9b:7e:52:55:5a:
46:0c:98:f6:bd:eb:ee:77:45:e1:9e:32:4f:e9:c3:fe:6d:d8:
2d:1c:04:77:e0:64:05:6c:aa:64:84:e5:b1:8c:e5:3d:62:8e:
24:cb:df:27:4b:56:db:2f:b6:32:74:0d:8d:6e:c7:09:ce:28:
4e:79:56:3e:71:a6:35:da:ad:0d:b9:d2:81:c4:7e:f2:47:f2:
46:31:c4:5f
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIEBC+xzjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MjgzYThjNjlhMjYzMGNkOGY2ZmE3MGFmMmE1M2ZlMDE5ZjJjYzA3MB4XDTIyMDEw
MTA3MDQyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWIzNmFiMmU2Njkx
MDU1MzcwMDE3YzEyOWIxNjc1Mzg1NjNmNzhjYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALzzIVPrZpQTtBa4a/spdvXPq4MWv0kn2IK2XkOeBzWdVejx
LTXYVqHkNKUB7d4n2dks8tSIAZvUBtAg6ETUV2xdz5YEN1f/skwf32iQSlXf/P+Q
wDtqXeFBMEd7XSUVVkP7ds9qSIxFNBV0HbAxzCtfVR1iYh9OBnbkE3kPv3l9tzxs
T/w/0N4b7dM/kLH2KyvyMh6hCrhNevihOmXb3J3srgoz/qMpXHX0LZ7ySowtuNy8
Mog0GezW1p+nx8k2tv60Z6L7EPdEfZRd/7llIum4CGrcTKQlhyAPrnxZfAP41+vQ
ufY0TQn6DV95qp6s9G7SXZodHIodAQdxY+nUCaUCAwEAAaOCAiswggInMB0GA1Ud
DgQWBBTrNqsuZpEFU3ABfBKbFnU4Vj94yjAfBgNVHSMEGDAWgBQCg6jGmiYwzY9v
pwrypT/gGfLMBzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FvT294cG9tTU0yUGI2Y0s4cVVfNEJueXpBYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTIvMWMyNGFkLTI0YjQtNGM5OC1hNjU5LTU5MmMwZGNkYWY3OS8x
LzZ6YXJMbWFSQlZOd0FYd1NteFoxT0ZZX2VNby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIv
MWMyNGFkLTI0YjQtNGM5OC1hNjU5LTU5MmMwZGNkYWY3OS8xL0FvT294cG9tTU0y
UGI2Y0s4cVVfNEJueXpBYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwLgQCAAEwKAMEBS6ngDAMAwQFLuCgAwQGLuEAMAwD
BAUu4aADBAUu4cADBAdNKgAwDQYJKoZIhvcNAQELBQADggEBAC2OOeNI6Ql+Eah3
s7BaDQef95QURfL7W4Vk5MjSE/NOWFAJm5bV4CUwUKX0J58vQFR5EINf9b1JuGwE
GB+CYkYtMF/q/W2iLxenMIuwsmTk4WXFxS4dailEXz+skQ4ozl3PtvO78z+xG5qw
SegH3mY4TjmyLIWKl5rS388AttZiY0ii4wOg1GnGuX4pNP5h5UkKTZFWztJAv75T
MQevCERAuyY9Sf/rTmUcDD83U02bflJVWkYMmPa96+53ReGeMk/pw/5t2C0cBHfg
ZAVsqmSE5bGM5T1ijiTL3ydLVtsvtjJ0DY1uxwnOKE55Vj5xpjXarQ250oHEfvJH
8kYxxF8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:04 2024 by rpki-client on console-ams.rpki-client.org