Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/51f9a1-4368-4568-b029-dd22530e15a4/1/AX_HE-tD9ev7BPalJqc0zE67ZY8.roa
File: AX_HE-tD9ev7BPalJqc0zE67ZY8.roa (raw, json)
Hash identifier: dJoh+qQuzHXKU71VNfLtJ4TqM43CskdZ6MAlccXt758=
Subject key identifier: 01:7F:C7:13:EB:43:F5:EB:FB:04:F6:A5:26:A7:34:CC:4E:BB:65:8F
Certificate issuer: /CN=3f230752f3ba0026fbb20c5e4c963b1129ac9d34
Certificate serial: 018BCE0D906EFA8459D70261004391A7A620
Authority key identifier: 3F:23:07:52:F3:BA:00:26:FB:B2:0C:5E:4C:96:3B:11:29:AC:9D:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PyMHUvO6ACb7sgxeTJY7ESmsnTQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/51f9a1-4368-4568-b029-dd22530e15a4/1/AX_HE-tD9ev7BPalJqc0zE67ZY8.roa
Signing time: Tue 14 Nov 2023 13:37:57 +0000
ROA not before: Tue 14 Nov 2023 13:37:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39305
IP address blocks: 185.151.214.0/23 maxlen: 24
194.247.36.0/24 maxlen: 24
45.84.52.0/22 maxlen: 22
77.75.228.0/24 maxlen: 24
62.106.73.0/24 maxlen: 24
193.57.227.0/24 maxlen: 24
91.211.64.0/22 maxlen: 22
91.238.63.0/24 maxlen: 24
185.88.9.0/24 maxlen: 24
94.24.24.0/22 maxlen: 22
185.182.107.0/24 maxlen: 24
94.24.30.0/23 maxlen: 23
193.57.226.0/24 maxlen: 24
2a0e:9780::/29 maxlen: 29
2a0c:7140::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ce:0d:90:6e:fa:84:59:d7:02:61:00:43:91:a7:a6:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f230752f3ba0026fbb20c5e4c963b1129ac9d34
Validity
Not Before: Nov 14 13:37:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=017fc713eb43f5ebfb04f6a526a734cc4ebb658f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:8e:14:f4:2b:22:22:b6:ca:a2:be:a1:47:5f:
32:2e:10:6d:7b:7c:58:92:99:fd:15:86:b4:2e:85:
40:c5:13:ed:da:49:55:6a:11:51:4f:93:84:40:06:
81:79:a0:6c:9a:e8:18:b1:b4:42:ed:b2:58:a4:69:
4e:15:2b:36:ed:af:26:80:c7:51:15:13:ab:a6:cb:
23:7e:28:b4:bf:78:ed:e0:76:3a:c1:47:c6:8e:74:
0c:b8:b5:f1:79:f6:19:dd:ac:4b:00:39:05:f2:48:
36:ac:4d:a3:3e:70:43:72:64:51:28:70:56:b2:9f:
5a:7a:f0:fc:d7:34:12:c2:d2:42:bf:e8:a4:d6:ba:
1b:89:3b:4f:ef:bc:e4:ae:ee:ae:69:33:99:27:ad:
1e:70:0b:87:ee:9e:7c:29:e3:55:d5:ed:18:88:ab:
c9:f3:a6:e1:79:cf:e3:45:38:ec:56:8c:4e:d1:66:
ab:ca:cf:18:3e:21:9a:d8:23:6d:a8:af:bb:3c:b3:
93:c7:7d:31:9a:d5:aa:27:78:bc:ea:66:38:b2:de:
cc:bf:f8:ad:f1:12:11:ff:d6:f1:de:67:5e:33:a0:
31:a1:9e:5b:fb:17:e3:f2:ed:63:f9:df:12:de:1f:
b8:ad:87:52:52:41:8c:c8:8a:6f:f3:d5:af:1c:2f:
a5:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:7F:C7:13:EB:43:F5:EB:FB:04:F6:A5:26:A7:34:CC:4E:BB:65:8F
X509v3 Authority Key Identifier:
keyid:3F:23:07:52:F3:BA:00:26:FB:B2:0C:5E:4C:96:3B:11:29:AC:9D:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PyMHUvO6ACb7sgxeTJY7ESmsnTQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/51f9a1-4368-4568-b029-dd22530e15a4/1/AX_HE-tD9ev7BPalJqc0zE67ZY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/51f9a1-4368-4568-b029-dd22530e15a4/1/PyMHUvO6ACb7sgxeTJY7ESmsnTQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.52.0/22
62.106.73.0/24
77.75.228.0/24
91.211.64.0/22
91.238.63.0/24
94.24.24.0/22
94.24.30.0/23
185.88.9.0/24
185.151.214.0/23
185.182.107.0/24
193.57.226.0/23
194.247.36.0/24
IPv6:
2a0c:7140::/29
2a0e:9780::/29
Signature Algorithm: sha256WithRSAEncryption
95:0f:bb:51:c1:58:50:b4:9a:a7:cb:f0:1e:8f:84:e0:d8:18:
8b:94:32:b2:22:b8:fb:9d:1c:77:77:82:bb:54:42:5a:da:52:
a2:ae:7f:5f:9d:0f:13:8c:74:43:47:3b:2e:6a:03:bc:ec:f4:
45:e1:62:70:d1:91:63:39:7f:23:10:9e:21:fc:7e:df:4e:7f:
64:90:8e:f1:03:87:29:9d:3a:c5:9d:d8:d2:05:70:62:a9:b3:
b4:d2:cb:56:91:66:31:09:21:6a:f5:74:22:96:f9:4d:bf:24:
77:a9:47:3c:07:11:2f:1d:fb:72:de:7c:b1:9a:ca:29:15:ed:
fc:30:33:9a:ce:d4:39:c8:c4:6e:16:2b:b4:5b:9f:5b:f7:a0:
27:86:7a:82:75:9a:57:03:b8:56:20:a2:ce:a9:20:6a:f8:22:
b0:21:9e:f4:83:bb:c2:83:9c:bf:c3:65:02:39:a6:7e:fe:c7:
28:f1:a8:e8:01:21:22:8e:09:9d:06:70:99:04:33:68:60:95:
e5:6a:37:7c:b6:69:b5:ea:4b:04:9a:0b:f1:bd:91:bc:ab:45:
64:65:cb:f9:9d:ac:38:1a:97:b3:5e:0a:f9:55:88:3f:4a:05:
c6:97:bd:59:47:14:ca:92:6b:98:4a:5d:91:c4:2d:36:50:df:
f8:56:00:ba
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYvODZBu+oRZ1wJhAEORp6YgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMjMwNzUyZjNiYTAwMjZmYmIyMGM1ZTRjOTYzYjExMjlh
YzlkMzQwHhcNMjMxMTE0MTMzNzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTdmYzcxM2ViNDNmNWViZmIwNGY2YTUyNmE3MzRjYzRlYmI2NThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk44U9CsiIrbKor6hR18yLhBte3xY
kpn9FYa0LoVAxRPt2klVahFRT5OEQAaBeaBsmugYsbRC7bJYpGlOFSs27a8mgMdR
FROrpssjfii0v3jt4HY6wUfGjnQMuLXxefYZ3axLADkF8kg2rE2jPnBDcmRRKHBW
sp9aevD81zQSwtJCv+ik1robiTtP77zkru6uaTOZJ60ecAuH7p58KeNV1e0YiKvJ
86bhec/jRTjsVoxO0Warys8YPiGa2CNtqK+7PLOTx30xmtWqJ3i86mY4st7Mv/it
8RIR/9bx3mdeM6AxoZ5b+xfj8u1j+d8S3h+4rYdSUkGMyIpv89WvHC+lkwIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFAF/xxPrQ/Xr+wT2pSanNMxOu2WPMB8GA1UdIwQY
MBaAFD8jB1LzugAm+7IMXkyWOxEprJ00MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHlNSFV2TzZBQ2I3c2d4ZVRKWTdFU21zblRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy81MWY5YTEtNDM2OC00NTY4LWIwMjkt
ZGQyMjUzMGUxNWE0LzEvQVhfSEUtdEQ5ZXY3QlBhbEpxYzB6RTY3Wlk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy81MWY5YTEtNDM2OC00NTY4LWIwMjktZGQyMjUzMGUxNWE0
LzEvUHlNSFV2TzZBQ2I3c2d4ZVRKWTdFU21zblRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBOBAIAATBIAwQCLVQ0AwQA
PmpJAwQATUvkAwQCW9NAAwQAW+4/AwQCXhgYAwQBXhgeAwQAuVgJAwQBuZfWAwQA
ubZrAwQBwTniAwQAwvckMBQEAgACMA4DBQMqDHFAAwUDKg6XgDANBgkqhkiG9w0B
AQsFAAOCAQEAlQ+7UcFYULSap8vwHo+E4NgYi5QysiK4+50cd3eCu1RCWtpSoq5/
X50PE4x0Q0c7LmoDvOz0ReFicNGRYzl/IxCeIfx+305/ZJCO8QOHKZ06xZ3Y0gVw
YqmztNLLVpFmMQkhavV0Ipb5Tb8kd6lHPAcRLx37ct58sZrKKRXt/DAzms7UOcjE
bhYrtFufW/egJ4Z6gnWaVwO4ViCizqkgavgisCGe9IO7woOcv8NlAjmmfv7HKPGo
6AEhIo4JnQZwmQQzaGCV5Wo3fLZptepLBJoL8b2RvKtFZGXL+Z2sOBqXs14K+VWI
P0oFxpe9WUcUypJrmEpdkcQtNlDf+FYAug==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:27 2024 by rpki-client on console-fra.rpki-client.org