Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/a9c0b7-a23a-458f-8f64-ba37511404c2/1/2Es36O2X7DxSoM61J-aM_mASxbs.roa
File: 2Es36O2X7DxSoM61J-aM_mASxbs.roa (raw, json)
Hash identifier: HF9ft1R41FmurSUD3k2FPnQkkBSmz8qDv7eYty9cqAw=
Subject key identifier: D8:4B:37:E8:ED:97:EC:3C:52:A0:CE:B5:27:E6:8C:FE:60:12:C5:BB
Certificate issuer: /CN=c592786ced6ce597585468bb4f36b31cf6acec6e
Certificate serial: 1ABAECC8
Authority key identifier: C5:92:78:6C:ED:6C:E5:97:58:54:68:BB:4F:36:B3:1C:F6:AC:EC:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xZJ4bO1s5ZdYVGi7TzazHPas7G4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/a9c0b7-a23a-458f-8f64-ba37511404c2/1/2Es36O2X7DxSoM61J-aM_mASxbs.roa
Signing time: Sat 01 Jan 2022 10:04:13 +0000
ROA not before: Sat 01 Jan 2022 10:04:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29300
IP address blocks: 81.88.64.0/20 maxlen: 20
79.141.96.0/20 maxlen: 20
84.247.128.0/18 maxlen: 18
217.196.48.0/20 maxlen: 20
82.148.160.0/19 maxlen: 19
93.184.112.0/20 maxlen: 20
109.169.96.0/19 maxlen: 19
2a02:2828::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 448457928 (0x1abaecc8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c592786ced6ce597585468bb4f36b31cf6acec6e
Validity
Not Before: Jan 1 10:04:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d84b37e8ed97ec3c52a0ceb527e68cfe6012c5bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:0b:3b:41:b5:28:81:3c:d3:c6:d1:71:be:de:
0b:97:09:cb:23:25:53:3e:5d:49:9d:14:76:48:8b:
9a:bf:81:cd:1a:b7:74:db:2c:89:7a:4d:cd:cd:84:
13:58:63:c1:95:09:5e:b5:19:1d:61:93:62:6e:cc:
2a:fc:2c:3a:5d:da:b8:50:17:7a:ab:36:a9:4b:09:
6e:af:fa:ca:f9:42:8e:c7:79:fe:65:f5:78:f4:f9:
0d:88:13:61:05:f6:7c:f7:87:ee:cd:71:ac:4c:65:
c0:56:0f:c9:fe:93:68:ee:f9:6e:45:aa:60:a2:24:
26:3b:4f:10:77:49:37:2a:1b:d3:6b:17:9f:de:b6:
dc:79:bb:fd:54:7a:0b:e5:af:bb:0f:62:f4:9a:6b:
a4:33:cc:d6:a3:d2:af:06:87:5a:09:2c:b9:6a:b2:
4b:a3:38:63:3b:6f:9a:ed:0b:f6:eb:16:cc:9d:4a:
26:fc:6b:d1:20:33:1f:cc:00:d9:b9:4e:bb:14:e9:
14:4f:f4:d9:00:08:a3:0f:81:53:77:8a:bc:6e:8f:
d1:30:71:ca:52:3d:f1:89:c9:5d:2c:0d:a3:4f:4f:
6e:b3:8d:aa:14:68:d0:59:88:9a:d4:fd:a5:90:1f:
97:ca:3b:92:01:8b:96:32:cf:57:08:00:11:22:8c:
e7:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:4B:37:E8:ED:97:EC:3C:52:A0:CE:B5:27:E6:8C:FE:60:12:C5:BB
X509v3 Authority Key Identifier:
keyid:C5:92:78:6C:ED:6C:E5:97:58:54:68:BB:4F:36:B3:1C:F6:AC:EC:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xZJ4bO1s5ZdYVGi7TzazHPas7G4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/a9c0b7-a23a-458f-8f64-ba37511404c2/1/2Es36O2X7DxSoM61J-aM_mASxbs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/a9c0b7-a23a-458f-8f64-ba37511404c2/1/xZJ4bO1s5ZdYVGi7TzazHPas7G4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.141.96.0/20
81.88.64.0/20
82.148.160.0/19
84.247.128.0/18
93.184.112.0/20
109.169.96.0/19
217.196.48.0/20
IPv6:
2a02:2828::/32
Signature Algorithm: sha256WithRSAEncryption
50:9b:1a:33:53:35:0b:2d:5f:1e:9f:8d:89:b8:47:fc:4d:2e:
e8:b7:f5:3b:66:3d:db:cb:d6:70:85:2d:15:0a:70:59:3f:70:
92:55:b2:a7:b8:80:a0:ad:95:11:a8:c2:ee:68:01:f5:6e:3b:
6c:6a:1f:06:76:fd:6c:5c:60:69:50:c3:8a:1f:2c:17:5a:8f:
0a:6f:a8:ea:e7:1d:90:1c:59:e4:ef:37:93:51:d8:95:e2:81:
23:1e:eb:ed:d8:1f:01:c5:06:20:7e:9a:a2:86:31:d8:0b:d9:
92:00:84:ab:8b:fb:f8:fe:c6:0a:01:ea:8d:f6:fa:c3:1a:71:
62:38:76:89:9c:5d:7a:58:3b:de:64:b8:49:db:c3:b6:fa:cd:
60:ab:8b:2b:92:63:a3:a6:76:8b:00:fd:3d:45:39:0d:5d:42:
f8:ea:cd:3e:45:f7:2a:36:df:9a:8c:f0:8c:94:d0:f9:a5:4b:
a0:4e:5f:27:9c:24:7b:1a:ec:12:b7:11:5e:1a:05:6d:ba:45:
72:11:b9:7e:6e:5d:e0:23:d5:58:2e:d9:31:20:44:85:41:04:
a5:f6:ca:0d:18:05:c9:a7:20:11:e3:86:24:aa:c5:6c:26:ec:
3f:24:8f:a2:6b:59:59:50:f9:ca:0d:81:5a:15:96:36:7f:95:
aa:d5:cc:9b
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIEGrrsyDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NTkyNzg2Y2VkNmNlNTk3NTg1NDY4YmI0ZjM2YjMxY2Y2YWNlYzZlMB4XDTIyMDEw
MTEwMDQxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDg0YjM3ZThlZDk3
ZWMzYzUyYTBjZWI1MjdlNjhjZmU2MDEyYzViYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKQLO0G1KIE808bRcb7eC5cJyyMlUz5dSZ0UdkiLmr+BzRq3
dNssiXpNzc2EE1hjwZUJXrUZHWGTYm7MKvwsOl3auFAXeqs2qUsJbq/6yvlCjsd5
/mX1ePT5DYgTYQX2fPeH7s1xrExlwFYPyf6TaO75bkWqYKIkJjtPEHdJNyob02sX
n9623Hm7/VR6C+Wvuw9i9JprpDPM1qPSrwaHWgksuWqyS6M4Yztvmu0L9usWzJ1K
Jvxr0SAzH8wA2blOuxTpFE/02QAIow+BU3eKvG6P0TBxylI98YnJXSwNo09PbrON
qhRo0FmImtT9pZAfl8o7kgGLljLPVwgAESKM5yMCAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBTYSzfo7ZfsPFKgzrUn5oz+YBLFuzAfBgNVHSMEGDAWgBTFknhs7Wzll1hU
aLtPNrMc9qzsbjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3haSjRiTzFzNVpkWVZHaTdUemF6SFBhczdHNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWUvYTljMGI3LWEyM2EtNDU4Zi04ZjY0LWJhMzc1MTE0MDRjMi8x
LzJFczM2TzJYN0R4U29NNjFKLWFNX21BU3hicy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWUv
YTljMGI3LWEyM2EtNDU4Zi04ZjY0LWJhMzc1MTE0MDRjMi8xL3haSjRiTzFzNVpk
WVZHaTdUemF6SFBhczdHNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEBE+NYAMEBFFYQAMEBVKUoAMEBlT3
gAMEBF24cAMEBW2pYAMEBNnEMDANBAIAAjAHAwUAKgIoKDANBgkqhkiG9w0BAQsF
AAOCAQEAUJsaM1M1Cy1fHp+NibhH/E0u6Lf1O2Y928vWcIUtFQpwWT9wklWyp7iA
oK2VEajC7mgB9W47bGofBnb9bFxgaVDDih8sF1qPCm+o6ucdkBxZ5O83k1HYleKB
Ix7r7dgfAcUGIH6aooYx2AvZkgCEq4v7+P7GCgHqjfb6wxpxYjh2iZxdelg73mS4
SdvDtvrNYKuLK5Jjo6Z2iwD9PUU5DV1C+OrNPkX3KjbfmozwjJTQ+aVLoE5fJ5wk
exrsErcRXhoFbbpFchG5fm5d4CPVWC7ZMSBEhUEEpfbKDRgFyacgEeOGJKrFbCbs
PySPomtZWVD5yg2BWhWWNn+VqtXMmw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:23 2024 by rpki-client on console-ams.rpki-client.org