Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/7yemMifrSVfwfmEx2ej52Rw-d50.roa
File: 7yemMifrSVfwfmEx2ej52Rw-d50.roa (raw, json)
Hash identifier: sILslln6rpOLLIECnGeM+FyzgLvPqhabfdwKcdhSGag=
Subject key identifier: EF:27:A6:32:27:EB:49:57:F0:7E:61:31:D9:E8:F9:D9:1C:3E:77:9D
Certificate issuer: /CN=e37ee1eced19f8a0a3a635bfaa264293e3437795
Certificate serial: 34CC1F87
Authority key identifier: E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/7yemMifrSVfwfmEx2ej52Rw-d50.roa
Signing time: Mon 14 Feb 2022 09:15:55 +0000
ROA not before: Mon 14 Feb 2022 09:15:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203622
IP address blocks: 46.32.166.0/24 maxlen: 24
46.32.165.0/24 maxlen: 24
46.32.164.0/24 maxlen: 24
46.32.160.0/24 maxlen: 24
46.32.162.0/24 maxlen: 24
46.32.161.0/24 maxlen: 24
46.32.167.0/24 maxlen: 24
46.32.170.0/24 maxlen: 24
46.32.172.0/24 maxlen: 24
46.32.171.0/24 maxlen: 24
46.32.177.0/24 maxlen: 24
46.32.179.0/24 maxlen: 24
46.32.178.0/24 maxlen: 24
46.32.174.0/24 maxlen: 24
46.32.173.0/24 maxlen: 24
46.32.176.0/24 maxlen: 24
46.32.175.0/24 maxlen: 24
46.32.184.0/24 maxlen: 24
46.32.186.0/24 maxlen: 24
46.32.185.0/24 maxlen: 24
46.32.191.0/24 maxlen: 24
46.32.188.0/24 maxlen: 24
46.32.187.0/24 maxlen: 24
46.32.190.0/24 maxlen: 24
46.32.189.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 885792647 (0x34cc1f87)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e37ee1eced19f8a0a3a635bfaa264293e3437795
Validity
Not Before: Feb 14 09:15:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ef27a63227eb4957f07e6131d9e8f9d91c3e779d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:94:99:0e:bd:b3:30:42:87:53:67:aa:6f:10:
5f:92:94:80:cf:e4:63:2c:f0:06:84:69:15:ca:16:
3c:9c:be:9d:6d:76:8f:de:01:c8:98:a8:c6:9d:3f:
8f:b7:2a:d1:1f:6f:37:0e:c2:ed:84:d7:91:f1:70:
13:48:1f:27:1f:89:fa:d2:21:ea:c8:46:e8:fa:1e:
3c:ca:d3:36:c0:8b:99:32:ac:23:1d:fb:70:f6:a8:
1e:44:28:b2:12:6b:b4:f1:39:27:f4:06:5e:1a:fa:
bb:fc:7b:f6:e4:42:02:28:4f:d9:52:4d:fa:e3:3d:
12:88:89:63:90:bc:4e:06:16:b3:72:d6:5a:9a:c6:
09:c3:4f:39:91:7b:34:41:5d:18:16:b3:e7:cd:1a:
05:7a:55:70:97:da:84:6f:7d:15:66:68:a1:62:e3:
6e:a4:b9:16:10:e9:ce:bd:e7:91:ec:1f:b8:1f:c8:
32:7a:cd:52:b4:1c:62:32:ba:8b:12:f5:ad:58:4d:
eb:10:74:01:14:77:aa:74:be:4e:94:27:80:98:da:
fd:4e:f0:a2:ac:c4:cb:a4:d9:30:84:ce:ea:19:08:
9c:e6:13:12:78:20:f7:3f:5b:7a:30:27:c9:d1:95:
c5:04:e7:e4:44:14:92:bb:89:f8:92:34:1f:c0:04:
05:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:27:A6:32:27:EB:49:57:F0:7E:61:31:D9:E8:F9:D9:1C:3E:77:9D
X509v3 Authority Key Identifier:
keyid:E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/7yemMifrSVfwfmEx2ej52Rw-d50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/437h7O0Z-KCjpjW_qiZCk-NDd5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.32.160.0-46.32.162.255
46.32.164.0/22
46.32.170.0-46.32.179.255
46.32.184.0/21
Signature Algorithm: sha256WithRSAEncryption
28:77:85:24:8c:68:9d:d7:b0:e2:6d:99:9f:5d:94:e3:b0:5b:
52:67:0f:ba:8c:90:6b:08:d3:e0:1c:73:73:a4:d6:24:63:a9:
18:e0:ea:e3:dd:ea:40:64:0f:71:57:b7:4e:98:23:f1:1e:ee:
d2:43:00:58:80:da:50:ce:7d:a2:e3:c2:e6:5e:b6:e0:3a:7d:
8b:1b:fd:5f:3e:49:a6:1f:02:95:88:33:aa:ee:8f:4c:fc:22:
b6:4f:8b:02:4a:66:82:a9:06:d3:df:8f:51:5c:80:2a:71:51:
d7:79:82:6c:52:0d:8e:51:44:3c:c6:08:c9:c6:e4:bf:30:77:
4a:51:a4:09:ad:76:69:b4:0f:8a:7b:df:88:9e:a0:58:df:82:
91:c6:a8:8d:6a:22:21:10:3d:f5:7d:9c:2c:45:83:05:c6:6d:
1e:af:14:4f:09:50:b1:5a:90:ec:67:70:4d:da:43:be:00:d8:
6b:de:4e:8d:6a:66:d8:9d:5d:cd:5b:d5:26:a3:87:35:47:02:
42:15:b2:09:a6:f8:eb:ec:5b:22:e1:60:8c:5e:02:fc:71:c0:
22:83:52:a4:75:65:c5:60:8d:cb:3d:f7:d8:99:02:75:ce:d2:
4a:98:d1:76:91:86:52:26:64:f9:83:c2:07:3f:91:4a:f9:98:
f3:9c:90:6e
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIENMwfhzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MzdlZTFlY2VkMTlmOGEwYTNhNjM1YmZhYTI2NDI5M2UzNDM3Nzk1MB4XDTIyMDIx
NDA5MTU1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWYyN2E2MzIyN2Vi
NDk1N2YwN2U2MTMxZDllOGY5ZDkxYzNlNzc5ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKeUmQ69szBCh1Nnqm8QX5KUgM/kYyzwBoRpFcoWPJy+nW12
j94ByJioxp0/j7cq0R9vNw7C7YTXkfFwE0gfJx+J+tIh6shG6PoePMrTNsCLmTKs
Ix37cPaoHkQoshJrtPE5J/QGXhr6u/x79uRCAihP2VJN+uM9EoiJY5C8TgYWs3LW
WprGCcNPOZF7NEFdGBaz580aBXpVcJfahG99FWZooWLjbqS5FhDpzr3nkewfuB/I
MnrNUrQcYjK6ixL1rVhN6xB0ARR3qnS+TpQngJja/U7woqzEy6TZMITO6hkInOYT
Engg9z9bejAnydGVxQTn5EQUkruJ+JI0H8AEBUkCAwEAAaOCAiswggInMB0GA1Ud
DgQWBBTvJ6YyJ+tJV/B+YTHZ6PnZHD53nTAfBgNVHSMEGDAWgBTjfuHs7Rn4oKOm
Nb+qJkKT40N3lTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzQzN2g3TzBaLUtDanBqV19xaVpDay1ORGQ1VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjgvNmQ1ZDc1LTRkMWUtNDY5Ny1iMWQzLTM2ZTM0NGFiYzlkMy8x
Lzd5ZW1NaWZyU1Zmd2ZtRXgyZWo1MlJ3LWQ1MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjgv
NmQ1ZDc1LTRkMWUtNDY5Ny1iMWQzLTM2ZTM0NGFiYzlkMy8xLzQzN2g3TzBaLUtD
anBqV19xaVpDay1ORGQ1VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwLgQCAAEwKDAMAwQFLiCgAwQALiCiAwQCLiCkMAwD
BAEuIKoDBAIuILADBAMuILgwDQYJKoZIhvcNAQELBQADggEBACh3hSSMaJ3XsOJt
mZ9dlOOwW1JnD7qMkGsI0+Acc3Ok1iRjqRjg6uPd6kBkD3FXt06YI/Ee7tJDAFiA
2lDOfaLjwuZetuA6fYsb/V8+SaYfApWIM6ruj0z8IrZPiwJKZoKpBtPfj1FcgCpx
Udd5gmxSDY5RRDzGCMnG5L8wd0pRpAmtdmm0D4p734ieoFjfgpHGqI1qIiEQPfV9
nCxFgwXGbR6vFE8JULFakOxncE3aQ74A2GveTo1qZtidXc1b1SajhzVHAkIVsgmm
+OvsWyLhYIxeAvxxwCKDUqR1ZcVgjcs999iZAnXO0kqY0XaRhlImZPmDwgc/kUr5
mPOckG4=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:39 2023 by rpki-client on console-ams.rpki-client.org