Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/AwZHRm53oy20GIbhevDkG3Si3Bc.roa
File: AwZHRm53oy20GIbhevDkG3Si3Bc.roa (raw, json)
Hash identifier: LqnijAHiqfLcFeFGhSG21th+WWToMpnF7dEdiShUBB4=
Subject key identifier: 03:06:47:46:6E:77:A3:2D:B4:18:86:E1:7A:F0:E4:1B:74:A2:DC:17
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0185710C32CAAFE7A6FAB19CC265D70053AD
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/AwZHRm53oy20GIbhevDkG3Si3Bc.roa
Signing time: Mon 02 Jan 2023 05:55:02 +0000
ROA not before: Mon 02 Jan 2023 05:55:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204084
IP address blocks: 185.102.137.0/24 maxlen: 24
2a0f:7c80::/29 maxlen: 29
2a0b:9800::/29 maxlen: 29
2a0f:3380::/29 maxlen: 29
2a0f:2380::/29 maxlen: 29
2a0b:a300::/29 maxlen: 29
2a0f:a700::/29 maxlen: 29
2a0d:88c0::/29 maxlen: 29
2a0f:7300::/29 maxlen: 29
2a0f:c780::/29 maxlen: 29
2a0f:4580::/29 maxlen: 29
2a0c:7440::/29 maxlen: 29
2a0f:5580::/29 maxlen: 29
2a0c:74c0::/29 maxlen: 29
2a0f:1180::/29 maxlen: 29
2a0f:4680::/29 maxlen: 29
2a0c:7540::/29 maxlen: 29
2a0d:2cc0::/29 maxlen: 29
2a0f:a500::/29 maxlen: 29
2a0f:7100::/29 maxlen: 29
2a07:4a00::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0c:32:ca:af:e7:a6:fa:b1:9c:c2:65:d7:00:53:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 2 05:55:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=030647466e77a32db41886e17af0e41b74a2dc17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:2b:4e:e3:26:c2:a7:ad:39:24:6f:66:bc:27:
8c:76:00:a3:5c:bb:5d:d3:ff:f2:12:92:34:41:31:
00:79:cb:9e:01:2b:11:43:a2:0b:59:ce:de:34:53:
e3:ac:b5:a6:bd:18:87:29:af:ed:22:d3:3f:24:53:
21:ab:ae:ad:99:0b:7d:14:f5:57:55:58:01:20:3a:
48:c9:c7:01:d8:5f:a9:58:11:a2:35:e1:44:36:37:
8d:58:60:a4:0c:cf:9f:ea:4e:55:ae:79:0c:21:4d:
39:a6:76:ec:3f:bf:a4:b9:37:7d:79:fd:7b:47:00:
2b:ab:3c:05:e4:5f:93:70:62:24:e7:4e:71:2d:84:
8a:d2:2b:fa:d0:6b:61:62:d4:c4:7f:d9:c8:7e:37:
3b:bc:7d:0b:aa:31:a3:43:d1:bd:c8:75:22:5c:24:
3b:03:c7:6c:c1:0f:39:0d:1c:99:28:b8:fc:7a:9e:
4d:41:36:88:5d:93:dd:ef:f0:3a:b5:6f:12:0b:2b:
c5:36:c2:a1:87:17:6e:85:db:df:de:c8:69:ce:9c:
35:24:72:fc:70:9c:89:b9:5c:c8:a6:7e:43:6a:f5:
62:cc:a8:c8:42:51:13:7e:14:8b:7c:4c:fb:d5:f4:
c3:2c:a2:91:df:d6:21:92:44:cd:4e:72:97:37:fa:
71:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:06:47:46:6E:77:A3:2D:B4:18:86:E1:7A:F0:E4:1B:74:A2:DC:17
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/AwZHRm53oy20GIbhevDkG3Si3Bc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.102.137.0/24
IPv6:
2a07:4a00::/29
2a0b:9800::/29
2a0b:a300::/29
2a0c:7440::/29
2a0c:74c0::/29
2a0c:7540::/29
2a0d:2cc0::/29
2a0d:88c0::/29
2a0f:1180::/29
2a0f:2380::/29
2a0f:3380::/29
2a0f:4580::/29
2a0f:4680::/29
2a0f:5580::/29
2a0f:7100::/29
2a0f:7300::/29
2a0f:7c80::/29
2a0f:a500::/29
2a0f:a700::/29
2a0f:c780::/29
Signature Algorithm: sha256WithRSAEncryption
56:17:ac:35:80:23:ae:7d:8a:c0:5d:fe:62:20:f5:6e:ef:fe:
e6:2c:42:da:bf:4a:d1:84:05:82:21:cc:ff:a6:d1:51:11:a0:
2d:91:25:85:c2:75:dc:33:59:52:83:17:1a:ad:a5:68:35:63:
84:19:1d:ed:48:c1:d6:19:d0:39:bd:25:0c:c0:a5:da:10:e7:
7b:23:b0:9a:59:7e:8c:d8:9b:66:f0:88:69:29:90:d7:43:b5:
a3:ac:1f:03:3f:23:b2:a1:74:7f:bc:7b:f1:08:54:8e:f5:23:
dd:17:22:02:06:9f:85:cd:a1:33:f6:eb:1c:06:3e:ac:4c:73:
09:39:f8:9b:12:94:83:99:be:77:02:38:8a:f5:d4:76:59:56:
7d:7e:45:53:91:f4:58:d1:25:cb:dc:bf:25:0f:0e:d2:91:e1:
8f:d9:96:33:d0:dc:55:85:94:74:5b:e7:17:49:6b:3f:01:3a:
a4:4c:fc:53:7d:5c:e4:78:91:10:06:65:16:9c:41:b6:e2:1b:
e6:98:19:80:87:f0:7f:23:37:34:b1:0e:3a:53:0e:1b:c9:d2:
9e:3f:ce:87:4f:fc:17:fc:73:34:d5:ad:87:78:c3:19:cb:c3:
fe:c3:05:70:d9:86:2a:70:f0:f2:e4:c7:56:92:87:33:87:28:
54:c3:a5:fd
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAYVxDDLKr+em+rGcwmXXAFOtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwMTAyMDU1NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzA2NDc0NjZlNzdhMzJkYjQxODg2ZTE3YWYwZTQxYjc0YTJkYzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtytO4ybCp605JG9mvCeMdgCjXLtd
0//yEpI0QTEAecueASsRQ6ILWc7eNFPjrLWmvRiHKa/tItM/JFMhq66tmQt9FPVX
VVgBIDpIyccB2F+pWBGiNeFENjeNWGCkDM+f6k5VrnkMIU05pnbsP7+kuTd9ef17
RwArqzwF5F+TcGIk505xLYSK0iv60GthYtTEf9nIfjc7vH0LqjGjQ9G9yHUiXCQ7
A8dswQ85DRyZKLj8ep5NQTaIXZPd7/A6tW8SCyvFNsKhhxduhdvf3shpzpw1JHL8
cJyJuVzIpn5DavVizKjIQlETfhSLfEz71fTDLKKR39YhkkTNTnKXN/pxfQIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFAMGR0Zud6MttBiG4Xrw5Bt0otwXMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvQXdaSFJtNTNveTIwR0liaGV2RGtHM1NpM0JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDAMBAIAATAGAwQAuWaJ
MIGTBAIAAjCBjAMFAyoHSgADBQMqC5gAAwUDKgujAAMFAyoMdEADBQMqDHTAAwUD
Kgx1QAMFAyoNLMADBQMqDYjAAwUDKg8RgAMFAyoPI4ADBQMqDzOAAwUDKg9FgAMF
AyoPRoADBQMqD1WAAwUDKg9xAAMFAyoPcwADBQMqD3yAAwUDKg+lAAMFAyoPpwAD
BQMqD8eAMA0GCSqGSIb3DQEBCwUAA4IBAQBWF6w1gCOufYrAXf5iIPVu7/7mLELa
v0rRhAWCIcz/ptFREaAtkSWFwnXcM1lSgxcaraVoNWOEGR3tSMHWGdA5vSUMwKXa
EOd7I7CaWX6M2Jtm8IhpKZDXQ7WjrB8DPyOyoXR/vHvxCFSO9SPdFyICBp+FzaEz
9uscBj6sTHMJOfibEpSDmb53AjiK9dR2WVZ9fkVTkfRY0SXL3L8lDw7SkeGP2ZYz
0NxVhZR0W+cXSWs/ATqkTPxTfVzkeJEQBmUWnEG24hvmmBmAh/B/Izc0sQ46Uw4b
ydKeP86HT/wX/HM01a2HeMMZy8P+wwVw2YYqcPDy5MdWkoczhyhUw6X9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:08 2024 by rpki-client on console-ams.rpki-client.org