Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/DgsebFwKVSlqi7Cg-aQl8jCnnwg.roa
File: DgsebFwKVSlqi7Cg-aQl8jCnnwg.roa (raw, json)
Hash identifier: PRfmrNoEPn3I/RjAQal7njJexm7l5//Bwv0z9zj/Q2M=
Subject key identifier: 0E:0B:1E:6C:5C:0A:55:29:6A:8B:B0:A0:F9:A4:25:F2:30:A7:9F:08
Certificate issuer: /CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Certificate serial: 09BA1257
Authority key identifier: 81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/DgsebFwKVSlqi7Cg-aQl8jCnnwg.roa
Signing time: Mon 14 Feb 2022 14:00:19 +0000
ROA not before: Mon 14 Feb 2022 14:00:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12871
IP address blocks: 213.148.224.0/19 maxlen: 19
195.64.64.0/20 maxlen: 20
84.39.0.0/19 maxlen: 19
213.197.0.0/18 maxlen: 18
46.227.232.0/21 maxlen: 21
141.105.0.0/20 maxlen: 20
2001:838::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 163189335 (0x9ba1257)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Validity
Not Before: Feb 14 14:00:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0e0b1e6c5c0a55296a8bb0a0f9a425f230a79f08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:5f:d5:cb:61:d1:b9:7b:67:94:73:a4:cc:3d:
00:e6:e6:dd:11:b1:71:b0:a3:17:09:6c:d5:80:ae:
ac:8d:da:1c:a4:a2:b2:b8:db:89:38:84:42:74:1b:
9a:f8:3a:0c:bf:51:f5:78:5c:b5:69:6d:ce:a9:8f:
42:65:44:67:1e:50:fb:12:59:9f:c1:91:50:d0:ae:
9f:fa:c7:8a:b9:2b:62:a9:a9:b1:f4:47:de:7f:c0:
c5:9f:79:57:cd:6f:f7:d8:18:b4:3d:7d:f2:e2:ee:
0c:16:4c:af:ba:da:0e:46:21:d4:74:74:0b:7f:73:
74:8c:8e:25:5f:2b:12:b6:7d:6f:c6:08:bb:68:48:
19:d0:e3:93:ec:0b:fa:56:5b:46:93:17:3a:24:95:
00:c9:40:75:76:e3:d0:2d:88:18:2e:90:c2:2a:c5:
76:68:db:d2:ad:98:a0:e4:f5:2b:ae:76:69:a6:3b:
10:a0:fe:b1:0b:c4:f1:75:19:7f:bd:5d:f8:0c:0b:
4a:1e:c7:4a:0e:ba:96:9c:bf:88:10:4a:c9:3f:2a:
22:71:cb:60:87:a8:6d:97:af:bb:ba:f5:5e:56:95:
d8:25:e0:bf:18:b7:f7:0e:8c:31:be:34:eb:37:77:
15:7a:04:56:9d:62:b8:3f:ce:25:ef:b5:a7:f1:3c:
64:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:0B:1E:6C:5C:0A:55:29:6A:8B:B0:A0:F9:A4:25:F2:30:A7:9F:08
X509v3 Authority Key Identifier:
keyid:81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/DgsebFwKVSlqi7Cg-aQl8jCnnwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.232.0/21
84.39.0.0/19
141.105.0.0/20
195.64.64.0/20
213.148.224.0/19
213.197.0.0/18
IPv6:
2001:838::/29
Signature Algorithm: sha256WithRSAEncryption
86:6c:aa:aa:24:1f:72:b5:0c:51:83:9c:bf:79:9b:ba:ab:d0:
99:68:98:c0:56:13:82:28:84:fd:92:a7:54:45:be:9c:14:90:
85:e0:86:9f:9d:7c:58:a0:00:d5:0f:bc:fc:6a:d5:4c:26:a4:
84:f8:c3:2a:88:73:90:25:ea:1f:af:80:41:da:27:e6:02:a3:
88:2e:6f:38:19:27:1d:40:ce:bd:35:83:7a:91:5d:20:09:5b:
4b:a0:9a:af:7b:a8:d3:90:47:1c:7d:62:a6:d8:f7:dc:10:d5:
4b:ce:7a:6b:e0:09:60:cb:8f:0d:13:ee:ba:2c:bc:86:2c:c1:
95:d8:ae:d8:55:af:59:1b:8a:f1:f5:60:6e:f4:e9:d6:78:77:
3c:02:0f:25:dc:2f:62:52:59:7a:0c:5c:24:f9:46:29:9a:d1:
23:ac:4e:bd:4a:b2:63:8c:08:c8:1b:72:b6:d6:06:d0:eb:6a:
9d:ed:41:b7:6b:46:a0:83:36:94:78:20:5d:73:41:4b:9f:6c:
23:b0:51:a2:20:fd:68:7a:47:89:92:71:9f:36:ec:fc:6a:53:
8b:8b:39:9c:b8:1d:30:76:b8:75:a5:36:b1:7e:94:f3:91:30:
47:43:23:5a:3e:e4:fb:91:cb:2b:91:03:9a:57:f4:87:82:f8:
0c:c2:a9:3c
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIECboSVzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MWVlZDQwOTEzODNkOWVkNDA1NmQ5ZjRlZmY3ZDI2MjJkZGNlMjA1MB4XDTIyMDIx
NDE0MDAxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGUwYjFlNmM1YzBh
NTUyOTZhOGJiMGEwZjlhNDI1ZjIzMGE3OWYwODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOFf1cth0bl7Z5RzpMw9AObm3RGxcbCjFwls1YCurI3aHKSi
srjbiTiEQnQbmvg6DL9R9XhctWltzqmPQmVEZx5Q+xJZn8GRUNCun/rHirkrYqmp
sfRH3n/AxZ95V81v99gYtD198uLuDBZMr7raDkYh1HR0C39zdIyOJV8rErZ9b8YI
u2hIGdDjk+wL+lZbRpMXOiSVAMlAdXbj0C2IGC6QwirFdmjb0q2YoOT1K652aaY7
EKD+sQvE8XUZf71d+AwLSh7HSg66lpy/iBBKyT8qInHLYIeobZevu7r1XlaV2CXg
vxi39w6MMb406zd3FXoEVp1iuD/OJe+1p/E8ZGkCAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBQOCx5sXApVKWqLsKD5pCXyMKefCDAfBgNVHSMEGDAWgBSB7tQJE4PZ7UBW
2fTv99JiLdziBTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dlN1VDUk9EMmUxQVZ0bjA3X2ZTWWkzYzRnVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2EvNGE5Y2M0LTJiOWEtNGVmMi1hMzNhLTg3MmIzNzEwYzJhMS8x
L0Rnc2ViRndLVlNscWk3Q2ctYVFsOGpDbm53Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Ev
NGE5Y2M0LTJiOWEtNGVmMi1hMzNhLTg3MmIzNzEwYzJhMS8xL2dlN1VDUk9EMmUx
QVZ0bjA3X2ZTWWkzYzRnVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEAy7j6AMEBVQnAAMEBI1pAAMEBMNA
QAMEBdWU4AMEBtXFADANBAIAAjAHAwUDIAEIODANBgkqhkiG9w0BAQsFAAOCAQEA
hmyqqiQfcrUMUYOcv3mbuqvQmWiYwFYTgiiE/ZKnVEW+nBSQheCGn518WKAA1Q+8
/GrVTCakhPjDKohzkCXqH6+AQdon5gKjiC5vOBknHUDOvTWDepFdIAlbS6Car3uo
05BHHH1iptj33BDVS856a+AJYMuPDRPuuiy8hizBldiu2FWvWRuK8fVgbvTp1nh3
PAIPJdwvYlJZegxcJPlGKZrRI6xOvUqyY4wIyBtyttYG0Otqne1Bt2tGoIM2lHgg
XXNBS59sI7BRoiD9aHpHiZJxnzbs/GpTi4s5nLgdMHa4daU2sX6U85EwR0MjWj7k
+5HLK5EDmlf0h4L4DMKpPA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:49 2023 by rpki-client on console-ams.rpki-client.org