Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/rmS26MMMntUxBDcul9-ZgArMWSA.roa
File: rmS26MMMntUxBDcul9-ZgArMWSA.roa (raw, json)
Hash identifier: alJLP3PXR6HaA119aGbanjOIWNaFtMUA6lFcTMq4nOU=
Subject key identifier: AE:64:B6:E8:C3:0C:9E:D5:31:04:37:2E:97:DF:99:80:0A:CC:59:20
Certificate issuer: /CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Certificate serial: 01856F1DC489161F7CCDF63AB284C4DC4417
Authority key identifier: 81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/rmS26MMMntUxBDcul9-ZgArMWSA.roa
Signing time: Sun 01 Jan 2023 20:54:59 +0000
ROA not before: Sun 01 Jan 2023 20:54:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1136
IP address blocks: 84.80.0.0/13 maxlen: 13
82.169.128.0/19 maxlen: 19
80.60.0.0/15 maxlen: 15
82.171.64.0/18 maxlen: 18
82.169.160.0/19 maxlen: 19
77.173.0.0/16 maxlen: 16
195.240.0.0/17 maxlen: 17
82.171.0.0/18 maxlen: 18
82.169.96.0/19 maxlen: 19
85.113.224.0/19 maxlen: 19
77.175.0.0/17 maxlen: 17
77.175.0.0/16 maxlen: 16
82.170.0.0/16 maxlen: 16
195.240.192.0/18 maxlen: 18
213.10.0.0/16 maxlen: 16
82.168.0.0/17 maxlen: 17
86.80.0.0/12 maxlen: 12
195.240.128.0/18 maxlen: 18
82.169.192.0/18 maxlen: 18
62.131.0.0/16 maxlen: 16
82.168.0.0/14 maxlen: 14
77.168.0.0/14 maxlen: 14
82.171.128.0/17 maxlen: 17
77.160.0.0/13 maxlen: 13
77.172.0.0/16 maxlen: 16
81.204.0.0/14 maxlen: 14
82.168.192.0/19 maxlen: 19
82.136.192.0/18 maxlen: 18
77.175.128.0/17 maxlen: 17
37.251.0.0/17 maxlen: 17
82.168.128.0/18 maxlen: 18
195.241.0.0/16 maxlen: 16
88.159.0.0/16 maxlen: 16
82.169.64.0/19 maxlen: 19
82.168.224.0/19 maxlen: 19
188.142.0.0/17 maxlen: 17
77.174.0.0/16 maxlen: 16
212.123.128.0/18 maxlen: 18
82.169.0.0/18 maxlen: 18
212.182.128.0/18 maxlen: 18
2a02:a400::/25 maxlen: 25
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:c4:89:16:1f:7c:cd:f6:3a:b2:84:c4:dc:44:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Validity
Not Before: Jan 1 20:54:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae64b6e8c30c9ed53104372e97df99800acc5920
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:2c:f3:04:b5:26:49:28:a6:36:f4:3f:36:07:
68:70:4e:68:41:17:2e:a5:a9:55:47:12:63:61:ba:
25:68:c6:a5:ed:73:b2:4d:7d:d0:4e:11:ea:48:cf:
17:d0:47:fc:0a:bf:94:99:95:20:70:68:39:3f:ef:
09:07:e9:d5:25:5d:b8:97:34:7c:6c:2e:1c:2c:b1:
97:75:39:4c:6a:5c:19:c8:d2:82:bd:c3:32:a4:5e:
3a:bb:1e:10:49:25:f8:bf:d9:c4:0a:70:9e:99:4a:
bb:eb:da:31:19:c7:03:c8:72:07:c9:bc:dc:5e:b5:
8f:96:97:59:f3:ca:8b:e8:fd:e9:3d:bb:2b:bc:2e:
e8:4b:c5:50:00:3f:8c:5c:66:73:b4:eb:d3:87:ae:
f5:fa:0f:8e:01:43:4e:0e:1a:6c:4f:d2:c7:4e:1a:
f8:14:9e:eb:d2:26:cb:8b:98:3a:10:bb:a8:39:11:
a7:c3:bf:c1:49:64:54:bb:54:af:b1:4f:f6:ab:b5:
79:e1:99:84:42:01:1d:de:e3:9f:10:87:09:94:83:
b3:22:00:b2:7a:39:62:35:d1:6d:b2:4b:cc:4b:e6:
1e:be:49:66:e4:64:64:2d:f1:14:04:d9:fa:c5:b0:
23:0e:d1:e1:83:e8:4b:e3:3f:2e:3a:d3:4c:b7:36:
43:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:64:B6:E8:C3:0C:9E:D5:31:04:37:2E:97:DF:99:80:0A:CC:59:20
X509v3 Authority Key Identifier:
keyid:81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/rmS26MMMntUxBDcul9-ZgArMWSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.251.0.0/17
62.131.0.0/16
77.160.0.0/12
80.60.0.0/15
81.204.0.0/14
82.136.192.0/18
82.168.0.0/14
84.80.0.0/13
85.113.224.0/19
86.80.0.0/12
88.159.0.0/16
188.142.0.0/17
195.240.0.0/15
212.123.128.0/18
212.182.128.0/18
213.10.0.0/16
IPv6:
2a02:a400::/25
Signature Algorithm: sha256WithRSAEncryption
5e:d8:9e:0d:33:5b:9b:93:05:d6:74:b3:8f:c4:a6:31:d6:44:
b1:21:29:48:d8:12:bd:af:55:25:8c:59:6e:d6:e7:27:9d:76:
ca:53:2c:42:7f:e5:f0:02:91:8f:d1:27:3e:af:95:f3:fa:8f:
48:ac:3f:4b:84:a0:9a:15:4c:0b:6c:ac:0b:4e:e1:c9:4f:d2:
97:37:a1:c2:e1:0b:cf:df:ea:b7:43:07:94:3b:72:18:25:bb:
98:93:d0:41:8d:aa:7f:66:08:79:68:b9:91:16:e4:93:45:6a:
41:5a:d6:e5:0a:56:30:4c:a4:e6:88:e1:a0:23:72:8c:c9:e3:
8d:b4:c6:fa:80:84:6f:24:0a:1b:54:a7:61:6d:1c:d0:d6:b3:
27:31:54:ca:25:14:64:bf:cd:04:14:6f:3a:6a:eb:18:9c:34:
1e:aa:0b:29:50:45:97:44:30:26:03:f6:ad:cf:3f:d0:da:65:
44:2d:92:bd:a6:c1:3e:d1:b4:d8:0b:93:2a:5a:e5:c7:ca:3a:
a5:51:f3:6b:d1:8a:eb:58:4b:98:4e:73:d6:6f:7f:ec:40:91:
c7:a2:39:75:de:0a:61:b4:0d:f5:f3:7f:59:c3:e8:ae:dd:d2:
5c:36:a7:98:52:39:2d:a2:7e:7f:49:57:a3:2f:81:c4:7f:8a:
98:7b:b5:2a
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgISAYVvHcSJFh98zfY6soTE3EQXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZWVkNDA5MTM4M2Q5ZWQ0MDU2ZDlmNGVmZjdkMjYyMmRk
Y2UyMDUwHhcNMjMwMTAxMjA1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTY0YjZlOGMzMGM5ZWQ1MzEwNDM3MmU5N2RmOTk4MDBhY2M1OTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCzzBLUmSSimNvQ/NgdocE5oQRcu
palVRxJjYbolaMal7XOyTX3QThHqSM8X0Ef8Cr+UmZUgcGg5P+8JB+nVJV24lzR8
bC4cLLGXdTlMalwZyNKCvcMypF46ux4QSSX4v9nECnCemUq769oxGccDyHIHybzc
XrWPlpdZ88qL6P3pPbsrvC7oS8VQAD+MXGZztOvTh671+g+OAUNODhpsT9LHThr4
FJ7r0ibLi5g6ELuoORGnw7/BSWRUu1SvsU/2q7V54ZmEQgEd3uOfEIcJlIOzIgCy
ejliNdFtskvMS+Yevklm5GRkLfEUBNn6xbAjDtHhg+hL4z8uOtNMtzZDVwIDAQAB
o4ICaDCCAmQwHQYDVR0OBBYEFK5ktujDDJ7VMQQ3LpffmYAKzFkgMB8GA1UdIwQY
MBaAFIHu1AkTg9ntQFbZ9O/30mIt3OIFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2Et
ODcyYjM3MTBjMmExLzEvcm1TMjZNTU1udFV4QkRjdWw5LVpnQXJNV1NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2EtODcyYjM3MTBjMmEx
LzEvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH4GCCsGAQUFBwEHAQH/BG8wbTBcBAIAATBWAwQHJfsAAwMA
PoMDAwRNoAMDAVA8AwMCUcwDBAZSiMADAwJSqAMDA1RQAwQFVXHgAwMEVlADAwBY
nwMEB7yOAAMDAcPwAwQG1HuAAwQG1LaAAwMA1QowDQQCAAIwBwMFByoCpAAwDQYJ
KoZIhvcNAQELBQADggEBAF7Yng0zW5uTBdZ0s4/EpjHWRLEhKUjYEr2vVSWMWW7W
5yeddspTLEJ/5fACkY/RJz6vlfP6j0isP0uEoJoVTAtsrAtO4clP0pc3ocLhC8/f
6rdDB5Q7chglu5iT0EGNqn9mCHlouZEW5JNFakFa1uUKVjBMpOaI4aAjcozJ4420
xvqAhG8kChtUp2FtHNDWsycxVMolFGS/zQQUbzpq6xicNB6qCylQRZdEMCYD9q3P
P9DaZUQtkr2mwT7RtNgLkypa5cfKOqVR82vRiutYS5hOc9Zvf+xAkceiOXXeCmG0
DfXzf1nD6K7d0lw2p5hSOS2ifn9JV6MvgcR/iph7tSo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:17 2024 by rpki-client on console-ams.rpki-client.org