Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/90aa1e-0098-4fda-9829-a15ccf5b413e/1/Eb4g3f9WaWIxtRnCGI8XnHTrUP8.roa
File: Eb4g3f9WaWIxtRnCGI8XnHTrUP8.roa (raw, json)
Hash identifier: p6KoVoH3rkLlbAvOpUwk822erGp1cxri6wACmbuEeEM=
Subject key identifier: 11:BE:20:DD:FF:56:69:62:31:B5:19:C2:18:8F:17:9C:74:EB:50:FF
Certificate issuer: /CN=7242a13715fc5578cdc05aaaa68c6a413cdbc9f5
Certificate serial: 0183D051FA303ADA0AF238E5AEEF56864C7A
Authority key identifier: 72:42:A1:37:15:FC:55:78:CD:C0:5A:AA:A6:8C:6A:41:3C:DB:C9:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ckKhNxX8VXjNwFqqpoxqQTzbyfU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/90aa1e-0098-4fda-9829-a15ccf5b413e/1/Eb4g3f9WaWIxtRnCGI8XnHTrUP8.roa
Signing time: Thu 13 Oct 2022 07:49:36 +0000
ROA not before: Thu 13 Oct 2022 07:49:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47568
IP address blocks: 94.100.34.0/23 maxlen: 23
94.100.36.0/23 maxlen: 23
94.100.32.0/23 maxlen: 23
94.100.38.0/23 maxlen: 23
94.100.40.0/21 maxlen: 21
185.122.24.0/23 maxlen: 23
185.122.27.0/24 maxlen: 24
185.122.26.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:d0:51:fa:30:3a:da:0a:f2:38:e5:ae:ef:56:86:4c:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7242a13715fc5578cdc05aaaa68c6a413cdbc9f5
Validity
Not Before: Oct 13 07:49:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=11be20ddff56696231b519c2188f179c74eb50ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:bb:41:92:8d:6b:4b:ed:21:94:eb:c0:89:3c:
a3:74:63:57:fd:9b:69:fc:51:f5:93:b3:54:b3:e3:
54:37:ed:ff:3a:99:e9:72:e9:13:2b:7a:e6:84:a9:
4d:13:6d:73:c0:41:e2:88:51:ed:1d:cd:94:5c:73:
62:94:30:fb:45:74:48:78:0e:09:b3:b4:af:1f:1b:
7e:19:2a:66:40:89:68:11:9b:d2:0c:54:67:25:19:
a0:85:fc:3f:b8:87:eb:34:f5:c7:8a:ad:21:ba:b4:
96:f3:29:89:61:32:8f:a3:c7:43:c5:21:06:67:38:
01:87:1e:b5:ea:25:f5:e3:de:c1:fb:bc:7d:6e:fe:
6c:3a:29:1a:4a:da:b3:7d:2e:b5:5f:ca:20:ed:e7:
58:fd:e8:70:e5:97:83:f1:e9:40:14:e9:c6:a3:2b:
66:3a:c3:81:46:c7:45:50:bc:cd:7a:82:df:6f:39:
59:42:0a:91:9f:81:ca:ce:2d:87:4a:e2:c2:0f:38:
f9:b3:57:66:f6:4a:6a:21:a7:9a:fb:7f:df:75:48:
8f:45:6c:08:a9:cb:36:0b:19:6e:ec:97:18:4d:56:
19:7b:48:df:41:52:24:60:61:ff:02:27:4c:2c:2e:
07:58:cb:8b:ea:5f:93:90:d3:7d:a3:60:b1:45:f1:
0b:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:BE:20:DD:FF:56:69:62:31:B5:19:C2:18:8F:17:9C:74:EB:50:FF
X509v3 Authority Key Identifier:
keyid:72:42:A1:37:15:FC:55:78:CD:C0:5A:AA:A6:8C:6A:41:3C:DB:C9:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ckKhNxX8VXjNwFqqpoxqQTzbyfU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/90aa1e-0098-4fda-9829-a15ccf5b413e/1/Eb4g3f9WaWIxtRnCGI8XnHTrUP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/90aa1e-0098-4fda-9829-a15ccf5b413e/1/ckKhNxX8VXjNwFqqpoxqQTzbyfU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.100.32.0/20
185.122.24.0/22
Signature Algorithm: sha256WithRSAEncryption
6d:9e:b3:7e:72:e7:1c:bd:86:23:d1:e1:9e:a4:ca:51:31:a9:
cd:b2:3e:c5:bc:a0:a6:27:33:14:39:ff:af:c1:93:6d:1f:77:
ce:16:22:02:d2:5c:03:89:8e:17:b8:28:91:d4:b8:9d:88:01:
84:96:ff:86:23:d7:ff:64:18:89:0a:44:70:1c:fb:cb:a3:a5:
d9:51:26:1d:a2:98:71:95:1a:85:f4:6b:97:ef:7e:87:aa:dd:
39:c2:2c:e1:f1:ad:ab:bf:43:c3:b2:6c:3e:43:a5:92:c6:6b:
ca:0e:8c:21:55:60:42:e2:61:49:d9:93:64:c6:16:f4:4a:0a:
83:f7:59:2b:33:6b:17:20:40:ab:74:fc:91:74:3c:92:1f:f3:
c3:9a:e9:0d:6c:0e:75:c6:19:91:d7:c0:95:6a:6c:07:6f:fd:
11:7b:62:23:e2:79:00:ca:24:50:58:60:e5:f9:b6:ac:24:6f:
5e:50:51:7c:d6:63:89:e7:85:3b:fc:91:a5:9d:f1:18:b0:64:
57:63:4d:e7:5b:92:65:7b:4d:1e:0a:1f:fd:c6:16:9d:44:be:
cc:6b:2a:59:9a:dd:86:81:25:8b:9c:94:38:9f:ed:28:d1:50:
80:0d:aa:76:da:cd:0e:1e:dc:0b:d8:86:e3:14:a4:00:74:08:
a5:6a:44:07
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYPQUfowOtoK8jjlru9Whkx6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNDJhMTM3MTVmYzU1NzhjZGMwNWFhYWE2OGM2YTQxM2Nk
YmM5ZjUwHhcNMjIxMDEzMDc0OTM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWJlMjBkZGZmNTY2OTYyMzFiNTE5YzIxODhmMTc5Yzc0ZWI1MGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1btBko1rS+0hlOvAiTyjdGNX/Ztp
/FH1k7NUs+NUN+3/OpnpcukTK3rmhKlNE21zwEHiiFHtHc2UXHNilDD7RXRIeA4J
s7SvHxt+GSpmQIloEZvSDFRnJRmghfw/uIfrNPXHiq0hurSW8ymJYTKPo8dDxSEG
ZzgBhx616iX1497B+7x9bv5sOikaStqzfS61X8og7edY/ehw5ZeD8elAFOnGoytm
OsOBRsdFULzNeoLfbzlZQgqRn4HKzi2HSuLCDzj5s1dm9kpqIaea+3/fdUiPRWwI
qcs2Cxlu7JcYTVYZe0jfQVIkYGH/AidMLC4HWMuL6l+TkNN9o2CxRfEL3QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBG+IN3/VmliMbUZwhiPF5x061D/MB8GA1UdIwQY
MBaAFHJCoTcV/FV4zcBaqqaMakE828n1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2tLaE54WDhWWGpOd0ZxcXBveHFRVHpieWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi85MGFhMWUtMDA5OC00ZmRhLTk4Mjkt
YTE1Y2NmNWI0MTNlLzEvRWI0ZzNmOVdhV0l4dFJuQ0dJOFhuSFRyVVA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi85MGFhMWUtMDA5OC00ZmRhLTk4MjktYTE1Y2NmNWI0MTNl
LzEvY2tLaE54WDhWWGpOd0ZxcXBveHFRVHpieWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEXmQgAwQC
uXoYMA0GCSqGSIb3DQEBCwUAA4IBAQBtnrN+cuccvYYj0eGepMpRManNsj7FvKCm
JzMUOf+vwZNtH3fOFiIC0lwDiY4XuCiR1LidiAGElv+GI9f/ZBiJCkRwHPvLo6XZ
USYdophxlRqF9GuX736Hqt05wizh8a2rv0PDsmw+Q6WSxmvKDowhVWBC4mFJ2ZNk
xhb0SgqD91krM2sXIECrdPyRdDySH/PDmukNbA51xhmR18CVamwHb/0Re2Ij4nkA
yiRQWGDl+basJG9eUFF81mOJ54U7/JGlnfEYsGRXY03nW5Jle00eCh/9xhadRL7M
aypZmt2GgSWLnJQ4n+0o0VCADap22s0OHtwL2IbjFKQAdAilakQH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:27 2024 by rpki-client on console-ams.rpki-client.org