Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/49bef1-401a-48d2-8746-267275e92570/1/EukiNwqmkKqKkxOWFk2XsOPTEgU.roa
File: EukiNwqmkKqKkxOWFk2XsOPTEgU.roa (raw, json)
Hash identifier: ryMV0ZEUQqu7A+8iXkFSQN4FU+UhkTBJ54rlvhZyzzU=
Subject key identifier: 12:E9:22:37:0A:A6:90:AA:8A:93:13:96:16:4D:97:B0:E3:D3:12:05
Certificate issuer: /CN=2ebb3624b82f0e1e538b00919f442d200c7e3cd2
Certificate serial: 01856E0B082C18B2CC285A24B9E9CF31A9E1
Authority key identifier: 2E:BB:36:24:B8:2F:0E:1E:53:8B:00:91:9F:44:2D:20:0C:7E:3C:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lrs2JLgvDh5TiwCRn0QtIAx-PNI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/49bef1-401a-48d2-8746-267275e92570/1/EukiNwqmkKqKkxOWFk2XsOPTEgU.roa
Signing time: Sun 01 Jan 2023 15:54:54 +0000
ROA not before: Sun 01 Jan 2023 15:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57146
IP address blocks: 37.44.8.0/21 maxlen: 21
185.127.12.0/23 maxlen: 23
185.127.12.0/22 maxlen: 22
185.127.14.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:0b:08:2c:18:b2:cc:28:5a:24:b9:e9:cf:31:a9:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ebb3624b82f0e1e538b00919f442d200c7e3cd2
Validity
Not Before: Jan 1 15:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=12e922370aa690aa8a931396164d97b0e3d31205
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:7f:e9:d5:88:2e:da:e5:f0:ea:3a:90:47:53:
e4:57:29:a3:06:f0:5a:52:7e:a5:ed:fb:27:1b:bf:
b6:b1:2c:aa:45:00:03:bc:15:8e:c8:9c:12:bc:bd:
96:5e:84:55:a8:9a:e1:2e:79:95:ba:a0:30:8c:fa:
1b:49:87:da:bc:f8:04:62:8e:b4:ce:23:c1:5f:d4:
1f:ee:84:4a:8f:13:18:5f:2e:db:94:60:30:9e:f8:
56:44:b3:7c:fa:c0:bf:06:6f:91:e7:18:0f:73:d3:
14:12:96:ab:7c:6f:0b:7d:8b:28:65:c4:11:f8:3e:
6e:8c:c0:7e:90:fa:75:dc:ad:9a:38:22:5a:b2:2f:
50:19:b9:ab:44:01:02:77:e7:23:29:63:53:6a:35:
b8:2c:96:5c:5b:16:f5:74:54:bc:1e:51:67:5b:2e:
29:ac:46:72:7e:5f:a1:c1:cf:e6:a4:ac:8d:be:70:
be:38:c2:54:05:47:66:a0:43:7c:ee:a7:36:4d:69:
13:70:24:52:03:93:fb:eb:e3:49:5c:15:63:3b:30:
9c:d0:13:34:ea:d4:b6:e1:d2:68:d9:12:dc:81:f4:
18:f2:6d:97:8f:b4:2d:d5:63:a7:c9:2c:1f:e3:72:
6b:87:89:8b:ea:51:b8:f1:4e:5b:cf:04:6e:fc:3b:
fa:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:E9:22:37:0A:A6:90:AA:8A:93:13:96:16:4D:97:B0:E3:D3:12:05
X509v3 Authority Key Identifier:
keyid:2E:BB:36:24:B8:2F:0E:1E:53:8B:00:91:9F:44:2D:20:0C:7E:3C:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lrs2JLgvDh5TiwCRn0QtIAx-PNI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/49bef1-401a-48d2-8746-267275e92570/1/EukiNwqmkKqKkxOWFk2XsOPTEgU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/49bef1-401a-48d2-8746-267275e92570/1/Lrs2JLgvDh5TiwCRn0QtIAx-PNI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.8.0/21
185.127.12.0/22
Signature Algorithm: sha256WithRSAEncryption
00:9b:3d:23:6e:f7:20:6d:dd:64:50:b2:a0:a6:f5:0d:c2:d1:
13:59:56:a1:ce:aa:7c:c7:da:70:45:02:5a:f4:92:db:c4:79:
c4:37:3a:5f:0d:55:91:02:83:5f:14:35:4e:b1:2f:3b:66:2e:
4b:d4:21:ae:58:46:d4:1e:21:f8:8d:57:72:65:17:40:05:d5:
cd:59:2b:a8:1c:42:0c:08:7f:db:15:62:51:51:2e:2d:ee:81:
74:e8:22:8d:6f:a8:36:43:6b:97:b1:a4:f3:dc:76:6e:0e:e9:
dd:4b:71:69:f3:29:4d:f4:61:af:d7:5a:cb:c4:af:fe:37:71:
19:54:b9:58:d4:18:57:95:81:68:a0:d0:1a:b7:86:fd:d9:22:
a2:09:d5:07:0a:05:cb:21:58:c9:4f:90:6f:8e:25:1a:ed:da:
ad:80:c7:00:f9:92:70:87:00:b7:1d:c8:fd:c1:fb:29:58:45:
aa:c8:78:80:66:fd:27:bc:34:ba:9f:d7:70:bf:69:13:08:b0:
47:83:4d:89:e0:1f:23:5c:f4:52:e9:d8:fa:1c:5e:1a:cb:26:
3f:55:4c:26:13:b8:45:7b:50:67:8e:cc:74:7f:0a:81:9f:a6:
fb:fd:5c:e7:9b:7b:a5:10:04:82:bf:89:cd:ec:84:de:45:64:
86:bc:04:6e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuCwgsGLLMKFokuenPManhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlYmIzNjI0YjgyZjBlMWU1MzhiMDA5MTlmNDQyZDIwMGM3
ZTNjZDIwHhcNMjMwMTAxMTU1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmU5MjIzNzBhYTY5MGFhOGE5MzEzOTYxNjRkOTdiMGUzZDMxMjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmn/p1Ygu2uXw6jqQR1PkVymjBvBa
Un6l7fsnG7+2sSyqRQADvBWOyJwSvL2WXoRVqJrhLnmVuqAwjPobSYfavPgEYo60
ziPBX9Qf7oRKjxMYXy7blGAwnvhWRLN8+sC/Bm+R5xgPc9MUEparfG8LfYsoZcQR
+D5ujMB+kPp13K2aOCJasi9QGbmrRAECd+cjKWNTajW4LJZcWxb1dFS8HlFnWy4p
rEZyfl+hwc/mpKyNvnC+OMJUBUdmoEN87qc2TWkTcCRSA5P76+NJXBVjOzCc0BM0
6tS24dJo2RLcgfQY8m2Xj7Qt1WOnySwf43Jrh4mL6lG48U5bzwRu/Dv6xQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBLpIjcKppCqipMTlhZNl7Dj0xIFMB8GA1UdIwQY
MBaAFC67NiS4Lw4eU4sAkZ9ELSAMfjzSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHJzMkpMZ3ZEaDVUaXdDUm4wUXRJQXgtUE5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC80OWJlZjEtNDAxYS00OGQyLTg3NDYt
MjY3Mjc1ZTkyNTcwLzEvRXVraU53cW1rS3FLa3hPV0ZrMlhzT1BURWdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC80OWJlZjEtNDAxYS00OGQyLTg3NDYtMjY3Mjc1ZTkyNTcw
LzEvTHJzMkpMZ3ZEaDVUaXdDUm4wUXRJQXgtUE5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDJSwIAwQC
uX8MMA0GCSqGSIb3DQEBCwUAA4IBAQAAmz0jbvcgbd1kULKgpvUNwtETWVahzqp8
x9pwRQJa9JLbxHnENzpfDVWRAoNfFDVOsS87Zi5L1CGuWEbUHiH4jVdyZRdABdXN
WSuoHEIMCH/bFWJRUS4t7oF06CKNb6g2Q2uXsaTz3HZuDundS3Fp8ylN9GGv11rL
xK/+N3EZVLlY1BhXlYFooNAat4b92SKiCdUHCgXLIVjJT5BvjiUa7dqtgMcA+ZJw
hwC3Hcj9wfspWEWqyHiAZv0nvDS6n9dwv2kTCLBHg02J4B8jXPRS6dj6HF4ayyY/
VUwmE7hFe1Bnjsx0fwqBn6b7/Vznm3ulEASCv4nN7ITeRWSGvARu
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:44 2024 by rpki-client on console-ams.rpki-client.org