Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/A2wVwWZJ_7GvDV6SYWePAUbTlo8.roa
File: A2wVwWZJ_7GvDV6SYWePAUbTlo8.roa (raw, json)
Hash identifier: zVDjIXrIiGtMNCHylGfxUNB/fPArrPl2cwMEvXrm4GM=
Subject key identifier: 03:6C:15:C1:66:49:FF:B1:AF:0D:5E:92:61:67:8F:01:46:D3:96:8F
Certificate issuer: /CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Certificate serial: 018CC7272245FF8F91B6C95276681CCD37F8
Authority key identifier: 6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/A2wVwWZJ_7GvDV6SYWePAUbTlo8.roa
Signing time: Mon 01 Jan 2024 22:31:19 +0000
ROA not before: Mon 01 Jan 2024 22:31:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56582
IP address blocks: 185.33.63.0/24 maxlen: 24
31.169.65.0/24 maxlen: 24
31.169.70.0/24 maxlen: 24
31.169.69.0/24 maxlen: 24
31.169.71.0/24 maxlen: 24
31.169.67.0/24 maxlen: 24
31.169.66.0/24 maxlen: 24
31.169.72.0/24 maxlen: 24
31.169.77.0/24 maxlen: 24
31.169.76.0/24 maxlen: 24
31.169.78.0/24 maxlen: 24
31.169.74.0/24 maxlen: 24
31.169.81.0/24 maxlen: 24
31.169.91.0/24 maxlen: 24
31.169.88.0/24 maxlen: 24
31.169.93.0/24 maxlen: 24
31.169.92.0/24 maxlen: 24
31.169.94.0/24 maxlen: 24
31.169.95.0/24 maxlen: 24
31.169.64.0/24 maxlen: 24
2a00:5740::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:22:45:ff:8f:91:b6:c9:52:76:68:1c:cd:37:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Validity
Not Before: Jan 1 22:31:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=036c15c16649ffb1af0d5e9261678f0146d3968f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:20:57:d3:6f:06:28:84:6e:31:d8:12:d2:e1:
3c:37:ee:1b:81:9e:e3:36:f7:86:03:32:bb:a6:9f:
91:25:84:f9:09:5a:74:84:f5:67:0e:be:8a:57:9c:
f3:76:87:42:33:28:9e:40:6f:43:3d:07:89:7d:87:
9a:9d:3e:2c:87:bb:d0:c2:1a:87:f9:b4:a4:af:92:
dc:3a:6b:20:d7:4e:d8:55:8d:2b:71:2f:e1:49:e7:
64:df:8a:de:b8:08:14:9c:7f:5a:07:4d:9c:23:63:
61:f4:60:4c:be:fc:2d:89:18:bf:94:86:d9:e4:a6:
21:21:30:57:69:32:78:6c:45:f0:7b:a7:b9:62:30:
08:da:5c:74:6f:6c:21:f4:ad:0c:c0:41:64:da:4e:
4f:77:e4:6f:42:e2:64:3d:10:5f:0f:79:b8:b9:24:
77:2e:93:14:b4:bb:ab:fe:8b:fd:7b:2f:ea:a4:43:
ef:99:54:23:28:00:29:dc:5b:cb:3a:c3:dc:81:88:
62:cd:6e:05:f3:f1:e1:f1:49:d5:70:be:6d:10:a7:
d3:8e:fd:cd:58:b6:c9:94:e6:9d:92:47:c8:48:40:
ca:6f:9c:13:be:64:c4:da:1c:75:61:65:a4:df:c8:
b8:50:00:28:7b:30:71:64:e6:25:fc:21:a7:d3:63:
1d:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:6C:15:C1:66:49:FF:B1:AF:0D:5E:92:61:67:8F:01:46:D3:96:8F
X509v3 Authority Key Identifier:
keyid:6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/A2wVwWZJ_7GvDV6SYWePAUbTlo8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.64.0/22
31.169.69.0-31.169.72.255
31.169.74.0/24
31.169.76.0-31.169.78.255
31.169.81.0/24
31.169.88.0/24
31.169.91.0-31.169.95.255
185.33.63.0/24
IPv6:
2a00:5740::/29
Signature Algorithm: sha256WithRSAEncryption
24:09:9e:44:94:7b:e9:66:f0:e0:72:41:b1:d1:4e:1c:c0:8f:
54:86:d8:23:98:33:f2:f9:4e:cf:f0:9d:fc:8d:45:89:39:43:
33:6a:15:98:85:91:56:96:27:05:e1:8b:aa:2d:e0:a2:bd:50:
c8:ab:6b:5c:23:27:eb:2b:a3:43:bd:83:9d:93:31:10:84:e2:
7f:5b:a2:34:14:5e:60:21:78:9b:03:3d:67:db:92:24:79:7b:
a3:c8:2c:ba:58:2f:a2:c4:ef:a5:90:51:52:72:60:cf:38:36:
b7:97:7e:91:3c:a5:cd:9b:ff:93:ff:8b:ab:04:19:3e:ff:24:
76:dd:55:0e:4a:f8:05:6a:d7:fa:b1:b9:4b:43:93:fa:68:9e:
52:a1:bc:53:79:33:f7:6c:6e:fd:c7:79:47:5a:1d:ee:f7:9a:
ce:64:a8:aa:bd:79:e0:e5:43:58:92:7f:29:28:38:d8:d8:44:
85:12:27:c4:fa:72:cd:e1:12:66:f5:6c:2f:7c:d4:b0:24:24:
10:40:0b:59:f8:aa:16:80:e5:84:44:89:4f:b7:1a:3d:c3:f2:
3d:ad:e4:f8:0b:44:41:ae:0e:c5:89:a5:c4:de:1c:ee:4c:f3:
8e:d3:d3:76:6d:52:3f:1c:43:59:ba:2b:15:d3:73:cd:1e:43:
09:e8:b7:51
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYzHJyJF/4+RtslSdmgczTf4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNjlkYTQ0YWUwNjdmYzFhOThhNWY2ZjA1ZjEyZTU0NWQw
ZmM2MmEwHhcNMjQwMTAxMjIzMTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzZjMTVjMTY2NDlmZmIxYWYwZDVlOTI2MTY3OGYwMTQ2ZDM5NjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiSBX028GKIRuMdgS0uE8N+4bgZ7j
NveGAzK7pp+RJYT5CVp0hPVnDr6KV5zzdodCMyieQG9DPQeJfYeanT4sh7vQwhqH
+bSkr5LcOmsg107YVY0rcS/hSedk34reuAgUnH9aB02cI2Nh9GBMvvwtiRi/lIbZ
5KYhITBXaTJ4bEXwe6e5YjAI2lx0b2wh9K0MwEFk2k5Pd+RvQuJkPRBfD3m4uSR3
LpMUtLur/ov9ey/qpEPvmVQjKAAp3FvLOsPcgYhizW4F8/Hh8UnVcL5tEKfTjv3N
WLbJlOadkkfISEDKb5wTvmTE2hx1YWWk38i4UAAoezBxZOYl/CGn02MdTQIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFANsFcFmSf+xrw1ekmFnjwFG05aPMB8GA1UdIwQY
MBaAFG1p2kSuBn/BqYpfbwXxLlRdD8YqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUt
MjYxNzBkYTRhMGIxLzEvQTJ3VndXWkpfN0d2RFY2U1lXZVBBVWJUbG84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUtMjYxNzBkYTRhMGIx
LzEvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQCH6lAMAwD
BAAfqUUDBAAfqUgDBAAfqUowDAMEAh+pTAMEAB+pTgMEAB+pUQMEAB+pWDAMAwQA
H6lbAwQFH6lAAwQAuSE/MA0EAgACMAcDBQMqAFdAMA0GCSqGSIb3DQEBCwUAA4IB
AQAkCZ5ElHvpZvDgckGx0U4cwI9UhtgjmDPy+U7P8J38jUWJOUMzahWYhZFWlicF
4YuqLeCivVDIq2tcIyfrK6NDvYOdkzEQhOJ/W6I0FF5gIXibAz1n25IkeXujyCy6
WC+ixO+lkFFScmDPODa3l36RPKXNm/+T/4urBBk+/yR23VUOSvgFatf6sblLQ5P6
aJ5SobxTeTP3bG79x3lHWh3u95rOZKiqvXng5UNYkn8pKDjY2ESFEifE+nLN4RJm
9WwvfNSwJCQQQAtZ+KoWgOWERIlPtxo9w/I9reT4C0RBrg7FiaXE3hzuTPOO09N2
bVI/HENZuisV03PNHkMJ6LdR
-----END CERTIFICATE-----
Generated at Fri Jan 12 14:08:55 2024 by rpki-client on console-fra.rpki-client.org