Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/RKsFrlcRg6FJY0ZAct-XBOLesY0.roa
File: RKsFrlcRg6FJY0ZAct-XBOLesY0.roa (raw, json)
Hash identifier: XwpifRtm80jOorEowK2NxNRs6UB9RUhjtZIe2T64y4w=
Subject key identifier: 44:AB:05:AE:57:11:83:A1:49:63:46:40:72:DF:97:04:E2:DE:B1:8D
Certificate issuer: /CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Certificate serial: 0185728CAA41311E942FF2A9A15558D7C702
Authority key identifier: 6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/RKsFrlcRg6FJY0ZAct-XBOLesY0.roa
Signing time: Mon 02 Jan 2023 12:54:59 +0000
ROA not before: Mon 02 Jan 2023 12:54:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56582
IP address blocks: 185.33.61.0/24 maxlen: 24
185.33.63.0/24 maxlen: 24
31.169.65.0/24 maxlen: 24
31.169.70.0/24 maxlen: 24
31.169.69.0/24 maxlen: 24
31.169.71.0/24 maxlen: 24
31.169.67.0/24 maxlen: 24
31.169.66.0/24 maxlen: 24
31.169.72.0/24 maxlen: 24
31.169.77.0/24 maxlen: 24
31.169.76.0/24 maxlen: 24
31.169.78.0/24 maxlen: 24
31.169.74.0/24 maxlen: 24
31.169.81.0/24 maxlen: 24
31.169.91.0/24 maxlen: 24
31.169.90.0/24 maxlen: 24
31.169.88.0/24 maxlen: 24
31.169.93.0/24 maxlen: 24
31.169.92.0/24 maxlen: 24
31.169.94.0/24 maxlen: 24
31.169.95.0/24 maxlen: 24
31.169.64.0/24 maxlen: 24
2a00:5740::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:8c:aa:41:31:1e:94:2f:f2:a9:a1:55:58:d7:c7:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Validity
Not Before: Jan 2 12:54:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=44ab05ae571183a14963464072df9704e2deb18d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:37:3e:15:9e:58:cd:16:db:4d:69:8f:00:a6:
9a:83:87:da:db:52:79:5f:6c:2b:cd:90:7a:56:cb:
51:2a:ac:64:2c:f6:f5:e0:b8:3e:79:f6:c0:34:2a:
aa:36:9e:ac:fd:98:28:f3:e8:d6:ef:ad:fe:ff:f2:
e7:f5:64:83:0d:3a:44:ad:f8:ba:42:0b:60:45:b3:
41:bf:49:08:d2:8d:d0:ef:aa:20:de:10:35:d2:d2:
de:68:79:36:59:eb:0d:f3:52:5e:9d:b0:e9:0d:07:
8c:c9:ff:50:cd:92:fd:b6:33:50:5f:87:e4:19:d6:
e3:e2:fc:dc:4d:17:64:f2:9d:49:f7:45:b9:7d:4d:
1c:c4:4a:15:a0:d2:ed:1c:d4:24:23:97:56:2c:c8:
3e:2e:20:84:c1:8d:6b:2b:cf:dd:6f:b0:e2:2e:93:
31:f5:96:39:c2:41:97:0a:01:36:cc:cf:ac:ae:17:
81:15:b2:c2:0f:be:98:f2:02:eb:16:2b:19:ef:7a:
fb:68:2e:58:b7:84:44:6d:32:10:2d:35:fa:37:4c:
8d:7c:bb:d8:34:be:13:5f:b0:cb:b4:11:e9:f9:c7:
f8:45:4e:2b:3b:86:0d:69:93:f4:33:ec:95:e5:fb:
db:ae:39:3f:2d:83:c7:db:3d:e0:17:25:15:88:d1:
31:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:AB:05:AE:57:11:83:A1:49:63:46:40:72:DF:97:04:E2:DE:B1:8D
X509v3 Authority Key Identifier:
keyid:6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/RKsFrlcRg6FJY0ZAct-XBOLesY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.64.0/22
31.169.69.0-31.169.72.255
31.169.74.0/24
31.169.76.0-31.169.78.255
31.169.81.0/24
31.169.88.0/24
31.169.90.0-31.169.95.255
185.33.61.0/24
185.33.63.0/24
IPv6:
2a00:5740::/32
Signature Algorithm: sha256WithRSAEncryption
5c:23:54:96:46:2d:50:8e:f9:b8:52:f9:ca:5f:c4:e3:39:bd:
31:7e:62:ba:f1:de:bb:38:11:69:9b:59:d9:a3:4c:59:cf:1f:
0c:25:ff:e2:73:81:80:31:af:b5:bd:fa:c6:b3:52:ad:0e:57:
ba:21:a0:a1:44:82:cd:27:c7:77:05:7d:0a:fd:4b:c1:a0:f1:
d6:78:12:89:80:42:f5:66:cb:a0:c2:7a:c9:32:24:bf:f1:40:
67:e0:ee:01:04:74:ab:f6:10:f9:ab:83:47:58:18:60:c6:0f:
48:74:ca:ec:71:53:66:a6:94:16:d2:62:db:97:28:b4:05:cd:
09:d2:4d:07:1a:c5:1c:f2:6b:52:c4:68:3d:43:62:7c:dc:d6:
e8:31:ef:7c:12:9c:1d:be:40:1b:e8:38:f9:c7:78:00:a0:67:
eb:60:4a:b1:f3:a1:8c:f4:39:c8:3f:a6:36:6e:f8:30:e4:2f:
43:34:1d:c3:d7:1b:81:3a:30:f2:1c:8b:e3:3e:2a:dd:77:0d:
fd:8a:3e:29:20:19:6e:17:f4:52:51:12:71:1b:bc:9c:88:89:
a0:82:16:69:0a:88:d7:9f:ee:fd:a2:3f:4f:8e:2f:a8:70:78:
d7:69:36:1d:2c:09:35:68:e8:15:84:29:3f:a5:99:7e:41:56:
f9:15:2d:1d
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAYVyjKpBMR6UL/KpoVVY18cCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNjlkYTQ0YWUwNjdmYzFhOThhNWY2ZjA1ZjEyZTU0NWQw
ZmM2MmEwHhcNMjMwMTAyMTI1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGFiMDVhZTU3MTE4M2ExNDk2MzQ2NDA3MmRmOTcwNGUyZGViMThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzc+FZ5YzRbbTWmPAKaag4fa21J5
X2wrzZB6VstRKqxkLPb14Lg+efbANCqqNp6s/Zgo8+jW763+//Ln9WSDDTpErfi6
QgtgRbNBv0kI0o3Q76og3hA10tLeaHk2WesN81JenbDpDQeMyf9QzZL9tjNQX4fk
Gdbj4vzcTRdk8p1J90W5fU0cxEoVoNLtHNQkI5dWLMg+LiCEwY1rK8/db7DiLpMx
9ZY5wkGXCgE2zM+srheBFbLCD76Y8gLrFisZ73r7aC5Yt4REbTIQLTX6N0yNfLvY
NL4TX7DLtBHp+cf4RU4rO4YNaZP0M+yV5fvbrjk/LYPH2z3gFyUViNExtwIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFESrBa5XEYOhSWNGQHLflwTi3rGNMB8GA1UdIwQY
MBaAFG1p2kSuBn/BqYpfbwXxLlRdD8YqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUt
MjYxNzBkYTRhMGIxLzEvUktzRnJsY1JnNkZKWTBaQWN0LVhCT0xlc1kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUtMjYxNzBkYTRhMGIx
LzEvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwQCH6lAMAwD
BAAfqUUDBAAfqUgDBAAfqUowDAMEAh+pTAMEAB+pTgMEAB+pUQMEAB+pWDAMAwQB
H6laAwQFH6lAAwQAuSE9AwQAuSE/MA0EAgACMAcDBQAqAFdAMA0GCSqGSIb3DQEB
CwUAA4IBAQBcI1SWRi1Qjvm4UvnKX8TjOb0xfmK68d67OBFpm1nZo0xZzx8MJf/i
c4GAMa+1vfrGs1KtDle6IaChRILNJ8d3BX0K/UvBoPHWeBKJgEL1ZsugwnrJMiS/
8UBn4O4BBHSr9hD5q4NHWBhgxg9IdMrscVNmppQW0mLblyi0Bc0J0k0HGsUc8mtS
xGg9Q2J83NboMe98EpwdvkAb6Dj5x3gAoGfrYEqx86GM9DnIP6Y2bvgw5C9DNB3D
1xuBOjDyHIvjPirddw39ij4pIBluF/RSURJxG7yciImgghZpCojXn+79oj9Pji+o
cHjXaTYdLAk1aOgVhCk/pZl+QVb5FS0d
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:47 2024 by rpki-client on console-ams.rpki-client.org