Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/ulu2rWQouMoCbDxYcLn_aHHVAEQ.roa
File: ulu2rWQouMoCbDxYcLn_aHHVAEQ.roa (raw, json)
Hash identifier: f8zwhC+W+RRG8uwaGfUYMHPInUnEZjozpp5wXcexGK4=
Subject key identifier: BA:5B:B6:AD:64:28:B8:CA:02:6C:3C:58:70:B9:FF:68:71:D5:00:44
Certificate issuer: /CN=ae736cafddb6ebb8d7c76943f4a271e038510aa9
Certificate serial: 04E31E6D
Authority key identifier: AE:73:6C:AF:DD:B6:EB:B8:D7:C7:69:43:F4:A2:71:E0:38:51:0A:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/ulu2rWQouMoCbDxYcLn_aHHVAEQ.roa
Signing time: Sat 01 Jan 2022 15:04:22 +0000
ROA not before: Sat 01 Jan 2022 15:04:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29119
IP address blocks: 185.137.56.0/22 maxlen: 22
185.143.140.0/22 maxlen: 22
185.174.212.0/23 maxlen: 23
185.137.100.0/23 maxlen: 23
185.137.100.0/24 maxlen: 24
185.137.102.0/23 maxlen: 23
185.137.101.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81993325 (0x4e31e6d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae736cafddb6ebb8d7c76943f4a271e038510aa9
Validity
Not Before: Jan 1 15:04:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ba5bb6ad6428b8ca026c3c5870b9ff6871d50044
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:f6:97:bc:22:a8:19:58:6f:5c:67:20:75:c6:
9c:73:7a:2f:f5:57:d2:26:92:f6:23:bc:a8:ff:a6:
c4:0b:69:7f:41:16:80:01:45:79:50:45:50:08:3f:
3d:cd:ac:f4:cf:c0:95:83:af:93:a5:f3:f0:c6:3c:
6f:40:87:8b:40:aa:84:ac:a7:4a:8e:27:19:b4:c1:
6b:2d:51:6a:53:7a:2b:af:c5:1d:9f:bf:c7:18:c9:
aa:57:5a:b7:b8:88:0e:d6:59:d2:fe:31:1e:72:8d:
0c:a3:80:85:2f:71:44:f5:f0:9b:0e:2a:8e:49:1d:
3e:d1:26:21:eb:63:6e:a3:7c:ec:45:a9:2c:29:f8:
27:7f:27:69:57:f5:c9:c3:73:97:97:b0:91:33:4f:
83:0d:9b:e6:f8:33:3f:cb:e6:48:a6:6f:b0:a8:52:
c2:ab:cd:00:f3:3d:cd:68:33:11:8a:c4:c4:ca:38:
9a:67:f1:bd:bb:3d:01:1c:3d:cf:79:f9:28:f7:b9:
f2:c2:b6:c1:eb:05:6a:9f:a8:6a:07:55:73:b9:ab:
bc:b2:42:4f:f7:d3:d5:3c:78:52:7a:ca:8f:37:df:
a3:70:da:1f:08:13:82:3b:89:d4:5c:ea:f5:66:7f:
f1:86:a7:8b:98:76:5d:a4:8c:9f:40:0e:66:1c:33:
84:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:5B:B6:AD:64:28:B8:CA:02:6C:3C:58:70:B9:FF:68:71:D5:00:44
X509v3 Authority Key Identifier:
keyid:AE:73:6C:AF:DD:B6:EB:B8:D7:C7:69:43:F4:A2:71:E0:38:51:0A:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/ulu2rWQouMoCbDxYcLn_aHHVAEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/rnNsr92267jXx2lD9KJx4DhRCqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.56.0/22
185.137.100.0/22
185.143.140.0/22
185.174.212.0/23
Signature Algorithm: sha256WithRSAEncryption
a3:26:df:80:94:0e:23:e3:10:00:dd:e4:7b:cc:de:45:1c:87:
a6:05:bc:19:de:f4:8e:81:90:33:de:d6:7c:4d:cc:73:05:9e:
56:f0:87:24:54:d6:49:52:81:88:dc:61:44:c9:9c:94:01:1a:
34:b8:89:fd:a0:e1:33:b1:57:7c:fd:d1:e9:67:6f:48:bb:dc:
30:fc:29:0e:c3:d5:4f:00:2f:19:a3:6e:6c:91:4c:09:6b:57:
9a:6f:c5:ea:f8:4c:61:0d:25:55:3a:c1:bd:f5:94:ed:9b:e5:
b5:27:67:4e:71:c4:be:e0:c8:21:a7:48:a5:16:34:92:7b:7c:
95:c8:fe:3a:3f:60:a8:f5:4e:99:b5:4e:6c:47:56:42:65:1d:
ce:c4:42:a7:85:9f:25:b7:cb:91:e1:ff:4f:be:f9:97:a5:b1:
47:4b:a1:48:e9:ee:41:f5:17:13:c4:1e:9d:ba:ee:d7:71:53:
20:55:aa:fa:5a:ea:26:d3:99:c6:b9:ca:24:9f:4a:cd:e2:a5:
3e:4b:c1:b7:a7:3f:b4:e4:30:3e:3b:f0:4b:fd:ad:a1:31:00:
e9:06:88:30:4d:9c:8d:ed:df:d7:55:93:2b:54:c8:a0:c5:f4:
2f:86:21:35:2c:ea:3f:57:d8:2c:f6:c6:ef:57:a1:7b:30:0b:
b2:12:a1:53
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEBOMebTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZTczNmNhZmRkYjZlYmI4ZDdjNzY5NDNmNGEyNzFlMDM4NTEwYWE5MB4XDTIyMDEw
MTE1MDQyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmE1YmI2YWQ2NDI4
YjhjYTAyNmMzYzU4NzBiOWZmNjg3MWQ1MDA0NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI/2l7wiqBlYb1xnIHXGnHN6L/VX0iaS9iO8qP+mxAtpf0EW
gAFFeVBFUAg/Pc2s9M/AlYOvk6Xz8MY8b0CHi0CqhKynSo4nGbTBay1RalN6K6/F
HZ+/xxjJqldat7iIDtZZ0v4xHnKNDKOAhS9xRPXwmw4qjkkdPtEmIetjbqN87EWp
LCn4J38naVf1ycNzl5ewkTNPgw2b5vgzP8vmSKZvsKhSwqvNAPM9zWgzEYrExMo4
mmfxvbs9ARw9z3n5KPe58sK2wesFap+oagdVc7mrvLJCT/fT1Tx4UnrKjzffo3Da
HwgTgjuJ1Fzq9WZ/8Yani5h2XaSMn0AOZhwzhFUCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBS6W7atZCi4ygJsPFhwuf9ocdUARDAfBgNVHSMEGDAWgBSuc2yv3bbruNfH
aUP0onHgOFEKqTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JuTnNyOTIyNjdqWHgybEQ5S0p4NERoUkNxay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDUvODZlMzJiLWYwNjctNDUwZi1iNjdjLTNhYTE1MGE5MmFiNy8x
L3VsdTJyV1FvdU1vQ2JEeFljTG5fYUhIVkFFUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDUv
ODZlMzJiLWYwNjctNDUwZi1iNjdjLTNhYTE1MGE5MmFiNy8xL3JuTnNyOTIyNjdq
WHgybEQ5S0p4NERoUkNxay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEArmJOAMEArmJZAMEArmPjAMEAbmu
1DANBgkqhkiG9w0BAQsFAAOCAQEAoybfgJQOI+MQAN3ke8zeRRyHpgW8Gd70joGQ
M97WfE3McwWeVvCHJFTWSVKBiNxhRMmclAEaNLiJ/aDhM7FXfP3R6WdvSLvcMPwp
DsPVTwAvGaNubJFMCWtXmm/F6vhMYQ0lVTrBvfWU7ZvltSdnTnHEvuDIIadIpRY0
knt8lcj+Oj9gqPVOmbVObEdWQmUdzsRCp4WfJbfLkeH/T775l6WxR0uhSOnuQfUX
E8Qenbru13FTIFWq+lrqJtOZxrnKJJ9KzeKlPkvBt6c/tOQwPjvwS/2toTEA6QaI
ME2cje3f11WTK1TIoMX0L4YhNSzqP1fYLPbG71ehezALshKhUw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:30 2024 by rpki-client on console-ams.rpki-client.org