Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/zE8e2Ldr3PcjVJF_1Vx1cZQyMaY.roa
File: zE8e2Ldr3PcjVJF_1Vx1cZQyMaY.roa (raw, json)
Hash identifier: tpeHEaK9E6cX/IVKnZ1cYZ46HdEqejpj6ZGdAGhJacY=
Subject key identifier: CC:4F:1E:D8:B7:6B:DC:F7:23:54:91:7F:D5:5C:75:71:94:32:31:A6
Certificate issuer: /CN=ae736cafddb6ebb8d7c76943f4a271e038510aa9
Certificate serial: 065AC77B
Authority key identifier: AE:73:6C:AF:DD:B6:EB:B8:D7:C7:69:43:F4:A2:71:E0:38:51:0A:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/zE8e2Ldr3PcjVJF_1Vx1cZQyMaY.roa
Signing time: Mon 13 Jun 2022 10:18:56 +0000
ROA not before: Mon 13 Jun 2022 10:18:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200845
IP address blocks: 185.137.103.0/24 maxlen: 24
185.137.102.0/24 maxlen: 24
185.137.102.0/23 maxlen: 23
185.137.100.0/22 maxlen: 22
185.137.101.0/24 maxlen: 24
185.137.100.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106612603 (0x65ac77b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae736cafddb6ebb8d7c76943f4a271e038510aa9
Validity
Not Before: Jun 13 10:18:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cc4f1ed8b76bdcf72354917fd55c7571943231a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f9:3f:d9:44:ef:5b:c9:e5:2a:19:d7:3f:ac:
fb:63:e8:32:05:57:7c:5f:4c:9a:5c:7b:2a:6a:fe:
05:3d:0e:9f:dc:26:a7:78:63:20:3b:8d:2d:b7:0e:
18:e7:89:26:56:e4:00:4f:30:4e:db:29:6b:79:92:
7f:6d:97:85:65:cf:71:f1:6d:3b:db:24:5a:25:44:
65:53:ff:35:1c:a2:a6:80:ae:c1:5b:94:2a:ce:94:
d8:49:f7:b4:8b:d5:55:db:24:e3:a6:8c:6f:47:7c:
c3:95:a6:d5:6a:77:2c:a9:9a:64:85:14:3b:bf:12:
7d:cb:03:60:fc:22:ff:6d:cf:c3:f0:83:be:4b:96:
56:23:28:c6:25:b4:32:f7:65:80:8d:d0:1f:2c:88:
a3:b9:92:f3:ee:c4:e5:a8:8d:d8:33:1b:b9:19:ef:
94:e7:bd:ae:c8:12:fc:61:2f:83:dc:7e:14:50:46:
e0:0f:46:0d:99:98:94:8e:3a:38:b6:8d:10:8e:88:
e3:ff:f3:e7:eb:0a:0c:2a:ec:8f:79:c4:2d:8d:6c:
11:eb:4f:09:d2:ec:b9:5c:fd:d3:b4:0b:44:3d:43:
06:e9:5a:6e:f9:6f:40:79:4e:ec:5a:b0:27:61:2d:
69:ee:46:d2:a5:11:33:e4:89:cc:2f:5e:0f:72:2e:
39:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:4F:1E:D8:B7:6B:DC:F7:23:54:91:7F:D5:5C:75:71:94:32:31:A6
X509v3 Authority Key Identifier:
keyid:AE:73:6C:AF:DD:B6:EB:B8:D7:C7:69:43:F4:A2:71:E0:38:51:0A:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/zE8e2Ldr3PcjVJF_1Vx1cZQyMaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/rnNsr92267jXx2lD9KJx4DhRCqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.100.0/22
Signature Algorithm: sha256WithRSAEncryption
54:ac:40:55:47:63:41:2c:39:21:28:be:f8:66:c8:5b:d4:18:
6a:1a:5d:89:f2:96:16:a4:61:9f:32:87:cf:b5:c7:e3:4f:89:
cf:23:9c:63:7b:fe:79:89:d7:f4:c3:0f:df:0c:de:9a:b0:dd:
af:96:01:b6:7b:a4:7d:16:6a:aa:0a:85:52:71:de:65:14:4f:
25:8a:be:0c:49:31:25:d6:e4:ff:54:42:86:d7:52:ea:05:ad:
e5:d5:d9:1c:6a:ab:66:f0:6c:28:fa:f1:b5:d2:05:15:26:0c:
6d:78:6d:d7:88:d0:90:3e:56:c4:bb:48:1b:e3:88:81:88:03:
4c:8c:58:e3:d6:fb:e8:c2:81:61:af:4d:2f:46:34:44:65:ea:
38:9d:c8:b6:46:4b:c3:78:a6:e4:fc:be:cd:2b:25:d3:13:a3:
57:f6:67:80:7c:6c:59:20:ab:74:a9:a5:6c:95:3d:f8:10:07:
fd:00:72:8f:6d:6a:f0:27:fd:ba:d8:25:81:69:3b:24:39:a3:
8c:92:80:c5:ec:59:e4:b2:d2:d6:e9:5f:a7:23:91:e8:87:54:
ab:88:aa:40:f9:18:d2:82:40:3a:fa:ae:54:1f:13:d9:05:7a:
a4:07:70:71:de:fc:ca:ba:9b:ee:c6:13:48:29:5d:fd:5b:65:
af:0f:96:1e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBlrHezANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZTczNmNhZmRkYjZlYmI4ZDdjNzY5NDNmNGEyNzFlMDM4NTEwYWE5MB4XDTIyMDYx
MzEwMTg1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2M0ZjFlZDhiNzZi
ZGNmNzIzNTQ5MTdmZDU1Yzc1NzE5NDMyMzFhNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKP5P9lE71vJ5SoZ1z+s+2PoMgVXfF9Mmlx7Kmr+BT0On9wm
p3hjIDuNLbcOGOeJJlbkAE8wTtspa3mSf22XhWXPcfFtO9skWiVEZVP/NRyipoCu
wVuUKs6U2En3tIvVVdsk46aMb0d8w5Wm1Wp3LKmaZIUUO78SfcsDYPwi/23Pw/CD
vkuWViMoxiW0MvdlgI3QHyyIo7mS8+7E5aiN2DMbuRnvlOe9rsgS/GEvg9x+FFBG
4A9GDZmYlI46OLaNEI6I4//z5+sKDCrsj3nELY1sEetPCdLsuVz907QLRD1DBula
bvlvQHlO7FqwJ2Etae5G0qURM+SJzC9eD3IuOacCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTMTx7Yt2vc9yNUkX/VXHVxlDIxpjAfBgNVHSMEGDAWgBSuc2yv3bbruNfH
aUP0onHgOFEKqTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JuTnNyOTIyNjdqWHgybEQ5S0p4NERoUkNxay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDUvODZlMzJiLWYwNjctNDUwZi1iNjdjLTNhYTE1MGE5MmFiNy8x
L3pFOGUyTGRyM1BjalZKRl8xVngxY1pReU1hWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDUv
ODZlMzJiLWYwNjctNDUwZi1iNjdjLTNhYTE1MGE5MmFiNy8xL3JuTnNyOTIyNjdq
WHgybEQ5S0p4NERoUkNxay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmJZDANBgkqhkiG9w0BAQsFAAOC
AQEAVKxAVUdjQSw5ISi++GbIW9QYahpdifKWFqRhnzKHz7XH40+JzyOcY3v+eYnX
9MMP3wzemrDdr5YBtnukfRZqqgqFUnHeZRRPJYq+DEkxJdbk/1RChtdS6gWt5dXZ
HGqrZvBsKPrxtdIFFSYMbXht14jQkD5WxLtIG+OIgYgDTIxY49b76MKBYa9NL0Y0
RGXqOJ3ItkZLw3im5Py+zSsl0xOjV/ZngHxsWSCrdKmlbJU9+BAH/QByj21q8Cf9
utglgWk7JDmjjJKAxexZ5LLS1ulfpyOR6IdUq4iqQPkY0oJAOvquVB8T2QV6pAdw
cd78yrqb7sYTSCld/Vtlrw+WHg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:27 2024 by rpki-client on console-fra.rpki-client.org