Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/7smKjjbGINiW8BRftQHBNG61QOQ.roa
File: 7smKjjbGINiW8BRftQHBNG61QOQ.roa (raw, json)
Hash identifier: +RNcBz0zcbGuEY2RMUvtHs0Fx8NXGYtCvYg/BA8vE3M=
Subject key identifier: EE:C9:8A:8E:36:C6:20:D8:96:F0:14:5F:B5:01:C1:34:6E:B5:40:E4
Certificate issuer: /CN=0f6363d428b7915c108825f09706004b8ea3d4b5
Certificate serial: 15B213CC
Authority key identifier: 0F:63:63:D4:28:B7:91:5C:10:88:25:F0:97:06:00:4B:8E:A3:D4:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/7smKjjbGINiW8BRftQHBNG61QOQ.roa
Signing time: Sat 01 Jan 2022 07:59:36 +0000
ROA not before: Sat 01 Jan 2022 07:59:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47537
IP address blocks: 46.28.43.0/24 maxlen: 24
46.28.44.0/24 maxlen: 24
46.28.41.0/24 maxlen: 24
46.28.42.0/24 maxlen: 24
46.28.45.0/24 maxlen: 24
46.28.46.0/24 maxlen: 24
46.28.47.0/24 maxlen: 24
91.208.12.0/24 maxlen: 24
91.213.251.0/24 maxlen: 24
37.143.0.0/24 maxlen: 24
37.143.1.0/24 maxlen: 24
37.143.2.0/24 maxlen: 24
37.143.3.0/24 maxlen: 24
37.143.4.0/24 maxlen: 24
37.143.5.0/24 maxlen: 24
37.143.6.0/24 maxlen: 24
37.143.7.0/24 maxlen: 24
2a02:2d00:1::/48 maxlen: 48
2a02:2d00:21::/48 maxlen: 48
2a02:2d00:30::/48 maxlen: 48
2a02:2d00:20::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 363992012 (0x15b213cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f6363d428b7915c108825f09706004b8ea3d4b5
Validity
Not Before: Jan 1 07:59:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=eec98a8e36c620d896f0145fb501c1346eb540e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:ec:4b:f3:c4:41:cc:45:77:db:02:23:5e:fb:
64:b9:17:fe:e7:e4:67:94:ca:ad:25:01:8a:82:3a:
bc:29:9e:ad:a0:68:cb:aa:6c:6c:08:1a:ea:35:c5:
dc:22:e6:b4:39:db:27:e1:29:38:af:5a:de:bb:69:
80:e2:23:da:3e:2d:a8:b3:23:e6:0b:40:eb:c2:78:
4a:40:00:86:6d:0d:59:a2:f9:0d:cc:54:b6:7d:0b:
e6:ec:f1:83:ec:2a:57:97:92:67:94:2f:af:f2:f1:
37:fd:8e:20:5f:7e:fb:6e:4e:11:4e:47:12:bf:02:
58:ea:dd:92:93:85:45:3b:c5:5e:cd:90:c0:df:d7:
43:d9:c3:b8:ca:57:e7:55:01:78:0a:41:d0:91:41:
95:00:c6:e6:96:8d:8f:00:b7:be:f3:a7:ce:e6:3c:
61:91:21:6b:98:13:be:f8:05:8e:c8:71:00:38:55:
61:7f:5f:c1:3c:d9:12:b4:75:7a:3b:37:90:e6:2b:
c5:8a:ff:10:33:f3:59:1a:dd:b6:d0:8e:ef:41:e0:
ec:7f:da:12:af:18:41:13:19:cc:1d:79:63:fe:6b:
8f:ff:e0:5a:18:a9:cc:0d:16:3f:0f:32:47:2d:d4:
75:bd:28:82:bf:23:45:c4:ba:c0:51:74:cc:e7:4a:
c8:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:C9:8A:8E:36:C6:20:D8:96:F0:14:5F:B5:01:C1:34:6E:B5:40:E4
X509v3 Authority Key Identifier:
keyid:0F:63:63:D4:28:B7:91:5C:10:88:25:F0:97:06:00:4B:8E:A3:D4:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/7smKjjbGINiW8BRftQHBNG61QOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.143.0.0/21
46.28.41.0-46.28.47.255
91.208.12.0/24
91.213.251.0/24
IPv6:
2a02:2d00:1::/48
2a02:2d00:20::/47
2a02:2d00:30::/48
Signature Algorithm: sha256WithRSAEncryption
ca:33:1e:7e:63:d4:30:51:bd:6f:a3:55:b7:a7:15:d2:a8:2f:
55:d6:a9:08:3f:be:e8:73:e0:bb:58:7b:5d:1d:a6:e9:2c:66:
f7:19:9c:05:a5:e4:c4:2f:d4:93:eb:3b:0e:9f:bb:d3:5f:95:
55:24:9a:ac:a4:42:65:37:2f:b4:06:86:c0:cc:3d:72:77:ab:
a6:10:03:d8:65:b9:1a:98:b9:74:6a:ad:7c:63:0c:87:87:dc:
51:b0:9b:2f:cb:c8:07:ed:64:83:c0:28:5f:ca:2b:3c:a1:75:
83:7e:fe:40:18:dd:e2:c0:fa:eb:2e:6b:f2:96:fd:0f:f8:72:
48:cf:82:82:a5:ec:5d:16:f4:4a:2c:ad:7f:47:7f:01:17:60:
d4:bf:3f:f5:72:e1:b3:d2:0c:fc:92:0f:82:0d:09:1d:91:67:
e0:45:c2:d3:71:72:dd:13:e4:8c:2f:0a:41:ce:f4:74:7c:3c:
f3:51:bf:7f:c6:bd:08:d7:66:73:d2:dd:8f:8f:f1:50:db:2a:
d2:c5:af:60:3b:2e:0c:85:76:6b:a2:59:77:47:2e:c9:d0:e7:
a7:db:3a:ff:b8:94:33:ad:c4:a0:eb:2b:09:86:d2:10:26:fc:
00:52:52:a9:56:60:14:04:a8:7b:b4:c3:9c:7b:f1:54:c6:eb:
f4:15:d5:f0
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIEFbITzDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZjYzNjNkNDI4Yjc5MTVjMTA4ODI1ZjA5NzA2MDA0YjhlYTNkNGI1MB4XDTIyMDEw
MTA3NTkzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWVjOThhOGUzNmM2
MjBkODk2ZjAxNDVmYjUwMWMxMzQ2ZWI1NDBlNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANPsS/PEQcxFd9sCI177ZLkX/ufkZ5TKrSUBioI6vCmeraBo
y6psbAga6jXF3CLmtDnbJ+EpOK9a3rtpgOIj2j4tqLMj5gtA68J4SkAAhm0NWaL5
DcxUtn0L5uzxg+wqV5eSZ5Qvr/LxN/2OIF9++25OEU5HEr8CWOrdkpOFRTvFXs2Q
wN/XQ9nDuMpX51UBeApB0JFBlQDG5paNjwC3vvOnzuY8YZEha5gTvvgFjshxADhV
YX9fwTzZErR1ejs3kOYrxYr/EDPzWRrdttCO70Hg7H/aEq8YQRMZzB15Y/5rj//g
WhipzA0WPw8yRy3Udb0ogr8jRcS6wFF0zOdKyD0CAwEAAaOCAkYwggJCMB0GA1Ud
DgQWBBTuyYqONsYg2JbwFF+1AcE0brVA5DAfBgNVHSMEGDAWgBQPY2PUKLeRXBCI
JfCXBgBLjqPUtTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0QyTmoxQ2kza1Z3UWlDWHdsd1lBUzQ2ajFMVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDcvNmJlY2IwLTE4ZmQtNGFkZC1iYjQxLTJlMWMwYWY0ZmFhNC8x
LzdzbUtqamJHSU5pVzhCUmZ0UUhCTkc2MVFPUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDcv
NmJlY2IwLTE4ZmQtNGFkZC1iYjQxLTJlMWMwYWY0ZmFhNC8xL0QyTmoxQ2kza1Z3
UWlDWHdsd1lBUzQ2ajFMVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBc
BggrBgEFBQcBBwEB/wRNMEswJgQCAAEwIAMEAyWPADAMAwQALhwpAwQELhwgAwQA
W9AMAwQAW9X7MCEEAgACMBsDBwAqAi0AAAEDBwEqAi0AACADBwAqAi0AADAwDQYJ
KoZIhvcNAQELBQADggEBAMozHn5j1DBRvW+jVbenFdKoL1XWqQg/vuhz4LtYe10d
puksZvcZnAWl5MQv1JPrOw6fu9NflVUkmqykQmU3L7QGhsDMPXJ3q6YQA9hluRqY
uXRqrXxjDIeH3FGwmy/LyAftZIPAKF/KKzyhdYN+/kAY3eLA+usua/KW/Q/4ckjP
goKl7F0W9EosrX9HfwEXYNS/P/Vy4bPSDPySD4INCR2RZ+BFwtNxct0T5IwvCkHO
9HR8PPNRv3/GvQjXZnPS3Y+P8VDbKtLFr2A7LgyFdmuiWXdHLsnQ56fbOv+4lDOt
xKDrKwmG0hAm/ABSUqlWYBQEqHu0w5x78VTG6/QV1fA=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:33 2023 by rpki-client on console-ams.rpki-client.org