Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/80c568-bd15-4f32-8dd4-066866f2ded0/1/AgImM54Ww_G41SypHSmuTV9GDFg.roa
File: AgImM54Ww_G41SypHSmuTV9GDFg.roa (raw, json)
Hash identifier: igYS1Iq7bWZ43msWzfTZkLKNTaoc7gmCZ4EImrjUX9w=
Subject key identifier: 02:02:26:33:9E:16:C3:F1:B8:D5:2C:A9:1D:29:AE:4D:5F:46:0C:58
Certificate issuer: /CN=c67e2a46e34f491433c8b62f319b902bddfde831
Certificate serial: 01899C6CDD6A4D5441FFA534E56FB84B6952
Authority key identifier: C6:7E:2A:46:E3:4F:49:14:33:C8:B6:2F:31:9B:90:2B:DD:FD:E8:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xn4qRuNPSRQzyLYvMZuQK9396DE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/80c568-bd15-4f32-8dd4-066866f2ded0/1/AgImM54Ww_G41SypHSmuTV9GDFg.roa
Signing time: Fri 28 Jul 2023 12:15:27 +0000
ROA not before: Fri 28 Jul 2023 12:15:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213371
IP address blocks: 37.49.229.0/24 maxlen: 24
185.209.15.0/24 maxlen: 24
37.49.230.0/24 maxlen: 24
37.49.228.0/24 maxlen: 24
77.247.109.0/24 maxlen: 24
185.53.88.0/24 maxlen: 24
185.53.89.0/24 maxlen: 24
37.49.224.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:9c:6c:dd:6a:4d:54:41:ff:a5:34:e5:6f:b8:4b:69:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c67e2a46e34f491433c8b62f319b902bddfde831
Validity
Not Before: Jul 28 12:15:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=020226339e16c3f1b8d52ca91d29ae4d5f460c58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:e9:31:92:d9:de:29:a5:a3:30:1b:fd:4f:db:
eb:da:b1:e8:61:cc:2c:92:4d:e4:66:d7:2f:93:d4:
7e:8d:1b:fb:83:ca:ac:9a:c8:3e:0b:4b:db:4a:61:
10:2d:9e:4a:c7:2a:d2:ad:12:57:05:67:12:ae:90:
9c:5a:e2:f4:8d:ac:5b:32:10:05:67:ad:70:40:03:
5a:6e:41:d0:f5:bb:cd:2b:f8:88:f4:67:8d:09:75:
fe:8f:b4:2c:17:0f:cf:b4:65:e5:9a:f1:a8:a8:08:
18:b5:05:4d:5e:57:89:9c:b1:21:51:b6:18:3e:d8:
fb:e4:e0:0c:fe:25:d7:c3:31:df:51:c8:db:b1:83:
86:10:ae:10:e2:f5:f9:8a:b0:d4:36:d2:be:7d:6a:
f8:79:c9:e8:e8:21:86:84:5e:2f:f6:fe:b0:12:2e:
50:9e:c9:da:eb:f3:b9:b1:11:cf:ce:6f:e9:32:db:
e3:7f:0d:c8:17:df:7b:d7:55:fd:a0:1b:e3:ea:3e:
d7:04:8d:46:70:29:79:54:e0:48:5e:0f:70:eb:ea:
45:db:30:be:11:8c:9f:ee:f9:af:98:08:e3:80:04:
17:32:02:ed:56:3d:22:76:fd:44:eb:c4:19:be:ae:
9d:48:7a:7f:f9:c9:94:18:16:bc:2f:22:b5:8d:5e:
c8:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:02:26:33:9E:16:C3:F1:B8:D5:2C:A9:1D:29:AE:4D:5F:46:0C:58
X509v3 Authority Key Identifier:
keyid:C6:7E:2A:46:E3:4F:49:14:33:C8:B6:2F:31:9B:90:2B:DD:FD:E8:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xn4qRuNPSRQzyLYvMZuQK9396DE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/80c568-bd15-4f32-8dd4-066866f2ded0/1/AgImM54Ww_G41SypHSmuTV9GDFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/80c568-bd15-4f32-8dd4-066866f2ded0/1/xn4qRuNPSRQzyLYvMZuQK9396DE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.224.0/24
37.49.228.0-37.49.230.255
77.247.109.0/24
185.53.88.0/23
185.209.15.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:e1:78:5b:ae:0c:89:8c:0e:b9:05:7b:e6:b5:cd:09:b4:00:
fa:e3:17:f7:66:03:12:3a:e5:8f:a1:38:b9:0b:63:f3:74:57:
02:0b:97:ac:f5:f1:fe:24:00:9d:0f:fa:e8:e9:6f:d0:20:2b:
a4:2a:99:76:74:54:b3:12:e9:05:d6:5f:9e:34:73:81:39:23:
78:ee:18:60:cd:03:72:e4:d5:bf:f9:c7:a6:e6:f0:5d:be:fe:
d9:84:98:56:16:eb:3e:d8:c6:e2:4a:6a:e1:5c:56:52:7b:98:
3a:56:1b:0c:73:12:ca:f1:54:3e:32:6e:84:ce:93:16:52:75:
bc:48:6f:81:22:81:7c:3b:45:23:4c:7f:16:04:e3:b7:88:20:
6d:a2:8e:e7:6d:8f:46:58:63:05:62:59:4d:bb:6b:e5:35:76:
51:ea:d9:8c:fb:2d:26:c0:43:5b:37:44:46:64:17:6f:24:ab:
4e:b6:c1:ef:2c:c6:a0:9e:72:a3:86:f1:41:dd:db:c0:4a:f7:
b1:91:48:3d:4d:28:77:c3:7f:7b:93:da:6d:da:bf:03:fb:60:
d4:15:dd:9a:de:a5:14:e9:f1:9e:9a:2c:73:01:84:f6:6f:62:
4b:aa:57:01:07:c8:2d:1a:cf:eb:35:64:9e:72:9c:b1:3c:92:
5f:11:1a:0e
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYmcbN1qTVRB/6U05W+4S2lSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2N2UyYTQ2ZTM0ZjQ5MTQzM2M4YjYyZjMxOWI5MDJiZGRm
ZGU4MzEwHhcNMjMwNzI4MTIxNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjAyMjYzMzllMTZjM2YxYjhkNTJjYTkxZDI5YWU0ZDVmNDYwYzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOkxktneKaWjMBv9T9vr2rHoYcws
kk3kZtcvk9R+jRv7g8qsmsg+C0vbSmEQLZ5KxyrSrRJXBWcSrpCcWuL0jaxbMhAF
Z61wQANabkHQ9bvNK/iI9GeNCXX+j7QsFw/PtGXlmvGoqAgYtQVNXleJnLEhUbYY
Ptj75OAM/iXXwzHfUcjbsYOGEK4Q4vX5irDUNtK+fWr4ecno6CGGhF4v9v6wEi5Q
nsna6/O5sRHPzm/pMtvjfw3IF99711X9oBvj6j7XBI1GcCl5VOBIXg9w6+pF2zC+
EYyf7vmvmAjjgAQXMgLtVj0idv1E68QZvq6dSHp/+cmUGBa8LyK1jV7IbwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFAICJjOeFsPxuNUsqR0prk1fRgxYMB8GA1UdIwQY
MBaAFMZ+KkbjT0kUM8i2LzGbkCvd/egxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG40cVJ1TlBTUlF6eUxZdk1adVFLOTM5NkRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy84MGM1NjgtYmQxNS00ZjMyLThkZDQt
MDY2ODY2ZjJkZWQwLzEvQWdJbU01NFd3X0c0MVN5cEhTbXVUVjlHREZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy84MGM1NjgtYmQxNS00ZjMyLThkZDQtMDY2ODY2ZjJkZWQw
LzEveG40cVJ1TlBTUlF6eUxZdk1adVFLOTM5NkRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAJTHgMAwD
BAIlMeQDBAAlMeYDBABN920DBAG5NVgDBAC50Q8wDQYJKoZIhvcNAQELBQADggEB
AIzheFuuDImMDrkFe+a1zQm0APrjF/dmAxI65Y+hOLkLY/N0VwILl6z18f4kAJ0P
+ujpb9AgK6QqmXZ0VLMS6QXWX540c4E5I3juGGDNA3Lk1b/5x6bm8F2+/tmEmFYW
6z7YxuJKauFcVlJ7mDpWGwxzEsrxVD4yboTOkxZSdbxIb4EigXw7RSNMfxYE47eI
IG2ijudtj0ZYYwViWU27a+U1dlHq2Yz7LSbAQ1s3REZkF28kq062we8sxqCecqOG
8UHd28BK97GRSD1NKHfDf3uT2m3avwP7YNQV3ZrepRTp8Z6aLHMBhPZvYkuqVwEH
yC0az+s1ZJ5ynLE8kl8RGg4=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:48 2025 by rpki-client