Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/cd2983-218c-457d-811b-5d42e1fa45b9/1/EWxtCSPeu1Ry1768esnTpOOz3pc.roa
File: EWxtCSPeu1Ry1768esnTpOOz3pc.roa (raw, json)
Hash identifier: tz4W6pIzI3BfV8PakEOtZHn25hpt24jUe1DsTlWndJ4=
Subject key identifier: 11:6C:6D:09:23:DE:BB:54:72:D7:BE:BC:7A:C9:D3:A4:E3:B3:DE:97
Certificate issuer: /CN=bb8321c05d501edb499190c0c4a3089d246c5b76
Certificate serial: 0182017CC3C9AF2FE0BF9B97E06EE77E45F2
Authority key identifier: BB:83:21:C0:5D:50:1E:DB:49:91:90:C0:C4:A3:08:9D:24:6C:5B:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u4MhwF1QHttJkZDAxKMInSRsW3Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/cd2983-218c-457d-811b-5d42e1fa45b9/1/EWxtCSPeu1Ry1768esnTpOOz3pc.roa
Signing time: Fri 15 Jul 2022 10:52:09 +0000
ROA not before: Fri 15 Jul 2022 10:52:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 142430
IP address blocks: 37.44.215.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:01:7c:c3:c9:af:2f:e0:bf:9b:97:e0:6e:e7:7e:45:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb8321c05d501edb499190c0c4a3089d246c5b76
Validity
Not Before: Jul 15 10:52:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=116c6d0923debb5472d7bebc7ac9d3a4e3b3de97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:82:a2:3f:05:a0:0f:44:83:59:db:28:23:e7:
44:ae:85:3a:ef:c1:24:9a:10:f4:fa:d8:fb:73:d1:
bf:50:89:97:9a:08:ac:95:3b:09:88:3a:04:e4:d8:
03:a4:1b:92:7f:5a:77:a7:0f:9f:c1:12:80:58:ce:
6c:e2:48:40:99:1b:8d:13:ac:ef:6a:0b:a3:2c:3e:
a8:ce:30:dd:ec:4e:6b:38:f5:b7:be:3b:50:59:0f:
21:86:70:64:3b:f4:6b:1e:cc:71:36:95:8c:d1:4d:
62:d8:1d:a4:4e:51:79:34:d6:3f:69:2d:86:bb:d6:
55:01:74:92:45:7f:e4:af:19:97:4f:de:bf:f9:5f:
6e:26:db:74:8f:ae:23:c5:02:3d:5a:bc:18:55:9d:
88:d2:32:e2:ab:5c:a9:dd:fd:61:1c:48:e5:5f:63:
17:f0:7b:3a:5d:20:c8:5b:c4:5d:6b:12:ad:32:f2:
2f:24:97:4c:cb:17:94:f9:c4:80:c4:7c:ad:10:7a:
6d:2a:29:d6:97:b0:0c:4d:a3:55:95:7e:d9:38:a5:
4d:05:92:a8:77:cc:46:64:27:5e:58:04:c6:40:d1:
5a:57:a8:31:c4:e4:29:cf:3e:25:20:fa:0d:5c:ce:
bb:57:17:e3:94:32:ff:58:71:2d:18:38:74:57:8f:
fd:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:6C:6D:09:23:DE:BB:54:72:D7:BE:BC:7A:C9:D3:A4:E3:B3:DE:97
X509v3 Authority Key Identifier:
keyid:BB:83:21:C0:5D:50:1E:DB:49:91:90:C0:C4:A3:08:9D:24:6C:5B:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MhwF1QHttJkZDAxKMInSRsW3Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/cd2983-218c-457d-811b-5d42e1fa45b9/1/EWxtCSPeu1Ry1768esnTpOOz3pc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/cd2983-218c-457d-811b-5d42e1fa45b9/1/u4MhwF1QHttJkZDAxKMInSRsW3Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.215.0/24
Signature Algorithm: sha256WithRSAEncryption
36:ee:2d:ea:a0:ff:e5:16:1f:24:70:a0:ff:c5:fe:07:b5:c2:
18:58:08:c4:13:67:95:00:9d:24:e3:ae:23:13:ed:36:12:57:
bc:bf:83:1a:68:69:59:d9:ee:6e:f6:ff:55:c7:32:c1:29:51:
39:7a:02:62:c1:86:57:64:33:de:1d:15:62:a0:5a:14:f1:c9:
0a:a8:41:57:dc:b7:8b:d7:50:21:64:4c:26:de:33:68:83:15:
d4:f1:1e:a7:93:66:d2:83:92:81:33:cf:22:ee:3d:bd:cd:3d:
15:2c:d2:b0:6f:f2:24:dd:cb:ca:1a:11:bc:d7:2b:13:a5:ef:
10:ea:1f:c7:27:81:15:ed:d7:a4:34:15:56:04:57:12:db:d0:
ee:7b:72:f1:4a:6d:90:52:14:d7:0d:13:37:5d:f9:e5:e1:e7:
48:8d:f7:85:26:10:2e:79:b3:2f:9b:ca:01:d4:8f:ac:fd:64:
cb:77:18:e1:43:94:b4:49:5e:47:b4:cc:14:21:6c:3c:d5:39:
47:19:93:82:11:98:fd:fb:00:01:f1:f9:4b:04:13:a5:c9:d9:
27:eb:47:a2:75:2b:88:ff:e3:f1:56:a4:7f:40:eb:00:6e:48:
0c:8d:89:23:3e:98:a0:f9:64:9a:8f:e3:49:9a:ad:bb:c2:e1:
02:aa:bb:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIBfMPJry/gv5uX4G7nfkXyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMyMWMwNWQ1MDFlZGI0OTkxOTBjMGM0YTMwODlkMjQ2
YzViNzYwHhcNMjIwNzE1MTA1MjA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTZjNmQwOTIzZGViYjU0NzJkN2JlYmM3YWM5ZDNhNGUzYjNkZTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4KiPwWgD0SDWdsoI+dEroU678Ek
mhD0+tj7c9G/UImXmgislTsJiDoE5NgDpBuSf1p3pw+fwRKAWM5s4khAmRuNE6zv
agujLD6ozjDd7E5rOPW3vjtQWQ8hhnBkO/RrHsxxNpWM0U1i2B2kTlF5NNY/aS2G
u9ZVAXSSRX/krxmXT96/+V9uJtt0j64jxQI9WrwYVZ2I0jLiq1yp3f1hHEjlX2MX
8Hs6XSDIW8RdaxKtMvIvJJdMyxeU+cSAxHytEHptKinWl7AMTaNVlX7ZOKVNBZKo
d8xGZCdeWATGQNFaV6gxxOQpzz4lIPoNXM67VxfjlDL/WHEtGDh0V4/9RwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBFsbQkj3rtUcte+vHrJ06Tjs96XMB8GA1UdIwQY
MBaAFLuDIcBdUB7bSZGQwMSjCJ0kbFt2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNaHdGMVFIdHRKa1pEQXhLTUluU1JzVzNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9jZDI5ODMtMjE4Yy00NTdkLTgxMWIt
NWQ0MmUxZmE0NWI5LzEvRVd4dENTUGV1MVJ5MTc2OGVzblRwT096M3BjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9jZDI5ODMtMjE4Yy00NTdkLTgxMWItNWQ0MmUxZmE0NWI5
LzEvdTRNaHdGMVFIdHRKa1pEQXhLTUluU1JzVzNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJSzXMA0G
CSqGSIb3DQEBCwUAA4IBAQA27i3qoP/lFh8kcKD/xf4HtcIYWAjEE2eVAJ0k464j
E+02Ele8v4MaaGlZ2e5u9v9VxzLBKVE5egJiwYZXZDPeHRVioFoU8ckKqEFX3LeL
11AhZEwm3jNogxXU8R6nk2bSg5KBM88i7j29zT0VLNKwb/Ik3cvKGhG81ysTpe8Q
6h/HJ4EV7dekNBVWBFcS29Due3LxSm2QUhTXDRM3Xfnl4edIjfeFJhAuebMvm8oB
1I+s/WTLdxjhQ5S0SV5HtMwUIWw81TlHGZOCEZj9+wAB8flLBBOlydkn60eidSuI
/+PxVqR/QOsAbkgMjYkjPpig+WSaj+NJmq27wuECqrvq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:02 2024 by rpki-client on console-fra.rpki-client.org