Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/Ax-yVSTIjaKNvg5z2Ouzd8EUAd0.roa
File: Ax-yVSTIjaKNvg5z2Ouzd8EUAd0.roa (raw, json)
Hash identifier: nUgTtIajb/q39ZYS/OZ8FVNqRPs7/GqVm43tsBtgFp0=
Subject key identifier: 03:1F:B2:55:24:C8:8D:A2:8D:BE:0E:73:D8:EB:B3:77:C1:14:01:DD
Certificate issuer: /CN=1045dacc837798c3e6cf31f4d27946a33b0de661
Certificate serial: 2A2E25BB
Authority key identifier: 10:45:DA:CC:83:77:98:C3:E6:CF:31:F4:D2:79:46:A3:3B:0D:E6:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EEXazIN3mMPmzzH00nlGozsN5mE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/Ax-yVSTIjaKNvg5z2Ouzd8EUAd0.roa
Signing time: Sun 23 Jan 2022 08:19:34 +0000
ROA not before: Sun 23 Jan 2022 08:19:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43297
IP address blocks: 95.85.86.0/24 maxlen: 24
95.85.87.0/24 maxlen: 24
79.133.98.0/24 maxlen: 24
178.57.64.0/24 maxlen: 24
178.57.69.0/24 maxlen: 24
185.13.35.0/24 maxlen: 24
185.13.32.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 707667387 (0x2a2e25bb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1045dacc837798c3e6cf31f4d27946a33b0de661
Validity
Not Before: Jan 23 08:19:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=031fb25524c88da28dbe0e73d8ebb377c11401dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a6:69:08:7c:93:db:26:6e:8e:ac:32:23:61:
32:fc:53:24:73:85:c2:00:9f:b3:bf:df:37:87:3c:
c9:ae:a2:63:68:9a:5e:64:20:a8:82:55:b1:0b:0b:
f6:77:e6:83:4b:1c:62:f8:df:b6:8f:31:ff:ec:52:
00:cc:be:5b:a4:f8:5f:a6:f6:a3:5b:c6:77:66:95:
55:e3:40:77:f4:3d:b0:12:8a:61:b7:9d:15:91:1b:
c4:e4:4c:8c:3b:9f:97:3f:0b:2c:07:94:92:ef:c3:
36:a1:8b:86:fc:9c:6d:5c:f4:4e:57:86:0c:a9:d4:
e0:41:49:26:88:4e:4e:96:c8:c5:52:d1:82:e1:ff:
67:a3:d6:cf:ba:7b:c4:ce:c0:77:4f:87:5a:4d:1e:
b6:90:30:54:2a:a9:9f:6e:c1:4a:00:77:42:1b:3d:
37:a6:09:ee:76:83:56:29:ae:53:d8:4a:c8:cc:e0:
be:12:ae:48:45:5c:c2:a8:04:52:57:ce:68:92:16:
21:17:d2:5e:dc:01:05:70:6e:20:14:1a:0d:cc:9e:
36:06:3e:e0:b1:6f:3b:f0:28:fe:72:7f:c3:73:59:
13:95:db:7b:01:ab:d6:81:06:2c:e1:bd:6d:f7:30:
06:5b:0d:04:6e:2f:ca:57:6f:50:5c:39:15:16:ba:
9c:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:1F:B2:55:24:C8:8D:A2:8D:BE:0E:73:D8:EB:B3:77:C1:14:01:DD
X509v3 Authority Key Identifier:
keyid:10:45:DA:CC:83:77:98:C3:E6:CF:31:F4:D2:79:46:A3:3B:0D:E6:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EEXazIN3mMPmzzH00nlGozsN5mE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/Ax-yVSTIjaKNvg5z2Ouzd8EUAd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/EEXazIN3mMPmzzH00nlGozsN5mE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.133.98.0/24
95.85.86.0/23
178.57.64.0/24
178.57.69.0/24
185.13.32.0/24
185.13.35.0/24
Signature Algorithm: sha256WithRSAEncryption
52:ae:0d:1a:81:2f:90:dc:ef:93:de:e6:13:33:e6:33:2b:e0:
77:dd:c9:b4:d0:4a:6b:34:12:5a:04:22:6e:50:49:75:10:0f:
f2:71:72:78:a6:2a:cd:7d:c0:0e:52:b2:8f:8d:1f:f7:14:04:
19:ae:97:99:98:03:f2:17:e2:fc:92:6f:7b:2d:5c:60:55:6b:
71:8c:d8:fa:17:c8:20:29:1e:b9:d8:7d:82:32:a0:58:f0:89:
d4:42:aa:0f:ba:1e:61:6b:fd:fe:70:58:ce:12:b8:29:39:d5:
cf:4f:8e:0c:df:d8:6b:01:01:7e:8a:f0:d3:91:9e:a8:76:d8:
09:8b:f0:08:b6:55:52:f4:81:d5:15:be:28:b2:4c:ef:ea:d6:
4d:fb:bf:1e:b5:c9:ee:78:42:f1:46:e9:72:06:de:8d:e1:51:
28:da:eb:7f:47:dd:3b:30:68:4e:60:6c:de:2f:6e:bb:0e:a6:
cb:01:04:f4:98:b2:2a:de:a9:8c:0b:8c:f7:84:11:fd:ce:51:
89:86:a0:46:a9:c7:45:2e:09:a6:5b:08:5e:82:9e:e8:ee:3a:
00:8a:32:02:22:7c:b4:e3:9f:ea:de:88:ee:03:f6:16:df:83:
7a:1b:7a:2b:c8:3d:f1:18:21:bc:50:c9:58:83:0e:13:ff:fa:
4f:6a:31:5c
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEKi4luzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MDQ1ZGFjYzgzNzc5OGMzZTZjZjMxZjRkMjc5NDZhMzNiMGRlNjYxMB4XDTIyMDEy
MzA4MTkzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDMxZmIyNTUyNGM4
OGRhMjhkYmUwZTczZDhlYmIzNzdjMTE0MDFkZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALOmaQh8k9smbo6sMiNhMvxTJHOFwgCfs7/fN4c8ya6iY2ia
XmQgqIJVsQsL9nfmg0scYvjfto8x/+xSAMy+W6T4X6b2o1vGd2aVVeNAd/Q9sBKK
YbedFZEbxORMjDuflz8LLAeUku/DNqGLhvycbVz0TleGDKnU4EFJJohOTpbIxVLR
guH/Z6PWz7p7xM7Ad0+HWk0etpAwVCqpn27BSgB3Qhs9N6YJ7naDVimuU9hKyMzg
vhKuSEVcwqgEUlfOaJIWIRfSXtwBBXBuIBQaDcyeNgY+4LFvO/Ao/nJ/w3NZE5Xb
ewGr1oEGLOG9bfcwBlsNBG4vyldvUFw5FRa6nBUCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBQDH7JVJMiNoo2+DnPY67N3wRQB3TAfBgNVHSMEGDAWgBQQRdrMg3eYw+bP
MfTSeUajOw3mYTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VFWGF6SU4zbU1QbXp6SDAwbmxHb3pzTjVtRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjIvMjY2Y2FmLTNiNDMtNDllMC1iNmUxLTljMTc0ZTUzZTRmZS8x
L0F4LXlWU1RJamFLTnZnNXoyT3V6ZDhFVUFkMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjIv
MjY2Y2FmLTNiNDMtNDllMC1iNmUxLTljMTc0ZTUzZTRmZS8xL0VFWGF6SU4zbU1Q
bXp6SDAwbmxHb3pzTjVtRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAE+FYgMEAV9VVgMEALI5QAMEALI5
RQMEALkNIAMEALkNIzANBgkqhkiG9w0BAQsFAAOCAQEAUq4NGoEvkNzvk97mEzPm
Myvgd93JtNBKazQSWgQiblBJdRAP8nFyeKYqzX3ADlKyj40f9xQEGa6XmZgD8hfi
/JJvey1cYFVrcYzY+hfIICkeudh9gjKgWPCJ1EKqD7oeYWv9/nBYzhK4KTnVz0+O
DN/YawEBforw05GeqHbYCYvwCLZVUvSB1RW+KLJM7+rWTfu/HrXJ7nhC8Ubpcgbe
jeFRKNrrf0fdOzBoTmBs3i9uuw6mywEE9JiyKt6pjAuM94QR/c5RiYagRqnHRS4J
plsIXoKe6O46AIoyAiJ8tOOf6t6I7gP2Ft+Deht6K8g98RghvFDJWIMOE//6T2ox
XA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:13 2023 by rpki-client on console-ams.rpki-client.org