Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/5nfAZcViW9-sJJ1SvIIvP9Nau5U.roa
File: 5nfAZcViW9-sJJ1SvIIvP9Nau5U.roa (raw, json)
Hash identifier: 3HWA32ck5aumzerzgf4A0LIVDH0XohLr24GaRSAcgfg=
Subject key identifier: E6:77:C0:65:C5:62:5B:DF:AC:24:9D:52:BC:82:2F:3F:D3:5A:BB:95
Certificate issuer: /CN=c6a249a0eacd8abcbea0d82ef71016d386e8ef94
Certificate serial: 37ACA2FA
Authority key identifier: C6:A2:49:A0:EA:CD:8A:BC:BE:A0:D8:2E:F7:10:16:D3:86:E8:EF:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/5nfAZcViW9-sJJ1SvIIvP9Nau5U.roa
Signing time: Sat 01 Jan 2022 06:58:38 +0000
ROA not before: Sat 01 Jan 2022 06:58:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34968
IP address blocks: 37.148.128.0/21 maxlen: 24
89.207.24.0/21 maxlen: 24
95.155.190.0/24 maxlen: 24
95.155.191.0/24 maxlen: 24
46.38.192.0/19 maxlen: 24
152.89.84.0/22 maxlen: 24
95.155.128.0/18 maxlen: 24
93.88.152.0/21 maxlen: 24
193.238.240.0/22 maxlen: 24
2a01:710::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 934060794 (0x37aca2fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6a249a0eacd8abcbea0d82ef71016d386e8ef94
Validity
Not Before: Jan 1 06:58:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e677c065c5625bdfac249d52bc822f3fd35abb95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:0f:55:35:9a:b1:41:c1:49:6d:11:b3:ae:3a:
01:55:e6:7f:90:0d:78:1c:5c:23:6b:04:1a:f4:75:
01:91:c6:f0:fb:ad:f9:2c:28:31:5e:0a:8b:16:97:
a3:a9:cb:49:de:4f:ff:a9:82:0a:c5:c5:a7:e1:18:
5d:a4:9e:39:22:80:26:dd:e8:ff:08:9a:e1:43:94:
c7:f6:2a:2f:05:5e:ee:2a:f4:26:03:b6:88:3d:28:
31:b2:47:0a:fd:a8:e8:1b:8d:8a:68:04:45:30:1f:
8a:17:49:0e:49:76:e5:b5:7a:65:2a:72:8c:2c:0e:
98:39:7f:54:fc:7f:e7:60:1a:24:37:75:ce:22:a5:
28:4d:26:a7:f2:60:96:9d:af:1f:4f:80:9f:9f:dc:
0f:fc:13:48:2f:61:ec:24:4d:75:9e:d0:ba:53:7f:
2b:2b:a1:b6:cf:2a:00:fb:4d:4e:d4:cf:9e:52:9f:
48:ec:53:3e:56:01:03:81:93:82:04:fe:6b:10:9c:
85:cc:52:ee:67:15:c5:22:cb:bb:79:15:e1:75:d0:
cd:8b:7b:0d:cd:7c:a2:86:6b:7f:61:cc:0e:28:20:
33:89:17:8e:a2:e0:01:18:18:dc:05:c2:8b:fd:01:
58:12:40:d6:57:de:3a:8f:89:86:d6:03:ba:25:2b:
1b:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:77:C0:65:C5:62:5B:DF:AC:24:9D:52:BC:82:2F:3F:D3:5A:BB:95
X509v3 Authority Key Identifier:
keyid:C6:A2:49:A0:EA:CD:8A:BC:BE:A0:D8:2E:F7:10:16:D3:86:E8:EF:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/5nfAZcViW9-sJJ1SvIIvP9Nau5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.148.128.0/21
46.38.192.0/19
89.207.24.0/21
93.88.152.0/21
95.155.128.0/18
152.89.84.0/22
193.238.240.0/22
IPv6:
2a01:710::/32
Signature Algorithm: sha256WithRSAEncryption
27:8f:c4:82:d5:e3:42:13:ad:11:3b:21:f7:2d:9d:e1:b5:a1:
d9:79:fb:6e:24:9e:99:ff:12:ca:72:be:f3:cf:94:91:51:f7:
b5:2e:48:78:ce:df:c8:a4:81:44:7f:04:a6:e6:e0:32:c1:ec:
aa:b6:69:0e:ff:3f:2e:16:83:d0:19:22:16:39:11:32:16:48:
fb:ec:b9:b0:cd:31:e5:bd:84:9b:be:a6:05:24:4c:8d:db:5b:
b9:de:13:cb:64:05:2b:af:a8:21:14:f5:46:58:bd:dc:fa:be:
db:39:7c:4c:ba:13:ce:cc:2d:5c:7e:1e:41:b6:fb:b8:3b:54:
5c:8e:65:4b:85:df:ae:7e:1c:b2:42:9d:56:0b:c1:b2:eb:e4:
5e:42:32:b2:ab:12:6a:85:3e:5a:5c:0d:77:22:8f:4c:17:e9:
c3:f7:64:6e:e5:11:1e:f7:5a:21:73:d7:03:d7:8f:b8:b0:94:
dc:40:2a:31:32:81:67:98:ab:04:ee:47:79:59:16:3a:df:9b:
10:c4:50:32:c1:8e:4e:03:ff:fb:47:ff:27:2e:4b:49:d1:13:
fa:6a:ba:7b:9e:b7:5f:2e:4d:d5:73:5d:d8:3e:35:f7:d1:b5:
42:33:6b:81:2d:eb:e2:dc:a1:ac:5d:4a:ff:27:fb:e2:e0:b4:
b7:77:fb:87
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIEN6yi+jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NmEyNDlhMGVhY2Q4YWJjYmVhMGQ4MmVmNzEwMTZkMzg2ZThlZjk0MB4XDTIyMDEw
MTA2NTgzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTY3N2MwNjVjNTYy
NWJkZmFjMjQ5ZDUyYmM4MjJmM2ZkMzVhYmI5NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALUPVTWasUHBSW0Rs646AVXmf5ANeBxcI2sEGvR1AZHG8Put
+SwoMV4KixaXo6nLSd5P/6mCCsXFp+EYXaSeOSKAJt3o/wia4UOUx/YqLwVe7ir0
JgO2iD0oMbJHCv2o6BuNimgERTAfihdJDkl25bV6ZSpyjCwOmDl/VPx/52AaJDd1
ziKlKE0mp/Jglp2vH0+An5/cD/wTSC9h7CRNdZ7QulN/Kyuhts8qAPtNTtTPnlKf
SOxTPlYBA4GTggT+axCchcxS7mcVxSLLu3kV4XXQzYt7Dc18ooZrf2HMDiggM4kX
jqLgARgY3AXCi/0BWBJA1lfeOo+JhtYDuiUrGxcCAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBTmd8BlxWJb36wknVK8gi8/01q7lTAfBgNVHSMEGDAWgBTGokmg6s2KvL6g
2C73EBbThujvlDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hxSkpvT3JOaXJ5LW9OZ3U5eEFXMDRibzc1US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjQvMzBmMTg2LTkwZTItNGNhNi05MTdlLTIxMDU3ZDIyOGQwNS8x
LzVuZkFaY1ZpVzktc0pKMVN2SUl2UDlOYXU1VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjQv
MzBmMTg2LTkwZTItNGNhNi05MTdlLTIxMDU3ZDIyOGQwNS8xL3hxSkpvT3JOaXJ5
LW9OZ3U5eEFXMDRibzc1US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEAyWUgAMEBS4mwAMEA1nPGAMEA11Y
mAMEBl+bgAMEAphZVAMEAsHu8DANBAIAAjAHAwUAKgEHEDANBgkqhkiG9w0BAQsF
AAOCAQEAJ4/EgtXjQhOtETsh9y2d4bWh2Xn7biSemf8SynK+88+UkVH3tS5IeM7f
yKSBRH8EpubgMsHsqrZpDv8/LhaD0BkiFjkRMhZI++y5sM0x5b2Em76mBSRMjdtb
ud4Ty2QFK6+oIRT1Rli93Pq+2zl8TLoTzswtXH4eQbb7uDtUXI5lS4Xfrn4cskKd
VgvBsuvkXkIysqsSaoU+WlwNdyKPTBfpw/dkbuURHvdaIXPXA9ePuLCU3EAqMTKB
Z5irBO5HeVkWOt+bEMRQMsGOTgP/+0f/Jy5LSdET+mq6e563Xy5N1XNd2D4199G1
QjNrgS3r4tyhrF1K/yf74uC0t3f7hw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:35 2024 by rpki-client on console-ams.rpki-client.org