Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/joCU6kVP5IHzeHoihSdcfRY3Rds.roa
File: joCU6kVP5IHzeHoihSdcfRY3Rds.roa (raw, json)
Hash identifier: VuDRjcv6n2JvFxKr3l4u6YYuH+YksvLZaBZf8mzoXhU=
Subject key identifier: 8E:80:94:EA:45:4F:E4:81:F3:78:7A:22:85:27:5C:7D:16:37:45:DB
Certificate issuer: /CN=2dd596c1ea7ecbb1be1777fc0d38ed06ca40eabe
Certificate serial: 027266D3
Authority key identifier: 2D:D5:96:C1:EA:7E:CB:B1:BE:17:77:FC:0D:38:ED:06:CA:40:EA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LdWWwep-y7G-F3f8DTjtBspA6r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/joCU6kVP5IHzeHoihSdcfRY3Rds.roa
Signing time: Sat 14 May 2022 13:24:24 +0000
ROA not before: Sat 14 May 2022 13:24:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50873
IP address blocks: 37.228.130.0/24 maxlen: 24
94.247.143.0/24 maxlen: 24
151.216.2.0/24 maxlen: 24
194.104.114.0/23 maxlen: 23
185.97.4.0/22 maxlen: 22
185.97.6.0/24 maxlen: 24
2a06:1c0::/30 maxlen: 30
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41051859 (0x27266d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2dd596c1ea7ecbb1be1777fc0d38ed06ca40eabe
Validity
Not Before: May 14 13:24:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8e8094ea454fe481f3787a2285275c7d163745db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:fb:c5:c1:c3:6b:72:83:14:45:75:ae:f8:38:
95:26:f9:38:bc:d6:99:13:1f:99:0c:25:d2:1d:eb:
18:eb:af:3e:da:45:4b:ac:6e:a5:dd:88:5e:19:33:
cd:35:b8:6e:bb:49:85:cb:0e:de:e0:f0:46:c5:7b:
6f:8c:bf:27:24:f9:5c:c0:e3:45:33:32:da:3c:73:
8f:80:bf:b0:75:84:6b:35:e1:73:c2:aa:48:07:2f:
a5:6e:a0:05:c9:85:d2:c6:2e:fe:40:6a:67:e5:0c:
60:87:42:5b:23:fe:4b:84:09:2f:72:73:c7:aa:c4:
b0:34:bc:a3:91:1a:f1:3f:83:da:e7:87:15:5e:33:
8f:cd:eb:4e:54:c5:08:70:9f:16:93:28:d6:ea:f6:
e3:ad:2f:4f:34:91:42:1f:54:10:58:cb:ec:bf:a8:
6b:37:da:fa:a1:76:0b:8c:a3:b0:55:9b:49:cf:bd:
9a:ad:5b:44:39:c9:57:f5:8b:50:a1:d9:74:da:ac:
b6:0b:db:60:ae:2d:d6:ff:2e:18:71:1d:f9:07:98:
58:68:24:12:ff:74:a3:d9:66:b3:da:cf:b9:41:6d:
13:5f:ad:8b:de:02:15:16:4d:15:f7:ef:a2:df:6f:
4b:02:16:92:af:b6:91:5d:6d:0d:ed:e4:0d:66:55:
f3:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:80:94:EA:45:4F:E4:81:F3:78:7A:22:85:27:5C:7D:16:37:45:DB
X509v3 Authority Key Identifier:
keyid:2D:D5:96:C1:EA:7E:CB:B1:BE:17:77:FC:0D:38:ED:06:CA:40:EA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LdWWwep-y7G-F3f8DTjtBspA6r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/joCU6kVP5IHzeHoihSdcfRY3Rds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/LdWWwep-y7G-F3f8DTjtBspA6r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.228.130.0/24
94.247.143.0/24
151.216.2.0/24
185.97.4.0/22
194.104.114.0/23
IPv6:
2a06:1c0::/30
Signature Algorithm: sha256WithRSAEncryption
49:b0:12:9d:89:be:a4:bb:c9:d3:ea:64:09:5e:d3:f9:59:00:
94:1c:d7:c0:8b:c4:87:f1:74:31:3d:bd:98:de:d4:15:5e:2d:
e9:c8:2f:20:c2:76:7f:56:e7:f3:cb:73:11:1b:1f:e9:fb:1c:
18:c6:c3:f8:02:be:ef:cd:93:4b:b2:98:7f:52:aa:02:c2:1d:
ca:f6:77:08:e9:52:5a:9d:73:b1:87:11:64:8f:a2:24:be:f0:
60:5e:f5:82:24:d2:13:8e:f5:b8:6e:1c:ae:7f:41:24:51:bb:
a8:5c:db:a9:15:a5:d3:0b:cf:3f:21:dc:46:06:b0:58:67:d6:
51:5e:64:9d:05:b0:2c:b0:0a:4e:ac:a8:24:f8:54:31:2b:95:
f4:c2:a6:c4:27:05:48:06:ac:bc:ae:08:e5:6e:ff:db:8c:12:
f0:d2:cb:b9:a9:01:94:6c:11:68:ba:bc:de:0c:97:0a:ea:19:
c6:30:df:c0:ba:02:76:98:75:d5:53:c7:b4:24:2c:f4:fa:a5:
c8:45:40:f9:58:85:33:09:3b:9e:e6:c0:ba:c1:86:3a:9e:1d:
72:4f:a9:2b:68:d7:0b:c4:5a:29:4c:46:0a:c5:03:f9:2f:d7:
38:2f:5b:b7:84:79:59:a1:0c:fb:23:cb:44:c3:f5:b1:5e:1a:
52:e7:88:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEAnJm0zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZGQ1OTZjMWVhN2VjYmIxYmUxNzc3ZmMwZDM4ZWQwNmNhNDBlYWJlMB4XDTIyMDUx
NDEzMjQyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGU4MDk0ZWE0NTRm
ZTQ4MWYzNzg3YTIyODUyNzVjN2QxNjM3NDVkYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJz7xcHDa3KDFEV1rvg4lSb5OLzWmRMfmQwl0h3rGOuvPtpF
S6xupd2IXhkzzTW4brtJhcsO3uDwRsV7b4y/JyT5XMDjRTMy2jxzj4C/sHWEazXh
c8KqSAcvpW6gBcmF0sYu/kBqZ+UMYIdCWyP+S4QJL3Jzx6rEsDS8o5Ea8T+D2ueH
FV4zj83rTlTFCHCfFpMo1ur2460vTzSRQh9UEFjL7L+oazfa+qF2C4yjsFWbSc+9
mq1bRDnJV/WLUKHZdNqstgvbYK4t1v8uGHEd+QeYWGgkEv90o9lms9rPuUFtE1+t
i94CFRZNFffvot9vSwIWkq+2kV1tDe3kDWZV848CAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBSOgJTqRU/kgfN4eiKFJ1x9FjdF2zAfBgNVHSMEGDAWgBQt1ZbB6n7Lsb4X
d/wNOO0GykDqvjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xkV1d3ZXAteTdHLUYzZjhEVGp0QnNwQTZyNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWIvMzYzZWNjLTJhYTEtNDI4MS05NWIxLThiMGZjMDc4NThkNi8x
L2pvQ1U2a1ZQNUlIemVIb2loU2RjZlJZM1Jkcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIv
MzYzZWNjLTJhYTEtNDI4MS05NWIxLThiMGZjMDc4NThkNi8xL0xkV1d3ZXAteTdH
LUYzZjhEVGp0QnNwQTZyNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEACXkggMEAF73jwMEAJfYAgMEArlh
BAMEAcJocjANBAIAAjAHAwUCKgYBwDANBgkqhkiG9w0BAQsFAAOCAQEASbASnYm+
pLvJ0+pkCV7T+VkAlBzXwIvEh/F0MT29mN7UFV4t6cgvIMJ2f1bn88tzERsf6fsc
GMbD+AK+782TS7KYf1KqAsIdyvZ3COlSWp1zsYcRZI+iJL7wYF71giTSE471uG4c
rn9BJFG7qFzbqRWl0wvPPyHcRgawWGfWUV5knQWwLLAKTqyoJPhUMSuV9MKmxCcF
SAasvK4I5W7/24wS8NLLuakBlGwRaLq83gyXCuoZxjDfwLoCdph11VPHtCQs9Pql
yEVA+ViFMwk7nubAusGGOp4dck+pK2jXC8RaKUxGCsUD+S/XOC9bt4R5WaEM+yPL
RMP1sV4aUueIYA==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:40 2023 by rpki-client on console.sobornost.net