Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/6rzWwJ6Pnq5OEGhymk9J8ohN46s.roa
File: 6rzWwJ6Pnq5OEGhymk9J8ohN46s.roa (raw, json)
Hash identifier: PwhIj1oii4IQwYa76l84uwILp0rQMROF8zVpa8v/q8g=
Subject key identifier: EA:BC:D6:C0:9E:8F:9E:AE:4E:10:68:72:9A:4F:49:F2:88:4D:E3:AB
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 0186A6821A0422050996FAF561AEAB0C8A1A
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/6rzWwJ6Pnq5OEGhymk9J8ohN46s.roa
Signing time: Fri 03 Mar 2023 08:06:29 +0000
ROA not before: Fri 03 Mar 2023 08:06:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12325
IP address blocks: 94.177.28.0/24 maxlen: 24
86.105.144.0/22 maxlen: 24
185.18.224.0/23 maxlen: 24
89.37.107.0/24 maxlen: 24
86.106.26.0/24 maxlen: 24
89.35.124.0/23 maxlen: 24
93.114.176.0/23 maxlen: 24
89.45.162.0/24 maxlen: 24
89.46.128.0/22 maxlen: 24
89.39.94.0/23 maxlen: 24
89.40.70.0/24 maxlen: 24
94.177.144.0/24 maxlen: 24
89.39.123.0/24 maxlen: 24
188.213.212.0/24 maxlen: 24
188.213.216.0/24 maxlen: 24
89.45.228.0/24 maxlen: 24
188.215.40.0/22 maxlen: 24
92.114.32.0/24 maxlen: 24
86.107.100.0/24 maxlen: 24
89.40.222.0/23 maxlen: 24
89.45.35.0/24 maxlen: 24
92.114.54.0/24 maxlen: 24
31.14.228.0/22 maxlen: 24
89.46.232.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a6:82:1a:04:22:05:09:96:fa:f5:61:ae:ab:0c:8a:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Mar 3 08:06:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eabcd6c09e8f9eae4e1068729a4f49f2884de3ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:5b:07:63:15:33:4d:a0:ea:6a:e6:0f:bb:a3:
c0:6a:97:df:48:66:cf:9e:f3:98:f5:31:53:28:5d:
36:cb:fa:84:c0:d1:dd:75:22:3d:31:0f:4e:82:5a:
c8:ce:b2:37:b2:c8:a4:92:21:32:82:17:e4:23:ba:
fc:ad:4e:3b:d0:47:6b:64:fa:dc:eb:82:7a:78:7a:
1d:c2:a5:e1:68:83:6f:27:9d:12:36:58:87:b3:3b:
0f:eb:51:2c:6d:4a:ac:a1:60:2d:24:02:cb:40:a1:
56:3c:35:b9:78:9d:34:fe:93:95:a2:8a:15:45:94:
d9:0a:5f:e3:c7:da:d1:8d:a7:25:8d:4f:aa:5a:b4:
74:6c:05:bd:97:5e:e8:30:7c:56:d5:72:23:55:f5:
71:d8:3b:e0:40:e0:b2:a8:65:a1:e2:90:46:80:e7:
b7:86:42:8a:0c:7d:0f:15:a5:1d:88:8b:8c:bc:f9:
72:74:ef:f8:cd:6a:d7:f4:1f:cf:75:61:88:b1:13:
79:81:a5:f5:ab:12:48:8f:88:3d:75:4c:b8:8c:c9:
6b:7e:33:81:0f:52:fd:72:f4:5e:9e:a0:67:db:4e:
58:cb:78:14:22:8f:f3:93:71:68:9e:e3:c0:e3:9a:
77:4e:39:a5:2d:50:b9:13:57:fb:d2:88:2c:b0:d9:
cb:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:BC:D6:C0:9E:8F:9E:AE:4E:10:68:72:9A:4F:49:F2:88:4D:E3:AB
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/6rzWwJ6Pnq5OEGhymk9J8ohN46s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.228.0/22
86.105.144.0/22
86.106.26.0/24
86.107.100.0/24
89.35.124.0/23
89.37.107.0/24
89.39.94.0/23
89.39.123.0/24
89.40.70.0/24
89.40.222.0/23
89.45.35.0/24
89.45.162.0/24
89.45.228.0/24
89.46.128.0/22
89.46.232.0/21
92.114.32.0/24
92.114.54.0/24
93.114.176.0/23
94.177.28.0/24
94.177.144.0/24
185.18.224.0/23
188.213.212.0/24
188.213.216.0/24
188.215.40.0/22
Signature Algorithm: sha256WithRSAEncryption
f1:75:63:5b:5d:2d:3e:e2:95:a4:16:9c:c2:91:d2:b6:ff:86:
86:14:03:26:65:8b:09:c7:50:07:72:a8:5f:23:d4:58:2b:e3:
41:bc:05:e9:ba:4a:38:50:df:71:84:75:2b:01:47:48:94:08:
d8:3a:98:f1:ef:a7:a2:99:da:7a:10:01:f6:e2:c2:f8:3d:52:
72:22:ed:25:96:86:5d:f5:4f:a9:57:80:64:6c:91:4c:72:c1:
7e:23:9c:d9:9f:d7:e6:27:8a:12:4b:5c:b3:66:a3:eb:ea:2b:
d1:c1:28:d3:88:8f:53:02:2d:ca:21:e7:b4:09:69:e2:cd:dd:
32:35:bc:a8:60:aa:d6:ba:44:87:8b:21:b6:78:79:44:42:44:
bd:b4:02:90:67:bc:33:1b:17:a9:d6:b4:b4:5b:53:ac:7e:84:
b9:d6:88:70:07:a5:cd:f4:4c:1b:08:f6:ff:c2:72:85:6b:19:
c7:3a:da:e8:eb:88:4e:b3:e8:e6:b8:27:92:6f:b1:5f:0f:3d:
5a:46:42:af:0e:84:db:08:bd:95:3d:57:b2:73:42:21:cd:04:
df:48:4f:54:1b:51:06:db:74:2b:5e:9a:b9:d2:c1:82:79:1a:
3d:fa:4a:64:a2:c1:60:41:4a:30:d5:e7:96:23:fe:c9:05:63:
bf:82:10:b3
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgISAYamghoEIgUJlvr1Ya6rDIoaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjMwMzAzMDgwNjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWJjZDZjMDllOGY5ZWFlNGUxMDY4NzI5YTRmNDlmMjg4NGRlM2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVsHYxUzTaDqauYPu6PAapffSGbP
nvOY9TFTKF02y/qEwNHddSI9MQ9OglrIzrI3ssikkiEyghfkI7r8rU470EdrZPrc
64J6eHodwqXhaINvJ50SNliHszsP61EsbUqsoWAtJALLQKFWPDW5eJ00/pOVoooV
RZTZCl/jx9rRjacljU+qWrR0bAW9l17oMHxW1XIjVfVx2DvgQOCyqGWh4pBGgOe3
hkKKDH0PFaUdiIuMvPlydO/4zWrX9B/PdWGIsRN5gaX1qxJIj4g9dUy4jMlrfjOB
D1L9cvRenqBn205Yy3gUIo/zk3FonuPA45p3TjmlLVC5E1f70ogssNnLdwIDAQAB
o4ICmjCCApYwHQYDVR0OBBYEFOq81sCej56uThBocppPSfKITeOrMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xLzZyeld3SjZQbnE1T0VHaHltazlKOG9oTjQ2cy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwga0GCCsGAQUFBwEHAQH/BIGdMIGaMIGXBAIAATCBkAME
Ah8O5AMEAlZpkAMEAFZqGgMEAFZrZAMEAVkjfAMEAFklawMEAVknXgMEAFknewME
AFkoRgMEAVko3gMEAFktIwMEAFktogMEAFkt5AMEAlkugAMEA1ku6AMEAFxyIAME
AFxyNgMEAV1ysAMEAF6xHAMEAF6xkAMEAbkS4AMEALzV1AMEALzV2AMEArzXKDAN
BgkqhkiG9w0BAQsFAAOCAQEA8XVjW10tPuKVpBacwpHStv+GhhQDJmWLCcdQB3Ko
XyPUWCvjQbwF6bpKOFDfcYR1KwFHSJQI2DqY8e+nopnaehAB9uLC+D1SciLtJZaG
XfVPqVeAZGyRTHLBfiOc2Z/X5ieKEktcs2aj6+or0cEo04iPUwItyiHntAlp4s3d
MjW8qGCq1rpEh4shtnh5REJEvbQCkGe8MxsXqda0tFtTrH6EudaIcAelzfRMGwj2
/8JyhWsZxzra6OuITrPo5rgnkm+xXw89WkZCrw6E2wi9lT1XsnNCIc0E30hPVBtR
Btt0K16audLBgnkaPfpKZKLBYEFKMNXnliP+yQVjv4IQsw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:42 2024 by rpki-client on console-fra.rpki-client.org