Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/7NEmk64v_R1PJpO5_nxkrYPeU1A.roa
File: 7NEmk64v_R1PJpO5_nxkrYPeU1A.roa (raw, json)
Hash identifier: koMx+k2dqAt0Scie0GG8hqJ7B+Ogy7xS48x3W/kGejs=
Subject key identifier: EC:D1:26:93:AE:2F:FD:1D:4F:26:93:B9:FE:7C:64:AD:83:DE:53:50
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 01860303C1001913F6D19AB9681BAF05A38C
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/7NEmk64v_R1PJpO5_nxkrYPeU1A.roa
Signing time: Mon 30 Jan 2023 14:10:22 +0000
ROA not before: Mon 30 Jan 2023 14:10:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12325
IP address blocks: 94.177.28.0/24 maxlen: 24
86.105.144.0/22 maxlen: 24
185.18.224.0/23 maxlen: 24
89.35.124.0/23 maxlen: 24
89.35.130.0/23 maxlen: 24
89.46.128.0/22 maxlen: 24
89.46.42.0/24 maxlen: 24
188.213.212.0/24 maxlen: 24
188.213.216.0/24 maxlen: 24
94.176.213.0/24 maxlen: 24
89.47.36.0/24 maxlen: 24
188.215.40.0/22 maxlen: 24
92.114.32.0/24 maxlen: 24
89.40.222.0/23 maxlen: 24
92.114.54.0/24 maxlen: 24
188.211.238.0/24 maxlen: 24
31.14.228.0/22 maxlen: 24
89.46.232.0/21 maxlen: 24
89.44.105.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:03:03:c1:00:19:13:f6:d1:9a:b9:68:1b:af:05:a3:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 30 14:10:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ecd12693ae2ffd1d4f2693b9fe7c64ad83de5350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:37:18:64:1c:24:15:e8:ab:4a:e0:e0:c2:8b:
a1:29:b9:a2:ec:b6:cc:02:be:94:b1:ee:df:99:c0:
fa:11:6d:7d:be:29:2c:44:00:84:fb:97:02:87:30:
c6:37:b0:a4:1e:d9:de:74:cb:dc:fb:b0:7b:c4:3e:
19:ef:8c:1e:d9:14:b2:86:b6:cf:5e:58:75:9f:14:
37:a6:fb:1c:4d:fa:86:bc:41:76:a9:28:06:b2:1e:
53:f7:a7:96:6f:f4:46:b4:5a:86:11:38:89:38:62:
c5:20:af:1e:ac:fd:26:67:7a:f8:91:a3:49:41:23:
58:df:f5:39:3a:c8:7d:02:6e:02:a6:9b:5d:cd:9d:
fe:3b:57:12:a5:35:b1:cb:d1:86:88:ad:23:0e:98:
5e:fc:4c:ce:ec:e5:ab:18:7a:c5:33:ce:4e:14:ea:
7b:53:a6:db:ed:c7:b8:ce:e8:66:87:e8:3a:73:ae:
1d:52:8d:77:b9:16:83:77:2f:37:45:4c:63:42:e9:
9c:04:92:23:d9:e7:de:d4:6e:f5:ac:67:57:89:28:
ba:1e:c2:ab:0e:f4:86:c1:5a:bb:70:7c:ee:5d:21:
fc:1e:55:1e:6a:ee:e4:57:44:b2:0e:f3:fe:1d:e7:
6b:c2:30:68:c1:20:8b:26:a5:ca:16:50:5f:c7:15:
92:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:D1:26:93:AE:2F:FD:1D:4F:26:93:B9:FE:7C:64:AD:83:DE:53:50
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/7NEmk64v_R1PJpO5_nxkrYPeU1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.228.0/22
86.105.144.0/22
89.35.124.0/23
89.35.130.0/23
89.40.222.0/23
89.44.105.0/24
89.46.42.0/24
89.46.128.0/22
89.46.232.0/21
89.47.36.0/24
92.114.32.0/24
92.114.54.0/24
94.176.213.0/24
94.177.28.0/24
185.18.224.0/23
188.211.238.0/24
188.213.212.0/24
188.213.216.0/24
188.215.40.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:8e:b2:ef:b2:35:8d:ee:80:6a:c9:ae:12:78:40:e3:2d:c8:
72:a8:cb:77:5d:33:8c:b8:7a:30:ef:32:d1:da:c0:86:90:14:
f0:0f:24:02:74:9f:73:b6:63:dc:81:df:77:29:c5:05:cf:11:
58:7d:45:4b:bc:6e:93:50:ef:06:4b:1c:1f:4b:0a:b6:24:76:
b5:3a:43:f6:92:de:29:be:d2:32:b8:53:fd:04:fe:68:a9:53:
87:47:47:33:92:8e:9a:a5:eb:ae:8b:9a:c1:54:51:2e:49:45:
4f:d7:91:69:5c:26:ae:aa:ce:fc:d4:64:d4:35:c0:c7:22:20:
24:8f:74:f0:6c:e3:21:8f:3d:fc:08:50:7d:34:ba:fd:26:4d:
76:f9:c4:19:c4:10:d9:97:9f:14:92:33:61:25:83:cf:bf:c2:
a0:59:ec:43:e8:4c:a2:76:81:d9:06:ef:39:8a:71:96:3a:3b:
97:3f:de:18:71:7f:19:fd:24:5c:aa:95:08:28:90:9a:6f:fb:
3d:14:ed:e3:bc:5d:7a:97:59:9d:42:c1:55:69:4f:3f:5b:34:
99:78:b6:7e:ff:9c:39:81:1f:61:ee:fd:ad:10:f0:3d:e7:4c:
74:b3:02:25:62:ba:e4:ab:7a:f3:a5:75:0d:ab:e0:05:2d:6d:
03:9c:20:f0
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAYYDA8EAGRP20Zq5aBuvBaOMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjMwMTMwMTQxMDIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2QxMjY5M2FlMmZmZDFkNGYyNjkzYjlmZTdjNjRhZDgzZGU1MzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkTcYZBwkFeirSuDgwouhKbmi7LbM
Ar6Use7fmcD6EW19viksRACE+5cChzDGN7CkHtnedMvc+7B7xD4Z74we2RSyhrbP
Xlh1nxQ3pvscTfqGvEF2qSgGsh5T96eWb/RGtFqGETiJOGLFIK8erP0mZ3r4kaNJ
QSNY3/U5Osh9Am4CpptdzZ3+O1cSpTWxy9GGiK0jDphe/EzO7OWrGHrFM85OFOp7
U6bb7ce4zuhmh+g6c64dUo13uRaDdy83RUxjQumcBJIj2efe1G71rGdXiSi6HsKr
DvSGwVq7cHzuXSH8HlUeau7kV0SyDvP+HedrwjBowSCLJqXKFlBfxxWScwIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFOzRJpOuL/0dTyaTuf58ZK2D3lNQMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xLzdORW1rNjR2X1IxUEpwTzVfbnhrcllQZVUxQS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgYsGCCsGAQUFBwEHAQH/BHwwejB4BAIAATByAwQCHw7k
AwQCVmmQAwQBWSN8AwQBWSOCAwQBWSjeAwQAWSxpAwQAWS4qAwQCWS6AAwQDWS7o
AwQAWS8kAwQAXHIgAwQAXHI2AwQAXrDVAwQAXrEcAwQBuRLgAwQAvNPuAwQAvNXU
AwQAvNXYAwQCvNcoMA0GCSqGSIb3DQEBCwUAA4IBAQCKjrLvsjWN7oBqya4SeEDj
LchyqMt3XTOMuHow7zLR2sCGkBTwDyQCdJ9ztmPcgd93KcUFzxFYfUVLvG6TUO8G
SxwfSwq2JHa1OkP2kt4pvtIyuFP9BP5oqVOHR0czko6apeuui5rBVFEuSUVP15Fp
XCauqs781GTUNcDHIiAkj3TwbOMhjz38CFB9NLr9Jk12+cQZxBDZl58UkjNhJYPP
v8KgWexD6EyidoHZBu85inGWOjuXP94YcX8Z/SRcqpUIKJCab/s9FO3jvF16l1md
QsFVaU8/WzSZeLZ+/5w5gR9h7v2tEPA950x0swIlYrrkq3rzpXUNq+AFLW0DnCDw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:42 2024 by rpki-client on console-fra.rpki-client.org