Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/KQF_Y64N5FFx479sM6eX05Z0CTk.roa
File: KQF_Y64N5FFx479sM6eX05Z0CTk.roa (raw, json)
Hash identifier: FNZm2Bs8YJMoftg52YLFvGSgXfT3FXSc7FRZGH5ZQyk=
Subject key identifier: 29:01:7F:63:AE:0D:E4:51:71:E3:BF:6C:33:A7:97:D3:96:74:09:39
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 421F36AE
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/KQF_Y64N5FFx479sM6eX05Z0CTk.roa
Signing time: Fri 04 Mar 2022 07:21:07 +0000
ROA not before: Fri 04 Mar 2022 07:21:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12325
IP address blocks: 94.177.28.0/24 maxlen: 24
89.46.42.0/24 maxlen: 24
188.213.212.0/24 maxlen: 24
188.213.216.0/24 maxlen: 24
94.176.213.0/24 maxlen: 24
89.47.36.0/24 maxlen: 24
92.114.32.0/24 maxlen: 24
89.40.222.0/23 maxlen: 24
92.114.54.0/24 maxlen: 24
89.35.124.0/23 maxlen: 24
89.44.105.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1109341870 (0x421f36ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Mar 4 07:21:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=29017f63ae0de45171e3bf6c33a797d396740939
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:58:2e:35:c4:55:ff:72:5e:92:f3:39:fe:db:
fa:b6:16:de:ba:fe:12:1f:1c:a9:28:d7:c4:8c:62:
1e:33:fc:74:3c:86:ab:fd:0e:3b:e6:65:ac:dd:5e:
78:f1:4a:39:49:c5:93:c3:09:39:d3:43:40:4d:f1:
da:cf:a1:22:a9:e9:4c:8c:da:53:e2:4f:b7:7f:5e:
58:09:4f:81:e1:4f:7c:a6:ff:be:85:db:fa:03:f3:
10:f4:7b:48:c0:40:72:7d:90:2f:38:45:34:6b:7b:
bb:8f:2f:d4:41:c3:2b:e3:ef:62:66:1b:3f:4d:bc:
bb:e6:a6:d5:09:26:8e:93:3a:e9:ed:a0:03:2b:51:
ce:3c:3d:0d:09:09:5e:57:53:d2:d5:9a:6c:eb:9e:
19:6c:c2:c2:40:be:26:5e:d4:72:33:54:c0:d5:f9:
b9:28:97:a4:d5:0c:9e:55:66:b9:48:3e:66:3d:45:
d8:70:bb:ef:bf:e0:32:9c:59:27:14:3c:e7:c9:89:
f6:49:77:b1:25:14:01:32:c3:2f:70:ae:0e:80:ce:
55:4d:7f:80:7a:ba:be:d1:d5:33:45:fa:14:ea:26:
83:e8:24:a7:71:42:ac:27:9a:34:3b:82:02:47:12:
a2:f7:04:45:e7:cf:35:16:0d:ca:fd:0e:fb:fe:be:
fe:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:01:7F:63:AE:0D:E4:51:71:E3:BF:6C:33:A7:97:D3:96:74:09:39
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/KQF_Y64N5FFx479sM6eX05Z0CTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.124.0/23
89.40.222.0/23
89.44.105.0/24
89.46.42.0/24
89.47.36.0/24
92.114.32.0/24
92.114.54.0/24
94.176.213.0/24
94.177.28.0/24
188.213.212.0/24
188.213.216.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:1d:44:8d:b4:e8:02:67:bc:a0:82:49:7b:35:73:55:e8:ed:
ae:74:40:62:76:99:52:9c:a4:6f:de:83:ee:07:13:54:d9:c9:
03:c7:dd:24:91:0e:43:7a:51:03:fa:c1:24:f4:d0:42:c7:01:
a8:d2:09:67:32:8d:60:5a:2b:e3:9f:25:4d:9e:8d:68:c6:78:
0c:cf:2a:9d:2b:35:36:7c:3f:ef:b2:76:94:9d:e9:9c:82:eb:
1c:b5:a8:ef:5f:28:70:33:e2:ce:72:9f:2e:71:52:0b:2d:31:
7f:58:6f:45:28:04:1b:eb:67:ec:0a:ff:42:1c:58:f9:fa:07:
2f:da:3f:86:89:25:b2:44:26:6e:50:27:e4:0e:ca:29:a5:fa:
ef:53:54:be:d4:7d:b8:37:9e:3a:a3:c2:8c:19:2f:f5:39:bd:
5a:b6:31:1a:6e:df:19:32:8b:bf:bf:7d:75:ad:11:ab:2d:f2:
14:f1:3f:b1:13:1f:50:0c:cc:53:33:b3:42:ef:38:29:9e:2f:
24:1f:18:d7:21:8f:dc:9e:46:a1:fd:bf:70:3c:cc:a1:c6:3c:
8d:18:f4:03:91:75:fe:3b:f9:7d:0f:5c:46:36:c4:20:57:6b:
a1:1e:54:b3:52:12:46:5a:c0:5b:22:b8:3f:38:eb:76:e5:19:
2f:a7:6f:79
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIEQh82rjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
OGU2MjYzNGUxYmQ1MTMzYTlkZTQ1MTJhZTk4Y2FkMWIyMjE5YjU5MB4XDTIyMDMw
NDA3MjEwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjkwMTdmNjNhZTBk
ZTQ1MTcxZTNiZjZjMzNhNzk3ZDM5Njc0MDkzOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOhYLjXEVf9yXpLzOf7b+rYW3rr+Eh8cqSjXxIxiHjP8dDyG
q/0OO+ZlrN1eePFKOUnFk8MJOdNDQE3x2s+hIqnpTIzaU+JPt39eWAlPgeFPfKb/
voXb+gPzEPR7SMBAcn2QLzhFNGt7u48v1EHDK+PvYmYbP028u+am1QkmjpM66e2g
AytRzjw9DQkJXldT0tWabOueGWzCwkC+Jl7UcjNUwNX5uSiXpNUMnlVmuUg+Zj1F
2HC777/gMpxZJxQ858mJ9kl3sSUUATLDL3CuDoDOVU1/gHq6vtHVM0X6FOomg+gk
p3FCrCeaNDuCAkcSovcERefPNRYNyv0O+/6+/tUCAwEAAaOCAkcwggJDMB0GA1Ud
DgQWBBQpAX9jrg3kUXHjv2wzp5fTlnQJOTAfBgNVHSMEGDAWgBT45iY04b1RM6ne
RRKumMrRsiGbWTAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzc4L2RhMzM5OC02Njk4LTQ1ZjItYmFhZS05MmUyNWZlMTYzMzEv
MS9LUUZfWTY0TjVGRng0NzlzTTZlWDA1WjBDVGsucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc4
L2RhMzM5OC02Njk4LTQ1ZjItYmFhZS05MmUyNWZlMTYzMzEvMS8xLU9ZbU5PRzlV
VE9wM2tVU3JwakswYklobTFrLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQBWSN8AwQBWSjeAwQAWSxpAwQA
WS4qAwQAWS8kAwQAXHIgAwQAXHI2AwQAXrDVAwQAXrEcAwQAvNXUAwQAvNXYMA0G
CSqGSIb3DQEBCwUAA4IBAQA8HUSNtOgCZ7yggkl7NXNV6O2udEBidplSnKRv3oPu
BxNU2ckDx90kkQ5DelED+sEk9NBCxwGo0glnMo1gWivjnyVNno1oxngMzyqdKzU2
fD/vsnaUnemcgusctajvXyhwM+LOcp8ucVILLTF/WG9FKAQb62fsCv9CHFj5+gcv
2j+GiSWyRCZuUCfkDsoppfrvU1S+1H24N546o8KMGS/1Ob1atjEabt8ZMou/v311
rRGrLfIU8T+xEx9QDMxTM7NC7zgpni8kHxjXIY/cnkah/b9wPMyhxjyNGPQDkXX+
O/l9D1xGNsQgV2uhHlSzUhJGWsBbIrg/OOt25Rkvp295
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:52 2024 by rpki-client on console-ams.rpki-client.org