Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/nS7QHYYn2zIKmilYXeJBGWS36DI.roa
File: nS7QHYYn2zIKmilYXeJBGWS36DI.roa (raw, json)
Hash identifier: dMCVrwoLpOn4SmUzug+WOoMKnIYhzAlPhMSA5kXLrdU=
Subject key identifier: 9D:2E:D0:1D:86:27:DB:32:0A:9A:29:58:5D:E2:41:19:64:B7:E8:32
Certificate issuer: /CN=ab54fe831b6a719f42e6c8486fd03b550be761fb
Certificate serial: 11A4928B
Authority key identifier: AB:54:FE:83:1B:6A:71:9F:42:E6:C8:48:6F:D0:3B:55:0B:E7:61:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q1T-gxtqcZ9C5shIb9A7VQvnYfs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/nS7QHYYn2zIKmilYXeJBGWS36DI.roa
Signing time: Sun 27 Mar 2022 19:20:19 +0000
ROA not before: Sun 27 Mar 2022 19:20:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13287
IP address blocks: 213.162.192.0/24 maxlen: 24
213.162.193.0/24 maxlen: 24
213.162.195.0/24 maxlen: 24
213.162.197.0/24 maxlen: 24
213.162.196.0/22 maxlen: 24
213.162.206.0/24 maxlen: 24
213.162.205.0/24 maxlen: 24
213.162.200.0/22 maxlen: 22
213.162.208.0/23 maxlen: 23
213.162.207.0/24 maxlen: 24
213.162.212.0/24 maxlen: 24
213.162.211.0/24 maxlen: 24
213.162.210.0/24 maxlen: 24
213.162.219.0/24 maxlen: 24
213.162.216.0/22 maxlen: 22
213.162.218.0/24 maxlen: 24
213.162.217.0/24 maxlen: 24
213.162.215.0/24 maxlen: 24
213.162.214.0/24 maxlen: 24
213.162.220.0/24 maxlen: 24
213.162.221.0/24 maxlen: 24
185.33.64.0/24 maxlen: 24
185.33.65.0/24 maxlen: 24
185.33.67.0/24 maxlen: 24
185.33.66.0/24 maxlen: 24
109.234.84.0/24 maxlen: 24
109.234.85.0/24 maxlen: 24
109.234.81.0/24 maxlen: 24
109.234.80.0/24 maxlen: 24
109.234.82.0/24 maxlen: 24
109.234.82.0/23 maxlen: 23
109.234.87.0/24 maxlen: 24
185.19.68.0/22 maxlen: 22
185.111.185.0/24 maxlen: 24
185.111.184.0/24 maxlen: 24
185.111.184.0/22 maxlen: 22
2a02:23a0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 295998091 (0x11a4928b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab54fe831b6a719f42e6c8486fd03b550be761fb
Validity
Not Before: Mar 27 19:20:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9d2ed01d8627db320a9a29585de2411964b7e832
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:e2:d5:17:32:8a:df:cd:b7:1f:73:65:7a:0f:
2f:82:c5:80:ea:02:67:04:43:75:ed:11:9b:e2:ed:
f2:17:fd:dc:9d:a9:9e:97:f6:a9:0c:ba:6e:85:f1:
06:db:5a:dd:77:87:bd:a2:21:c5:89:84:32:08:36:
f0:9b:c5:36:2d:61:ad:5c:b5:27:ea:c3:b4:35:b0:
91:a7:92:cf:59:9c:11:28:c5:da:a7:08:80:7e:f3:
c0:7b:b4:be:90:71:62:60:31:cc:6a:c3:07:22:32:
c1:cc:0e:d2:be:34:60:05:91:dc:af:8e:21:61:96:
4b:59:a1:53:e6:85:1b:e7:c4:dc:d0:36:0a:a6:21:
4f:33:af:76:bc:35:f0:3f:d6:f5:a6:58:7f:91:b3:
d6:7d:30:cf:0b:09:3e:72:ec:01:96:2c:23:06:45:
1d:ee:40:e9:e7:ff:77:04:f9:19:6e:78:46:de:36:
3a:0d:8d:b9:8a:bb:07:1a:6b:92:10:64:90:ec:ea:
d9:fb:29:97:79:fc:d1:7e:fd:75:54:d2:e8:d6:b6:
c1:8b:a3:f2:4f:1d:bb:ea:b3:f5:8e:e6:93:db:e1:
d5:a1:29:27:f9:e3:87:11:bc:51:d8:42:3d:62:9b:
ab:9b:ec:8d:5a:c8:9d:d4:a5:99:ff:e5:e4:bc:02:
e7:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:2E:D0:1D:86:27:DB:32:0A:9A:29:58:5D:E2:41:19:64:B7:E8:32
X509v3 Authority Key Identifier:
keyid:AB:54:FE:83:1B:6A:71:9F:42:E6:C8:48:6F:D0:3B:55:0B:E7:61:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q1T-gxtqcZ9C5shIb9A7VQvnYfs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/nS7QHYYn2zIKmilYXeJBGWS36DI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/q1T-gxtqcZ9C5shIb9A7VQvnYfs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.234.80.0-109.234.85.255
109.234.87.0/24
185.19.68.0/22
185.33.64.0/22
185.111.184.0/22
213.162.192.0/23
213.162.195.0-213.162.203.255
213.162.205.0-213.162.212.255
213.162.214.0-213.162.221.255
IPv6:
2a02:23a0::/32
Signature Algorithm: sha256WithRSAEncryption
96:3b:2e:d6:a4:05:e0:71:8e:9a:75:36:ff:0d:4b:f3:ca:ff:
f8:c0:07:6b:79:68:80:03:3c:08:51:bb:4c:fc:23:bf:0f:3a:
64:31:b9:a5:a2:8f:85:d9:c5:f6:c8:26:7b:df:23:01:fb:e1:
f9:07:5e:ee:42:7e:90:c5:68:2d:14:e3:1a:31:f2:16:84:18:
9f:0f:bf:37:ca:46:8d:ff:fe:c0:94:e9:ff:74:63:b6:c5:a1:
59:a9:f3:c5:06:c3:fb:f8:d1:5e:d9:ad:b8:0f:3e:f6:c7:fb:
df:b5:64:df:89:0d:50:1e:c9:80:e7:c4:1b:c5:c0:92:3d:e6:
6c:c5:14:31:6e:fa:44:0c:44:f9:20:ca:7f:bd:47:03:38:77:
db:99:5e:16:05:c8:2b:12:fe:6d:52:69:73:5a:33:00:db:c7:
13:77:d9:c2:d5:a1:b3:33:33:9e:2a:43:80:5e:09:a7:01:0f:
e7:c9:c5:f4:d3:fe:75:95:a7:fb:11:8a:8d:f4:56:6e:1c:d9:
d2:60:17:f5:b6:49:d3:70:c8:88:14:d5:5e:f9:bc:5c:53:bd:
d9:8c:bb:fb:b6:6d:96:5c:5b:bf:05:75:61:86:b3:82:f3:37:
9d:fc:89:cd:7f:2c:ef:4d:1d:2e:2a:22:63:04:de:8c:d9:05:
64:6a:ef:d1
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgIEEaSSizANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YjU0ZmU4MzFiNmE3MTlmNDJlNmM4NDg2ZmQwM2I1NTBiZTc2MWZiMB4XDTIyMDMy
NzE5MjAxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWQyZWQwMWQ4NjI3
ZGIzMjBhOWEyOTU4NWRlMjQxMTk2NGI3ZTgzMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIni1Rcyit/Ntx9zZXoPL4LFgOoCZwRDde0Rm+Lt8hf93J2p
npf2qQy6boXxBtta3XeHvaIhxYmEMgg28JvFNi1hrVy1J+rDtDWwkaeSz1mcESjF
2qcIgH7zwHu0vpBxYmAxzGrDByIywcwO0r40YAWR3K+OIWGWS1mhU+aFG+fE3NA2
CqYhTzOvdrw18D/W9aZYf5Gz1n0wzwsJPnLsAZYsIwZFHe5A6ef/dwT5GW54Rt42
Og2NuYq7BxprkhBkkOzq2fspl3n80X79dVTS6Na2wYuj8k8du+qz9Y7mk9vh1aEp
J/njhxG8UdhCPWKbq5vsjVrIndSlmf/l5LwC5yMCAwEAAaOCAmgwggJkMB0GA1Ud
DgQWBBSdLtAdhifbMgqaKVhd4kEZZLfoMjAfBgNVHSMEGDAWgBSrVP6DG2pxn0Lm
yEhv0DtVC+dh+zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ExVC1neHRxY1o5QzVzaEliOUE3VlF2bllmcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGEvNWVhYWE3LTMxMDctNDI2OC1hYWQ2LTZmZDk3ODkyMDViYS8x
L25TN1FIWVluMnpJS21pbFlYZUpCR1dTMzZESS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGEv
NWVhYWE3LTMxMDctNDI2OC1hYWQ2LTZmZDk3ODkyMDViYS8xL3ExVC1neHRxY1o5
QzVzaEliOUE3VlF2bllmcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB+
BggrBgEFBQcBBwEB/wRvMG0wXAQCAAEwVjAMAwQEbepQAwQBbepUAwQAbepXAwQC
uRNEAwQCuSFAAwQCuW+4AwQB1aLAMAwDBADVosMDBALVosgwDAMEANWizQMEANWi
1DAMAwQB1aLWAwQB1aLcMA0EAgACMAcDBQAqAiOgMA0GCSqGSIb3DQEBCwUAA4IB
AQCWOy7WpAXgcY6adTb/DUvzyv/4wAdreWiAAzwIUbtM/CO/DzpkMbmloo+F2cX2
yCZ73yMB++H5B17uQn6QxWgtFOMaMfIWhBifD783ykaN//7AlOn/dGO2xaFZqfPF
BsP7+NFe2a24Dz72x/vftWTfiQ1QHsmA58QbxcCSPeZsxRQxbvpEDET5IMp/vUcD
OHfbmV4WBcgrEv5tUmlzWjMA28cTd9nC1aGzMzOeKkOAXgmnAQ/nycX00/51laf7
EYqN9FZuHNnSYBf1tknTcMiIFNVe+bxcU73ZjLv7tm2WXFu/BXVhhrOC8zed/InN
fyzvTR0uKiJjBN6M2QVkau/R
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:33 2024 by rpki-client on console-ams.rpki-client.org