Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/9Fvv5eQl6ug8oWOkvgVeAx6ElZA.roa
File: 9Fvv5eQl6ug8oWOkvgVeAx6ElZA.roa (raw, json)
Hash identifier: QGnK+JpBW6GhlJbgvw72AD24OWp+SlqQ8c9TBQkgyPs=
Subject key identifier: F4:5B:EF:E5:E4:25:EA:E8:3C:A1:63:A4:BE:05:5E:03:1E:84:95:90
Certificate issuer: /CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Certificate serial: 01840E7CD37D3E8FF0D67B9CEB8B670EFADB
Authority key identifier: 35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/9Fvv5eQl6ug8oWOkvgVeAx6ElZA.roa
Signing time: Tue 25 Oct 2022 09:32:52 +0000
ROA not before: Tue 25 Oct 2022 09:32:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47223
IP address blocks: 94.240.52.0/22 maxlen: 22
94.240.63.0/24 maxlen: 24
212.7.223.0/24 maxlen: 24
91.106.30.0/23 maxlen: 23
94.240.0.0/19 maxlen: 19
91.106.26.0/23 maxlen: 23
185.139.16.0/22 maxlen: 22
94.240.32.0/21 maxlen: 21
94.240.40.0/24 maxlen: 24
94.240.42.0/24 maxlen: 24
94.240.44.0/22 maxlen: 22
94.240.46.0/24 maxlen: 24
94.240.48.0/22 maxlen: 22
94.240.48.0/24 maxlen: 24
94.240.48.0/21 maxlen: 21
91.106.24.0/23 maxlen: 23
194.152.46.0/23 maxlen: 23
2a01:6e80::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0e:7c:d3:7d:3e:8f:f0:d6:7b:9c:eb:8b:67:0e:fa:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Validity
Not Before: Oct 25 09:32:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f45befe5e425eae83ca163a4be055e031e849590
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:a0:cc:a7:34:bb:85:bd:ff:80:1e:40:1a:d7:
2b:01:93:3d:21:ed:ae:09:68:93:ef:c3:a9:b9:49:
68:96:0c:1c:6c:4a:88:66:46:25:92:45:00:14:91:
98:ee:50:6b:72:19:79:61:3a:bc:f9:e6:cd:27:ba:
fa:e0:bd:a4:21:2e:0d:b4:17:33:be:68:7a:87:ff:
a0:cb:5e:47:a6:f4:12:51:82:d3:7d:43:ba:76:10:
1c:c8:8c:cb:7d:de:25:79:bd:ef:32:03:f5:ae:ce:
2d:cf:58:8f:1f:44:79:34:c7:4b:b3:f7:d8:77:61:
35:ec:d7:5f:d8:9a:4b:7d:88:76:a4:24:10:f4:de:
9c:c0:2d:fb:cc:06:be:f2:fa:01:a4:eb:43:b0:4a:
e8:33:c8:d4:47:f0:33:10:0c:1c:04:b4:47:0a:1c:
4d:c5:a6:c5:1d:db:0e:d8:7f:c2:f8:3e:b2:e6:6b:
aa:a5:72:4e:05:43:f4:ba:4a:63:35:a9:14:f7:5f:
b8:ea:32:b2:f8:71:df:1c:a7:03:ec:74:ac:4a:18:
c2:17:73:f7:d8:6a:95:44:da:ec:43:ea:d0:f7:ab:
24:21:7e:f6:e7:8c:bd:7d:f9:b8:6c:d1:f8:d1:f2:
c7:c8:9f:49:ad:70:57:67:c7:34:3d:70:c1:cc:d4:
32:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:5B:EF:E5:E4:25:EA:E8:3C:A1:63:A4:BE:05:5E:03:1E:84:95:90
X509v3 Authority Key Identifier:
keyid:35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/9Fvv5eQl6ug8oWOkvgVeAx6ElZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.106.24.0/22
91.106.30.0/23
94.240.0.0-94.240.40.255
94.240.42.0/24
94.240.44.0-94.240.55.255
94.240.63.0/24
185.139.16.0/22
194.152.46.0/23
212.7.223.0/24
IPv6:
2a01:6e80::/32
Signature Algorithm: sha256WithRSAEncryption
3b:9f:dc:d1:e0:d7:f8:47:8a:31:c9:9c:0d:db:6a:6d:74:a3:
69:46:85:58:c2:19:b7:fe:49:54:c0:9b:0d:37:3a:66:ed:16:
9b:62:48:40:ab:8e:24:6a:84:40:b6:c5:4c:7c:21:45:59:b5:
c1:95:15:f7:7e:26:6a:91:83:df:2f:64:46:b4:18:6c:ff:ae:
50:01:9e:84:2a:8b:f4:bf:02:30:a6:fb:29:e6:92:c8:99:ff:
59:62:9a:6d:66:09:dd:fc:7a:dd:45:0e:4e:ec:53:93:de:1e:
62:7c:b3:ee:46:9b:3d:0a:cc:64:3b:af:ca:fd:de:ba:f9:06:
8c:fa:5a:82:eb:6f:bc:c0:74:15:f5:b5:40:8a:5f:2f:4a:6d:
8c:ba:65:21:6f:ac:d5:af:46:d1:ae:7f:8d:e7:d1:63:43:0d:
31:00:60:43:ff:44:1f:2a:6a:68:c2:7d:51:2a:41:20:4e:91:
00:49:4b:35:dd:ac:4b:ab:7f:b5:41:8f:9e:18:d1:57:f9:f1:
4c:ee:b8:b7:e4:eb:26:51:4d:a8:ac:e5:da:b7:d6:ab:3a:f0:
2c:3f:d9:0f:e2:82:bd:cd:3e:72:05:9c:06:a0:77:d8:dd:4a:
75:01:2d:c4:98:de:74:a0:18:b8:77:37:0c:09:a3:cd:74:32:
3a:b6:38:2a
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYQOfNN9Po/w1nuc64tnDvrbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MWEyZmQ2ZjVlNWFmODdkNWNlYTA5NTA2NmZiY2MzZDNl
NTQ2YTQwHhcNMjIxMDI1MDkzMjUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDViZWZlNWU0MjVlYWU4M2NhMTYzYTRiZTA1NWUwMzFlODQ5NTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKDMpzS7hb3/gB5AGtcrAZM9Ie2u
CWiT78OpuUlolgwcbEqIZkYlkkUAFJGY7lBrchl5YTq8+ebNJ7r64L2kIS4NtBcz
vmh6h/+gy15HpvQSUYLTfUO6dhAcyIzLfd4leb3vMgP1rs4tz1iPH0R5NMdLs/fY
d2E17Ndf2JpLfYh2pCQQ9N6cwC37zAa+8voBpOtDsEroM8jUR/AzEAwcBLRHChxN
xabFHdsO2H/C+D6y5muqpXJOBUP0ukpjNakU91+46jKy+HHfHKcD7HSsShjCF3P3
2GqVRNrsQ+rQ96skIX7254y9ffm4bNH40fLHyJ9JrXBXZ8c0PXDBzNQyAwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFPRb7+XkJeroPKFjpL4FXgMehJWQMB8GA1UdIwQY
MBaAFDUaL9b15a+H1c6glQZvvMPT5UakMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODIt
MjMwNDllNGQyZjEyLzEvOUZ2djVlUWw2dWc4b1dPa3ZnVmVBeDZFbFpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODItMjMwNDllNGQyZjEy
LzEvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBLBAIAATBFAwQCW2oYAwQB
W2oeMAsDAwRe8AMEAF7wKAMEAF7wKjAMAwQCXvAsAwQDXvAwAwQAXvA/AwQCuYsQ
AwQBwpguAwQA1AffMA0EAgACMAcDBQAqAW6AMA0GCSqGSIb3DQEBCwUAA4IBAQA7
n9zR4Nf4R4oxyZwN22ptdKNpRoVYwhm3/klUwJsNNzpm7RabYkhAq44kaoRAtsVM
fCFFWbXBlRX3fiZqkYPfL2RGtBhs/65QAZ6EKov0vwIwpvsp5pLImf9ZYpptZgnd
/HrdRQ5O7FOT3h5ifLPuRps9CsxkO6/K/d66+QaM+lqC62+8wHQV9bVAil8vSm2M
umUhb6zVr0bRrn+N59FjQw0xAGBD/0QfKmpown1RKkEgTpEASUs13axLq3+1QY+e
GNFX+fFM7ri35OsmUU2orOXat9arOvAsP9kP4oK9zT5yBZwGoHfY3Up1AS3EmN50
oBi4dzcMCaPNdDI6tjgq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:12 2024 by rpki-client on console-ams.rpki-client.org