Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/YQE38ZvMWNsusKUEHATUGZwNrfA.roa
File: YQE38ZvMWNsusKUEHATUGZwNrfA.roa (raw, json)
Hash identifier: W68meAsHBS71yfeIcCqRDJyM9jo5+jCxDf4h0vrYp0E=
Subject key identifier: 61:01:37:F1:9B:CC:58:DB:2E:B0:A5:04:1C:04:D4:19:9C:0D:AD:F0
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 018A09CE3ADB5143C70DD16561A22B4284D8
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/YQE38ZvMWNsusKUEHATUGZwNrfA.roa
Signing time: Fri 18 Aug 2023 18:00:25 +0000
ROA not before: Fri 18 Aug 2023 18:00:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200598
IP address blocks: 194.149.76.0/22 maxlen: 24
128.0.60.0/22 maxlen: 24
188.215.12.0/22 maxlen: 24
79.110.184.0/22 maxlen: 24
121.127.48.0/20 maxlen: 24
173.214.200.0/22 maxlen: 24
66.9.96.0/20 maxlen: 24
91.210.80.0/22 maxlen: 24
50.20.224.0/20 maxlen: 24
204.15.4.0/22 maxlen: 24
69.72.72.0/22 maxlen: 24
162.250.216.0/22 maxlen: 24
95.215.144.0/22 maxlen: 24
31.187.92.0/22 maxlen: 24
217.144.108.0/22 maxlen: 24
198.145.112.0/22 maxlen: 24
141.193.108.0/22 maxlen: 24
134.199.80.0/20 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:09:ce:3a:db:51:43:c7:0d:d1:65:61:a2:2b:42:84:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Aug 18 18:00:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=610137f19bcc58db2eb0a5041c04d4199c0dadf0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:8f:91:87:b5:41:37:40:e3:90:c9:9e:07:b1:
13:55:1e:20:46:24:74:3b:b4:94:44:7e:75:6f:41:
d2:0b:74:42:79:80:9b:55:ee:0b:2a:7b:b0:94:c1:
2c:09:56:54:3d:6d:87:d0:53:87:b1:8b:f4:c0:ac:
15:bd:9c:d5:ec:72:69:10:18:35:82:74:23:b4:bd:
95:f4:db:6e:12:3c:a5:31:80:ac:60:96:c6:ba:d2:
0f:fc:06:b2:cd:81:ec:2e:30:f5:4d:52:5b:01:5e:
58:3c:3a:b4:ca:ff:9d:41:bc:3d:de:a9:83:65:81:
15:78:ef:6a:25:e0:ab:6d:69:ab:f4:4e:eb:54:a7:
65:02:31:c6:c0:e2:1f:63:6f:26:34:42:17:74:87:
9f:84:b3:2e:ff:58:11:e1:dc:21:d0:0c:d9:15:6d:
8f:23:e9:7d:b1:f9:ff:5a:fc:f5:94:b2:fb:a7:c1:
51:54:9e:2c:63:d8:e7:5f:7d:28:ce:22:29:b1:9a:
b4:7c:a8:e4:91:ef:3c:19:27:61:ea:91:b0:fd:eb:
7e:ef:42:15:b0:89:01:d3:1e:8a:b1:8c:11:19:7b:
1c:5d:6d:fa:5d:5d:4b:09:f0:22:1f:89:d8:a8:d8:
5f:4b:98:c5:18:20:37:66:2f:ca:98:5e:8b:59:33:
d0:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:01:37:F1:9B:CC:58:DB:2E:B0:A5:04:1C:04:D4:19:9C:0D:AD:F0
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/YQE38ZvMWNsusKUEHATUGZwNrfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.187.92.0/22
50.20.224.0/20
66.9.96.0/20
69.72.72.0/22
79.110.184.0/22
91.210.80.0/22
95.215.144.0/22
121.127.48.0/20
128.0.60.0/22
134.199.80.0/20
141.193.108.0/22
162.250.216.0/22
173.214.200.0/22
188.215.12.0/22
194.149.76.0/22
198.145.112.0/22
204.15.4.0/22
217.144.108.0/22
Signature Algorithm: sha256WithRSAEncryption
34:de:26:f0:9e:07:e1:4a:29:dc:0f:7b:bd:5e:e3:1a:7f:4e:
2f:59:09:35:03:61:73:3c:ba:51:b3:a7:20:37:b0:46:d4:bc:
43:12:53:16:4a:11:c7:12:d0:c5:72:35:3d:30:b1:53:ee:15:
30:5a:db:3e:07:3c:c3:8f:d5:2b:c9:63:1a:2a:73:0d:9a:39:
64:8b:bb:09:91:48:22:f7:f7:c6:d3:31:eb:e0:ea:97:5f:65:
42:86:2d:23:52:3f:0a:19:c3:f7:2b:8f:d6:b4:c6:9f:33:e1:
d9:39:10:5b:82:78:b7:d6:55:2e:fa:ee:4f:a3:00:bc:55:16:
71:f9:26:0f:b0:3b:cb:40:22:68:e1:eb:b8:18:32:c4:fc:43:
9a:7d:17:8e:8e:58:50:90:d3:06:5d:02:24:38:ac:54:6d:93:
69:34:15:26:a5:f7:d0:2f:14:01:76:9a:53:74:c3:f3:68:87:
d8:f4:64:b2:8d:85:c0:81:c3:b7:19:cc:a1:c0:01:be:61:6a:
74:0e:ef:8c:ab:c2:57:24:ad:9e:44:a0:da:26:3b:43:d5:b2:
3b:e1:01:0e:67:9a:a1:54:47:64:97:6b:ad:6c:66:a6:d5:30:
f7:52:51:fa:ba:1b:34:f1:88:09:9f:78:dc:a8:a7:ac:b8:bc:
39:c4:73:3c
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYoJzjrbUUPHDdFlYaIrQoTYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjMwODE4MTgwMDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTAxMzdmMTliY2M1OGRiMmViMGE1MDQxYzA0ZDQxOTljMGRhZGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk4+Rh7VBN0DjkMmeB7ETVR4gRiR0
O7SURH51b0HSC3RCeYCbVe4LKnuwlMEsCVZUPW2H0FOHsYv0wKwVvZzV7HJpEBg1
gnQjtL2V9NtuEjylMYCsYJbGutIP/AayzYHsLjD1TVJbAV5YPDq0yv+dQbw93qmD
ZYEVeO9qJeCrbWmr9E7rVKdlAjHGwOIfY28mNEIXdIefhLMu/1gR4dwh0AzZFW2P
I+l9sfn/Wvz1lLL7p8FRVJ4sY9jnX30oziIpsZq0fKjkke88GSdh6pGw/et+70IV
sIkB0x6KsYwRGXscXW36XV1LCfAiH4nYqNhfS5jFGCA3Zi/KmF6LWTPQNwIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFGEBN/GbzFjbLrClBBwE1BmcDa3wMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvWVFFMzhadk1XTnN1c0tVRUhBVFVHWndOcmZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAh+7XAME
BDIU4AMEBEIJYAMEAkVISAMEAk9uuAMEAlvSUAMEAl/XkAMEBHl/MAMEAoAAPAME
BIbHUAMEAo3BbAMEAqL62AMEAq3WyAMEArzXDAMEAsKVTAMEAsaRcAMEAswPBAME
AtmQbDANBgkqhkiG9w0BAQsFAAOCAQEANN4m8J4H4Uop3A97vV7jGn9OL1kJNQNh
czy6UbOnIDewRtS8QxJTFkoRxxLQxXI1PTCxU+4VMFrbPgc8w4/VK8ljGipzDZo5
ZIu7CZFIIvf3xtMx6+Dql19lQoYtI1I/ChnD9yuP1rTGnzPh2TkQW4J4t9ZVLvru
T6MAvFUWcfkmD7A7y0AiaOHruBgyxPxDmn0Xjo5YUJDTBl0CJDisVG2TaTQVJqX3
0C8UAXaaU3TD82iH2PRkso2FwIHDtxnMocABvmFqdA7vjKvCVyStnkSg2iY7Q9Wy
O+EBDmeaoVRHZJdrrWxmptUw91JR+robNPGICZ943KinrLi8OcRzPA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:58:20 2025 by rpki-client