Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/cc8bfa-2b13-4674-a984-a5fdb570fe9a/1/3ua9Eln7rvWb106SU5eX0j4Ewt8.roa
File: 3ua9Eln7rvWb106SU5eX0j4Ewt8.roa (raw, json)
Hash identifier: sWoQTKHs2jduqwVIPczr+at9u6rp1TyhGjzAG4byq6c=
Subject key identifier: DE:E6:BD:12:59:FB:AE:F5:9B:D7:4E:92:53:97:97:D2:3E:04:C2:DF
Certificate issuer: /CN=0620eadb2e1562b4e2e4f480772c36887a777f24
Certificate serial: 2FFA4413
Authority key identifier: 06:20:EA:DB:2E:15:62:B4:E2:E4:F4:80:77:2C:36:88:7A:77:7F:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BiDq2y4VYrTi5PSAdyw2iHp3fyQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/cc8bfa-2b13-4674-a984-a5fdb570fe9a/1/3ua9Eln7rvWb106SU5eX0j4Ewt8.roa
Signing time: Sat 01 Jan 2022 10:01:35 +0000
ROA not before: Sat 01 Jan 2022 10:01:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20649
IP address blocks: 80.93.212.0/24 maxlen: 24
80.93.210.0/24 maxlen: 24
80.93.211.0/24 maxlen: 24
80.93.208.0/24 maxlen: 24
80.93.209.0/24 maxlen: 24
80.93.213.0/24 maxlen: 24
80.93.219.0/24 maxlen: 24
80.93.217.0/24 maxlen: 24
80.93.218.0/24 maxlen: 24
80.93.215.0/24 maxlen: 24
80.93.216.0/24 maxlen: 24
80.93.214.0/24 maxlen: 24
80.93.222.0/24 maxlen: 24
80.93.223.0/24 maxlen: 24
80.93.221.0/24 maxlen: 24
37.122.138.0/24 maxlen: 24
37.122.139.0/24 maxlen: 24
37.122.136.0/24 maxlen: 24
37.122.137.0/24 maxlen: 24
37.122.143.0/24 maxlen: 24
37.122.142.0/24 maxlen: 24
37.122.141.0/24 maxlen: 24
78.111.98.0/24 maxlen: 24
78.111.96.0/24 maxlen: 24
78.111.97.0/24 maxlen: 24
78.111.105.0/24 maxlen: 24
78.111.103.0/24 maxlen: 24
78.111.104.0/24 maxlen: 24
78.111.101.0/24 maxlen: 24
78.111.102.0/24 maxlen: 24
78.111.100.0/24 maxlen: 24
78.111.99.0/24 maxlen: 24
78.111.110.0/24 maxlen: 24
78.111.111.0/24 maxlen: 24
78.111.108.0/24 maxlen: 24
78.111.109.0/24 maxlen: 24
78.111.106.0/24 maxlen: 24
78.111.107.0/24 maxlen: 24
217.195.192.0/24 maxlen: 24
217.195.198.0/24 maxlen: 24
217.195.196.0/24 maxlen: 24
217.195.193.0/24 maxlen: 24
217.195.194.0/24 maxlen: 24
217.195.206.0/24 maxlen: 24
217.195.204.0/24 maxlen: 24
217.195.205.0/24 maxlen: 24
217.195.203.0/24 maxlen: 24
217.195.200.0/24 maxlen: 24
217.195.201.0/24 maxlen: 24
217.195.207.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 804930579 (0x2ffa4413)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0620eadb2e1562b4e2e4f480772c36887a777f24
Validity
Not Before: Jan 1 10:01:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dee6bd1259fbaef59bd74e92539797d23e04c2df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:91:37:b6:5a:f1:d3:30:08:74:78:c7:26:4b:
22:d6:bc:a9:fb:e7:15:93:30:7f:39:7f:4e:9b:3e:
2c:f8:5c:a3:ce:c5:6e:38:ee:f3:d6:d0:b7:1b:a5:
7b:00:d8:83:3a:b2:32:04:d0:ae:e1:71:1f:42:da:
81:44:0c:30:10:33:02:e8:c6:38:ab:af:18:78:dc:
4d:1f:56:4d:2c:98:1d:d2:a8:64:fc:6b:2f:33:a2:
e4:d5:44:e7:42:aa:14:d9:51:7c:c8:82:24:0d:e2:
f8:36:fb:4b:a8:a8:94:1d:4d:32:f0:2b:09:3e:31:
b1:a2:35:5d:64:d4:6f:2a:8c:b3:44:41:20:be:60:
9b:d0:57:73:6e:4c:34:10:4b:4d:08:6e:a5:38:b2:
b3:75:41:98:2a:42:db:7c:1d:93:6c:5d:9d:b5:a8:
a8:2e:10:49:82:0c:75:2a:41:98:7b:43:36:14:9a:
2b:e9:3e:21:f2:79:b1:a1:86:ba:95:9e:32:f5:51:
eb:69:7b:02:4f:df:19:92:e3:d8:36:7c:77:21:b7:
be:95:b4:f7:6a:af:55:2a:61:fc:dc:84:60:33:cd:
3f:58:c4:2a:6b:64:cb:e7:ee:ab:9e:2a:30:91:9b:
e8:b7:66:7b:56:1b:53:6a:cc:4b:be:3f:d4:f1:ff:
60:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:E6:BD:12:59:FB:AE:F5:9B:D7:4E:92:53:97:97:D2:3E:04:C2:DF
X509v3 Authority Key Identifier:
keyid:06:20:EA:DB:2E:15:62:B4:E2:E4:F4:80:77:2C:36:88:7A:77:7F:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BiDq2y4VYrTi5PSAdyw2iHp3fyQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/cc8bfa-2b13-4674-a984-a5fdb570fe9a/1/3ua9Eln7rvWb106SU5eX0j4Ewt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/cc8bfa-2b13-4674-a984-a5fdb570fe9a/1/BiDq2y4VYrTi5PSAdyw2iHp3fyQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.122.136.0/22
37.122.141.0-37.122.143.255
78.111.96.0/20
80.93.208.0-80.93.219.255
80.93.221.0-80.93.223.255
217.195.192.0-217.195.194.255
217.195.196.0/24
217.195.198.0/24
217.195.200.0/23
217.195.203.0-217.195.207.255
Signature Algorithm: sha256WithRSAEncryption
bf:d7:3c:6c:0c:96:eb:65:70:9d:1d:14:4c:11:59:ae:7f:e5:
ae:95:1f:57:cc:63:1f:97:3f:dd:80:03:4a:16:2a:03:09:d6:
71:3d:c6:48:a3:da:d1:ce:e5:34:3e:b7:ac:c8:ea:0c:f7:de:
a3:9d:d5:7d:7e:e8:4d:50:e7:af:45:c5:16:07:42:d6:7a:32:
fe:fc:c8:5f:17:48:0a:ac:49:3f:48:7d:b1:2a:95:ef:eb:f5:
1b:2e:c3:3d:db:69:58:4e:8b:be:58:bd:ea:b7:33:0a:18:1c:
36:fb:93:14:b0:9d:2a:78:cc:a0:fa:a8:28:2a:d4:62:b3:14:
7d:7f:5e:ff:b9:cc:8b:f4:d7:7b:2e:2c:d1:eb:3f:c5:86:6c:
64:d1:80:5b:1c:df:60:e2:f2:1f:73:91:dd:82:cd:ad:de:c0:
0c:60:41:1d:fb:a4:37:05:0e:a2:ef:aa:b2:f8:11:9a:62:93:
21:9a:23:bc:a5:82:d5:5a:78:3b:24:68:a2:99:0d:14:19:e1:
8b:a4:ff:5c:54:0a:97:35:97:c7:c6:28:34:bd:7f:4b:d6:12:
f9:b2:3d:c1:e1:19:f4:9a:d9:e2:16:a5:d9:6d:bc:0f:53:f7:
78:fb:17:24:04:8f:6a:17:78:25:b3:f6:74:54:39:40:a6:2f:
c9:d4:45:4e
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgIEL/pEEzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NjIwZWFkYjJlMTU2MmI0ZTJlNGY0ODA3NzJjMzY4ODdhNzc3ZjI0MB4XDTIyMDEw
MTEwMDEzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGVlNmJkMTI1OWZi
YWVmNTliZDc0ZTkyNTM5Nzk3ZDIzZTA0YzJkZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANqRN7Za8dMwCHR4xyZLIta8qfvnFZMwfzl/Tps+LPhco87F
bjju89bQtxulewDYgzqyMgTQruFxH0LagUQMMBAzAujGOKuvGHjcTR9WTSyYHdKo
ZPxrLzOi5NVE50KqFNlRfMiCJA3i+Db7S6iolB1NMvArCT4xsaI1XWTUbyqMs0RB
IL5gm9BXc25MNBBLTQhupTiys3VBmCpC23wdk2xdnbWoqC4QSYIMdSpBmHtDNhSa
K+k+IfJ5saGGupWeMvVR62l7Ak/fGZLj2DZ8dyG3vpW092qvVSph/NyEYDPNP1jE
Kmtky+fuq54qMJGb6Ldme1YbU2rMS74/1PH/YIECAwEAAaOCAmcwggJjMB0GA1Ud
DgQWBBTe5r0SWfuu9ZvXTpJTl5fSPgTC3zAfBgNVHSMEGDAWgBQGIOrbLhVitOLk
9IB3LDaIend/JDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JpRHEyeTRWWXJUaTVQU0FkeXcyaUhwM2Z5US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDUvY2M4YmZhLTJiMTMtNDY3NC1hOTg0LWE1ZmRiNTcwZmU5YS8x
LzN1YTlFbG43cnZXYjEwNlNVNWVYMGo0RXd0OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDUv
Y2M4YmZhLTJiMTMtNDY3NC1hOTg0LWE1ZmRiNTcwZmU5YS8xL0JpRHEyeTRWWXJU
aTVQU0FkeXcyaUhwM2Z5US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB9
BggrBgEFBQcBBwEB/wRuMGwwagQCAAEwZAMEAiV6iDAMAwQAJXqNAwQEJXqAAwQE
Tm9gMAwDBARQXdADBAJQXdgwDAMEAFBd3QMEBVBdwDAMAwQG2cPAAwQA2cPCAwQA
2cPEAwQA2cPGAwQB2cPIMAwDBADZw8sDBATZw8AwDQYJKoZIhvcNAQELBQADggEB
AL/XPGwMlutlcJ0dFEwRWa5/5a6VH1fMYx+XP92AA0oWKgMJ1nE9xkij2tHO5TQ+
t6zI6gz33qOd1X1+6E1Q569FxRYHQtZ6Mv78yF8XSAqsST9IfbEqle/r9Rsuwz3b
aVhOi75Yveq3MwoYHDb7kxSwnSp4zKD6qCgq1GKzFH1/Xv+5zIv013suLNHrP8WG
bGTRgFsc32Di8h9zkd2Cza3ewAxgQR37pDcFDqLvqrL4EZpikyGaI7ylgtVaeDsk
aKKZDRQZ4Yuk/1xUCpc1l8fGKDS9f0vWEvmyPcHhGfSa2eIWpdltvA9T93j7FyQE
j2oXeCWz9nRUOUCmL8nURU4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:29 2024 by rpki-client on console-fra.rpki-client.org