Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/_SusR9RJrKh8JoZc4ZVAFaRnhjE.roa
File: _SusR9RJrKh8JoZc4ZVAFaRnhjE.roa (raw, json)
Hash identifier: XEFM7LzVKlKiz8PUdaOEu24It4Wom9gLccFDrjQYc7A=
Subject key identifier: FD:2B:AC:47:D4:49:AC:A8:7C:26:86:5C:E1:95:40:15:A4:67:86:31
Certificate issuer: /CN=a4e7205f5d41257a6bb95f900eec0a1123e75164
Certificate serial: 372D575D
Authority key identifier: A4:E7:20:5F:5D:41:25:7A:6B:B9:5F:90:0E:EC:0A:11:23:E7:51:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pOcgX11BJXpruV-QDuwKESPnUWQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/_SusR9RJrKh8JoZc4ZVAFaRnhjE.roa
Signing time: Sat 01 Jan 2022 07:54:30 +0000
ROA not before: Sat 01 Jan 2022 07:54:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48854
IP address blocks: 185.134.28.0/22 maxlen: 22
195.178.14.0/23 maxlen: 23
185.21.40.0/22 maxlen: 22
212.97.132.0/22 maxlen: 22
212.97.140.0/22 maxlen: 22
94.143.8.0/21 maxlen: 21
93.191.152.0/21 maxlen: 21
93.191.152.0/22 maxlen: 22
217.61.236.0/22 maxlen: 22
93.191.156.0/24 maxlen: 24
93.191.158.0/24 maxlen: 24
93.191.157.0/24 maxlen: 24
89.188.72.0/21 maxlen: 21
185.25.141.0/24 maxlen: 24
94.231.96.0/20 maxlen: 20
94.231.103.0/24 maxlen: 24
195.128.174.0/23 maxlen: 23
185.223.24.0/22 maxlen: 22
185.221.36.0/22 maxlen: 22
212.237.248.0/23 maxlen: 23
194.150.112.0/22 maxlen: 22
185.20.204.0/22 maxlen: 22
185.20.206.0/23 maxlen: 23
2a06:eac0::/29 maxlen: 48
2a02:2338::/32 maxlen: 48
2a02:2339:4000::/34 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 925718365 (0x372d575d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4e7205f5d41257a6bb95f900eec0a1123e75164
Validity
Not Before: Jan 1 07:54:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fd2bac47d449aca87c26865ce1954015a4678631
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a2:91:11:95:76:9a:ca:7b:f5:f6:a3:8b:d5:
5c:d9:9e:64:7f:e6:f0:d8:c6:eb:51:da:4f:66:a4:
14:f7:95:06:ea:ad:62:00:60:bd:e4:36:26:c2:86:
bf:d8:b6:b3:e6:3a:c3:ce:e1:77:95:55:d4:7f:8c:
3c:bd:3c:b8:4e:4a:b8:67:53:c6:55:07:b7:ef:16:
6a:03:c9:14:1a:55:49:1a:ba:47:01:ba:40:0b:62:
af:9a:02:a9:5d:ff:11:b9:4d:c3:b2:3c:dd:59:e7:
a1:45:2c:79:30:4e:b6:aa:95:f6:38:9c:18:da:64:
a6:1b:25:38:da:e3:58:90:26:09:b9:82:0a:a3:91:
5e:59:1f:fd:12:37:83:4f:ef:59:4e:36:ad:3b:ca:
07:de:66:8f:99:bb:7c:60:58:25:a7:53:d9:ba:7f:
a6:e6:e6:25:1b:73:49:f6:61:fe:9b:5b:cb:c2:ad:
9b:10:c4:b9:4e:62:c7:83:80:ac:11:8a:a4:38:8e:
4d:42:34:61:83:59:1f:af:e6:f6:58:2f:24:ee:16:
db:5b:04:57:4f:94:bc:04:ba:52:88:66:2e:56:f9:
a5:fe:6c:c1:b7:ce:8f:c9:ef:12:c3:e6:ca:66:49:
e2:4e:1d:50:49:aa:03:46:93:20:11:89:35:bb:52:
37:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:2B:AC:47:D4:49:AC:A8:7C:26:86:5C:E1:95:40:15:A4:67:86:31
X509v3 Authority Key Identifier:
keyid:A4:E7:20:5F:5D:41:25:7A:6B:B9:5F:90:0E:EC:0A:11:23:E7:51:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pOcgX11BJXpruV-QDuwKESPnUWQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/_SusR9RJrKh8JoZc4ZVAFaRnhjE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/pOcgX11BJXpruV-QDuwKESPnUWQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.188.72.0/21
93.191.152.0/21
94.143.8.0/21
94.231.96.0/20
185.20.204.0/22
185.21.40.0/22
185.25.141.0/24
185.134.28.0/22
185.221.36.0/22
185.223.24.0/22
194.150.112.0/22
195.128.174.0/23
195.178.14.0/23
212.97.132.0/22
212.97.140.0/22
212.237.248.0/23
217.61.236.0/22
IPv6:
2a02:2338::/32
2a02:2339:4000::/34
2a06:eac0::/29
Signature Algorithm: sha256WithRSAEncryption
7c:1f:63:01:5d:63:76:c7:ff:4f:2a:fd:3e:2e:af:b8:0c:00:
37:a8:59:8c:ea:ce:32:57:25:a9:fd:8e:54:40:9d:af:b5:f4:
b2:12:57:92:ec:13:19:80:fb:5c:05:ef:af:2b:48:31:c0:c3:
e8:1b:28:b1:79:d6:ce:0b:c6:52:df:dd:9a:7e:40:f2:ea:9d:
fe:75:51:fa:1a:60:0d:57:d6:e8:ad:45:d6:48:98:b3:25:ff:
02:18:50:8d:bb:7a:d6:6f:84:dd:0d:9a:f1:40:e0:20:e3:e8:
b3:23:d1:90:92:0f:fe:e0:5e:91:ac:ee:f2:9f:28:b4:f9:ad:
d2:83:64:f4:98:5a:55:c8:ab:f1:92:2b:7e:a3:d6:59:38:88:
2e:0e:d9:3c:ce:ed:f0:32:d1:8c:70:86:f2:d8:a6:0e:75:b4:
8c:c8:99:d2:e1:b1:d0:12:3a:67:e1:63:c9:5a:d3:9c:59:5c:
4e:4f:2d:70:74:f7:14:c3:b1:e6:85:44:db:27:94:c5:88:53:
d6:0b:7d:11:e2:2e:2a:98:b0:c2:a7:4c:97:af:34:c0:23:4f:
3a:2b:0a:6a:98:c2:bc:c2:e9:49:75:1e:53:03:ab:85:61:3d:
5c:75:1d:47:bb:f6:63:ee:e1:49:4f:a0:1f:ca:57:50:1a:3e:
a6:98:d7:b4
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIENy1XXTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NGU3MjA1ZjVkNDEyNTdhNmJiOTVmOTAwZWVjMGExMTIzZTc1MTY0MB4XDTIyMDEw
MTA3NTQzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmQyYmFjNDdkNDQ5
YWNhODdjMjY4NjVjZTE5NTQwMTVhNDY3ODYzMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMaikRGVdprKe/X2o4vVXNmeZH/m8NjG61HaT2akFPeVBuqt
YgBgveQ2JsKGv9i2s+Y6w87hd5VV1H+MPL08uE5KuGdTxlUHt+8WagPJFBpVSRq6
RwG6QAtir5oCqV3/EblNw7I83VnnoUUseTBOtqqV9jicGNpkphslONrjWJAmCbmC
CqORXlkf/RI3g0/vWU42rTvKB95mj5m7fGBYJadT2bp/pubmJRtzSfZh/ptby8Kt
mxDEuU5ix4OArBGKpDiOTUI0YYNZH6/m9lgvJO4W21sEV0+UvAS6UohmLlb5pf5s
wbfOj8nvEsPmymZJ4k4dUEmqA0aTIBGJNbtSN30CAwEAAaOCAoowggKGMB0GA1Ud
DgQWBBT9K6xH1EmsqHwmhlzhlUAVpGeGMTAfBgNVHSMEGDAWgBSk5yBfXUElemu5
X5AO7AoRI+dRZDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BPY2dYMTFCSlhwcnVWLVFEdXdLRVNQblVXUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGMvZjc2MWJkLTVjM2EtNGQyZi04Y2Q5LTNlNTljZTQ0NWIxYy8x
L19TdXNSOVJKcktoOEpvWmM0WlZBRmFSbmhqRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGMv
Zjc2MWJkLTVjM2EtNGQyZi04Y2Q5LTNlNTljZTQ0NWIxYy8xL3BPY2dYMTFCSlhw
cnVWLVFEdXdLRVNQblVXUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
nwYIKwYBBQUHAQcBAf8EgY8wgYwwbAQCAAEwZgMEA1m8SAMEA12/mAMEA16PCAME
BF7nYAMEArkUzAMEArkVKAMEALkZjQMEArmGHAMEArndJAMEArnfGAMEAsKWcAME
AcOArgMEAcOyDgMEAtRhhAMEAtRhjAMEAdTt+AMEAtk97DAcBAIAAjAWAwUAKgIj
OAMGBioCIzlAAwUDKgbqwDANBgkqhkiG9w0BAQsFAAOCAQEAfB9jAV1jdsf/Tyr9
Pi6vuAwAN6hZjOrOMlclqf2OVECdr7X0shJXkuwTGYD7XAXvrytIMcDD6BsosXnW
zgvGUt/dmn5A8uqd/nVR+hpgDVfW6K1F1kiYsyX/AhhQjbt61m+E3Q2a8UDgIOPo
syPRkJIP/uBekazu8p8otPmt0oNk9JhaVcir8ZIrfqPWWTiILg7ZPM7t8DLRjHCG
8timDnW0jMiZ0uGx0BI6Z+FjyVrTnFlcTk8tcHT3FMOx5oVE2yeUxYhT1gt9EeIu
KpiwwqdMl680wCNPOisKapjCvMLpSXUeUwOrhWE9XHUdR7v2Y+7hSU+gH8pXUBo+
ppjXtA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:23 2024 by rpki-client on console-fra.rpki-client.org