Route Origin Authorization
$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c/00332626-3e5a-31ac-850a-9b11796c4ef8.roa
File: 00332626-3e5a-31ac-850a-9b11796c4ef8.roa (raw, json)
Hash identifier: njbj/qn75mUM8JH+VFmrZemlJOS2ahqZsE4MYwLHt6o=
Subject key identifier: E0:3F:1C:03:49:69:C7:F9:8B:B8:89:28:26:41:37:10:AB:66:B0:E6
Certificate issuer: /CN=6876d5a8-5dd6-440a-97e2-5e20b9e00f5c
Certificate serial: 010D0C9F432858467F4F659CB4840617645C6E80
Authority key identifier: A1:27:6E:C4:CF:90:E9:A7:8A:38:DD:8C:B9:B8:D1:1C:F0:17:9A:B3
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c.cer
Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c/00332626-3e5a-31ac-850a-9b11796c4ef8.roa
Signing time: Thu 11 Jul 2024 01:00:26 +0000
ROA not before: Thu 11 Jul 2024 01:00:26 +0000
ROA not after: Wed 09 Oct 2024 01:00:26 +0000
asID: 30092
IP address blocks: 66.63.179.0/24 maxlen: 24
66.212.18.0/24 maxlen: 24
66.212.21.0/24 maxlen: 24
72.11.154.0/24 maxlen: 24
104.129.54.0/24 maxlen: 24
104.223.25.0/24 maxlen: 24
104.223.27.0/24 maxlen: 24
104.223.65.0/24 maxlen: 24
104.223.75.0/24 maxlen: 24
104.223.78.0/24 maxlen: 24
104.223.117.0/24 maxlen: 24
104.223.122.0/24 maxlen: 24
104.223.126.0/24 maxlen: 24
107.150.3.0/24 maxlen: 24
155.94.149.0/24 maxlen: 24
155.94.195.0/24 maxlen: 24
155.94.221.0/24 maxlen: 24
155.94.225.0/24 maxlen: 24
162.220.15.0/24 maxlen: 24
162.245.186.0/24 maxlen: 24
167.160.184.0/24 maxlen: 24
173.44.62.0/24 maxlen: 24
173.254.217.0/24 maxlen: 24
173.254.220.0/24 maxlen: 24
204.44.70.0/24 maxlen: 24
204.44.76.0/24 maxlen: 24
204.44.87.0/24 maxlen: 24
204.44.101.0/24 maxlen: 24
204.44.104.0/24 maxlen: 24
204.44.110.0/24 maxlen: 24
204.44.123.0/24 maxlen: 24
209.54.110.0/24 maxlen: 24
216.144.229.0/24 maxlen: 24
216.144.233.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:0d:0c:9f:43:28:58:46:7f:4f:65:9c:b4:84:06:17:64:5c:6e:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6876d5a8-5dd6-440a-97e2-5e20b9e00f5c
Validity
Not Before: Jul 11 01:00:26 2024 GMT
Not After : Oct 9 01:00:26 2024 GMT
Subject: CN=9ec445e2-ab19-4676-9a4d-f1928e8ed11a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:96:49:93:06:b2:6c:d6:36:77:7e:42:cf:60:
5c:8d:88:04:fb:4b:97:af:fc:00:9f:f2:55:44:3b:
bc:89:c1:ab:8d:28:0d:52:de:a6:c7:72:cb:de:be:
1d:3b:f4:1d:8f:4e:20:dc:7a:8a:c4:c4:8f:49:e9:
91:1d:36:7e:8a:45:3d:71:29:65:78:5f:eb:bd:30:
ad:0b:85:4d:ca:3b:2b:fc:92:b6:46:f9:9c:7f:d2:
35:21:ee:3f:25:41:2b:dc:0c:8e:4b:8f:04:b0:b7:
2b:5b:8c:e7:75:9e:82:39:42:be:d4:29:11:2d:27:
f3:51:e0:70:5f:53:1e:47:0b:de:04:bd:40:c5:6f:
03:ab:9b:af:52:67:2a:48:b3:ab:52:1a:ad:74:7d:
c0:ff:27:71:03:d2:63:d5:18:08:e3:64:43:75:1e:
18:18:72:b3:b6:8f:5e:56:bb:54:eb:e7:26:6a:cf:
e0:94:ff:ce:4a:b6:84:4f:c0:6c:af:a1:bb:2d:4e:
23:60:cb:81:46:02:ee:0c:71:bf:b2:3d:61:15:02:
dc:97:5a:f8:b9:75:56:c9:6d:83:c8:74:ba:cb:0f:
5a:91:31:1d:33:54:96:3d:ab:e8:8b:ab:5c:9a:32:
1c:b1:39:ad:d2:b6:fe:69:50:1f:fb:a6:47:85:07:
e4:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:3F:1C:03:49:69:C7:F9:8B:B8:89:28:26:41:37:10:AB:66:B0:E6
Subject Information Access:
Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c/00332626-3e5a-31ac-850a-9b11796c4ef8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c.crl
X509v3 Authority Key Identifier:
keyid:A1:27:6E:C4:CF:90:E9:A7:8A:38:DD:8C:B9:B8:D1:1C:F0:17:9A:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c.cer
sbgp-ipAddrBlock: critical
IPv4:
66.63.179.0/24
66.212.18.0/24
66.212.21.0/24
72.11.154.0/24
104.129.54.0/24
104.223.25.0/24
104.223.27.0/24
104.223.65.0/24
104.223.75.0/24
104.223.78.0/24
104.223.117.0/24
104.223.122.0/24
104.223.126.0/24
107.150.3.0/24
155.94.149.0/24
155.94.195.0/24
155.94.221.0/24
155.94.225.0/24
162.220.15.0/24
162.245.186.0/24
167.160.184.0/24
173.44.62.0/24
173.254.217.0/24
173.254.220.0/24
204.44.70.0/24
204.44.76.0/24
204.44.87.0/24
204.44.101.0/24
204.44.104.0/24
204.44.110.0/24
204.44.123.0/24
209.54.110.0/24
216.144.229.0/24
216.144.233.0/24
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.arin.net/resources/rpki/cps.html
Signature Algorithm: sha256WithRSAEncryption
61:c4:9d:db:d1:4c:54:82:b7:b2:15:b6:a5:a3:c3:9c:8d:98:
05:02:91:5e:b8:7c:34:11:9c:86:d5:cc:7b:19:38:f7:ab:54:
0c:07:a6:35:e0:5c:bc:e8:14:cb:ef:0b:e6:34:d8:fe:f1:e5:
0b:33:b7:b8:85:80:f9:3d:bc:07:f6:86:15:26:49:ce:9d:3e:
8e:e3:f7:fc:f6:01:66:6d:f6:a2:3c:6e:91:0d:66:e8:56:74:
03:da:fb:0d:a3:9e:03:cd:bb:a1:8a:79:fb:e9:7d:75:cf:6b:
40:b3:c4:58:d4:5f:14:70:b6:04:2d:eb:4a:a6:5f:1e:1e:ea:
1a:4d:bf:90:7e:f1:87:46:85:a3:04:67:06:49:da:bf:be:42:
ff:e0:a1:d6:75:41:91:ee:11:10:98:03:f4:be:ff:ed:da:fc:
e2:01:ae:74:49:e4:38:15:19:9e:5d:9b:a3:5a:44:7d:d8:4f:
38:19:f3:b5:4d:a5:21:cf:77:fa:9a:09:f6:b1:61:93:ad:d6:
2a:05:21:31:bd:7b:33:23:09:dd:28:3f:cb:12:36:37:b0:a0:
54:b9:29:52:54:74:0c:02:e1:6f:4d:f8:90:d2:a1:15:31:b6:
f3:db:c0:9f:49:d5:c8:37:5f:f2:7c:2a:61:bf:14:79:a6:70:
66:cc:13:9f
-----BEGIN CERTIFICATE-----
MIIHDjCCBfagAwIBAgIUAQ0Mn0MoWEZ/T2WctIQGF2RcboAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNjg3NmQ1YTgtNWRkNi00NDBhLTk3ZTItNWUyMGI5ZTAw
ZjVjMB4XDTI0MDcxMTAxMDAyNloXDTI0MTAwOTAxMDAyNlowLzEtMCsGA1UEAxMk
OWVjNDQ1ZTItYWIxOS00Njc2LTlhNGQtZjE5MjhlOGVkMTFhMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi5ZJkwaybNY2d35Cz2BcjYgE+0uXr/wAn/JV
RDu8icGrjSgNUt6mx3LL3r4dO/Qdj04g3HqKxMSPSemRHTZ+ikU9cSlleF/rvTCt
C4VNyjsr/JK2Rvmcf9I1Ie4/JUEr3AyOS48EsLcrW4zndZ6COUK+1CkRLSfzUeBw
X1MeRwveBL1AxW8Dq5uvUmcqSLOrUhqtdH3A/ydxA9Jj1RgI42RDdR4YGHKzto9e
VrtU6+cmas/glP/OSraET8Bsr6G7LU4jYMuBRgLuDHG/sj1hFQLcl1r4uXVWyW2D
yHS6yw9akTEdM1SWPavoi6tcmjIcsTmt0rb+aVAf+6ZHhQfkeQIDAQABo4IEIDCC
BBwwHQYDVR0OBBYEFOA/HANJacf5i7iJKCZBNxCrZrDmMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc2ZmUxMWQ0LWQzNTItNDk5NC04ZjZjLWQ2YzkxYjBiODQxNS82ODc2
ZDVhOC01ZGQ2LTQ0MGEtOTdlMi01ZTIwYjllMDBmNWMvMDAzMzI2MjYtM2U1YS0z
MWFjLTg1MGEtOWIxMTc5NmM0ZWY4LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NmZlMTFkNC1k
MzUyLTQ5OTQtOGY2Yy1kNmM5MWIwYjg0MTUvNjg3NmQ1YTgtNWRkNi00NDBhLTk3
ZTItNWUyMGI5ZTAwZjVjLzY4NzZkNWE4LTVkZDYtNDQwYS05N2UyLTVlMjBiOWUw
MGY1Yy5jcmwwHwYDVR0jBBgwFoAUoSduxM+Q6aeKON2MubjRHPAXmrMwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc2ZmUxMWQ0LWQzNTItNDk5
NC04ZjZjLWQ2YzkxYjBiODQxNS82ODc2ZDVhOC01ZGQ2LTQ0MGEtOTdlMi01ZTIw
YjllMDBmNWMuY2VyMIHpBggrBgEFBQcBBwEB/wSB2TCB1jCB0wQCAAEwgcwDBABC
P7MDBABC1BIDBABC1BUDBABIC5oDBABogTYDBABo3xkDBABo3xsDBABo30EDBABo
30sDBABo304DBABo33UDBABo33oDBABo334DBABrlgMDBACbXpUDBACbXsMDBACb
Xt0DBACbXuEDBACi3A8DBACi9boDBACnoLgDBACtLD4DBACt/tkDBACt/twDBADM
LEYDBADMLEwDBADMLFcDBADMLGUDBADMLGgDBADMLG4DBADMLHsDBADRNm4DBADY
kOUDBADYkOkwVAYDVR0gAQH/BEowSDBGBggrBgEFBQcOAjA6MDgGCCsGAQUFBwIB
FixodHRwczovL3d3dy5hcmluLm5ldC9yZXNvdXJjZXMvcnBraS9jcHMuaHRtbDAN
BgkqhkiG9w0BAQsFAAOCAQEAYcSd29FMVIK3shW2paPDnI2YBQKRXrh8NBGchtXM
exk496tUDAemNeBcvOgUy+8L5jTY/vHlCzO3uIWA+T28B/aGFSZJzp0+juP3/PYB
Zm32ojxukQ1m6FZ0A9r7DaOeA827oYp5++l9dc9rQLPEWNRfFHC2BC3rSqZfHh7q
Gk2/kH7xh0aFowRnBknav75C/+Ch1nVBke4REJgD9L7/7dr84gGudEnkOBUZnl2b
o1pEfdhPOBnztU2lIc93+poJ9rFhk63WKgUhMb17MyMJ3Sg/yxI2N7CgVLkpUlR0
DALhb034kNKhFTG289vAn0nVyDdf8nwqYb8UeaZwZswTnw==
-----END CERTIFICATE-----
Generated at Mon Sep 9 14:25:13 2024 by rpki-client on console-fra.rpki-client.org