Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/F7ZM-QmAI4uMq2ZCzIpWAmLyXRw.roa
File: F7ZM-QmAI4uMq2ZCzIpWAmLyXRw.roa (raw, json)
Hash identifier: 03E78UI3ULouxbCZCqTfwqfL8NGWrA2tJv1xZ9ShXQA=
Subject key identifier: 17:B6:4C:F9:09:80:23:8B:8C:AB:66:42:CC:8A:56:02:62:F2:5D:1C
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0193EA10F563CCDC87842E39B000A1B6F6BB
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/F7ZM-QmAI4uMq2ZCzIpWAmLyXRw.roa
Signing time: Sat 21 Dec 2024 16:33:20 +0000
ROA not before: Sat 21 Dec 2024 16:33:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 26383
IP address blocks: 62.76.234.0/24 maxlen: 24
62.76.239.0/24 maxlen: 24
185.72.8.0/24 maxlen: 24
192.124.176.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
193.124.22.0/24 maxlen: 24
193.124.41.0/24 maxlen: 24
193.124.46.0/24 maxlen: 24
193.124.49.0/24 maxlen: 24
194.58.34.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
194.58.39.0/24 maxlen: 24
194.58.40.0/24 maxlen: 24
194.58.44.0/24 maxlen: 24
194.58.45.0/24 maxlen: 24
194.58.46.0/24 maxlen: 24
194.58.59.0/24 maxlen: 24
194.58.66.0/24 maxlen: 24
194.58.68.0/24 maxlen: 24
194.87.10.0/24 maxlen: 24
194.87.17.0/24 maxlen: 24
194.87.18.0/24 maxlen: 24
194.87.23.0/24 maxlen: 24
194.87.30.0/24 maxlen: 24
194.87.39.0/24 maxlen: 24
194.87.47.0/24 maxlen: 24
194.87.58.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
194.87.105.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
194.87.227.0/24 maxlen: 24
194.87.230.0/24 maxlen: 24
194.87.240.0/24 maxlen: 24
194.87.245.0/24 maxlen: 24
195.133.67.0/24 maxlen: 24
195.133.92.0/24 maxlen: 24
212.192.215.0/24 maxlen: 24
212.192.221.0/24 maxlen: 24
212.192.223.0/24 maxlen: 24
212.193.1.0/24 maxlen: 24
212.193.2.0/24 maxlen: 24
212.193.6.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ea:10:f5:63:cc:dc:87:84:2e:39:b0:00:a1:b6:f6:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 21 16:33:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=17b64cf90980238b8cab6642cc8a560262f25d1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:1f:43:35:48:84:1d:96:43:52:f1:ba:37:05:
7b:7e:dd:56:39:e9:57:13:54:57:fe:61:a0:75:b9:
45:f2:3b:6d:d4:f0:08:23:de:fd:d1:94:13:9d:6c:
92:d9:5c:64:52:5d:b6:51:d3:0d:2d:ce:d8:c0:37:
58:20:6f:25:12:93:ff:7e:25:c8:d0:6a:27:27:1c:
ec:d0:e8:24:d2:9e:cf:a1:eb:f3:e7:59:35:54:a8:
a5:39:fb:f8:6d:b7:3f:a3:9b:2d:1d:e2:97:43:4a:
99:54:83:c6:b7:c2:eb:07:62:bf:2f:4b:bb:4d:ce:
1e:54:ec:4c:a8:3a:bf:5b:e8:b9:c6:f7:3e:d6:44:
5c:8f:76:16:c7:29:a6:cf:6c:c5:ad:9e:b7:a5:ba:
88:f5:eb:1d:3a:93:5f:a7:3b:79:34:a1:cd:eb:1d:
92:72:03:bc:b6:55:e4:5a:dc:3d:43:c1:58:de:22:
0d:f0:de:37:8e:55:58:b4:30:68:81:9b:58:85:8a:
53:aa:ba:95:90:99:1f:43:2b:d3:81:1f:f3:79:23:
a8:7a:78:8a:d9:95:9e:b3:95:72:67:90:8a:fd:7b:
73:4c:d9:f8:e4:06:1e:bd:2c:b7:84:03:ab:83:6b:
70:06:65:94:9f:1e:e0:7f:88:b4:71:7d:62:c8:df:
91:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:B6:4C:F9:09:80:23:8B:8C:AB:66:42:CC:8A:56:02:62:F2:5D:1C
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/F7ZM-QmAI4uMq2ZCzIpWAmLyXRw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.234.0/24
62.76.239.0/24
185.72.8.0/24
192.124.176.0/24
192.124.209.0/24
193.124.22.0/24
193.124.41.0/24
193.124.46.0/24
193.124.49.0/24
194.58.34.0/24
194.58.38.0-194.58.40.255
194.58.44.0-194.58.46.255
194.58.59.0/24
194.58.66.0/24
194.58.68.0/24
194.87.10.0/24
194.87.17.0-194.87.18.255
194.87.23.0/24
194.87.30.0/24
194.87.39.0/24
194.87.47.0/24
194.87.58.0/24
194.87.82.0/24
194.87.105.0/24
194.87.178.0/24
194.87.198.0/24
194.87.227.0/24
194.87.230.0/24
194.87.240.0/24
194.87.245.0/24
195.133.67.0/24
195.133.92.0/24
212.192.215.0/24
212.192.221.0/24
212.192.223.0/24
212.193.1.0-212.193.2.255
212.193.6.0/24
Signature Algorithm: sha256WithRSAEncryption
81:9a:ab:33:85:54:ad:80:b6:f5:90:d1:7f:de:e3:0d:a5:c1:
9d:50:3d:8a:b6:75:e7:34:88:82:62:d8:7a:c6:7e:24:ab:c1:
86:40:ae:b8:fc:2d:9e:3b:77:ae:ac:6d:3c:ae:d8:da:8c:fc:
1a:da:a2:f5:39:20:71:31:95:0d:31:c3:6a:f7:3e:1f:9f:66:
45:e8:76:16:6e:80:9d:77:8e:c7:fc:a0:ba:6c:be:d0:f1:65:
92:49:62:c1:90:2c:87:47:d3:21:eb:9d:c9:05:ca:9a:06:64:
1d:28:ef:ee:43:e8:2d:b9:c8:aa:0a:6e:39:b5:6b:a4:cd:78:
b8:48:41:f6:da:30:c6:2b:12:8e:1e:39:04:a5:6f:7f:ec:56:
91:ba:97:23:1a:93:05:0b:ac:77:39:e8:ff:11:fc:e8:09:bf:
bd:8c:06:3c:6d:cb:9d:2e:e9:61:41:a9:e6:6d:de:3b:6e:b8:
81:4e:7a:6a:fb:05:eb:46:35:8f:3c:cb:72:cb:2b:95:fb:b9:
6f:6d:a4:9b:4e:72:7d:e6:91:03:68:bb:b0:43:2a:9a:c7:1c:
84:58:d9:62:5a:f7:61:d8:14:99:cd:9e:08:91:70:94:b8:f8:
78:50:c7:3b:19:ea:1f:2e:3a:1c:43:9c:fc:1f:14:d6:24:e5:
1c:3e:6b:fa
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgISAZPqEPVjzNyHhC45sAChtva7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQxMjIxMTYzMzIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2I2NGNmOTA5ODAyMzhiOGNhYjY2NDJjYzhhNTYwMjYyZjI1ZDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhR9DNUiEHZZDUvG6NwV7ft1WOelX
E1RX/mGgdblF8jtt1PAII9790ZQTnWyS2VxkUl22UdMNLc7YwDdYIG8lEpP/fiXI
0GonJxzs0Ogk0p7Poevz51k1VKilOfv4bbc/o5stHeKXQ0qZVIPGt8LrB2K/L0u7
Tc4eVOxMqDq/W+i5xvc+1kRcj3YWxymmz2zFrZ63pbqI9esdOpNfpzt5NKHN6x2S
cgO8tlXkWtw9Q8FY3iIN8N43jlVYtDBogZtYhYpTqrqVkJkfQyvTgR/zeSOoeniK
2ZWes5VyZ5CK/XtzTNn45AYevSy3hAOrg2twBmWUnx7gf4i0cX1iyN+RawIDAQAB
o4IDCjCCAwYwHQYDVR0OBBYEFBe2TPkJgCOLjKtmQsyKVgJi8l0cMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRjdaTS1RbUFJNHVNcTJaQ3pJcFdBbUx5WFJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHgYIKwYBBQUHAQcBAf8EggENMIIBCTCCAQUEAgABMIH+
AwQAPkzqAwQAPkzvAwQAuUgIAwQAwHywAwQAwHzRAwQAwXwWAwQAwXwpAwQAwXwu
AwQAwXwxAwQAwjoiMAwDBAHCOiYDBADCOigwDAMEAsI6LAMEAMI6LgMEAMI6OwME
AMI6QgMEAMI6RAMEAMJXCjAMAwQAwlcRAwQAwlcSAwQAwlcXAwQAwlceAwQAwlcn
AwQAwlcvAwQAwlc6AwQAwldSAwQAwldpAwQAwleyAwQAwlfGAwQAwlfjAwQAwlfm
AwQAwlfwAwQAwlf1AwQAw4VDAwQAw4VcAwQA1MDXAwQA1MDdAwQA1MDfMAwDBADU
wQEDBADUwQIDBADUwQYwDQYJKoZIhvcNAQELBQADggEBAIGaqzOFVK2AtvWQ0X/e
4w2lwZ1QPYq2dec0iIJi2HrGfiSrwYZArrj8LZ47d66sbTyu2NqM/BraovU5IHEx
lQ0xw2r3Ph+fZkXodhZugJ13jsf8oLpsvtDxZZJJYsGQLIdH0yHrnckFypoGZB0o
7+5D6C25yKoKbjm1a6TNeLhIQfbaMMYrEo4eOQSlb3/sVpG6lyMakwULrHc56P8R
/OgJv72MBjxty50u6WFBqeZt3jtuuIFOemr7BetGNY88y3LLK5X7uW9tpJtOcn3m
kQNou7BDKprHHIRY2WJa92HYFJnNngiRcJS4+HhQxzsZ6h8uOhxDnPwfFNYk5Rw+
a/o=
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:11:45 2025 by rpki-client