Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/BszjXVThD8Rj0aKlLkytywZ2hCI.roa
File: BszjXVThD8Rj0aKlLkytywZ2hCI.roa (raw, json)
Hash identifier: uvnaHWI6wK4uHplo7TcWXHywHZRdDwClN2y/btD/9E4=
Subject key identifier: 06:CC:E3:5D:54:E1:0F:C4:63:D1:A2:A5:2E:4C:AD:CB:06:76:84:22
Certificate issuer: /CN=2f814adc1d5209e098f078adbc856bad83b749c2
Certificate serial: 0183BB73A48FA1A9DF3FC65509D44839D07E
Authority key identifier: 2F:81:4A:DC:1D:52:09:E0:98:F0:78:AD:BC:85:6B:AD:83:B7:49:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L4FK3B1SCeCY8HitvIVrrYO3ScI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/BszjXVThD8Rj0aKlLkytywZ2hCI.roa
Signing time: Sun 09 Oct 2022 06:34:21 +0000
ROA not before: Sun 09 Oct 2022 06:34:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60976
IP address blocks: 31.214.248.0/21 maxlen: 21
31.214.249.0/24 maxlen: 24
37.228.139.0/24 maxlen: 24
37.228.138.0/24 maxlen: 24
37.228.137.0/24 maxlen: 24
37.228.136.0/24 maxlen: 24
134.255.200.0/21 maxlen: 21
95.156.237.0/24 maxlen: 24
95.156.236.0/24 maxlen: 24
95.156.253.0/24 maxlen: 24
95.156.252.0/24 maxlen: 24
95.156.252.0/22 maxlen: 22
95.156.255.0/24 maxlen: 24
95.156.254.0/24 maxlen: 24
91.99.96.0/21 maxlen: 21
91.99.98.0/24 maxlen: 24
91.99.97.0/24 maxlen: 24
91.99.96.0/24 maxlen: 24
91.99.103.0/24 maxlen: 24
91.99.102.0/24 maxlen: 24
91.99.101.0/24 maxlen: 24
91.99.99.0/24 maxlen: 24
31.214.172.0/24 maxlen: 24
31.214.170.0/24 maxlen: 24
31.214.168.0/21 maxlen: 21
82.99.216.0/22 maxlen: 22
82.99.219.0/24 maxlen: 24
91.99.219.0/24 maxlen: 24
82.99.218.0/24 maxlen: 24
82.99.215.0/24 maxlen: 24
91.99.218.0/24 maxlen: 24
82.99.217.0/24 maxlen: 24
91.99.217.0/24 maxlen: 24
82.99.216.0/24 maxlen: 24
91.99.216.0/24 maxlen: 24
82.99.238.0/24 maxlen: 24
82.99.244.0/24 maxlen: 24
82.99.243.0/24 maxlen: 24
82.99.242.0/24 maxlen: 24
91.99.75.0/24 maxlen: 24
91.99.74.0/24 maxlen: 24
91.99.73.0/24 maxlen: 24
91.99.72.0/24 maxlen: 24
91.98.96.0/21 maxlen: 21
91.98.97.0/24 maxlen: 24
91.98.96.0/24 maxlen: 24
91.98.98.0/24 maxlen: 24
91.98.102.0/24 maxlen: 24
91.98.100.0/24 maxlen: 24
91.98.99.0/24 maxlen: 24
91.98.31.0/24 maxlen: 24
185.13.231.0/24 maxlen: 24
91.98.28.0/22 maxlen: 22
91.98.30.0/24 maxlen: 24
91.98.29.0/24 maxlen: 24
185.13.230.0/24 maxlen: 24
185.13.229.0/24 maxlen: 24
185.13.228.0/24 maxlen: 24
185.13.228.0/22 maxlen: 22
91.98.28.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:bb:73:a4:8f:a1:a9:df:3f:c6:55:09:d4:48:39:d0:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f814adc1d5209e098f078adbc856bad83b749c2
Validity
Not Before: Oct 9 06:34:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=06cce35d54e10fc463d1a2a52e4cadcb06768422
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:30:94:d4:bf:d5:0a:d7:66:96:13:17:d6:fa:
82:f2:cf:8c:8b:ff:c0:9c:52:cc:47:37:9a:b4:42:
16:da:7d:d0:e7:cd:06:df:46:db:34:60:35:cb:28:
68:62:51:5d:e0:39:f4:b5:c7:07:cc:09:1d:1f:7d:
5f:b2:b9:b6:aa:d8:47:05:69:58:1a:65:85:d8:c8:
94:64:f5:7a:0d:41:e1:5d:9b:9f:90:70:0a:ac:78:
27:50:a5:35:76:b5:6b:19:f7:37:da:f7:75:a6:b6:
5d:ea:2c:83:7b:c3:37:9c:78:43:9d:14:22:65:ee:
a6:84:00:84:4f:1e:49:c4:18:b2:b7:ff:c4:e7:19:
35:fd:fd:3c:7c:a8:dc:32:6d:5f:99:93:0e:bf:1b:
78:fc:28:7d:1a:fa:81:37:5e:ef:ba:6d:53:8e:a6:
d1:4c:f9:84:68:c0:37:fd:29:aa:7c:db:b9:9e:78:
e6:a0:22:54:96:b1:29:75:69:1e:1a:5a:cb:75:b6:
8a:97:24:ed:3a:ac:78:2e:cd:05:d0:16:33:5f:31:
6b:d7:28:a6:91:39:88:c7:64:ad:7f:7c:64:51:72:
d0:cd:4c:fa:33:fd:74:fd:5a:15:01:e1:5e:56:93:
ab:61:51:62:34:ff:f9:f8:7d:ee:73:77:4f:4d:3b:
e4:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:CC:E3:5D:54:E1:0F:C4:63:D1:A2:A5:2E:4C:AD:CB:06:76:84:22
X509v3 Authority Key Identifier:
keyid:2F:81:4A:DC:1D:52:09:E0:98:F0:78:AD:BC:85:6B:AD:83:B7:49:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L4FK3B1SCeCY8HitvIVrrYO3ScI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/BszjXVThD8Rj0aKlLkytywZ2hCI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/L4FK3B1SCeCY8HitvIVrrYO3ScI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.168.0/21
31.214.248.0/21
37.228.136.0/22
82.99.215.0-82.99.219.255
82.99.238.0/24
82.99.242.0-82.99.244.255
91.98.28.0/22
91.98.96.0/21
91.99.72.0/22
91.99.96.0/21
91.99.216.0/22
95.156.236.0/23
95.156.252.0/22
134.255.200.0/21
185.13.228.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:8c:3f:5d:75:11:9c:ca:b4:6d:04:13:af:ef:f2:c3:69:b8:
77:5d:ca:5a:3a:39:e0:6d:a8:7a:10:13:11:cb:aa:1b:93:34:
eb:81:6f:72:f4:a4:6a:4b:67:38:87:20:e6:f9:db:3f:2e:1d:
32:fb:08:cf:af:db:bd:c9:d4:0e:e8:76:92:8d:ea:bd:90:26:
b0:f0:e4:73:e4:83:62:5f:12:90:ad:9c:fc:40:f8:08:81:dd:
9e:2f:a8:9e:98:d2:4f:a3:d5:bb:bc:8c:cf:f5:73:04:6e:5f:
c6:cd:04:da:2d:4a:8d:f9:cc:70:57:56:b6:fa:1a:bc:2d:6f:
35:aa:6d:aa:34:eb:b0:bc:d8:1e:4e:5a:01:39:2e:57:4c:ca:
c0:8c:63:c8:da:86:74:a2:20:dd:b0:4e:56:5a:ad:21:4a:04:
97:68:04:57:a9:8a:fa:77:38:99:20:79:06:8e:fa:1f:b7:a8:
21:6f:6b:21:33:4f:10:7f:9f:23:9d:5c:9c:19:e6:a2:b4:78:
8a:51:52:da:fe:02:03:0b:40:f8:cf:23:6f:ba:b1:d0:1a:9e:
00:b9:be:ae:e0:b7:67:51:3a:28:d1:42:bf:49:ca:44:8e:0c:
ca:7d:90:fe:80:4c:cd:ee:d5:7c:bc:8b:95:38:cb:83:cf:9c:
37:de:bf:ad
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAYO7c6SPoanfP8ZVCdRIOdB+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmODE0YWRjMWQ1MjA5ZTA5OGYwNzhhZGJjODU2YmFkODNi
NzQ5YzIwHhcNMjIxMDA5MDYzNDIxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmNjZTM1ZDU0ZTEwZmM0NjNkMWEyYTUyZTRjYWRjYjA2NzY4NDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozCU1L/VCtdmlhMX1vqC8s+Mi//A
nFLMRzeatEIW2n3Q580G30bbNGA1yyhoYlFd4Dn0tccHzAkdH31fsrm2qthHBWlY
GmWF2MiUZPV6DUHhXZufkHAKrHgnUKU1drVrGfc32vd1prZd6iyDe8M3nHhDnRQi
Ze6mhACETx5JxBiyt//E5xk1/f08fKjcMm1fmZMOvxt4/Ch9GvqBN17vum1TjqbR
TPmEaMA3/SmqfNu5nnjmoCJUlrEpdWkeGlrLdbaKlyTtOqx4Ls0F0BYzXzFr1yim
kTmIx2Stf3xkUXLQzUz6M/10/VoVAeFeVpOrYVFiNP/5+H3uc3dPTTvk8wIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFAbM411U4Q/EY9GipS5MrcsGdoQiMB8GA1UdIwQY
MBaAFC+BStwdUgngmPB4rbyFa62Dt0nCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDRGSzNCMVNDZUNZOEhpdHZJVnJyWU8zU2NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8xM2UxMmEtMmJhYy00NzUyLTk5N2Qt
ZGY4NmI2ZGQ5OTdjLzEvQnN6alhWVGhEOFJqMGFLbExreXR5d1oyaENJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8xM2UxMmEtMmJhYy00NzUyLTk5N2QtZGY4NmI2ZGQ5OTdj
LzEvTDRGSzNCMVNDZUNZOEhpdHZJVnJyWU8zU2NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwagMEAx/WqAME
Ax/W+AMEAiXkiDAMAwQAUmPXAwQCUmPYAwQAUmPuMAwDBAFSY/IDBABSY/QDBAJb
YhwDBANbYmADBAJbY0gDBANbY2ADBAJbY9gDBAFfnOwDBAJfnPwDBAOG/8gDBAK5
DeQwDQYJKoZIhvcNAQELBQADggEBAB2MP111EZzKtG0EE6/v8sNpuHddylo6OeBt
qHoQExHLqhuTNOuBb3L0pGpLZziHIOb52z8uHTL7CM+v273J1A7odpKN6r2QJrDw
5HPkg2JfEpCtnPxA+AiB3Z4vqJ6Y0k+j1bu8jM/1cwRuX8bNBNotSo35zHBXVrb6
GrwtbzWqbao067C82B5OWgE5LldMysCMY8jahnSiIN2wTlZarSFKBJdoBFepivp3
OJkgeQaO+h+3qCFvayEzTxB/nyOdXJwZ5qK0eIpRUtr+AgMLQPjPI2+6sdAangC5
vq7gt2dROijRQr9JykSODMp9kP6ATM3u1Xy8i5U4y4PPnDfev60=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:42 2024 by rpki-client on console-fra.rpki-client.org