Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/Nt7cfApYN3HIChNcgmlqI9YRnUk.roa
File: Nt7cfApYN3HIChNcgmlqI9YRnUk.roa (raw, json)
Hash identifier: nMWdRB7rBNn225Mj2DygdtS8544Pt+grqYQm7xV2oiE=
Subject key identifier: 36:DE:DC:7C:0A:58:37:71:C8:0A:13:5C:82:69:6A:23:D6:11:9D:49
Certificate issuer: /CN=2f814adc1d5209e098f078adbc856bad83b749c2
Certificate serial: 07B42E66
Authority key identifier: 2F:81:4A:DC:1D:52:09:E0:98:F0:78:AD:BC:85:6B:AD:83:B7:49:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L4FK3B1SCeCY8HitvIVrrYO3ScI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/Nt7cfApYN3HIChNcgmlqI9YRnUk.roa
Signing time: Sat 01 Jan 2022 02:54:42 +0000
ROA not before: Sat 01 Jan 2022 02:54:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60976
IP address blocks: 37.228.139.0/24 maxlen: 24
37.228.138.0/24 maxlen: 24
37.228.137.0/24 maxlen: 24
37.228.136.0/24 maxlen: 24
95.156.237.0/24 maxlen: 24
95.156.236.0/24 maxlen: 24
95.156.253.0/24 maxlen: 24
95.156.252.0/24 maxlen: 24
95.156.252.0/22 maxlen: 22
95.156.255.0/24 maxlen: 24
95.156.254.0/24 maxlen: 24
91.99.96.0/21 maxlen: 21
91.99.98.0/24 maxlen: 24
91.99.97.0/24 maxlen: 24
91.99.96.0/24 maxlen: 24
91.99.103.0/24 maxlen: 24
91.99.102.0/24 maxlen: 24
91.99.101.0/24 maxlen: 24
91.99.99.0/24 maxlen: 24
82.99.216.0/22 maxlen: 22
91.99.219.0/24 maxlen: 24
82.99.219.0/24 maxlen: 24
91.99.218.0/24 maxlen: 24
82.99.218.0/24 maxlen: 24
82.99.215.0/24 maxlen: 24
82.99.217.0/24 maxlen: 24
91.99.217.0/24 maxlen: 24
82.99.216.0/24 maxlen: 24
91.99.216.0/24 maxlen: 24
82.99.238.0/24 maxlen: 24
82.99.244.0/24 maxlen: 24
82.99.243.0/24 maxlen: 24
82.99.242.0/24 maxlen: 24
91.99.75.0/24 maxlen: 24
91.99.74.0/24 maxlen: 24
91.99.73.0/24 maxlen: 24
91.99.72.0/24 maxlen: 24
91.98.96.0/21 maxlen: 21
91.98.97.0/24 maxlen: 24
91.98.96.0/24 maxlen: 24
91.98.98.0/24 maxlen: 24
91.98.102.0/24 maxlen: 24
91.98.100.0/24 maxlen: 24
91.98.99.0/24 maxlen: 24
91.98.31.0/24 maxlen: 24
185.13.231.0/24 maxlen: 24
91.98.28.0/22 maxlen: 22
91.98.30.0/24 maxlen: 24
91.98.29.0/24 maxlen: 24
185.13.230.0/24 maxlen: 24
185.13.229.0/24 maxlen: 24
185.13.228.0/24 maxlen: 24
185.13.228.0/22 maxlen: 22
91.98.28.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 129248870 (0x7b42e66)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f814adc1d5209e098f078adbc856bad83b749c2
Validity
Not Before: Jan 1 02:54:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=36dedc7c0a583771c80a135c82696a23d6119d49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:e4:e6:95:f8:dd:70:e5:69:67:10:ae:ca:02:
47:ac:8a:1e:4e:80:75:f7:76:e7:d9:ff:1d:4f:1c:
ab:cb:0a:6e:4a:f8:a6:0c:70:bd:b9:a1:26:f1:5d:
2b:df:a3:b0:6d:bf:7e:12:89:02:e1:69:21:a3:75:
0a:43:8e:cd:f8:31:0b:37:e1:c4:7a:e0:7b:1f:a9:
91:1c:c0:33:ad:37:47:e4:dc:db:b4:5e:06:e9:ca:
b4:9a:fd:2b:62:66:e1:56:1e:ab:ca:c9:11:72:02:
3e:00:b7:96:f3:26:41:e9:5f:f3:25:09:c6:7b:65:
3f:a0:ba:70:fb:03:c9:a3:bb:29:69:20:4b:47:65:
1c:9b:a9:08:36:e4:08:6e:f2:b7:77:44:ef:13:3a:
b9:29:11:4b:69:cc:4d:a5:cc:e3:e5:b0:99:78:5a:
f6:e2:b8:58:20:bb:0a:9e:8d:f8:4c:c7:17:d8:5a:
23:ed:1c:ef:e7:56:2d:2f:95:60:48:65:2e:7e:ed:
0e:db:7b:6d:81:f4:f0:a7:c9:05:98:92:5c:cb:f9:
d7:0e:b4:8d:38:c8:e6:df:34:3d:4c:89:6b:5d:38:
41:f7:68:ac:4c:ee:bc:e4:40:c1:61:e7:fe:87:64:
7a:7b:cd:62:5b:d8:23:74:6d:ff:77:0a:b7:9b:9b:
28:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:DE:DC:7C:0A:58:37:71:C8:0A:13:5C:82:69:6A:23:D6:11:9D:49
X509v3 Authority Key Identifier:
keyid:2F:81:4A:DC:1D:52:09:E0:98:F0:78:AD:BC:85:6B:AD:83:B7:49:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L4FK3B1SCeCY8HitvIVrrYO3ScI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/Nt7cfApYN3HIChNcgmlqI9YRnUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/L4FK3B1SCeCY8HitvIVrrYO3ScI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.228.136.0/22
82.99.215.0-82.99.219.255
82.99.238.0/24
82.99.242.0-82.99.244.255
91.98.28.0/22
91.98.96.0/21
91.99.72.0/22
91.99.96.0/21
91.99.216.0/22
95.156.236.0/23
95.156.252.0/22
185.13.228.0/22
Signature Algorithm: sha256WithRSAEncryption
2d:e7:27:25:6f:57:0d:0b:26:a3:57:92:42:5b:d1:b8:8d:39:
aa:f8:fb:00:a8:21:f2:7d:67:86:a6:1a:c5:33:15:64:84:fb:
c6:3c:ca:6f:35:95:f6:0a:45:5e:d4:ba:3e:f6:36:7b:9d:ff:
1a:3e:96:b4:20:61:ac:b5:5e:28:56:a3:54:6f:e9:dd:93:db:
97:bf:ec:ca:c3:9f:39:88:01:2c:a2:43:91:0a:fb:1d:e4:f7:
79:29:b2:7b:55:a2:11:29:37:a6:42:e5:5f:57:cc:1d:07:04:
60:d7:89:6e:80:a1:95:07:2c:02:f0:d2:f4:b5:3f:36:3e:11:
b8:cf:25:e2:b5:be:3b:17:c9:02:dd:c7:cd:91:e6:7a:36:d3:
55:86:bc:e5:b9:04:ba:b7:c4:ef:22:93:92:11:00:10:b6:d3:
42:e4:a4:1a:74:3f:93:b6:bb:9a:95:61:ed:76:66:82:50:7f:
69:a3:53:9c:3b:e2:50:d4:ae:38:3b:6b:34:f3:d5:95:23:1d:
22:0a:3c:cf:7e:a9:93:6f:e1:94:a4:89:8c:85:14:aa:de:0f:
2c:27:02:15:d1:a3:c7:e5:e6:ad:b2:cf:1e:de:e7:24:8c:b4:
4d:78:e8:57:fa:ea:64:cd:11:09:b6:10:66:d0:94:e1:95:2e:
d9:6b:d3:80
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIEB7QuZjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZjgxNGFkYzFkNTIwOWUwOThmMDc4YWRiYzg1NmJhZDgzYjc0OWMyMB4XDTIyMDEw
MTAyNTQ0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzZkZWRjN2MwYTU4
Mzc3MWM4MGExMzVjODI2OTZhMjNkNjExOWQ0OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJLk5pX43XDlaWcQrsoCR6yKHk6Adfd259n/HU8cq8sKbkr4
pgxwvbmhJvFdK9+jsG2/fhKJAuFpIaN1CkOOzfgxCzfhxHrgex+pkRzAM603R+Tc
27ReBunKtJr9K2Jm4VYeq8rJEXICPgC3lvMmQelf8yUJxntlP6C6cPsDyaO7KWkg
S0dlHJupCDbkCG7yt3dE7xM6uSkRS2nMTaXM4+WwmXha9uK4WCC7Cp6N+EzHF9ha
I+0c7+dWLS+VYEhlLn7tDtt7bYH08KfJBZiSXMv51w60jTjI5t80PUyJa104Qfdo
rEzuvORAwWHn/odkenvNYlvYI3Rt/3cKt5ubKAECAwEAAaOCAlswggJXMB0GA1Ud
DgQWBBQ23tx8Clg3ccgKE1yCaWoj1hGdSTAfBgNVHSMEGDAWgBQvgUrcHVIJ4Jjw
eK28hWutg7dJwjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0w0RkszQjFTQ2VDWThIaXR2SVZycllPM1NjSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDIvMTNlMTJhLTJiYWMtNDc1Mi05OTdkLWRmODZiNmRkOTk3Yy8x
L050N2NmQXBZTjNISUNoTmNnbWxxSTlZUm5Vay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDIv
MTNlMTJhLTJiYWMtNDc1Mi05OTdkLWRmODZiNmRkOTk3Yy8xL0w0RkszQjFTQ2VD
WThIaXR2SVZycllPM1NjSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBx
BggrBgEFBQcBBwEB/wRiMGAwXgQCAAEwWAMEAiXkiDAMAwQAUmPXAwQCUmPYAwQA
UmPuMAwDBAFSY/IDBABSY/QDBAJbYhwDBANbYmADBAJbY0gDBANbY2ADBAJbY9gD
BAFfnOwDBAJfnPwDBAK5DeQwDQYJKoZIhvcNAQELBQADggEBAC3nJyVvVw0LJqNX
kkJb0biNOar4+wCoIfJ9Z4amGsUzFWSE+8Y8ym81lfYKRV7Uuj72Nnud/xo+lrQg
Yay1XihWo1Rv6d2T25e/7MrDnzmIASyiQ5EK+x3k93kpsntVohEpN6ZC5V9XzB0H
BGDXiW6AoZUHLALw0vS1PzY+EbjPJeK1vjsXyQLdx82R5no201WGvOW5BLq3xO8i
k5IRABC200LkpBp0P5O2u5qVYe12ZoJQf2mjU5w74lDUrjg7azTz1ZUjHSIKPM9+
qZNv4ZSkiYyFFKreDywnAhXRo8fl5q2yzx7e5ySMtE146Ff66mTNEQm2EGbQlOGV
Ltlr04A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:42 2024 by rpki-client on console-fra.rpki-client.org