Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/Rq1spJqtVOeLhpMTKbFw-CEJm04.roa
File: Rq1spJqtVOeLhpMTKbFw-CEJm04.roa (raw, json)
Hash identifier: 6gPchLfOBoNWxDjIo496aUM76E6GpI3aLOc9+AhxDZY=
Subject key identifier: 46:AD:6C:A4:9A:AD:54:E7:8B:86:93:13:29:B1:70:F8:21:09:9B:4E
Certificate issuer: /CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Certificate serial: 018298F1DA673A7923503EAE53771050942B
Authority key identifier: 5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/Rq1spJqtVOeLhpMTKbFw-CEJm04.roa
Signing time: Sat 13 Aug 2022 20:42:43 +0000
ROA not before: Sat 13 Aug 2022 20:42:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61400
IP address blocks: 77.220.216.0/21 maxlen: 21
62.76.24.0/22 maxlen: 24
91.107.85.0/24 maxlen: 24
91.107.84.0/24 maxlen: 24
91.107.86.0/24 maxlen: 24
91.107.86.0/23 maxlen: 24
185.126.92.0/22 maxlen: 24
185.62.103.0/24 maxlen: 24
46.21.252.0/22 maxlen: 24
62.76.112.0/22 maxlen: 32
185.111.216.0/23 maxlen: 23
185.111.219.0/24 maxlen: 24
185.111.218.0/24 maxlen: 24
212.8.232.0/22 maxlen: 22
89.248.236.0/24 maxlen: 24
185.40.28.0/22 maxlen: 22
31.200.248.0/21 maxlen: 21
62.76.88.0/22 maxlen: 22
91.227.34.0/23 maxlen: 23
62.76.100.0/22 maxlen: 22
2a03:220::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:98:f1:da:67:3a:79:23:50:3e:ae:53:77:10:50:94:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Validity
Not Before: Aug 13 20:42:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=46ad6ca49aad54e78b86931329b170f821099b4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:03:03:5a:1f:bd:04:01:f5:96:54:18:04:26:
f8:0e:9c:2c:af:0a:eb:74:8c:0c:20:9e:a5:7d:b9:
07:25:f7:71:9a:13:31:90:5c:94:83:9c:68:67:12:
f4:9f:b3:e9:a1:2c:2a:b8:2c:7b:58:28:7b:e6:df:
82:26:f6:fd:88:00:5f:f4:72:83:85:05:28:46:1a:
7a:04:80:ba:4e:0c:b8:db:9d:07:c1:c2:70:9e:76:
9c:ab:a3:e4:91:b3:47:23:7b:94:a9:a8:c4:1e:4d:
c8:25:b5:d1:70:20:5c:47:7a:8c:56:92:e9:d2:8f:
c5:c4:f6:2a:c2:f0:da:52:ff:a1:2c:f8:ff:06:c2:
23:14:dc:7f:ab:2f:8b:6d:8c:60:1b:1e:b6:13:92:
1b:f6:76:ee:49:6f:b0:7a:02:d1:ec:7d:a2:39:aa:
73:df:82:49:d7:f0:da:cd:a1:c6:bc:29:4c:c4:83:
35:df:ca:85:82:c7:3e:1c:be:09:ad:14:f6:0e:eb:
b7:0f:58:44:4d:33:62:dc:b8:47:9c:9b:68:fd:0f:
0f:71:3a:57:a5:7a:6f:30:5f:55:05:34:2e:7a:38:
4d:b0:0f:49:4b:7a:38:5c:42:ca:bb:55:ab:f7:38:
f9:24:2b:95:3d:fa:b5:71:b6:d3:dd:b2:f6:a8:50:
b2:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:AD:6C:A4:9A:AD:54:E7:8B:86:93:13:29:B1:70:F8:21:09:9B:4E
X509v3 Authority Key Identifier:
keyid:5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/Rq1spJqtVOeLhpMTKbFw-CEJm04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/XaQypOw7CsTKTk7OwOn01GtJevA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.200.248.0/21
46.21.252.0/22
62.76.24.0/22
62.76.88.0/22
62.76.100.0/22
62.76.112.0/22
77.220.216.0/21
89.248.236.0/24
91.107.84.0/22
91.227.34.0/23
185.40.28.0/22
185.62.103.0/24
185.111.216.0/22
185.126.92.0/22
212.8.232.0/22
IPv6:
2a03:220::/32
Signature Algorithm: sha256WithRSAEncryption
4f:e6:58:d9:7c:8c:b4:d4:3d:53:12:08:34:6f:24:9a:33:78:
e1:94:da:e7:f2:1e:57:84:40:6a:38:da:57:0c:36:70:c1:84:
5a:98:26:fd:a5:df:89:8d:5b:02:81:d0:6f:84:3d:d9:41:d3:
3c:09:2d:ca:a9:6c:c4:49:5e:20:3b:96:0e:eb:d0:c6:6b:91:
5d:1a:81:43:b4:91:d6:41:f0:f8:91:26:c2:56:6b:3f:0e:28:
8d:37:13:18:77:cf:67:27:a1:f0:41:46:b9:e3:99:4a:6e:e5:
f2:b2:37:84:20:8e:12:e7:5c:f5:11:7f:b5:f9:d3:a2:e0:8b:
1e:ff:07:99:59:0f:cc:39:51:dd:1f:ab:1f:e8:e7:e2:d4:d0:
46:e1:0c:8f:18:53:b6:26:dd:cc:64:17:20:cc:81:bc:b3:a2:
0c:b5:92:14:7a:35:f7:a3:37:15:1b:87:59:bb:9d:f1:b4:bb:
8e:92:cb:d7:74:9c:56:52:ff:a2:b1:04:ad:67:8b:2e:4c:80:
09:36:fe:90:d3:6f:66:84:3f:43:f1:18:e4:6d:01:d6:c4:ca:
1a:f5:b1:a0:fb:b4:99:6f:b3:2a:fb:34:6e:a5:31:a6:97:2d:
c9:d4:ab:bb:b8:f6:bc:40:45:bc:f6:55:5b:6b:05:33:78:ef:
1c:09:47:36
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAYKY8dpnOnkjUD6uU3cQUJQrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTQzMmE0ZWMzYjBhYzRjYTRlNGVjZWMwZTlmNGQ0NmI0
OTdhZjAwHhcNMjIwODEzMjA0MjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmFkNmNhNDlhYWQ1NGU3OGI4NjkzMTMyOWIxNzBmODIxMDk5YjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgMDWh+9BAH1llQYBCb4Dpwsrwrr
dIwMIJ6lfbkHJfdxmhMxkFyUg5xoZxL0n7PpoSwquCx7WCh75t+CJvb9iABf9HKD
hQUoRhp6BIC6Tgy4250HwcJwnnacq6PkkbNHI3uUqajEHk3IJbXRcCBcR3qMVpLp
0o/FxPYqwvDaUv+hLPj/BsIjFNx/qy+LbYxgGx62E5Ib9nbuSW+wegLR7H2iOapz
34JJ1/DazaHGvClMxIM138qFgsc+HL4JrRT2Duu3D1hETTNi3LhHnJto/Q8PcTpX
pXpvMF9VBTQuejhNsA9JS3o4XELKu1Wr9zj5JCuVPfq1cbbT3bL2qFCy8QIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFEatbKSarVTni4aTEymxcPghCZtOMB8GA1UdIwQY
MBaAFF2kMqTsOwrEyk5OzsDp9NRrSXrwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFReXBPdzdDc1RLVGs3T3dPbjAxR3RKZXZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85ZTg0N2YtNDE0Ni00NTY2LThjM2Ut
MWJhNTQzZWVhZWQ3LzEvUnExc3BKcXRWT2VMaHBNVEtiRnctQ0VKbTA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85ZTg0N2YtNDE0Ni00NTY2LThjM2UtMWJhNTQzZWVhZWQ3
LzEvWGFReXBPdzdDc1RLVGs3T3dPbjAxR3RKZXZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwYAQCAAEwWgMEAx/I+AME
Ai4V/AMEAj5MGAMEAj5MWAMEAj5MZAMEAj5McAMEA03c2AMEAFn47AMEAltrVAME
AVvjIgMEArkoHAMEALk+ZwMEArlv2AMEArl+XAMEAtQI6DANBAIAAjAHAwUAKgMC
IDANBgkqhkiG9w0BAQsFAAOCAQEAT+ZY2XyMtNQ9UxIING8kmjN44ZTa5/IeV4RA
ajjaVww2cMGEWpgm/aXfiY1bAoHQb4Q92UHTPAktyqlsxEleIDuWDuvQxmuRXRqB
Q7SR1kHw+JEmwlZrPw4ojTcTGHfPZyeh8EFGueOZSm7l8rI3hCCOEudc9RF/tfnT
ouCLHv8HmVkPzDlR3R+rH+jn4tTQRuEMjxhTtibdzGQXIMyBvLOiDLWSFHo196M3
FRuHWbud8bS7jpLL13ScVlL/orEErWeLLkyACTb+kNNvZoQ/Q/EY5G0B1sTKGvWx
oPu0mW+zKvs0bqUxppctydSru7j2vEBFvPZVW2sFM3jvHAlHNg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:37 2025 by rpki-client