Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/o2ud3lB3s-qWv3VlcoaklNgHwtk.roa
File: o2ud3lB3s-qWv3VlcoaklNgHwtk.roa (raw, json)
Hash identifier: wUbLkw2b2t81/IMBW9Lkk6n6p5+2Zm5nXozFnJ3T9dQ=
Subject key identifier: A3:6B:9D:DE:50:77:B3:EA:96:BF:75:65:72:86:A4:94:D8:07:C2:D9
Certificate issuer: /CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Certificate serial: 018570306BA99D69BFA8EA5CFB8DE30F5A08
Authority key identifier: 5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/o2ud3lB3s-qWv3VlcoaklNgHwtk.roa
Signing time: Mon 02 Jan 2023 01:54:59 +0000
ROA not before: Mon 02 Jan 2023 01:54:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61400
IP address blocks: 77.220.216.0/21 maxlen: 24
62.76.24.0/22 maxlen: 24
91.107.85.0/24 maxlen: 24
91.107.84.0/24 maxlen: 24
91.107.86.0/24 maxlen: 24
91.107.86.0/23 maxlen: 24
185.126.92.0/22 maxlen: 24
185.62.103.0/24 maxlen: 24
46.21.252.0/22 maxlen: 24
62.76.112.0/22 maxlen: 24
185.111.216.0/23 maxlen: 24
185.111.219.0/24 maxlen: 24
185.111.218.0/24 maxlen: 24
212.8.232.0/22 maxlen: 24
89.248.236.0/24 maxlen: 24
185.40.28.0/22 maxlen: 24
31.200.248.0/21 maxlen: 24
62.76.88.0/22 maxlen: 24
91.227.34.0/23 maxlen: 24
62.76.100.0/22 maxlen: 24
2a03:220::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:6b:a9:9d:69:bf:a8:ea:5c:fb:8d:e3:0f:5a:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Validity
Not Before: Jan 2 01:54:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a36b9dde5077b3ea96bf75657286a494d807c2d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:61:47:4f:08:93:a7:63:f6:6f:31:b3:62:5f:
d3:4e:bb:15:42:46:2a:bd:1a:0c:ea:4b:bb:43:1b:
99:74:2b:30:c8:24:4c:4d:e6:e2:3b:12:88:da:55:
b6:d5:f8:08:25:07:5b:c2:b1:b9:7f:c1:b4:63:61:
4d:5d:6e:46:f7:bd:b5:31:c8:9b:e0:c0:68:db:39:
97:5e:87:11:e0:d2:09:af:32:5d:d7:8e:72:b4:b1:
74:1a:0c:03:d8:a3:5b:81:00:2b:ea:65:4e:a9:24:
85:1b:21:0f:a9:e8:9f:65:11:22:cf:b4:0a:f6:54:
14:76:20:d7:15:5d:d2:01:4f:f0:8c:63:54:b3:79:
47:14:cc:ff:1a:1f:3d:f6:24:90:90:98:35:91:fd:
50:38:8c:e0:47:41:43:34:c1:05:5c:23:75:03:3e:
7d:d7:7e:75:3a:80:4c:62:a2:ac:a0:7a:35:93:80:
a0:95:db:cb:66:6e:bd:d2:60:0a:39:af:72:1d:40:
43:e3:85:b7:0f:4f:45:ef:c9:fd:c5:33:a4:c3:ac:
0d:07:c5:4c:be:b8:48:cd:79:c5:23:a8:9b:09:72:
d3:76:4d:67:18:4a:0e:c1:f6:1e:3f:19:f0:f4:65:
bc:dc:40:ef:e8:31:b9:11:9b:ef:71:4a:ce:f3:30:
d6:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:6B:9D:DE:50:77:B3:EA:96:BF:75:65:72:86:A4:94:D8:07:C2:D9
X509v3 Authority Key Identifier:
keyid:5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/o2ud3lB3s-qWv3VlcoaklNgHwtk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/XaQypOw7CsTKTk7OwOn01GtJevA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.200.248.0/21
46.21.252.0/22
62.76.24.0/22
62.76.88.0/22
62.76.100.0/22
62.76.112.0/22
77.220.216.0/21
89.248.236.0/24
91.107.84.0/22
91.227.34.0/23
185.40.28.0/22
185.62.103.0/24
185.111.216.0/22
185.126.92.0/22
212.8.232.0/22
IPv6:
2a03:220::/32
Signature Algorithm: sha256WithRSAEncryption
8d:57:86:4c:b6:63:2b:b8:f4:72:2f:7c:35:e1:a6:96:24:23:
e2:41:30:96:8a:c1:5e:a6:2a:00:d8:92:71:c7:52:16:39:25:
c0:f4:bb:f5:04:64:c1:77:29:04:4f:58:61:36:9b:00:4c:1b:
8e:9b:c1:a3:f1:ac:a1:e2:68:15:0b:7f:8f:18:25:4a:36:aa:
1c:74:35:0d:8c:b2:02:39:f2:97:f6:fe:0e:dd:84:00:fe:b3:
dc:69:df:5d:2d:83:12:5b:ec:86:58:33:fe:e8:1c:41:c3:4c:
15:92:1e:51:b4:2d:ac:f6:72:b2:41:48:12:96:50:f4:23:2c:
7c:4e:1a:68:01:38:c1:bd:ac:d8:1f:13:13:b3:f5:af:bb:0b:
37:78:bc:c5:0c:b3:b6:82:31:67:3e:3c:e6:a7:40:af:87:6a:
83:15:f9:75:fb:97:a3:e3:63:b2:26:51:a9:f4:fc:44:94:df:
5e:80:93:aa:98:f1:6f:45:e0:ff:f0:4e:86:6a:fc:e3:a1:b5:
c1:8d:57:e0:e1:ea:80:84:da:e7:fc:b4:30:0c:4c:fe:7e:de:
e6:90:a8:48:12:1d:4b:0d:dd:9b:a2:85:34:6e:84:b4:24:21:
13:38:e9:06:d3:64:ca:a7:55:5f:1f:11:bd:1a:11:1b:b6:03:
61:d3:23:3a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAYVwMGupnWm/qOpc+43jD1oIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTQzMmE0ZWMzYjBhYzRjYTRlNGVjZWMwZTlmNGQ0NmI0
OTdhZjAwHhcNMjMwMTAyMDE1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzZiOWRkZTUwNzdiM2VhOTZiZjc1NjU3Mjg2YTQ5NGQ4MDdjMmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGFHTwiTp2P2bzGzYl/TTrsVQkYq
vRoM6ku7QxuZdCswyCRMTebiOxKI2lW21fgIJQdbwrG5f8G0Y2FNXW5G9721Mcib
4MBo2zmXXocR4NIJrzJd145ytLF0GgwD2KNbgQAr6mVOqSSFGyEPqeifZREiz7QK
9lQUdiDXFV3SAU/wjGNUs3lHFMz/Gh899iSQkJg1kf1QOIzgR0FDNMEFXCN1Az59
1351OoBMYqKsoHo1k4CgldvLZm690mAKOa9yHUBD44W3D09F78n9xTOkw6wNB8VM
vrhIzXnFI6ibCXLTdk1nGEoOwfYePxnw9GW83EDv6DG5EZvvcUrO8zDW8wIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFKNrnd5Qd7Pqlr91ZXKGpJTYB8LZMB8GA1UdIwQY
MBaAFF2kMqTsOwrEyk5OzsDp9NRrSXrwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFReXBPdzdDc1RLVGs3T3dPbjAxR3RKZXZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85ZTg0N2YtNDE0Ni00NTY2LThjM2Ut
MWJhNTQzZWVhZWQ3LzEvbzJ1ZDNsQjNzLXFXdjNWbGNvYWtsTmdId3RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85ZTg0N2YtNDE0Ni00NTY2LThjM2UtMWJhNTQzZWVhZWQ3
LzEvWGFReXBPdzdDc1RLVGs3T3dPbjAxR3RKZXZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwYAQCAAEwWgMEAx/I+AME
Ai4V/AMEAj5MGAMEAj5MWAMEAj5MZAMEAj5McAMEA03c2AMEAFn47AMEAltrVAME
AVvjIgMEArkoHAMEALk+ZwMEArlv2AMEArl+XAMEAtQI6DANBAIAAjAHAwUAKgMC
IDANBgkqhkiG9w0BAQsFAAOCAQEAjVeGTLZjK7j0ci98NeGmliQj4kEwlorBXqYq
ANiSccdSFjklwPS79QRkwXcpBE9YYTabAEwbjpvBo/GsoeJoFQt/jxglSjaqHHQ1
DYyyAjnyl/b+Dt2EAP6z3GnfXS2DElvshlgz/ugcQcNMFZIeUbQtrPZyskFIEpZQ
9CMsfE4aaAE4wb2s2B8TE7P1r7sLN3i8xQyztoIxZz485qdAr4dqgxX5dfuXo+Nj
siZRqfT8RJTfXoCTqpjxb0Xg//BOhmr846G1wY1X4OHqgITa5/y0MAxM/n7e5pCo
SBIdSw3dm6KFNG6EtCQhEzjpBtNkyqdVXx8RvRoRG7YDYdMjOg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:02 2025 by rpki-client