Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/clM0q7bsghevVKSlsOt6TJXyArs.roa
File: clM0q7bsghevVKSlsOt6TJXyArs.roa (raw, json)
Hash identifier: HMSl7lsQbZ6IMmV802x5EKSWNTQFUVzmIu6AbTWHhbw=
Subject key identifier: 72:53:34:AB:B6:EC:82:17:AF:54:A4:A5:B0:EB:7A:4C:95:F2:02:BB
Certificate issuer: /CN=52dc9c218b510c07bc6659b09fbd32afe68abfd2
Certificate serial: 01856BA59C63937753203E4211C19DE9A11E
Authority key identifier: 52:DC:9C:21:8B:51:0C:07:BC:66:59:B0:9F:BD:32:AF:E6:8A:BF:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UtycIYtRDAe8Zlmwn70yr-aKv9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/clM0q7bsghevVKSlsOt6TJXyArs.roa
Signing time: Sun 01 Jan 2023 04:44:53 +0000
ROA not before: Sun 01 Jan 2023 04:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47869
IP address blocks: 109.235.48.0/21 maxlen: 21
178.239.48.0/20 maxlen: 20
94.185.80.0/21 maxlen: 21
185.149.56.0/22 maxlen: 22
91.208.164.0/24 maxlen: 24
194.110.67.0/24 maxlen: 24
37.46.192.0/22 maxlen: 22
91.205.232.0/22 maxlen: 22
37.46.199.0/24 maxlen: 24
91.199.50.0/24 maxlen: 24
37.46.196.0/23 maxlen: 23
185.24.248.0/22 maxlen: 22
31.171.132.0/22 maxlen: 22
31.171.128.0/24 maxlen: 24
31.171.128.0/22 maxlen: 22
94.228.208.0/20 maxlen: 20
2a00:dd0::/32 maxlen: 48
2a00:dd0:bbbb::/48 maxlen: 48
2a00:dd0:aaaa::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:a5:9c:63:93:77:53:20:3e:42:11:c1:9d:e9:a1:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52dc9c218b510c07bc6659b09fbd32afe68abfd2
Validity
Not Before: Jan 1 04:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=725334abb6ec8217af54a4a5b0eb7a4c95f202bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:66:73:04:40:bf:68:d1:41:f7:86:1a:6c:c6:
2d:93:13:f0:04:25:3b:41:b7:29:29:84:17:4f:72:
23:8b:9f:5b:99:57:56:f7:47:d8:23:82:84:a5:fe:
01:26:9c:93:ce:7f:df:8d:94:ac:bf:49:f1:a8:c5:
ff:35:ac:93:c6:e6:9d:c3:eb:8f:b3:60:cb:8a:69:
fb:34:1b:05:99:02:39:50:25:bc:13:c8:cd:a7:d1:
44:c5:7a:ab:13:bd:61:78:17:23:89:09:c0:4e:c0:
5b:0e:75:01:de:8a:b6:ea:4e:1c:cd:5d:70:31:51:
60:9a:96:45:c3:94:83:97:94:1e:3d:ed:76:13:e0:
cd:a8:f2:6b:a8:a1:f8:91:11:5b:ce:ac:f9:d0:20:
0c:92:55:d5:c0:48:92:07:24:67:f1:ed:fa:3a:f8:
30:19:a4:a6:93:57:e7:ca:67:b3:5c:11:ed:7a:fa:
8e:6b:73:4c:14:b1:26:13:f4:dd:85:5b:df:17:ae:
84:b3:d1:df:db:6d:b2:c3:fb:01:8f:fa:b5:6a:95:
b5:35:e1:f5:eb:a3:a5:d2:6a:26:b6:93:8d:28:16:
eb:8d:d8:2b:16:ca:e1:12:e6:a7:28:b4:6a:ea:1c:
4b:0f:e9:99:d7:e7:d7:af:f2:8f:d2:a5:9d:8d:9e:
f0:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:53:34:AB:B6:EC:82:17:AF:54:A4:A5:B0:EB:7A:4C:95:F2:02:BB
X509v3 Authority Key Identifier:
keyid:52:DC:9C:21:8B:51:0C:07:BC:66:59:B0:9F:BD:32:AF:E6:8A:BF:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UtycIYtRDAe8Zlmwn70yr-aKv9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/clM0q7bsghevVKSlsOt6TJXyArs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/UtycIYtRDAe8Zlmwn70yr-aKv9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.128.0/21
37.46.192.0-37.46.197.255
37.46.199.0/24
91.199.50.0/24
91.205.232.0/22
91.208.164.0/24
94.185.80.0/21
94.228.208.0/20
109.235.48.0/21
178.239.48.0/20
185.24.248.0/22
185.149.56.0/22
194.110.67.0/24
IPv6:
2a00:dd0::/32
Signature Algorithm: sha256WithRSAEncryption
13:bf:80:5f:0c:70:f6:e3:46:bf:33:67:19:24:62:cd:d1:a9:
89:6e:4e:9c:83:23:98:0d:77:97:a6:cf:2e:b1:7a:43:ee:23:
20:00:ce:6c:23:b3:d4:63:fa:81:c7:83:22:56:b7:2e:8c:e4:
2c:81:ab:62:56:69:2f:82:d3:d5:e0:21:00:01:1f:b8:a0:3f:
df:41:41:fc:b0:02:28:60:8e:8c:66:8e:0c:e3:81:ef:65:6e:
34:4d:47:a7:2a:2d:ac:3b:50:4c:0a:ce:31:c8:cf:75:fa:f1:
d7:a4:5a:15:07:dc:04:83:e9:ba:e2:29:32:d3:a2:ce:ed:0c:
4c:e9:7a:29:f8:f3:91:45:7e:f4:62:9f:49:7b:8c:0f:12:52:
e1:e0:cf:33:c0:3d:d4:26:a3:02:a7:68:2e:b6:c0:9c:75:c3:
d1:be:07:ca:07:73:0f:91:15:06:9a:32:96:55:b7:df:a3:71:
63:8d:3b:10:8f:72:b0:74:a4:73:48:cf:b5:f4:5e:f3:82:1b:
5d:28:16:a8:3f:57:3c:90:27:c9:62:94:c0:ec:fb:9b:23:81:
04:00:3d:eb:a1:86:b0:b2:4c:fc:c7:23:22:ca:fd:74:a6:7d:
d3:cd:45:55:43:1a:d0:ac:f6:ee:8d:3b:63:36:e0:f6:b1:89:
6a:4f:6e:96
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgISAYVrpZxjk3dTID5CEcGd6aEeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyZGM5YzIxOGI1MTBjMDdiYzY2NTliMDlmYmQzMmFmZTY4
YWJmZDIwHhcNMjMwMTAxMDQ0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjUzMzRhYmI2ZWM4MjE3YWY1NGE0YTViMGViN2E0Yzk1ZjIwMmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzGZzBEC/aNFB94YabMYtkxPwBCU7
QbcpKYQXT3Iji59bmVdW90fYI4KEpf4BJpyTzn/fjZSsv0nxqMX/NayTxuadw+uP
s2DLimn7NBsFmQI5UCW8E8jNp9FExXqrE71heBcjiQnATsBbDnUB3oq26k4czV1w
MVFgmpZFw5SDl5QePe12E+DNqPJrqKH4kRFbzqz50CAMklXVwEiSByRn8e36Ovgw
GaSmk1fnymezXBHtevqOa3NMFLEmE/TdhVvfF66Es9Hf222yw/sBj/q1apW1NeH1
66Ol0momtpONKBbrjdgrFsrhEuanKLRq6hxLD+mZ1+fXr/KP0qWdjZ7whwIDAQAB
o4ICaDCCAmQwHQYDVR0OBBYEFHJTNKu27IIXr1SkpbDrekyV8gK7MB8GA1UdIwQY
MBaAFFLcnCGLUQwHvGZZsJ+9Mq/mir/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXR5Y0lZdFJEQWU4Wmxtd243MHlyLWFLdjlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC80MDliN2UtMTI3NS00M2VkLWFmMGYt
NTJmOTdiMjc3ZDFmLzEvY2xNMHE3YnNnaGV2VktTbHNPdDZUSlh5QXJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC80MDliN2UtMTI3NS00M2VkLWFmMGYtNTJmOTdiMjc3ZDFm
LzEvVXR5Y0lZdFJEQWU4Wmxtd243MHlyLWFLdjlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH4GCCsGAQUFBwEHAQH/BG8wbTBcBAIAATBWAwQDH6uAMAwD
BAYlLsADBAElLsQDBAAlLscDBABbxzIDBAJbzegDBABb0KQDBANeuVADBARe5NAD
BANt6zADBASy7zADBAK5GPgDBAK5lTgDBADCbkMwDQQCAAIwBwMFACoADdAwDQYJ
KoZIhvcNAQELBQADggEBABO/gF8McPbjRr8zZxkkYs3RqYluTpyDI5gNd5emzy6x
ekPuIyAAzmwjs9Rj+oHHgyJWty6M5CyBq2JWaS+C09XgIQABH7igP99BQfywAihg
joxmjgzjge9lbjRNR6cqLaw7UEwKzjHIz3X68dekWhUH3ASD6briKTLTos7tDEzp
ein485FFfvRin0l7jA8SUuHgzzPAPdQmowKnaC62wJx1w9G+B8oHcw+RFQaaMpZV
t9+jcWONOxCPcrB0pHNIz7X0XvOCG10oFqg/VzyQJ8lilMDs+5sjgQQAPeuhhrCy
TPzHIyLK/XSmfdPNRVVDGtCs9u6NO2M24PaxiWpPbpY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:12 2024 by rpki-client on console-ams.rpki-client.org