Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/mi6KDjSTus1JgCuT-kE3hTvOfHA.roa
File: mi6KDjSTus1JgCuT-kE3hTvOfHA.roa (raw, json)
Hash identifier: m2Q/Yu7D1NMByZtIMfhqEc5N6BD45weoSHWomg1RJl4=
Subject key identifier: 9A:2E:8A:0E:34:93:BA:CD:49:80:2B:93:FA:41:37:85:3B:CE:7C:70
Certificate issuer: /CN=52dc9c218b510c07bc6659b09fbd32afe68abfd2
Certificate serial: 018B8CC7A5676E06037C30D2C331A1E24865
Authority key identifier: 52:DC:9C:21:8B:51:0C:07:BC:66:59:B0:9F:BD:32:AF:E6:8A:BF:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UtycIYtRDAe8Zlmwn70yr-aKv9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/mi6KDjSTus1JgCuT-kE3hTvOfHA.roa
Signing time: Wed 01 Nov 2023 21:26:16 +0000
ROA not before: Wed 01 Nov 2023 21:26:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47869
IP address blocks: 109.235.48.0/21 maxlen: 21
178.239.48.0/20 maxlen: 20
94.185.80.0/21 maxlen: 21
185.149.56.0/22 maxlen: 22
91.208.164.0/24 maxlen: 24
194.110.67.0/24 maxlen: 24
37.46.192.0/22 maxlen: 22
91.205.232.0/22 maxlen: 22
37.46.199.0/24 maxlen: 24
91.199.50.0/24 maxlen: 24
37.46.196.0/23 maxlen: 23
185.24.248.0/22 maxlen: 22
31.171.132.0/22 maxlen: 24
94.228.208.0/20 maxlen: 20
2a00:dd0::/32 maxlen: 48
2a00:dd0:bbbb::/48 maxlen: 48
2a00:dd0:aaaa::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8c:c7:a5:67:6e:06:03:7c:30:d2:c3:31:a1:e2:48:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52dc9c218b510c07bc6659b09fbd32afe68abfd2
Validity
Not Before: Nov 1 21:26:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a2e8a0e3493bacd49802b93fa4137853bce7c70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:2a:03:6b:61:11:26:ec:b1:16:e6:66:ef:c9:
7b:a8:b3:e4:93:4a:4b:f1:22:f5:d6:48:a5:d0:0b:
3d:47:84:aa:d6:b2:5c:91:85:0a:5e:8f:ec:7d:c1:
6f:e1:4f:67:4a:43:14:10:a2:40:04:15:e7:bb:29:
5f:d9:dc:a9:59:b9:2d:f7:00:14:5a:8a:ec:89:2c:
22:46:ee:73:31:a5:b1:03:1b:9b:d5:0b:e3:dd:e9:
a8:ee:de:32:b1:10:eb:76:88:ff:60:10:45:41:bb:
11:38:a3:3a:c4:90:3d:33:a9:7b:b4:65:e6:ed:79:
8b:fe:6f:9e:77:ee:87:75:b9:eb:da:22:b8:ed:73:
1f:1a:ab:5c:d4:49:c5:e6:ad:27:76:7f:61:5d:f8:
84:b5:5f:cf:2d:d4:45:4e:e3:91:c3:59:ab:64:7c:
4d:94:8c:bc:38:88:a9:93:74:39:bf:da:bb:ee:dd:
b5:0b:38:d8:e4:a7:9c:44:37:7a:7b:25:64:1d:df:
dd:14:0f:4c:a6:77:64:13:ba:af:2e:ea:21:99:4e:
59:ab:32:78:68:b1:25:29:ea:a1:84:ed:5e:f5:b5:
2d:c8:46:05:14:d9:ff:f7:7c:40:07:b7:fa:b3:38:
ef:a6:b3:1c:76:80:8a:54:a8:7d:da:61:45:d3:cb:
16:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:2E:8A:0E:34:93:BA:CD:49:80:2B:93:FA:41:37:85:3B:CE:7C:70
X509v3 Authority Key Identifier:
keyid:52:DC:9C:21:8B:51:0C:07:BC:66:59:B0:9F:BD:32:AF:E6:8A:BF:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UtycIYtRDAe8Zlmwn70yr-aKv9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/mi6KDjSTus1JgCuT-kE3hTvOfHA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/UtycIYtRDAe8Zlmwn70yr-aKv9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.132.0/22
37.46.192.0-37.46.197.255
37.46.199.0/24
91.199.50.0/24
91.205.232.0/22
91.208.164.0/24
94.185.80.0/21
94.228.208.0/20
109.235.48.0/21
178.239.48.0/20
185.24.248.0/22
185.149.56.0/22
194.110.67.0/24
IPv6:
2a00:dd0::/32
Signature Algorithm: sha256WithRSAEncryption
8e:9b:99:0f:0d:a2:8f:29:65:71:12:14:da:39:00:c2:e8:60:
be:be:56:5f:48:92:26:e0:df:0d:8e:94:e8:df:ed:0b:82:97:
ba:05:f2:f5:21:26:db:85:ba:1b:93:9d:4f:49:b3:af:d3:ea:
a9:c6:80:5a:fb:ae:84:3d:b9:19:de:01:9a:f7:74:a3:4d:32:
50:45:c6:f4:7d:ba:47:7f:92:a7:5d:26:35:ea:7a:38:8b:44:
f0:fa:2e:7f:98:e7:85:b6:28:c5:9c:dd:aa:55:da:bd:5c:60:
0d:41:51:3e:7f:e0:c8:cd:fc:e4:f3:a5:ea:b4:bf:b5:e5:77:
88:2d:bf:8c:6f:c9:8a:0b:66:ee:a4:0c:4c:72:3c:08:a7:ea:
a2:82:d3:23:f4:89:d6:ea:36:21:b1:e9:c5:1e:99:9a:29:a7:
44:81:10:7a:f2:f5:96:1b:ac:14:76:4c:c3:51:de:f2:e6:85:
27:03:8c:c7:fd:5d:30:c7:75:91:f0:ed:0d:ce:7c:06:47:e2:
09:b9:d5:07:27:98:86:c8:ca:31:c9:cd:ee:4a:b0:69:65:66:
4e:a5:12:e0:a3:c6:e4:54:a5:05:a6:d6:bc:8c:c6:5d:aa:c9:
68:5f:f8:ec:40:5c:41:c4:72:06:cd:34:c3:b3:f1:69:88:ee:
70:05:fc:c9
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgISAYuMx6VnbgYDfDDSwzGh4khlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyZGM5YzIxOGI1MTBjMDdiYzY2NTliMDlmYmQzMmFmZTY4
YWJmZDIwHhcNMjMxMTAxMjEyNjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTJlOGEwZTM0OTNiYWNkNDk4MDJiOTNmYTQxMzc4NTNiY2U3YzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSoDa2ERJuyxFuZm78l7qLPkk0pL
8SL11kil0As9R4Sq1rJckYUKXo/sfcFv4U9nSkMUEKJABBXnuylf2dypWbkt9wAU
WorsiSwiRu5zMaWxAxub1Qvj3emo7t4ysRDrdoj/YBBFQbsROKM6xJA9M6l7tGXm
7XmL/m+ed+6Hdbnr2iK47XMfGqtc1EnF5q0ndn9hXfiEtV/PLdRFTuORw1mrZHxN
lIy8OIipk3Q5v9q77t21CzjY5KecRDd6eyVkHd/dFA9MpndkE7qvLuohmU5ZqzJ4
aLElKeqhhO1e9bUtyEYFFNn/93xAB7f6szjvprMcdoCKVKh92mFF08sWUQIDAQAB
o4ICaDCCAmQwHQYDVR0OBBYEFJouig40k7rNSYArk/pBN4U7znxwMB8GA1UdIwQY
MBaAFFLcnCGLUQwHvGZZsJ+9Mq/mir/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXR5Y0lZdFJEQWU4Wmxtd243MHlyLWFLdjlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC80MDliN2UtMTI3NS00M2VkLWFmMGYt
NTJmOTdiMjc3ZDFmLzEvbWk2S0RqU1R1czFKZ0N1VC1rRTNoVHZPZkhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC80MDliN2UtMTI3NS00M2VkLWFmMGYtNTJmOTdiMjc3ZDFm
LzEvVXR5Y0lZdFJEQWU4Wmxtd243MHlyLWFLdjlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH4GCCsGAQUFBwEHAQH/BG8wbTBcBAIAATBWAwQCH6uEMAwD
BAYlLsADBAElLsQDBAAlLscDBABbxzIDBAJbzegDBABb0KQDBANeuVADBARe5NAD
BANt6zADBASy7zADBAK5GPgDBAK5lTgDBADCbkMwDQQCAAIwBwMFACoADdAwDQYJ
KoZIhvcNAQELBQADggEBAI6bmQ8Noo8pZXESFNo5AMLoYL6+Vl9Ikibg3w2OlOjf
7QuCl7oF8vUhJtuFuhuTnU9Js6/T6qnGgFr7roQ9uRneAZr3dKNNMlBFxvR9ukd/
kqddJjXqejiLRPD6Ln+Y54W2KMWc3apV2r1cYA1BUT5/4MjN/OTzpeq0v7Xld4gt
v4xvyYoLZu6kDExyPAin6qKC0yP0idbqNiGx6cUemZopp0SBEHry9ZYbrBR2TMNR
3vLmhScDjMf9XTDHdZHw7Q3OfAZH4gm51QcnmIbIyjHJze5KsGllZk6lEuCjxuRU
pQWm1ryMxl2qyWhf+OxAXEHEcgbNNMOz8WmI7nAF/Mk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:12 2024 by rpki-client on console-ams.rpki-client.org