Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/QMY-QT8QAAYMeGaYBCA1QXu9JPM.roa
File: QMY-QT8QAAYMeGaYBCA1QXu9JPM.roa (raw, json)
Hash identifier: +WMftGWnY9EijPTzQ4iuWnVDwaIIr9VsRGEPD/hwa5M=
Subject key identifier: 40:C6:3E:41:3F:10:00:06:0C:78:66:98:04:20:35:41:7B:BD:24:F3
Certificate issuer: /CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Certificate serial: 01893CE86572A9D276ACF4BA6D0AF5FCE317
Authority key identifier: A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/QMY-QT8QAAYMeGaYBCA1QXu9JPM.roa
Signing time: Sun 09 Jul 2023 23:06:50 +0000
ROA not before: Sun 09 Jul 2023 23:06:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9105
IP address blocks: 213.208.64.0/18 maxlen: 24
193.218.99.0/24 maxlen: 24
212.159.128.0/18 maxlen: 24
81.178.0.0/15 maxlen: 24
195.112.0.0/18 maxlen: 24
212.139.0.0/16 maxlen: 24
80.40.0.0/13 maxlen: 24
88.104.0.0/13 maxlen: 24
212.1.128.0/19 maxlen: 24
81.170.0.0/17 maxlen: 24
82.133.0.0/17 maxlen: 24
81.1.64.0/18 maxlen: 24
83.67.0.0/16 maxlen: 24
84.12.0.0/16 maxlen: 24
212.74.96.0/19 maxlen: 24
194.247.224.0/19 maxlen: 24
79.76.0.0/14 maxlen: 24
62.3.192.0/18 maxlen: 24
185.175.144.0/22 maxlen: 24
194.106.32.0/19 maxlen: 24
81.6.192.0/18 maxlen: 24
89.168.128.0/17 maxlen: 24
81.86.0.0/16 maxlen: 24
195.149.0.0/18 maxlen: 24
195.137.0.0/17 maxlen: 24
79.73.0.0/16 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:3c:e8:65:72:a9:d2:76:ac:f4:ba:6d:0a:f5:fc:e3:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Validity
Not Before: Jul 9 23:06:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40c63e413f1000060c786698042035417bbd24f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:76:96:66:62:3e:fb:9e:50:54:8d:ec:89:ff:
b8:7e:6b:4e:64:be:b5:19:99:f6:f6:c1:ce:53:f2:
47:a1:28:55:af:7f:4c:84:93:a3:02:ff:36:3a:9c:
3b:49:2a:c5:bb:3f:2b:a6:39:ad:5d:fb:2d:69:18:
b8:dc:04:53:60:c0:52:cb:bc:f8:df:7c:24:72:40:
b3:a8:40:42:85:09:d4:10:15:be:c5:86:96:92:88:
ff:28:f0:1a:5c:38:7a:ce:2a:76:43:26:7d:58:df:
6f:d0:b0:ba:45:87:4c:f7:20:1b:46:93:82:52:15:
07:2e:ca:87:11:4f:3d:0c:c0:64:74:9a:ee:4b:f1:
63:09:df:46:12:2d:83:fc:53:d8:cd:9d:f5:d9:0f:
1e:dd:df:ac:2f:28:aa:68:72:a5:fc:f0:2b:56:db:
7e:64:7d:9f:76:83:57:da:29:5d:e7:22:1f:50:20:
bb:6a:4c:9a:d9:58:81:3e:10:b3:47:31:3c:23:58:
d9:9c:81:60:c7:d0:e5:70:9f:6c:e5:05:58:97:c5:
6d:9c:66:a5:9d:df:75:e8:35:fc:eb:04:1c:41:76:
b6:8d:f5:9e:0f:25:bc:d3:6a:41:5b:95:69:60:cf:
ab:c1:fa:27:bc:2b:ae:59:1a:33:f9:b1:80:67:26:
7d:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:C6:3E:41:3F:10:00:06:0C:78:66:98:04:20:35:41:7B:BD:24:F3
X509v3 Authority Key Identifier:
keyid:A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/QMY-QT8QAAYMeGaYBCA1QXu9JPM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/qYB_bVDZfZcdzy4uUGTpuQets-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.3.192.0/18
79.73.0.0/16
79.76.0.0/14
80.40.0.0/13
81.1.64.0/18
81.6.192.0/18
81.86.0.0/16
81.170.0.0/17
81.178.0.0/15
82.133.0.0/17
83.67.0.0/16
84.12.0.0/16
88.104.0.0/13
89.168.128.0/17
185.175.144.0/22
193.218.99.0/24
194.106.32.0/19
194.247.224.0/19
195.112.0.0/18
195.137.0.0/17
195.149.0.0/18
212.1.128.0/19
212.74.96.0/19
212.139.0.0/16
212.159.128.0/18
213.208.64.0/18
Signature Algorithm: sha256WithRSAEncryption
bc:fa:95:21:fe:ac:2f:7f:2f:5b:1a:37:c5:10:a5:5f:0f:32:
a3:2b:50:4c:79:75:2e:ed:fb:d8:d8:f2:e0:c3:bc:c9:0f:fa:
0d:e7:e3:52:37:6b:ab:fd:1c:95:25:86:14:92:3f:35:9f:b9:
d6:93:a7:f5:57:7f:37:c6:0e:86:6b:79:e8:2d:d7:bd:33:ac:
47:6f:3f:de:df:7d:4a:db:db:ab:0e:c8:8f:9f:9b:a1:a1:9b:
36:3c:0e:13:65:ba:7b:35:f6:5f:5e:ff:9e:34:6a:05:2c:65:
33:ac:96:8e:de:5f:07:f8:71:d5:47:4b:4f:bd:e4:6b:ec:ab:
5b:62:a8:94:98:8d:e3:d6:54:80:ca:1b:1f:3b:9e:cb:2d:41:
70:89:00:b9:29:71:dd:f1:67:ce:7f:0a:42:8c:1b:65:3e:aa:
16:6a:ee:e2:c0:c5:06:46:0c:62:91:40:e3:ee:85:5b:c2:c1:
eb:79:d9:14:a0:1b:7b:94:5c:9f:b6:58:92:13:a4:5b:e0:85:
20:bb:d3:ad:4b:66:f5:0e:29:9d:b9:4e:b8:af:17:1b:67:97:
f9:54:81:75:e8:4c:bd:6b:4d:ae:9e:04:48:36:ae:a0:cb:30:
c3:28:8b:52:62:06:6a:12:cf:ab:e3:80:52:91:32:a3:bc:37:
9f:20:d4:b8
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgISAYk86GVyqdJ2rPS6bQr1/OMXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ODA3ZjZkNTBkOTdkOTcxZGNmMmUyZTUwNjRlOWI5MDdh
ZGIzZWMwHhcNMjMwNzA5MjMwNjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGM2M2U0MTNmMTAwMDA2MGM3ODY2OTgwNDIwMzU0MTdiYmQyNGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgHaWZmI++55QVI3sif+4fmtOZL61
GZn29sHOU/JHoShVr39MhJOjAv82Opw7SSrFuz8rpjmtXfstaRi43ARTYMBSy7z4
33wkckCzqEBChQnUEBW+xYaWkoj/KPAaXDh6zip2QyZ9WN9v0LC6RYdM9yAbRpOC
UhUHLsqHEU89DMBkdJruS/FjCd9GEi2D/FPYzZ312Q8e3d+sLyiqaHKl/PArVtt+
ZH2fdoNX2ild5yIfUCC7akya2ViBPhCzRzE8I1jZnIFgx9DlcJ9s5QVYl8VtnGal
nd916DX86wQcQXa2jfWeDyW802pBW5VpYM+rwfonvCuuWRoz+bGAZyZ9JwIDAQAB
o4ICmzCCApcwHQYDVR0OBBYEFEDGPkE/EAAGDHhmmAQgNUF7vSTzMB8GA1UdIwQY
MBaAFKmAf21Q2X2XHc8uLlBk6bkHrbPsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzIt
MGQ4ZjdkZDhjY2U2LzEvUU1ZLVFUOFFBQVlNZUdhWUJDQTFRWHU5SlBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzItMGQ4ZjdkZDhjY2U2
LzEvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGwBggrBgEFBQcBBwEB/wSBoDCBnTCBmgQCAAEwgZMDBAY+
A8ADAwBPSQMDAk9MAwMDUCgDBAZRAUADBAZRBsADAwBRVgMEB1GqAAMDAVGyAwQH
UoUAAwMAU0MDAwBUDAMDA1hoAwQHWaiAAwQCua+QAwQAwdpjAwQFwmogAwQFwvfg
AwQGw3AAAwQHw4kAAwQGw5UAAwQF1AGAAwQF1EpgAwMA1IsDBAbUn4ADBAbV0EAw
DQYJKoZIhvcNAQELBQADggEBALz6lSH+rC9/L1saN8UQpV8PMqMrUEx5dS7t+9jY
8uDDvMkP+g3n41I3a6v9HJUlhhSSPzWfudaTp/VXfzfGDoZreegt170zrEdvP97f
fUrb26sOyI+fm6GhmzY8DhNluns19l9e/540agUsZTOslo7eXwf4cdVHS0+95Gvs
q1tiqJSYjePWVIDKGx87nsstQXCJALkpcd3xZ85/CkKMG2U+qhZq7uLAxQZGDGKR
QOPuhVvCwet52RSgG3uUXJ+2WJITpFvghSC7061LZvUOKZ25TrivFxtnl/lUgXXo
TL1rTa6eBEg2rqDLMMMoi1JiBmoSz6vjgFKRMqO8N58g1Lg=
-----END CERTIFICATE-----
Generated at Tue Apr 15 01:07:40 2025 by rpki-client