Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/742299-f343-4321-b351-b53b64cf0d95/1/9YfOcQT-TMdHFOqAI9yAoGK1y_I.roa
File: 9YfOcQT-TMdHFOqAI9yAoGK1y_I.roa (raw, json)
Hash identifier: i3i9+59nRZoSoRCiKmDCVm8BhiB0Efl8Af6SIHhm2nw=
Subject key identifier: F5:87:CE:71:04:FE:4C:C7:47:14:EA:80:23:DC:80:A0:62:B5:CB:F2
Certificate issuer: /CN=37fb004e397ddf04e7d05f3643a036f21836ff10
Certificate serial: 111A1310
Authority key identifier: 37:FB:00:4E:39:7D:DF:04:E7:D0:5F:36:43:A0:36:F2:18:36:FF:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N_sATjl93wTn0F82Q6A28hg2_xA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/742299-f343-4321-b351-b53b64cf0d95/1/9YfOcQT-TMdHFOqAI9yAoGK1y_I.roa
Signing time: Sat 01 Jan 2022 11:58:35 +0000
ROA not before: Sat 01 Jan 2022 11:58:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29134
IP address blocks: 185.102.76.0/22 maxlen: 22
37.46.80.0/21 maxlen: 21
62.109.128.0/19 maxlen: 19
217.31.48.0/20 maxlen: 20
213.109.164.0/22 maxlen: 22
185.100.92.0/22 maxlen: 22
130.193.8.0/21 maxlen: 21
185.102.20.0/22 maxlen: 22
171.33.136.0/21 maxlen: 21
185.123.128.0/22 maxlen: 22
2a03:b780::/32 maxlen: 32
2a09:ec00::/29 maxlen: 29
2001:1ab0::/32 maxlen: 32
2a00:ca80::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 286921488 (0x111a1310)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37fb004e397ddf04e7d05f3643a036f21836ff10
Validity
Not Before: Jan 1 11:58:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f587ce7104fe4cc74714ea8023dc80a062b5cbf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c1:f2:75:74:01:71:1c:4f:da:bf:f1:a5:44:
08:ae:d4:2d:a6:86:15:96:e5:cf:51:85:ca:87:34:
45:63:a4:1e:15:40:34:5a:f4:b1:54:8d:cb:f2:71:
1a:18:31:42:a8:30:0d:53:32:b2:bd:06:99:42:86:
d5:6a:a2:7d:d0:75:d1:e5:8e:8c:ec:b2:f4:c0:14:
63:b9:1a:2a:87:26:25:dd:bc:5c:ee:a3:1c:d9:9e:
91:93:81:99:7e:7f:d8:05:ec:bb:ff:be:0d:8b:05:
e6:be:41:1d:ac:86:a7:77:25:6f:15:c0:10:4f:07:
cd:11:83:84:69:78:67:80:86:4c:6c:ab:10:2c:0e:
da:5d:60:0c:80:74:2f:44:54:e5:47:3d:7d:7c:c8:
29:83:a4:5d:56:14:0d:e7:cf:09:14:18:95:6e:7e:
2b:85:17:cc:8a:97:a0:a0:88:b6:2f:26:2d:f1:01:
41:df:48:b9:8f:27:7e:12:36:ed:bc:95:b7:c6:54:
a7:ce:62:e2:c7:72:db:8d:6c:8a:6f:6b:ed:44:db:
0b:18:73:e1:8f:bd:85:f9:b7:fc:76:3d:57:b5:a6:
6c:6a:87:55:8f:3e:11:48:e0:20:c7:f7:91:9c:da:
bc:fb:46:c6:eb:aa:8a:e4:a2:13:93:b6:ac:c4:b1:
cb:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:87:CE:71:04:FE:4C:C7:47:14:EA:80:23:DC:80:A0:62:B5:CB:F2
X509v3 Authority Key Identifier:
keyid:37:FB:00:4E:39:7D:DF:04:E7:D0:5F:36:43:A0:36:F2:18:36:FF:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N_sATjl93wTn0F82Q6A28hg2_xA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/742299-f343-4321-b351-b53b64cf0d95/1/9YfOcQT-TMdHFOqAI9yAoGK1y_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/742299-f343-4321-b351-b53b64cf0d95/1/N_sATjl93wTn0F82Q6A28hg2_xA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.80.0/21
62.109.128.0/19
130.193.8.0/21
171.33.136.0/21
185.100.92.0/22
185.102.20.0/22
185.102.76.0/22
185.123.128.0/22
213.109.164.0/22
217.31.48.0/20
IPv6:
2001:1ab0::/32
2a00:ca80::/32
2a03:b780::/32
2a09:ec00::/29
Signature Algorithm: sha256WithRSAEncryption
73:6a:ce:35:32:cf:2c:db:a1:91:9c:0a:7a:e0:79:43:b1:36:
16:46:ca:72:22:4c:09:de:e4:ec:9b:25:ff:5b:c8:9a:d0:46:
d5:3c:9b:b7:3a:eb:69:ea:a8:8f:40:db:24:b1:ac:48:d5:78:
8e:75:b9:1d:38:76:40:bb:e4:d0:e7:ef:85:0b:98:9f:32:6a:
28:63:e9:98:6b:16:a9:3b:67:09:33:d8:5c:0f:62:c0:0c:6b:
7d:4e:73:31:6a:30:97:5f:37:ce:a1:73:76:f7:ea:dd:4f:c1:
55:66:f8:de:5c:12:06:4f:64:bb:e5:e6:6b:31:ae:4d:ad:83:
9d:ab:e8:6d:28:89:ea:11:5f:4e:41:6b:07:ec:37:aa:6b:6a:
46:90:e4:f9:52:d2:db:f5:1d:4d:83:aa:44:b6:09:83:77:aa:
86:92:df:c0:85:f0:55:b6:ea:ee:51:4b:8c:6b:11:29:79:5e:
49:1f:b8:9a:d2:1a:3e:01:95:11:eb:94:c4:62:b0:ac:9b:50:
92:62:c8:a3:86:5b:36:d8:3d:bd:40:bc:18:b0:b1:3f:86:14:
43:61:49:92:b2:d1:f3:d0:55:51:4c:8e:00:07:3c:3c:96:0e:
f1:1a:b3:05:b3:e4:c8:ff:ef:11:e6:a8:30:8f:fa:ac:eb:52:
da:9d:98:d0
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIEERoTEDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
N2ZiMDA0ZTM5N2RkZjA0ZTdkMDVmMzY0M2EwMzZmMjE4MzZmZjEwMB4XDTIyMDEw
MTExNTgzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjU4N2NlNzEwNGZl
NGNjNzQ3MTRlYTgwMjNkYzgwYTA2MmI1Y2JmMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL3B8nV0AXEcT9q/8aVECK7ULaaGFZblz1GFyoc0RWOkHhVA
NFr0sVSNy/JxGhgxQqgwDVMysr0GmUKG1WqifdB10eWOjOyy9MAUY7kaKocmJd28
XO6jHNmekZOBmX5/2AXsu/++DYsF5r5BHayGp3clbxXAEE8HzRGDhGl4Z4CGTGyr
ECwO2l1gDIB0L0RU5Uc9fXzIKYOkXVYUDefPCRQYlW5+K4UXzIqXoKCIti8mLfEB
Qd9IuY8nfhI27byVt8ZUp85i4sdy241sim9r7UTbCxhz4Y+9hfm3/HY9V7WmbGqH
VY8+EUjgIMf3kZzavPtGxuuqiuSiE5O2rMSxy3cCAwEAAaOCAmMwggJfMB0GA1Ud
DgQWBBT1h85xBP5Mx0cU6oAj3ICgYrXL8jAfBgNVHSMEGDAWgBQ3+wBOOX3fBOfQ
XzZDoDbyGDb/EDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05fc0FUamw5M3dUbjBGODJRNkEyOGhnMl94QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmUvNzQyMjk5LWYzNDMtNDMyMS1iMzUxLWI1M2I2NGNmMGQ5NS8x
LzlZZk9jUVQtVE1kSEZPcUFJOXlBb0dLMXlfSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmUv
NzQyMjk5LWYzNDMtNDMyMS1iMzUxLWI1M2I2NGNmMGQ5NS8xL05fc0FUamw5M3dU
bjBGODJRNkEyOGhnMl94QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB5
BggrBgEFBQcBBwEB/wRqMGgwQgQCAAEwPAMEAyUuUAMEBT5tgAMEA4LBCAMEA6sh
iAMEArlkXAMEArlmFAMEArlmTAMEArl7gAMEAtVtpAMEBNkfMDAiBAIAAjAcAwUA
IAEasAMFACoAyoADBQAqA7eAAwUDKgnsADANBgkqhkiG9w0BAQsFAAOCAQEAc2rO
NTLPLNuhkZwKeuB5Q7E2FkbKciJMCd7k7Jsl/1vImtBG1Tybtzrraeqoj0DbJLGs
SNV4jnW5HTh2QLvk0OfvhQuYnzJqKGPpmGsWqTtnCTPYXA9iwAxrfU5zMWowl183
zqFzdvfq3U/BVWb43lwSBk9ku+XmazGuTa2DnavobSiJ6hFfTkFrB+w3qmtqRpDk
+VLS2/UdTYOqRLYJg3eqhpLfwIXwVbbq7lFLjGsRKXleSR+4mtIaPgGVEeuUxGKw
rJtQkmLIo4ZbNtg9vUC8GLCxP4YUQ2FJkrLR89BVUUyOAAc8PJYO8RqzBbPkyP/v
EeaoMI/6rOtS2p2Y0A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:02 2024 by rpki-client on console-fra.rpki-client.org