Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/742299-f343-4321-b351-b53b64cf0d95/1/DA3tDOs9VdiopYOOSbeteuIfEf8.roa
File: DA3tDOs9VdiopYOOSbeteuIfEf8.roa (raw, json)
Hash identifier: MuIndVxzTQ6672SBGWkmySzwEN+O74T8lw9ujl0nEZ0=
Subject key identifier: 0C:0D:ED:0C:EB:3D:55:D8:A8:A5:83:8E:49:B7:AD:7A:E2:1F:11:FF
Certificate issuer: /CN=37fb004e397ddf04e7d05f3643a036f21836ff10
Certificate serial: 01856D6618BF41AE3269B34127403E49436C
Authority key identifier: 37:FB:00:4E:39:7D:DF:04:E7:D0:5F:36:43:A0:36:F2:18:36:FF:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N_sATjl93wTn0F82Q6A28hg2_xA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/742299-f343-4321-b351-b53b64cf0d95/1/DA3tDOs9VdiopYOOSbeteuIfEf8.roa
Signing time: Sun 01 Jan 2023 12:54:45 +0000
ROA not before: Sun 01 Jan 2023 12:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29134
IP address blocks: 185.102.76.0/22 maxlen: 22
37.46.80.0/21 maxlen: 21
62.109.128.0/19 maxlen: 19
217.31.48.0/20 maxlen: 20
213.109.164.0/22 maxlen: 24
185.100.92.0/22 maxlen: 22
130.193.8.0/21 maxlen: 24
185.102.20.0/22 maxlen: 22
171.33.136.0/21 maxlen: 21
185.123.128.0/22 maxlen: 22
2a03:b780::/32 maxlen: 32
2a09:ec00::/29 maxlen: 29
2001:1ab0::/32 maxlen: 32
2a00:ca80::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:66:18:bf:41:ae:32:69:b3:41:27:40:3e:49:43:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37fb004e397ddf04e7d05f3643a036f21836ff10
Validity
Not Before: Jan 1 12:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c0ded0ceb3d55d8a8a5838e49b7ad7ae21f11ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:29:18:78:1e:bd:7f:9d:78:db:0b:49:07:46:
09:f4:7d:b3:7c:4d:35:35:f1:8d:e5:0e:2d:e7:1b:
2e:2d:d3:aa:6f:17:30:64:e7:19:c1:fe:44:53:3d:
74:d9:e6:12:e5:3a:6a:1e:86:bd:99:11:d4:0f:c0:
9a:00:a9:54:67:a6:8b:99:c4:4e:ba:00:3e:ce:ba:
98:d6:52:3d:50:05:97:8f:06:23:a7:16:95:a7:8c:
db:fc:21:af:2e:8c:e9:16:75:23:dd:77:39:7c:aa:
cc:65:06:62:87:8b:1c:f0:47:06:88:db:b8:d7:c7:
8b:df:34:12:95:00:db:fb:32:41:4b:52:a3:c8:2b:
44:84:6c:45:ce:17:52:a8:81:20:1d:81:b4:13:c7:
a7:e7:c9:85:4f:a2:7a:a5:95:2a:2b:b1:9d:22:aa:
14:20:5e:2f:a0:76:96:14:39:49:45:90:aa:3a:06:
6f:1f:6e:8c:1c:7e:78:38:51:c5:ac:61:d3:70:be:
bb:69:85:45:40:d5:cc:76:b8:81:a3:35:56:ea:a7:
3d:fc:9a:8d:ba:34:d6:5e:38:b5:61:19:03:cd:e4:
df:bd:d2:9f:01:96:a8:32:0f:4c:9a:ae:7e:30:ec:
98:be:99:dd:46:fc:1f:da:94:aa:50:71:b6:f5:4c:
50:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:0D:ED:0C:EB:3D:55:D8:A8:A5:83:8E:49:B7:AD:7A:E2:1F:11:FF
X509v3 Authority Key Identifier:
keyid:37:FB:00:4E:39:7D:DF:04:E7:D0:5F:36:43:A0:36:F2:18:36:FF:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N_sATjl93wTn0F82Q6A28hg2_xA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/742299-f343-4321-b351-b53b64cf0d95/1/DA3tDOs9VdiopYOOSbeteuIfEf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/742299-f343-4321-b351-b53b64cf0d95/1/N_sATjl93wTn0F82Q6A28hg2_xA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.80.0/21
62.109.128.0/19
130.193.8.0/21
171.33.136.0/21
185.100.92.0/22
185.102.20.0/22
185.102.76.0/22
185.123.128.0/22
213.109.164.0/22
217.31.48.0/20
IPv6:
2001:1ab0::/32
2a00:ca80::/32
2a03:b780::/32
2a09:ec00::/29
Signature Algorithm: sha256WithRSAEncryption
66:38:1c:9c:f9:2c:3b:87:8f:4d:0f:14:46:71:32:0d:2e:82:
58:9e:37:68:34:66:3c:fa:7f:21:da:21:21:17:d9:c2:2a:91:
05:54:73:97:af:39:96:64:2e:93:af:41:4a:79:b1:6a:45:50:
da:dc:68:bb:0b:fd:c8:74:be:38:0e:ae:cb:b9:5e:b2:cb:32:
6a:78:cf:0f:02:d5:45:56:d6:a5:f8:8d:56:5a:e8:93:44:ca:
79:24:ab:f2:e4:df:94:72:67:cd:42:2c:55:87:04:39:ca:23:
08:27:75:6a:f8:fe:dc:bd:32:18:bd:97:30:da:00:04:71:b7:
de:c1:15:fc:94:57:04:31:1a:8a:8d:24:51:77:4c:05:89:33:
e3:2a:44:6d:cd:c8:6e:45:4e:47:61:9c:42:ff:ca:ba:52:2c:
fb:ad:01:e7:bf:c8:b0:83:57:e0:e1:4d:aa:cf:34:2b:6a:b5:
79:68:f6:da:66:7f:b1:ce:4b:06:d7:97:54:a3:20:6d:10:98:
69:11:f8:0b:69:54:1e:3d:c0:b6:84:75:ed:ea:3a:6b:60:86:
ee:e6:62:4b:b9:1a:91:66:9e:a9:4d:76:a2:32:f6:6d:a6:68:
39:ad:56:76:50:16:b7:37:09:84:46:f6:1d:85:73:0f:f7:9c:
f6:c1:64:d3
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYVtZhi/Qa4yabNBJ0A+SUNsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3ZmIwMDRlMzk3ZGRmMDRlN2QwNWYzNjQzYTAzNmYyMTgz
NmZmMTAwHhcNMjMwMTAxMTI1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzBkZWQwY2ViM2Q1NWQ4YThhNTgzOGU0OWI3YWQ3YWUyMWYxMWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwSkYeB69f5142wtJB0YJ9H2zfE01
NfGN5Q4t5xsuLdOqbxcwZOcZwf5EUz102eYS5TpqHoa9mRHUD8CaAKlUZ6aLmcRO
ugA+zrqY1lI9UAWXjwYjpxaVp4zb/CGvLozpFnUj3Xc5fKrMZQZih4sc8EcGiNu4
18eL3zQSlQDb+zJBS1KjyCtEhGxFzhdSqIEgHYG0E8en58mFT6J6pZUqK7GdIqoU
IF4voHaWFDlJRZCqOgZvH26MHH54OFHFrGHTcL67aYVFQNXMdriBozVW6qc9/JqN
ujTWXji1YRkDzeTfvdKfAZaoMg9Mmq5+MOyYvpndRvwf2pSqUHG29UxQPQIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFAwN7QzrPVXYqKWDjkm3rXriHxH/MB8GA1UdIwQY
MBaAFDf7AE45fd8E59BfNkOgNvIYNv8QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTl9zQVRqbDkzd1RuMEY4MlE2QTI4aGcyX3hBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS83NDIyOTktZjM0My00MzIxLWIzNTEt
YjUzYjY0Y2YwZDk1LzEvREEzdERPczlWZGlvcFlPT1NiZXRldUlmRWY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS83NDIyOTktZjM0My00MzIxLWIzNTEtYjUzYjY0Y2YwZDk1
LzEvTl9zQVRqbDkzd1RuMEY4MlE2QTI4aGcyX3hBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBCBAIAATA8AwQDJS5QAwQF
Pm2AAwQDgsEIAwQDqyGIAwQCuWRcAwQCuWYUAwQCuWZMAwQCuXuAAwQC1W2kAwQE
2R8wMCIEAgACMBwDBQAgARqwAwUAKgDKgAMFACoDt4ADBQMqCewAMA0GCSqGSIb3
DQEBCwUAA4IBAQBmOByc+Sw7h49NDxRGcTINLoJYnjdoNGY8+n8h2iEhF9nCKpEF
VHOXrzmWZC6Tr0FKebFqRVDa3Gi7C/3IdL44Dq7LuV6yyzJqeM8PAtVFVtal+I1W
WuiTRMp5JKvy5N+UcmfNQixVhwQ5yiMIJ3Vq+P7cvTIYvZcw2gAEcbfewRX8lFcE
MRqKjSRRd0wFiTPjKkRtzchuRU5HYZxC/8q6Uiz7rQHnv8iwg1fg4U2qzzQrarV5
aPbaZn+xzksG15dUoyBtEJhpEfgLaVQePcC2hHXt6jprYIbu5mJLuRqRZp6pTXai
MvZtpmg5rVZ2UBa3NwmERvYdhXMP95z2wWTT
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:48 2025 by rpki-client