Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/742299-f343-4321-b351-b53b64cf0d95/1/v0DoyryT3nmIQ2fecZXZ5kn9YF0.roa
File: v0DoyryT3nmIQ2fecZXZ5kn9YF0.roa (raw, json)
Hash identifier: yzTCQ5ZMVB9L49PDiivpbRuhAJu+sn9RFXXbC1sL+aU=
Subject key identifier: BF:40:E8:CA:BC:93:DE:79:88:43:67:DE:71:95:D9:E6:49:FD:60:5D
Certificate issuer: /CN=37fb004e397ddf04e7d05f3643a036f21836ff10
Certificate serial: 0183C3CCB7C89546E70A673137EE9AF0FCE8
Authority key identifier: 37:FB:00:4E:39:7D:DF:04:E7:D0:5F:36:43:A0:36:F2:18:36:FF:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N_sATjl93wTn0F82Q6A28hg2_xA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/742299-f343-4321-b351-b53b64cf0d95/1/v0DoyryT3nmIQ2fecZXZ5kn9YF0.roa
Signing time: Mon 10 Oct 2022 21:28:36 +0000
ROA not before: Mon 10 Oct 2022 21:28:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29134
IP address blocks: 185.102.76.0/22 maxlen: 22
37.46.80.0/21 maxlen: 21
62.109.128.0/19 maxlen: 19
217.31.48.0/20 maxlen: 20
213.109.164.0/22 maxlen: 24
185.100.92.0/22 maxlen: 22
130.193.8.0/21 maxlen: 21
185.102.20.0/22 maxlen: 22
171.33.136.0/21 maxlen: 21
185.123.128.0/22 maxlen: 22
2a03:b780::/32 maxlen: 32
2a09:ec00::/29 maxlen: 29
2001:1ab0::/32 maxlen: 32
2a00:ca80::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c3:cc:b7:c8:95:46:e7:0a:67:31:37:ee:9a:f0:fc:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37fb004e397ddf04e7d05f3643a036f21836ff10
Validity
Not Before: Oct 10 21:28:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bf40e8cabc93de79884367de7195d9e649fd605d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:d7:d7:0f:c7:08:28:01:a5:94:12:f5:ff:fa:
30:61:5d:fa:a2:8f:24:1d:b6:7d:bd:ed:22:c5:9b:
e7:ab:f1:eb:40:24:0a:dd:fc:f7:37:ea:34:fc:17:
23:d8:fe:eb:6e:fe:ff:23:20:32:12:e2:e1:41:42:
aa:53:41:e3:71:c6:35:6d:ce:bf:5e:04:61:18:7e:
da:75:fc:b3:b0:d4:0a:03:5e:66:fc:af:6f:fa:05:
97:d0:e2:d0:3a:eb:e7:bf:99:6b:bb:8e:b1:50:4a:
01:78:7f:24:c7:fe:38:b4:eb:41:13:fb:a4:3f:1c:
24:88:9f:5f:28:3e:1b:55:94:6f:aa:0d:5a:5f:8c:
11:55:be:5f:e7:14:06:a0:fa:51:a9:c9:d6:0e:a4:
f3:27:33:e3:22:ff:76:8f:45:66:1a:1a:06:ce:e3:
61:36:4a:ec:c4:9f:a1:fd:f4:9b:4d:7d:6f:30:f2:
e8:d6:07:a2:2d:82:32:da:53:1f:b3:14:3b:3b:0d:
ea:5a:57:9f:cf:15:1d:fe:95:15:b2:1e:cd:87:3b:
8a:b9:14:8b:49:45:9a:0e:b7:f9:fc:69:91:70:64:
97:35:e0:41:85:68:7a:d5:10:b8:64:f4:1b:8a:bc:
74:b1:b8:75:bf:1c:2c:c3:86:13:6b:68:00:65:0a:
f1:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:40:E8:CA:BC:93:DE:79:88:43:67:DE:71:95:D9:E6:49:FD:60:5D
X509v3 Authority Key Identifier:
keyid:37:FB:00:4E:39:7D:DF:04:E7:D0:5F:36:43:A0:36:F2:18:36:FF:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N_sATjl93wTn0F82Q6A28hg2_xA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/742299-f343-4321-b351-b53b64cf0d95/1/v0DoyryT3nmIQ2fecZXZ5kn9YF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/742299-f343-4321-b351-b53b64cf0d95/1/N_sATjl93wTn0F82Q6A28hg2_xA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.80.0/21
62.109.128.0/19
130.193.8.0/21
171.33.136.0/21
185.100.92.0/22
185.102.20.0/22
185.102.76.0/22
185.123.128.0/22
213.109.164.0/22
217.31.48.0/20
IPv6:
2001:1ab0::/32
2a00:ca80::/32
2a03:b780::/32
2a09:ec00::/29
Signature Algorithm: sha256WithRSAEncryption
1e:4a:00:64:8e:f1:51:68:aa:aa:0d:98:0a:98:cc:a6:ad:a7:
c3:39:84:c0:a8:d1:a2:78:7b:7a:ea:81:16:92:2a:2d:9f:ba:
c8:41:40:9e:90:82:00:82:3c:49:3e:79:27:ef:00:2f:cf:bb:
95:df:1a:8a:30:fc:1a:69:8a:a1:48:b1:2c:b1:c2:17:71:9d:
af:17:25:16:3b:ef:5a:a5:c2:fb:67:f6:0d:fc:42:8a:6f:c3:
e5:7f:69:95:db:d3:66:34:53:01:19:40:90:8a:9f:25:53:06:
b2:63:a8:19:84:e3:1d:44:0e:7d:2e:93:4b:75:d9:5b:c0:ee:
7c:3a:a1:45:b2:02:48:90:f5:a5:69:94:39:c5:3d:68:ed:33:
6c:96:63:ca:2d:cc:4e:66:f5:35:78:2e:06:aa:ad:4b:77:50:
22:8f:38:45:8c:3e:b7:9e:0e:59:ec:66:07:f5:67:43:86:5e:
58:b5:19:84:4d:d3:d9:d6:a1:77:5d:6e:dc:22:81:af:ab:fd:
99:60:32:75:28:15:3d:56:90:97:84:dd:f8:e3:31:9e:ff:81:
36:82:19:0c:39:86:df:03:5a:f1:04:08:35:a0:78:e3:f3:32:
fc:9b:2a:92:92:9d:b0:42:88:39:d6:d7:a0:c8:4c:1f:75:c2:
3e:35:eb:de
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYPDzLfIlUbnCmcxN+6a8PzoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3ZmIwMDRlMzk3ZGRmMDRlN2QwNWYzNjQzYTAzNmYyMTgz
NmZmMTAwHhcNMjIxMDEwMjEyODM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjQwZThjYWJjOTNkZTc5ODg0MzY3ZGU3MTk1ZDllNjQ5ZmQ2MDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA19fXD8cIKAGllBL1//owYV36oo8k
HbZ9ve0ixZvnq/HrQCQK3fz3N+o0/Bcj2P7rbv7/IyAyEuLhQUKqU0HjccY1bc6/
XgRhGH7adfyzsNQKA15m/K9v+gWX0OLQOuvnv5lru46xUEoBeH8kx/44tOtBE/uk
PxwkiJ9fKD4bVZRvqg1aX4wRVb5f5xQGoPpRqcnWDqTzJzPjIv92j0VmGhoGzuNh
NkrsxJ+h/fSbTX1vMPLo1geiLYIy2lMfsxQ7Ow3qWlefzxUd/pUVsh7NhzuKuRSL
SUWaDrf5/GmRcGSXNeBBhWh61RC4ZPQbirx0sbh1vxwsw4YTa2gAZQrxiwIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFL9A6Mq8k955iENn3nGV2eZJ/WBdMB8GA1UdIwQY
MBaAFDf7AE45fd8E59BfNkOgNvIYNv8QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTl9zQVRqbDkzd1RuMEY4MlE2QTI4aGcyX3hBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS83NDIyOTktZjM0My00MzIxLWIzNTEt
YjUzYjY0Y2YwZDk1LzEvdjBEb3lyeVQzbm1JUTJmZWNaWFo1a245WUYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS83NDIyOTktZjM0My00MzIxLWIzNTEtYjUzYjY0Y2YwZDk1
LzEvTl9zQVRqbDkzd1RuMEY4MlE2QTI4aGcyX3hBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBCBAIAATA8AwQDJS5QAwQF
Pm2AAwQDgsEIAwQDqyGIAwQCuWRcAwQCuWYUAwQCuWZMAwQCuXuAAwQC1W2kAwQE
2R8wMCIEAgACMBwDBQAgARqwAwUAKgDKgAMFACoDt4ADBQMqCewAMA0GCSqGSIb3
DQEBCwUAA4IBAQAeSgBkjvFRaKqqDZgKmMymrafDOYTAqNGieHt66oEWkiotn7rI
QUCekIIAgjxJPnkn7wAvz7uV3xqKMPwaaYqhSLEsscIXcZ2vFyUWO+9apcL7Z/YN
/EKKb8Plf2mV29NmNFMBGUCQip8lUwayY6gZhOMdRA59LpNLddlbwO58OqFFsgJI
kPWlaZQ5xT1o7TNslmPKLcxOZvU1eC4Gqq1Ld1AijzhFjD63ng5Z7GYH9WdDhl5Y
tRmETdPZ1qF3XW7cIoGvq/2ZYDJ1KBU9VpCXhN344zGe/4E2ghkMOYbfA1rxBAg1
oHjj8zL8myqSkp2wQog51tegyEwfdcI+Neve
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:21:08 2025 by rpki-client