Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/48c072-22de-44d7-bed8-e80f32073f3d/1/0qz4ggv5cQyTQyg-pqZcnQwuL-Y.roa
File: 0qz4ggv5cQyTQyg-pqZcnQwuL-Y.roa (raw, json)
Hash identifier: c6rar4WKbp5rzCpp/8Uucr8w0QsUSFPSGvlB32+ZaVc=
Subject key identifier: D2:AC:F8:82:0B:F9:71:0C:93:43:28:3E:A6:A6:5C:9D:0C:2E:2F:E6
Certificate issuer: /CN=a57d4cfe60f8a30a4d0ff94b94ebadfc88c9ac11
Certificate serial: 61103A
Authority key identifier: A5:7D:4C:FE:60:F8:A3:0A:4D:0F:F9:4B:94:EB:AD:FC:88:C9:AC:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pX1M_mD4owpND_lLlOut_IjJrBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/48c072-22de-44d7-bed8-e80f32073f3d/1/0qz4ggv5cQyTQyg-pqZcnQwuL-Y.roa
Signing time: Tue 14 Jun 2022 22:57:45 +0000
ROA not before: Tue 14 Jun 2022 22:57:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 28952
IP address blocks: 37.58.0.0/20 maxlen: 20
46.34.224.0/19 maxlen: 19
37.152.96.0/19 maxlen: 19
91.191.69.0/24 maxlen: 24
91.191.80.0/22 maxlen: 22
31.3.32.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6361146 (0x61103a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a57d4cfe60f8a30a4d0ff94b94ebadfc88c9ac11
Validity
Not Before: Jun 14 22:57:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d2acf8820bf9710c9343283ea6a65c9d0c2e2fe6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:78:36:d2:d8:57:c8:0a:ad:87:51:8f:05:48:
63:f5:a1:3e:55:eb:e8:a3:57:93:3c:fb:29:7d:33:
a0:3f:95:ef:90:45:6d:ef:12:26:14:5b:29:44:13:
3a:94:3e:45:be:14:38:9f:79:6f:1d:88:98:a6:70:
24:ed:c5:33:5b:57:bf:78:86:fc:d1:9a:91:ab:63:
f4:79:05:5a:b1:4b:09:63:c9:a0:1b:2a:52:6b:ce:
ce:24:e9:96:95:da:5e:6a:4e:f3:40:39:e3:82:fa:
d4:b3:03:bc:39:f0:89:eb:b8:68:35:9e:d3:d3:17:
1c:39:ce:24:92:18:a4:aa:21:b2:bb:36:da:7e:fa:
24:b9:9a:b2:01:91:c7:4a:d1:42:7f:4c:ac:f8:6f:
a4:fb:e4:aa:68:5c:cd:e2:e7:2f:b9:5a:df:81:0a:
1a:30:5b:1d:31:e6:59:aa:6f:5b:52:6a:e9:7f:b9:
6d:9b:50:e6:59:09:81:09:d0:cd:34:8c:b7:ab:97:
58:a1:7e:7c:cf:54:5a:bf:c7:17:0c:c7:08:49:e8:
bb:9f:cc:b5:3f:82:14:86:45:01:65:0f:45:fe:c1:
8c:03:67:8e:87:18:87:0b:01:e2:63:31:20:e1:09:
8d:6b:3b:af:31:19:5e:d2:2b:2a:52:13:72:6d:06:
91:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:AC:F8:82:0B:F9:71:0C:93:43:28:3E:A6:A6:5C:9D:0C:2E:2F:E6
X509v3 Authority Key Identifier:
keyid:A5:7D:4C:FE:60:F8:A3:0A:4D:0F:F9:4B:94:EB:AD:FC:88:C9:AC:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pX1M_mD4owpND_lLlOut_IjJrBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/48c072-22de-44d7-bed8-e80f32073f3d/1/0qz4ggv5cQyTQyg-pqZcnQwuL-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/48c072-22de-44d7-bed8-e80f32073f3d/1/pX1M_mD4owpND_lLlOut_IjJrBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.32.0/19
37.58.0.0/20
37.152.96.0/19
46.34.224.0/19
91.191.69.0/24
91.191.80.0/22
Signature Algorithm: sha256WithRSAEncryption
01:9e:35:0a:21:d6:81:6b:20:a4:e3:1d:35:8b:af:ab:ad:17:
23:8a:97:fe:08:1a:88:bc:a3:7a:0e:aa:a9:84:54:9b:20:b4:
f0:9d:07:bf:be:bc:d8:8f:55:5b:ac:90:fc:96:48:96:5e:a9:
60:44:12:f7:44:2e:de:2c:ce:64:d7:6a:62:a7:19:60:5c:9a:
00:5c:9b:8b:4b:65:81:9f:40:1e:b7:f5:7d:7e:35:5f:ae:a0:
61:fc:c5:d0:85:89:8a:e5:42:44:27:34:86:59:78:17:5f:a0:
a6:36:c8:d2:a4:5a:78:1c:2e:6b:50:4a:4b:33:29:60:c1:b2:
b6:50:dd:2c:c6:93:76:21:fa:18:cf:86:a7:71:3f:47:5d:a8:
a8:0b:53:5b:e6:bb:af:d5:60:3a:fe:21:b2:99:95:4a:19:18:
10:f5:f6:a8:09:bb:e2:1a:79:a2:b5:8a:88:80:77:64:e0:6a:
d1:a8:80:30:ce:63:11:06:df:8b:3d:4f:51:68:8e:1c:f1:a7:
f7:68:a0:a1:3d:1d:57:d6:47:b6:0f:62:47:12:e5:38:ed:4c:
2f:48:df:3f:bb:37:7d:64:28:a9:0f:6c:0e:09:fd:73:e1:a2:
6f:95:42:64:29:38:07:b1:69:bc:25:78:8b:34:22:c8:3c:12:
b7:b1:21:96
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIDYRA6MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE1
N2Q0Y2ZlNjBmOGEzMGE0ZDBmZjk0Yjk0ZWJhZGZjODhjOWFjMTEwHhcNMjIwNjE0
MjI1NzQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhkMmFjZjg4MjBiZjk3
MTBjOTM0MzI4M2VhNmE2NWM5ZDBjMmUyZmU2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAwng20thXyAqth1GPBUhj9aE+Vevoo1eTPPspfTOgP5XvkEVt
7xImFFspRBM6lD5FvhQ4n3lvHYiYpnAk7cUzW1e/eIb80ZqRq2P0eQVasUsJY8mg
GypSa87OJOmWldpeak7zQDnjgvrUswO8OfCJ67hoNZ7T0xccOc4kkhikqiGyuzba
fvokuZqyAZHHStFCf0ys+G+k++SqaFzN4ucvuVrfgQoaMFsdMeZZqm9bUmrpf7lt
m1DmWQmBCdDNNIy3q5dYoX58z1Rav8cXDMcISei7n8y1P4IUhkUBZQ9F/sGMA2eO
hxiHCwHiYzEg4QmNazuvMRle0isqUhNybQaRNQIDAQABo4ICJzCCAiMwHQYDVR0O
BBYEFNKs+IIL+XEMk0MoPqamXJ0MLi/mMB8GA1UdIwQYMBaAFKV9TP5g+KMKTQ/5
S5TrrfyIyawRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
cFgxTV9tRDRvd3BORF9sTGxPdXRfSWpKckJFLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8zMC80OGMwNzItMjJkZS00NGQ3LWJlZDgtZTgwZjMyMDczZjNkLzEv
MHF6NGdndjVjUXlUUXlnLXBxWmNuUXd1TC1ZLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80
OGMwNzItMjJkZS00NGQ3LWJlZDgtZTgwZjMyMDczZjNkLzEvcFgxTV9tRDRvd3BO
RF9sTGxPdXRfSWpKckJFLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMD0G
CCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQFHwMgAwQEJToAAwQFJZhgAwQFLiLg
AwQAW79FAwQCW79QMA0GCSqGSIb3DQEBCwUAA4IBAQABnjUKIdaBayCk4x01i6+r
rRcjipf+CBqIvKN6DqqphFSbILTwnQe/vrzYj1VbrJD8lkiWXqlgRBL3RC7eLM5k
12pipxlgXJoAXJuLS2WBn0Aet/V9fjVfrqBh/MXQhYmK5UJEJzSGWXgXX6CmNsjS
pFp4HC5rUEpLMylgwbK2UN0sxpN2IfoYz4ancT9HXaioC1Nb5ruv1WA6/iGymZVK
GRgQ9faoCbviGnmitYqIgHdk4GrRqIAwzmMRBt+LPU9RaI4c8af3aKChPR1X1ke2
D2JHEuU47UwvSN8/uzd9ZCipD2wOCf1z4aJvlUJkKTgHsWm8JXiLNCLIPBK3sSGW
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:30:36 2025 by rpki-client