Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/A-J95nfAcK0Esx9tMhQUznOEbT8.roa
File: A-J95nfAcK0Esx9tMhQUznOEbT8.roa (raw, json)
Hash identifier: 4jmmTZTKCkbL5OJdcLqloBoMZmDly9nsNRvJx6hiK5E=
Subject key identifier: 03:E2:7D:E6:77:C0:70:AD:04:B3:1F:6D:32:14:14:CE:73:84:6D:3F
Certificate issuer: /CN=8db34774b01979284fd9e754fea68fa3c61783d0
Certificate serial: 0183418C982A5B626E364FF297838A6AA4BC
Authority key identifier: 8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/A-J95nfAcK0Esx9tMhQUznOEbT8.roa
Signing time: Thu 15 Sep 2022 14:27:56 +0000
ROA not before: Thu 15 Sep 2022 14:27:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202505
IP address blocks: 185.225.37.0/24 maxlen: 24
185.225.38.0/24 maxlen: 24
185.225.36.0/24 maxlen: 24
89.43.78.0/24 maxlen: 24
93.114.130.0/24 maxlen: 24
86.104.14.0/24 maxlen: 24
193.31.118.0/24 maxlen: 24
193.31.117.0/24 maxlen: 24
193.31.119.0/24 maxlen: 24
84.54.14.0/24 maxlen: 24
185.81.152.0/24 maxlen: 24
185.81.153.0/24 maxlen: 24
185.81.155.0/24 maxlen: 24
213.226.116.0/24 maxlen: 24
185.81.154.0/24 maxlen: 24
176.98.42.0/24 maxlen: 24
176.98.43.0/24 maxlen: 24
2a06:f7c5::/32 maxlen: 32
2a10:7f46::/32 maxlen: 32
2a10:7f45::/32 maxlen: 32
2a06:f7c4::/32 maxlen: 32
2a10:7f44::/32 maxlen: 32
2a10:7f47::/32 maxlen: 32
2a06:f7c7::/32 maxlen: 32
2a11:d102::/32 maxlen: 32
2a11:d101::/32 maxlen: 32
2a10:7f40::/32 maxlen: 32
2a06:f7c3::/32 maxlen: 32
2a10:7fc5::/32 maxlen: 32
2a10:7f43::/32 maxlen: 32
2a06:f7c0::/32 maxlen: 32
2a06:f7c6::/32 maxlen: 32
2a11:d105::/32 maxlen: 32
2a10:7fc2::/32 maxlen: 32
2a11:d104::/32 maxlen: 32
2a10:7fc1::/32 maxlen: 32
2a11:d107::/32 maxlen: 32
2a10:7fc4::/32 maxlen: 32
2a10:7fc0::/32 maxlen: 32
2a10:7fc3::/32 maxlen: 32
2a06:f7c1::/32 maxlen: 32
2a10:7f42::/32 maxlen: 32
2a10:7fc6::/32 maxlen: 32
2a10:7f41::/32 maxlen: 32
2a10:7fc7::/32 maxlen: 32
2a06:f7c2::/32 maxlen: 32
2a11:d106::/32 maxlen: 32
2a11:d100::/32 maxlen: 32
2a11:d103::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:41:8c:98:2a:5b:62:6e:36:4f:f2:97:83:8a:6a:a4:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8db34774b01979284fd9e754fea68fa3c61783d0
Validity
Not Before: Sep 15 14:27:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=03e27de677c070ad04b31f6d321414ce73846d3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:e8:d9:b6:e9:f2:85:e0:87:5b:92:8e:d7:30:
a5:66:c4:25:cd:a3:5f:ef:2a:7a:72:0e:ae:d6:b2:
73:94:f8:f5:43:3f:92:9b:f9:a2:cd:39:42:cf:5a:
2b:87:92:69:ba:6f:aa:1e:02:7a:1a:06:15:64:e5:
17:3f:91:84:43:82:95:21:5c:0f:0c:3b:4c:18:7b:
13:8b:0f:92:14:49:34:6c:66:ae:cc:74:5c:ee:ab:
97:77:29:b2:c1:30:3a:f7:83:a0:5b:20:37:66:ad:
35:23:14:02:12:b6:4e:09:59:9a:83:b0:b4:7f:9c:
22:6a:2e:00:d4:54:f5:07:de:04:40:f8:11:2f:76:
46:67:82:68:61:64:57:1c:0b:4c:4e:19:c2:10:6e:
8d:74:12:69:f3:b0:bd:95:b2:47:8c:f7:ca:dc:e9:
f8:83:07:07:df:d1:27:a8:2c:56:de:3b:f7:ef:9c:
35:ff:f2:dc:10:54:41:a4:92:09:f0:6b:56:2e:47:
39:8e:86:a1:2f:44:58:43:bc:13:d9:21:e8:29:40:
1b:41:0f:5e:5a:0e:34:d0:b7:3a:a7:bf:41:b2:9a:
14:ee:51:e6:b3:e2:75:ec:35:2d:9d:9c:a3:58:0b:
4c:76:22:e7:c4:5d:0a:0d:14:df:93:a7:62:61:fe:
30:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:E2:7D:E6:77:C0:70:AD:04:B3:1F:6D:32:14:14:CE:73:84:6D:3F
X509v3 Authority Key Identifier:
keyid:8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/A-J95nfAcK0Esx9tMhQUznOEbT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/jbNHdLAZeShP2edU_qaPo8YXg9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.54.14.0/24
86.104.14.0/24
89.43.78.0/24
93.114.130.0/24
176.98.42.0/23
185.81.152.0/22
185.225.36.0-185.225.38.255
193.31.117.0-193.31.119.255
213.226.116.0/24
IPv6:
2a06:f7c0::/29
2a10:7f40::/29
2a10:7fc0::/29
2a11:d100::/29
Signature Algorithm: sha256WithRSAEncryption
b3:f1:8a:40:f7:2e:03:0b:f0:c0:55:ec:a3:b3:72:64:2f:95:
92:09:72:4f:d9:26:3d:ff:4b:5e:5c:97:65:af:b5:32:c4:61:
d4:48:11:b7:95:43:83:8e:9d:63:74:b9:67:2f:2e:ad:7d:06:
75:80:b7:e6:68:bf:c4:8f:08:aa:32:d8:ba:3b:e9:20:3a:de:
a2:d1:2d:5c:73:84:57:2f:5d:ce:2d:e8:c6:60:7f:72:3e:c2:
41:aa:b5:88:c2:73:91:d4:a6:83:e0:c4:8c:d4:ff:d1:ed:f9:
9d:10:bc:3a:e8:33:6e:1e:fe:5d:d0:a5:3a:24:00:64:74:a2:
92:86:e9:4f:db:b7:7a:21:e7:84:71:a1:1d:f0:36:8e:35:65:
f0:7e:86:b5:45:bd:27:5d:85:06:fb:74:ca:be:e2:73:33:db:
e4:26:24:c5:7a:ba:b0:df:31:fe:35:fd:d4:6a:e3:53:96:98:
dc:ab:a5:84:de:35:72:6d:3b:c2:f4:0c:17:bf:0d:60:7d:66:
ab:25:ae:e8:2c:63:57:8a:ad:5c:0d:e3:22:86:70:16:57:13:
46:9c:61:d1:80:20:4f:50:d8:e2:c2:6c:1b:04:5f:f7:ea:c0:
77:e9:dd:5b:8b:c6:22:90:6f:3e:b7:51:9b:ac:71:0f:a3:1b:
9e:79:77:15
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAYNBjJgqW2JuNk/yl4OKaqS8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYjM0Nzc0YjAxOTc5Mjg0ZmQ5ZTc1NGZlYTY4ZmEzYzYx
NzgzZDAwHhcNMjIwOTE1MTQyNzU2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2UyN2RlNjc3YzA3MGFkMDRiMzFmNmQzMjE0MTRjZTczODQ2ZDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlOjZtunyheCHW5KO1zClZsQlzaNf
7yp6cg6u1rJzlPj1Qz+Sm/mizTlCz1orh5Jpum+qHgJ6GgYVZOUXP5GEQ4KVIVwP
DDtMGHsTiw+SFEk0bGauzHRc7quXdymywTA694OgWyA3Zq01IxQCErZOCVmag7C0
f5wiai4A1FT1B94EQPgRL3ZGZ4JoYWRXHAtMThnCEG6NdBJp87C9lbJHjPfK3On4
gwcH39EnqCxW3jv375w1//LcEFRBpJIJ8GtWLkc5joahL0RYQ7wT2SHoKUAbQQ9e
Wg400Lc6p79BspoU7lHms+J17DUtnZyjWAtMdiLnxF0KDRTfk6diYf4wXwIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFAPifeZ3wHCtBLMfbTIUFM5zhG0/MB8GA1UdIwQY
MBaAFI2zR3SwGXkoT9nnVP6mj6PGF4PQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGIt
NjI2NTUyMWY2ZGY3LzEvQS1KOTVuZkFjSzBFc3g5dE1oUVV6bk9FYlQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGItNjI2NTUyMWY2ZGY3
LzEvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwTAQCAAEwRgMEAFQ2DgME
AFZoDgMEAFkrTgMEAF1yggMEAbBiKgMEArlRmDAMAwQCueEkAwQAueEmMAwDBADB
H3UDBAPBH3ADBADV4nQwIgQCAAIwHAMFAyoG98ADBQMqEH9AAwUDKhB/wAMFAyoR
0QAwDQYJKoZIhvcNAQELBQADggEBALPxikD3LgML8MBV7KOzcmQvlZIJck/ZJj3/
S15cl2WvtTLEYdRIEbeVQ4OOnWN0uWcvLq19BnWAt+Zov8SPCKoy2Lo76SA63qLR
LVxzhFcvXc4t6MZgf3I+wkGqtYjCc5HUpoPgxIzU/9Ht+Z0QvDroM24e/l3QpTok
AGR0opKG6U/bt3oh54RxoR3wNo41ZfB+hrVFvSddhQb7dMq+4nMz2+QmJMV6urDf
Mf41/dRq41OWmNyrpYTeNXJtO8L0DBe/DWB9ZqslrugsY1eKrVwN4yKGcBZXE0ac
YdGAIE9Q2OLCbBsEX/fqwHfp3VuLxiKQbz63UZuscQ+jG555dxU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:37 2023 by rpki-client on console-fra.rpki-client.org