Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/626fa6-6eca-476e-a5af-afe63376c88f/1/3K393z7c-QraVU3D1_Sz9KP7NfM.roa
File: 3K393z7c-QraVU3D1_Sz9KP7NfM.roa (raw, json)
Hash identifier: jmr743Ox/Y760DwzcT2G9GmCkSgg018aDGWr9WoMGrE=
Subject key identifier: DC:AD:FD:DF:3E:DC:F9:0A:DA:55:4D:C3:D7:F4:B3:F4:A3:FB:35:F3
Certificate issuer: /CN=eedde41f362e98ae37d1efc7caf3e7d3c1653ee2
Certificate serial: 0182FD5D8298D289D65E3D5D6D7427D30792
Authority key identifier: EE:DD:E4:1F:36:2E:98:AE:37:D1:EF:C7:CA:F3:E7:D3:C1:65:3E:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7t3kHzYumK430e_HyvPn08FlPuI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/626fa6-6eca-476e-a5af-afe63376c88f/1/3K393z7c-QraVU3D1_Sz9KP7NfM.roa
Signing time: Fri 02 Sep 2022 08:42:20 +0000
ROA not before: Fri 02 Sep 2022 08:42:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31103
IP address blocks: 84.19.160.0/19 maxlen: 24
193.22.254.0/24 maxlen: 24
217.114.208.0/20 maxlen: 24
84.19.167.0/24 maxlen: 24
95.169.161.0/24 maxlen: 24
84.19.188.0/24 maxlen: 24
87.118.67.0/24 maxlen: 24
87.118.64.0/18 maxlen: 24
95.169.160.0/24 maxlen: 24
87.118.83.0/24 maxlen: 24
95.169.176.0/21 maxlen: 24
95.169.184.0/22 maxlen: 24
87.118.86.0/24 maxlen: 24
95.169.186.0/24 maxlen: 24
95.169.190.0/23 maxlen: 24
95.169.189.0/24 maxlen: 24
95.169.188.0/24 maxlen: 24
95.169.187.0/24 maxlen: 24
87.118.92.0/24 maxlen: 24
62.141.48.0/20 maxlen: 24
87.118.120.0/24 maxlen: 24
2001:1b60::/29 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:fd:5d:82:98:d2:89:d6:5e:3d:5d:6d:74:27:d3:07:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eedde41f362e98ae37d1efc7caf3e7d3c1653ee2
Validity
Not Before: Sep 2 08:42:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dcadfddf3edcf90ada554dc3d7f4b3f4a3fb35f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:ac:df:09:79:65:db:08:42:63:33:27:f5:ac:
d2:29:81:ce:26:cf:9e:85:01:93:9c:f7:51:e8:63:
67:42:a2:ef:41:59:68:d6:bf:d8:b8:d4:80:bb:9d:
a6:3d:39:8d:76:81:ca:23:ca:a1:4d:5d:36:a7:5e:
07:84:83:1f:5f:1b:8a:11:13:13:d7:d6:1d:48:a5:
db:7f:d8:1d:ae:8b:e0:8b:6b:a8:cf:b4:b5:17:17:
c6:97:09:a8:aa:f9:50:e0:3f:f2:4d:cc:dc:e3:aa:
54:8e:99:38:e6:f3:a1:cb:d7:b0:f5:a3:20:ef:d4:
0e:5a:5d:19:e8:62:15:5f:17:ea:ef:4c:d0:c8:9e:
80:8c:98:04:0f:c0:bf:cc:29:80:23:c0:50:3f:67:
98:e1:6b:2b:78:b5:7e:74:a2:de:7f:fc:06:26:d7:
21:91:53:f7:ae:e2:59:2b:1e:c2:8b:b8:cd:2a:b5:
72:35:31:33:88:2f:17:0e:38:1d:30:0e:a1:a3:7e:
e4:ef:44:89:b2:98:d1:a4:0f:c0:27:28:6f:ae:85:
6e:87:12:67:80:38:1d:c4:99:12:9b:72:b6:8a:2d:
54:49:1e:09:9d:e8:dd:2d:27:fa:eb:d8:4a:6c:2c:
77:12:99:2c:cd:9a:02:92:35:02:80:d8:e7:ab:c4:
4b:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:AD:FD:DF:3E:DC:F9:0A:DA:55:4D:C3:D7:F4:B3:F4:A3:FB:35:F3
X509v3 Authority Key Identifier:
keyid:EE:DD:E4:1F:36:2E:98:AE:37:D1:EF:C7:CA:F3:E7:D3:C1:65:3E:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7t3kHzYumK430e_HyvPn08FlPuI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/626fa6-6eca-476e-a5af-afe63376c88f/1/3K393z7c-QraVU3D1_Sz9KP7NfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/626fa6-6eca-476e-a5af-afe63376c88f/1/7t3kHzYumK430e_HyvPn08FlPuI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.141.48.0/20
84.19.160.0/19
87.118.64.0/18
95.169.160.0/23
95.169.176.0/20
193.22.254.0/24
217.114.208.0/20
IPv6:
2001:1b60::/29
Signature Algorithm: sha256WithRSAEncryption
38:d1:f3:89:bf:50:4c:ac:6e:c8:df:55:5a:f1:8e:f2:fb:ea:
7a:e3:b8:ad:32:c7:c7:b6:08:f9:5e:a7:31:f9:42:0c:85:95:
85:12:45:43:7f:4c:15:52:e7:14:54:d9:e2:92:7f:ff:d4:36:
db:9a:98:6f:44:50:c8:b5:44:cd:71:79:93:10:04:9b:8f:d0:
e0:09:2a:50:30:92:4c:b1:a2:0c:94:8f:f4:9c:23:28:4c:35:
bf:8d:1e:00:7e:63:eb:d5:34:03:a6:8a:8f:43:9b:df:36:8a:
eb:1a:8e:ef:c1:02:c6:60:c9:24:22:fc:82:0e:f4:c8:61:ed:
55:1f:70:bd:cd:d0:47:89:a8:c9:35:1f:b9:96:24:03:44:d2:
5a:16:3d:e9:a4:71:aa:e0:11:f5:87:48:37:36:ba:20:27:6e:
95:76:b6:33:4c:61:57:5f:0b:ff:b9:b4:02:bc:4d:19:e9:22:
34:75:91:fc:aa:45:59:32:e8:fe:56:d8:29:00:de:37:84:4b:
d0:95:24:b4:97:d3:6b:56:d9:13:5b:e8:ea:c0:74:e0:19:6a:
cf:9b:4d:78:08:27:3f:e7:c3:bb:26:ed:44:a0:67:48:e5:e6:
b9:05:63:49:57:95:85:b1:8c:33:36:a2:9e:b2:33:9d:6d:ae:
8d:61:e7:55
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYL9XYKY0onWXj1dbXQn0weSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlZGRlNDFmMzYyZTk4YWUzN2QxZWZjN2NhZjNlN2QzYzE2
NTNlZTIwHhcNMjIwOTAyMDg0MjIwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2FkZmRkZjNlZGNmOTBhZGE1NTRkYzNkN2Y0YjNmNGEzZmIzNWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1qzfCXll2whCYzMn9azSKYHOJs+e
hQGTnPdR6GNnQqLvQVlo1r/YuNSAu52mPTmNdoHKI8qhTV02p14HhIMfXxuKERMT
19YdSKXbf9gdrovgi2uoz7S1FxfGlwmoqvlQ4D/yTczc46pUjpk45vOhy9ew9aMg
79QOWl0Z6GIVXxfq70zQyJ6AjJgED8C/zCmAI8BQP2eY4WsreLV+dKLef/wGJtch
kVP3ruJZKx7Ci7jNKrVyNTEziC8XDjgdMA6ho37k70SJspjRpA/AJyhvroVuhxJn
gDgdxJkSm3K2ii1USR4JnejdLSf669hKbCx3EpkszZoCkjUCgNjnq8RLbQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFNyt/d8+3PkK2lVNw9f0s/Sj+zXzMB8GA1UdIwQY
MBaAFO7d5B82LpiuN9Hvx8rz59PBZT7iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3Qza0h6WXVtSzQzMGVfSHl2UG4wOEZsUHVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My82MjZmYTYtNmVjYS00NzZlLWE1YWYt
YWZlNjMzNzZjODhmLzEvM0szOTN6N2MtUXJhVlUzRDFfU3o5S1A3TmZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My82MjZmYTYtNmVjYS00NzZlLWE1YWYtYWZlNjMzNzZjODhm
LzEvN3Qza0h6WXVtSzQzMGVfSHl2UG4wOEZsUHVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQEPo0wAwQF
VBOgAwQGV3ZAAwQBX6mgAwQEX6mwAwQAwRb+AwQE2XLQMA0EAgACMAcDBQMgARtg
MA0GCSqGSIb3DQEBCwUAA4IBAQA40fOJv1BMrG7I31Va8Y7y++p647itMsfHtgj5
Xqcx+UIMhZWFEkVDf0wVUucUVNnikn//1DbbmphvRFDItUTNcXmTEASbj9DgCSpQ
MJJMsaIMlI/0nCMoTDW/jR4AfmPr1TQDpoqPQ5vfNorrGo7vwQLGYMkkIvyCDvTI
Ye1VH3C9zdBHiajJNR+5liQDRNJaFj3ppHGq4BH1h0g3NrogJ26VdrYzTGFXXwv/
ubQCvE0Z6SI0dZH8qkVZMuj+VtgpAN43hEvQlSS0l9NrVtkTW+jqwHTgGWrPm014
CCc/58O7Ju1EoGdI5ea5BWNJV5WFsYwzNqKesjOdba6NYedV
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:54 2023 by rpki-client on console-ams.rpki-client.org