Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/qymZuE54_mbMEmLTyqGdd-qO93k.roa
File: qymZuE54_mbMEmLTyqGdd-qO93k.roa (raw, json)
Hash identifier: QMydOo9+q5/xE1qaputjyxgBNobddhDdlLIBi4uxbdI=
Subject key identifier: AB:29:99:B8:4E:78:FE:66:CC:12:62:D3:CA:A1:9D:77:EA:8E:F7:79
Certificate issuer: /CN=7d7b4bcabeb29605ea511de973e4675c4b8a29df
Certificate serial: 0497FC64
Authority key identifier: 7D:7B:4B:CA:BE:B2:96:05:EA:51:1D:E9:73:E4:67:5C:4B:8A:29:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fXtLyr6ylgXqUR3pc-RnXEuKKd8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/qymZuE54_mbMEmLTyqGdd-qO93k.roa
Signing time: Thu 03 Feb 2022 13:16:50 +0000
ROA not before: Thu 03 Feb 2022 13:16:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35621
IP address blocks: 151.237.94.0/23 maxlen: 23
151.237.0.0/20 maxlen: 20
151.237.7.0/24 maxlen: 24
85.187.209.0/24 maxlen: 24
85.187.208.0/24 maxlen: 24
85.187.212.0/24 maxlen: 24
85.187.211.0/24 maxlen: 24
85.187.210.0/24 maxlen: 24
85.187.221.0/24 maxlen: 24
85.187.220.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77069412 (0x497fc64)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d7b4bcabeb29605ea511de973e4675c4b8a29df
Validity
Not Before: Feb 3 13:16:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ab2999b84e78fe66cc1262d3caa19d77ea8ef779
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:79:1b:08:46:e2:f2:2b:00:1c:02:d5:07:9b:
d9:bb:ef:36:23:c6:32:54:7e:00:06:f4:51:0a:e4:
52:a0:87:ca:18:3f:4e:c4:68:22:48:00:bc:c6:39:
e8:c0:ec:9f:ca:dc:52:20:4b:80:3d:38:f9:dc:c8:
4a:b0:07:cd:26:f5:6f:4e:de:b7:f6:2d:c9:25:38:
80:b4:06:0f:67:c1:75:f5:0d:cf:ec:70:c9:73:eb:
0d:d6:e7:57:63:b4:8b:6a:d1:5c:37:cd:2c:b2:98:
71:39:7a:1a:5a:f9:41:30:b3:33:17:9c:45:6b:c5:
bc:46:96:78:55:f2:36:3d:6e:1f:13:5a:11:27:e7:
8b:78:79:b7:94:04:ac:6c:bc:b6:7b:9f:06:45:9b:
83:9d:d3:35:a1:b2:26:6e:8d:0b:8a:ce:dd:26:18:
74:32:52:aa:64:f6:e0:e8:09:2c:d0:86:ef:e8:51:
16:ab:45:68:13:ab:ff:a3:6f:b6:cd:34:44:0b:d7:
22:e2:e3:d4:a9:bc:9d:dd:a3:fd:55:86:3b:34:c5:
4f:20:e7:2e:41:cc:03:99:44:8e:c3:95:ab:06:4e:
01:0d:c9:b1:aa:a9:61:32:ad:1e:a3:33:55:8f:4f:
b2:92:0d:dc:03:13:5a:b5:85:ee:8a:b0:c9:24:b8:
77:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:29:99:B8:4E:78:FE:66:CC:12:62:D3:CA:A1:9D:77:EA:8E:F7:79
X509v3 Authority Key Identifier:
keyid:7D:7B:4B:CA:BE:B2:96:05:EA:51:1D:E9:73:E4:67:5C:4B:8A:29:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fXtLyr6ylgXqUR3pc-RnXEuKKd8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/qymZuE54_mbMEmLTyqGdd-qO93k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/fXtLyr6ylgXqUR3pc-RnXEuKKd8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.187.208.0-85.187.212.255
85.187.220.0/23
151.237.0.0/20
151.237.94.0/23
Signature Algorithm: sha256WithRSAEncryption
5b:cd:87:f7:84:2c:c4:2b:e4:76:70:aa:e5:39:22:8f:0c:bd:
ae:61:f2:a2:1a:52:62:09:f7:98:bb:79:66:bf:3a:39:4c:54:
68:b9:f1:42:99:e3:ed:fe:80:db:32:4b:d4:96:36:5b:57:a4:
16:ab:3e:a3:dc:2e:c0:ee:ae:a5:4c:1f:0e:db:03:d3:fd:dc:
67:08:30:b4:23:8d:65:b0:df:1e:4c:43:3e:ec:30:fb:75:aa:
a4:61:8b:d6:0e:02:2b:1f:bf:d2:d1:18:d4:8a:5b:8a:f4:28:
c6:ff:b1:22:01:c8:b7:35:cf:96:ba:6c:52:56:22:3a:30:18:
d4:76:28:49:fe:fd:c7:c8:95:dc:97:a2:bc:d4:87:71:5d:d5:
a3:46:53:51:eb:25:39:93:26:74:96:54:c7:83:00:79:f3:bf:
5a:38:ca:79:4e:02:e8:e3:59:b2:2b:bd:b6:7b:cb:bd:09:8c:
ab:bf:99:05:c3:bd:be:b6:31:91:80:f7:74:2d:70:b3:54:f2:
7c:45:52:a2:79:ed:95:e0:89:d7:88:a8:0e:88:9f:a7:5d:fb:
08:4d:87:79:a3:fb:ec:cb:b2:f8:4f:bd:66:21:47:b5:91:72:
79:23:97:09:aa:82:3a:b6:45:5f:46:8c:1f:f3:e7:87:e4:30:
bd:47:ae:c2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEBJf8ZDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZDdiNGJjYWJlYjI5NjA1ZWE1MTFkZTk3M2U0Njc1YzRiOGEyOWRmMB4XDTIyMDIw
MzEzMTY1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWIyOTk5Yjg0ZTc4
ZmU2NmNjMTI2MmQzY2FhMTlkNzdlYThlZjc3OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALl5GwhG4vIrABwC1Qeb2bvvNiPGMlR+AAb0UQrkUqCHyhg/
TsRoIkgAvMY56MDsn8rcUiBLgD04+dzISrAHzSb1b07et/YtySU4gLQGD2fBdfUN
z+xwyXPrDdbnV2O0i2rRXDfNLLKYcTl6Glr5QTCzMxecRWvFvEaWeFXyNj1uHxNa
ESfni3h5t5QErGy8tnufBkWbg53TNaGyJm6NC4rO3SYYdDJSqmT24OgJLNCG7+hR
FqtFaBOr/6Nvts00RAvXIuLj1Km8nd2j/VWGOzTFTyDnLkHMA5lEjsOVqwZOAQ3J
saqpYTKtHqMzVY9PspIN3AMTWrWF7oqwySS4dy8CAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBSrKZm4Tnj+ZswSYtPKoZ136o73eTAfBgNVHSMEGDAWgBR9e0vKvrKWBepR
Helz5GdcS4op3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZYdEx5cjZ5bGdYcVVSM3BjLVJuWEV1S0tkOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTcvODg5N2ZkLTE4NjItNDM5My1hYTRiLTQ0NzYxN2E0YTc0NC8x
L3F5bVp1RTU0X21iTUVtTFR5cUdkZC1xTzkzay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTcv
ODg5N2ZkLTE4NjItNDM5My1hYTRiLTQ0NzYxN2E0YTc0NC8xL2ZYdEx5cjZ5bGdY
cVVSM3BjLVJuWEV1S0tkOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIDAMAwQEVbvQAwQAVbvUAwQBVbvcAwQE
l+0AAwQBl+1eMA0GCSqGSIb3DQEBCwUAA4IBAQBbzYf3hCzEK+R2cKrlOSKPDL2u
YfKiGlJiCfeYu3lmvzo5TFRoufFCmePt/oDbMkvUljZbV6QWqz6j3C7A7q6lTB8O
2wPT/dxnCDC0I41lsN8eTEM+7DD7daqkYYvWDgIrH7/S0RjUiluK9CjG/7EiAci3
Nc+WumxSViI6MBjUdihJ/v3HyJXcl6K81IdxXdWjRlNR6yU5kyZ0llTHgwB5879a
OMp5TgLo41myK722e8u9CYyrv5kFw72+tjGRgPd0LXCzVPJ8RVKiee2V4InXiKgO
iJ+nXfsITYd5o/vsy7L4T71mIUe1kXJ5I5cJqoI6tkVfRowf8+eH5DC9R67C
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:31 2024 by rpki-client on console-fra.rpki-client.org