Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/O_q4Ws6HVrNEAb4lqaZI2iAx9Q4.roa
File: O_q4Ws6HVrNEAb4lqaZI2iAx9Q4.roa (raw, json)
Hash identifier: T47lKQ10ONCzRbkQrUtmzwAVSUnwcRCQpGKt1VN6JWo=
Subject key identifier: 3B:FA:B8:5A:CE:87:56:B3:44:01:BE:25:A9:A6:48:DA:20:31:F5:0E
Certificate issuer: /CN=8777b5b36f66e13c4388c9934da507856515d073
Certificate serial: 38B78FA9
Authority key identifier: 87:77:B5:B3:6F:66:E1:3C:43:88:C9:93:4D:A5:07:85:65:15:D0:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3e1s29m4TxDiMmTTaUHhWUV0HM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/O_q4Ws6HVrNEAb4lqaZI2iAx9Q4.roa
Signing time: Fri 21 Jan 2022 10:07:08 +0000
ROA not before: Fri 21 Jan 2022 10:07:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6696
IP address blocks: 94.139.39.0/24 maxlen: 24
109.69.217.16/28 maxlen: 28
62.112.29.0/24 maxlen: 24
62.112.31.0/24 maxlen: 24
94.139.37.0/24 maxlen: 24
94.139.36.0/24 maxlen: 24
94.139.38.0/24 maxlen: 24
94.139.34.0/23 maxlen: 23
46.18.36.0/22 maxlen: 24
46.18.34.0/23 maxlen: 24
46.18.33.0/24 maxlen: 24
87.238.225.0/24 maxlen: 24
87.238.228.0/22 maxlen: 24
185.64.64.0/22 maxlen: 24
85.119.216.0/21 maxlen: 24
109.69.221.192/28 maxlen: 28
185.185.229.0/24 maxlen: 24
185.185.228.0/24 maxlen: 24
109.69.216.0/23 maxlen: 24
109.69.219.0/24 maxlen: 24
109.69.220.0/24 maxlen: 24
109.69.222.0/24 maxlen: 24
109.69.221.0/24 maxlen: 24
37.19.8.0/21 maxlen: 24
85.88.34.0/24 maxlen: 24
2a00:1528::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 951553961 (0x38b78fa9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8777b5b36f66e13c4388c9934da507856515d073
Validity
Not Before: Jan 21 10:07:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3bfab85ace8756b34401be25a9a648da2031f50e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:5b:92:86:0f:fe:36:03:85:7f:f9:58:55:ec:
72:6c:5f:40:84:57:42:a6:ab:ea:b9:2e:65:5f:ef:
7a:4d:cf:c9:a6:3a:a3:27:ea:2a:f9:3c:34:6f:6c:
68:4b:bd:15:b8:79:bf:33:7e:33:12:39:95:05:b7:
13:64:3f:49:05:23:05:3d:d3:c9:19:4a:e1:15:c2:
4a:4a:33:14:e5:9b:02:f4:2d:4e:d5:37:77:7b:39:
94:df:cb:ee:a0:1a:82:b2:c4:67:9f:e2:81:d1:15:
73:fe:0f:58:82:11:5b:fd:4a:1a:68:a7:7c:f8:6f:
a2:02:69:3a:f5:8e:08:95:ec:b1:3f:0a:f1:81:b6:
e8:99:27:2e:86:6b:51:b7:a2:cc:78:bd:79:ba:e6:
f5:04:93:4e:e2:21:cc:b1:68:f0:df:c8:8c:f0:de:
ef:e6:7b:c2:ac:e2:ac:cb:0d:fe:f5:b7:f7:36:18:
0a:f4:ad:5e:bd:4a:68:b7:42:81:de:4c:5d:7a:0b:
34:56:69:f0:12:97:5b:80:eb:0a:f1:dd:2f:ef:0c:
ee:37:48:b3:2a:5f:32:00:c7:01:fd:f6:aa:7a:b4:
0f:3b:14:d8:05:93:bd:87:91:af:89:53:1b:b5:3c:
4c:55:43:b2:60:fb:3e:1e:6e:bb:9e:1d:41:2b:42:
6c:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:FA:B8:5A:CE:87:56:B3:44:01:BE:25:A9:A6:48:DA:20:31:F5:0E
X509v3 Authority Key Identifier:
keyid:87:77:B5:B3:6F:66:E1:3C:43:88:C9:93:4D:A5:07:85:65:15:D0:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3e1s29m4TxDiMmTTaUHhWUV0HM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/O_q4Ws6HVrNEAb4lqaZI2iAx9Q4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/h3e1s29m4TxDiMmTTaUHhWUV0HM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.19.8.0/21
46.18.33.0-46.18.39.255
62.112.29.0/24
62.112.31.0/24
85.88.34.0/24
85.119.216.0/21
87.238.225.0/24
87.238.228.0/22
94.139.34.0-94.139.39.255
109.69.216.0/23
109.69.219.0-109.69.222.255
185.64.64.0/22
185.185.228.0/23
IPv6:
2a00:1528::/32
Signature Algorithm: sha256WithRSAEncryption
ad:c2:7e:78:0e:de:15:8e:89:76:ae:cf:17:5d:37:dc:55:07:
3f:9f:24:ef:99:ca:04:22:18:d4:80:77:bc:bd:32:13:7a:09:
15:45:17:99:4f:96:46:ea:c7:f7:c7:ee:1e:d4:8c:20:63:4a:
69:bf:3b:02:b1:ff:22:7d:71:6f:9f:47:9b:c2:fd:f8:02:c5:
9d:f5:c1:8d:f0:8b:84:71:f8:ab:65:fd:b8:e0:4d:60:08:47:
76:3e:3a:0d:98:d0:f9:e5:69:ab:f7:6c:8e:33:03:2c:4a:8b:
6e:68:92:95:5e:cc:bc:08:a6:5c:20:ae:0b:87:b7:d4:b1:74:
80:a7:9c:5e:35:0f:a4:02:f5:e1:7f:02:29:ae:38:22:e5:67:
52:71:46:c7:f4:49:cf:70:6c:cd:5d:b7:0b:b2:2b:57:1c:d3:
10:7a:37:9a:8c:e6:16:24:3e:a8:35:64:ab:31:96:34:a7:3b:
1b:84:b9:86:90:8d:51:d3:b8:bd:2b:7d:0b:aa:28:e7:fd:26:
3f:2b:79:24:9c:33:e7:8d:17:fa:18:19:21:7a:04:1c:00:ac:
51:a5:53:99:72:e4:cd:3a:55:35:53:d9:a3:f9:51:8b:f4:c3:
f2:6b:ff:0a:32:c2:57:24:3b:e4:52:29:58:44:da:06:76:f8:
0c:06:40:73
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIEOLePqTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
Nzc3YjViMzZmNjZlMTNjNDM4OGM5OTM0ZGE1MDc4NTY1MTVkMDczMB4XDTIyMDEy
MTEwMDcwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2JmYWI4NWFjZTg3
NTZiMzQ0MDFiZTI1YTlhNjQ4ZGEyMDMxZjUwZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALpbkoYP/jYDhX/5WFXscmxfQIRXQqar6rkuZV/vek3PyaY6
oyfqKvk8NG9saEu9Fbh5vzN+MxI5lQW3E2Q/SQUjBT3TyRlK4RXCSkozFOWbAvQt
TtU3d3s5lN/L7qAagrLEZ5/igdEVc/4PWIIRW/1KGminfPhvogJpOvWOCJXssT8K
8YG26JknLoZrUbeizHi9ebrm9QSTTuIhzLFo8N/IjPDe7+Z7wqzirMsN/vW39zYY
CvStXr1KaLdCgd5MXXoLNFZp8BKXW4DrCvHdL+8M7jdIsypfMgDHAf32qnq0DzsU
2AWTvYeRr4lTG7U8TFVDsmD7Ph5uu54dQStCbNcCAwEAAaOCAnkwggJ1MB0GA1Ud
DgQWBBQ7+rhazodWs0QBviWppkjaIDH1DjAfBgNVHSMEGDAWgBSHd7Wzb2bhPEOI
yZNNpQeFZRXQczAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2gzZTFzMjltNFR4RGlNbVRUYVVIaFdVVjBITS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjEvZjkyZTJhLWUxZTQtNDg3ZC05YWNjLWVkMWYzMGNjMWM1Ny8x
L09fcTRXczZIVnJORUFiNGxxYVpJMmlBeDlRNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjEv
ZjkyZTJhLWUxZTQtNDg3ZC05YWNjLWVkMWYzMGNjMWM1Ny8xL2gzZTFzMjltNFR4
RGlNbVRUYVVIaFdVVjBITS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
jgYIKwYBBQUHAQcBAf8EfzB9MGwEAgABMGYDBAMlEwgwDAMEAC4SIQMEAy4SIAME
AD5wHQMEAD5wHwMEAFVYIgMEA1V32AMEAFfu4QMEAlfu5DAMAwQBXosiAwQDXosg
AwQBbUXYMAwDBABtRdsDBABtRd4DBAK5QEADBAG5ueQwDQQCAAIwBwMFACoAFSgw
DQYJKoZIhvcNAQELBQADggEBAK3CfngO3hWOiXauzxddN9xVBz+fJO+ZygQiGNSA
d7y9MhN6CRVFF5lPlkbqx/fH7h7UjCBjSmm/OwKx/yJ9cW+fR5vC/fgCxZ31wY3w
i4Rx+Ktl/bjgTWAIR3Y+Og2Y0Pnlaav3bI4zAyxKi25okpVezLwIplwgrguHt9Sx
dICnnF41D6QC9eF/AimuOCLlZ1JxRsf0Sc9wbM1dtwuyK1cc0xB6N5qM5hYkPqg1
ZKsxljSnOxuEuYaQjVHTuL0rfQuqKOf9Jj8reSScM+eNF/oYGSF6BBwArFGlU5ly
5M06VTVT2aP5UYv0w/Jr/woywlckO+RSKVhE2gZ2+AwGQHM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:22 2024 by rpki-client on console-ams.rpki-client.org