Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/CqMoLPVvSlqfBQFdJu9JCIBnvFM.roa
File: CqMoLPVvSlqfBQFdJu9JCIBnvFM.roa (raw, json)
Hash identifier: bl4Dbo728yILI28w2S1NF2dtnmn8P67iXQs/OshUsBE=
Subject key identifier: 0A:A3:28:2C:F5:6F:4A:5A:9F:05:01:5D:26:EF:49:08:80:67:BC:53
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 0186921D8B075564C2B88E727325D341EFB7
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/CqMoLPVvSlqfBQFdJu9JCIBnvFM.roa
Signing time: Mon 27 Feb 2023 09:04:14 +0000
ROA not before: Mon 27 Feb 2023 09:04:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205647
IP address blocks: 151.240.80.0/21 maxlen: 21
31.56.116.0/24 maxlen: 24
94.182.204.0/24 maxlen: 24
94.182.205.0/24 maxlen: 24
94.182.206.0/24 maxlen: 24
94.182.204.0/22 maxlen: 22
94.182.207.0/24 maxlen: 24
94.182.217.0/24 maxlen: 24
94.182.226.0/24 maxlen: 24
94.182.228.0/22 maxlen: 22
151.241.224.0/21 maxlen: 21
151.240.168.0/22 maxlen: 22
151.240.192.0/21 maxlen: 21
151.247.214.0/23 maxlen: 23
151.247.216.0/21 maxlen: 21
94.182.41.0/24 maxlen: 24
151.247.224.0/22 maxlen: 22
94.182.56.0/22 maxlen: 22
151.247.238.0/23 maxlen: 23
151.247.240.0/24 maxlen: 24
151.247.241.0/24 maxlen: 24
151.247.248.0/22 maxlen: 22
94.182.72.0/21 maxlen: 21
85.15.49.0/24 maxlen: 24
85.15.48.0/24 maxlen: 24
94.182.97.192/28 maxlen: 28
151.240.240.0/21 maxlen: 21
31.59.12.0/22 maxlen: 22
94.182.8.0/23 maxlen: 23
94.182.12.0/23 maxlen: 23
31.56.64.0/19 maxlen: 19
31.56.96.0/20 maxlen: 20
31.56.0.0/18 maxlen: 18
94.182.82.0/24 maxlen: 24
94.182.116.0/22 maxlen: 22
94.182.114.0/23 maxlen: 23
94.182.120.0/21 maxlen: 21
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:92:1d:8b:07:55:64:c2:b8:8e:72:73:25:d3:41:ef:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Feb 27 09:04:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0aa3282cf56f4a5a9f05015d26ef49088067bc53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:1e:b9:7e:f1:7f:09:8d:2d:7d:6e:0e:6f:1e:
95:99:09:b2:fd:43:b3:8a:ce:90:c6:4c:58:07:b0:
aa:56:ca:00:63:7e:52:d0:ec:66:73:7c:ee:ee:17:
23:4b:e9:9b:a5:66:ff:ae:b0:3f:15:01:b3:ba:25:
62:fe:49:02:10:ec:2d:c2:aa:ac:4c:13:c5:28:f5:
d2:8b:1a:f5:72:64:86:6f:49:fc:ce:0b:04:1d:d2:
33:c4:d7:f9:c2:a8:6f:d2:31:d6:1d:27:01:c2:09:
1d:49:1a:13:57:f9:58:62:23:17:0e:4c:10:db:00:
7b:c5:e3:00:7c:f3:ca:c1:68:6c:a4:1d:e6:ac:8a:
82:cd:aa:6c:2f:ac:97:d3:22:cd:91:78:a6:fe:53:
b7:24:c7:c3:07:a6:be:32:bb:e5:ec:32:72:ad:a6:
34:a6:c2:19:dd:e8:c1:e6:af:43:9d:f9:9e:72:5d:
33:82:de:1f:ab:93:41:84:46:6a:59:b3:77:61:cd:
21:ec:8d:a0:0a:6b:a1:73:b8:93:2a:d5:13:57:08:
89:81:8d:6f:9b:1b:75:66:f4:6c:01:69:a2:b9:ad:
4c:3d:36:d2:f4:70:70:72:b9:02:7c:18:de:93:30:
c6:11:9d:33:72:6c:e4:5e:d1:4b:85:2d:54:cf:e0:
d0:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:A3:28:2C:F5:6F:4A:5A:9F:05:01:5D:26:EF:49:08:80:67:BC:53
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/CqMoLPVvSlqfBQFdJu9JCIBnvFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.0.0-31.56.111.255
31.56.116.0/24
31.59.12.0/22
85.15.48.0/23
94.182.8.0/23
94.182.12.0/23
94.182.41.0/24
94.182.56.0/22
94.182.72.0/21
94.182.82.0/24
94.182.97.192/28
94.182.114.0-94.182.127.255
94.182.204.0/22
94.182.217.0/24
94.182.226.0/24
94.182.228.0/22
151.240.80.0/21
151.240.168.0/22
151.240.192.0/21
151.240.240.0/21
151.241.224.0/21
151.247.214.0-151.247.227.255
151.247.238.0-151.247.241.255
151.247.248.0/22
Signature Algorithm: sha256WithRSAEncryption
bd:41:2c:4c:38:b8:8c:25:de:74:2f:b3:ae:fb:70:13:30:33:
57:69:4a:80:6c:c9:fe:bb:22:18:42:3b:0f:f3:9d:1c:8b:3f:
fd:bc:3d:8b:9c:9e:13:cb:ec:49:ce:87:67:82:a0:04:2b:ae:
a6:43:d9:db:ac:8f:59:0c:89:84:9d:d2:a3:a9:06:ce:46:35:
3d:b0:91:82:b0:de:5a:23:64:c1:da:5b:49:9e:18:a0:a1:5a:
fa:6b:53:1e:8f:72:26:05:1c:6d:96:34:bf:8c:e4:7c:77:3e:
e7:b2:9d:cc:dd:37:02:8c:a5:9e:20:dc:e2:41:e6:6f:23:46:
88:05:0c:ab:51:be:b1:a7:ec:f0:18:1b:bf:3b:b5:19:28:70:
4e:19:c8:f9:c4:70:88:57:58:94:df:60:26:8d:67:6c:f0:65:
dd:18:f9:fb:8d:c1:dd:ce:77:5b:d6:e0:19:cd:89:31:87:71:
63:70:29:b5:ea:05:ab:4e:6c:9c:70:d0:9f:3f:11:7a:e6:1e:
f0:4b:ca:3a:62:4a:c7:7d:b4:4a:7c:3b:25:c5:27:21:14:0c:
c9:03:18:ae:05:1d:1e:fd:2e:de:41:bc:12:38:64:bf:eb:a4:
03:7e:ff:ad:bc:00:4a:fa:cb:bd:a4:e8:10:9e:e6:3b:1e:01:
ba:57:50:5d
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgISAYaSHYsHVWTCuI5ycyXTQe+3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjMwMjI3MDkwNDE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWEzMjgyY2Y1NmY0YTVhOWYwNTAxNWQyNmVmNDkwODgwNjdiYzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqx65fvF/CY0tfW4Obx6VmQmy/UOz
is6QxkxYB7CqVsoAY35S0Oxmc3zu7hcjS+mbpWb/rrA/FQGzuiVi/kkCEOwtwqqs
TBPFKPXSixr1cmSGb0n8zgsEHdIzxNf5wqhv0jHWHScBwgkdSRoTV/lYYiMXDkwQ
2wB7xeMAfPPKwWhspB3mrIqCzapsL6yX0yLNkXim/lO3JMfDB6a+Mrvl7DJyraY0
psIZ3ejB5q9Dnfmecl0zgt4fq5NBhEZqWbN3Yc0h7I2gCmuhc7iTKtUTVwiJgY1v
mxt1ZvRsAWmiua1MPTbS9HBwcrkCfBjekzDGEZ0zcmzkXtFLhS1Uz+DQnwIDAQAB
o4ICuDCCArQwHQYDVR0OBBYEFAqjKCz1b0panwUBXSbvSQiAZ7xTMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvQ3FNb0xQVnZTbHFmQlFGZEp1OUpDSUJudkZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujCBtwQCAAEwgbAwCwMD
Ax84AwQEHzhgAwQAHzh0AwQCHzsMAwQBVQ8wAwQBXrYIAwQBXrYMAwQAXrYpAwQC
XrY4AwQDXrZIAwQAXrZSAwUEXrZhwDAMAwQBXrZyAwQHXrYAAwQCXrbMAwQAXrbZ
AwQAXrbiAwQCXrbkAwQDl/BQAwQCl/CoAwQDl/DAAwQDl/DwAwQDl/HgMAwDBAGX
99YDBAKX9+AwDAMEAZf37gMEAZf38AMEApf3+DANBgkqhkiG9w0BAQsFAAOCAQEA
vUEsTDi4jCXedC+zrvtwEzAzV2lKgGzJ/rsiGEI7D/OdHIs//bw9i5yeE8vsSc6H
Z4KgBCuupkPZ26yPWQyJhJ3So6kGzkY1PbCRgrDeWiNkwdpbSZ4YoKFa+mtTHo9y
JgUcbZY0v4zkfHc+57KdzN03AoylniDc4kHmbyNGiAUMq1G+safs8Bgbvzu1GShw
ThnI+cRwiFdYlN9gJo1nbPBl3Rj5+43B3c53W9bgGc2JMYdxY3ApteoFq05snHDQ
nz8ReuYe8EvKOmJKx320Snw7JcUnIRQMyQMYrgUdHv0u3kG8Ejhkv+ukA37/rbwA
SvrLvaToEJ7mOx4BuldQXQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:51 2024 by rpki-client on console-fra.rpki-client.org