Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/dHKr6i_6yiii9yLoXn_DAzWsXNI.roa
File: dHKr6i_6yiii9yLoXn_DAzWsXNI.roa (raw, json)
Hash identifier: QNHzv66PmuSTjjFBKW/idHMzcb/NnFouCIEDRC7+I+Q=
Subject key identifier: 74:72:AB:EA:2F:FA:CA:28:A2:F7:22:E8:5E:7F:C3:03:35:AC:5C:D2
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 018B89B275C57E7A165A91308569CBB76FEF
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/dHKr6i_6yiii9yLoXn_DAzWsXNI.roa
Signing time: Wed 01 Nov 2023 07:04:15 +0000
ROA not before: Wed 01 Nov 2023 07:04:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205647
IP address blocks: 151.242.0.0/21 maxlen: 21
151.242.8.0/22 maxlen: 22
31.56.116.0/24 maxlen: 24
151.241.224.0/21 maxlen: 21
151.247.214.0/23 maxlen: 23
151.247.216.0/21 maxlen: 21
151.247.224.0/22 maxlen: 22
151.247.232.0/22 maxlen: 22
151.247.228.0/22 maxlen: 22
151.247.238.0/23 maxlen: 23
151.247.237.0/24 maxlen: 24
151.247.240.0/24 maxlen: 24
151.247.236.0/24 maxlen: 24
151.247.241.0/24 maxlen: 24
151.247.248.0/22 maxlen: 22
31.58.240.0/20 maxlen: 20
151.244.52.0/22 maxlen: 22
151.244.56.0/21 maxlen: 21
85.15.49.0/24 maxlen: 24
85.15.48.0/24 maxlen: 24
151.244.64.0/21 maxlen: 21
151.244.72.0/22 maxlen: 22
151.240.240.0/21 maxlen: 21
31.59.12.0/22 maxlen: 22
94.183.192.0/18 maxlen: 18
31.56.64.0/19 maxlen: 19
31.56.96.0/20 maxlen: 20
31.56.0.0/18 maxlen: 18
94.182.244.0/23 maxlen: 23
94.182.248.0/23 maxlen: 23
94.183.0.0/18 maxlen: 18
151.240.80.0/21 maxlen: 21
94.182.192.0/18 maxlen: 18
94.182.204.0/24 maxlen: 24
94.182.205.0/24 maxlen: 24
94.182.206.0/24 maxlen: 24
94.182.204.0/22 maxlen: 22
94.182.207.0/24 maxlen: 24
94.182.217.0/24 maxlen: 24
94.182.226.0/24 maxlen: 24
94.182.222.0/23 maxlen: 23
94.182.232.0/23 maxlen: 23
94.182.228.0/22 maxlen: 22
94.182.240.0/23 maxlen: 23
94.182.234.0/23 maxlen: 23
151.240.168.0/22 maxlen: 22
151.240.192.0/21 maxlen: 21
94.183.128.0/18 maxlen: 18
151.244.48.0/22 maxlen: 22
31.58.236.0/22 maxlen: 22
94.183.64.0/18 maxlen: 18
94.182.41.0/24 maxlen: 24
94.182.56.0/22 maxlen: 22
94.182.60.0/22 maxlen: 22
94.182.64.0/18 maxlen: 18
94.182.72.0/21 maxlen: 21
94.182.97.192/28 maxlen: 28
94.182.0.0/18 maxlen: 18
94.182.8.0/23 maxlen: 23
94.182.12.0/23 maxlen: 23
94.182.82.0/24 maxlen: 24
94.182.116.0/22 maxlen: 22
94.182.114.0/23 maxlen: 23
94.182.120.0/21 maxlen: 21
94.182.128.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:89:b2:75:c5:7e:7a:16:5a:91:30:85:69:cb:b7:6f:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Nov 1 07:04:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7472abea2ffaca28a2f722e85e7fc30335ac5cd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:69:f9:70:fb:03:51:e5:52:3b:9f:2a:16:13:
5b:97:bd:6f:ed:21:ff:c2:08:5d:12:e9:19:70:92:
c9:79:47:68:06:d8:30:9a:03:5f:d5:a2:2c:58:3f:
e4:61:6e:b3:b6:ea:0c:03:ee:0b:ef:43:26:63:94:
57:34:15:61:3e:6c:26:7e:d2:c8:82:bf:f0:3c:36:
0f:72:28:a6:43:a7:15:05:e1:92:06:33:da:89:19:
8d:77:a8:5f:e6:c0:bc:31:22:80:1d:83:67:dd:ef:
53:d2:d9:10:a1:41:3b:6d:f8:5e:6d:e2:01:5d:aa:
ff:1f:9f:ca:2a:ff:91:29:b2:36:3a:8e:43:87:29:
1a:f5:79:62:04:92:68:2e:38:f7:87:a8:8d:a2:6d:
99:9d:67:d2:be:06:bc:90:05:87:50:77:7d:1b:83:
e5:d0:f1:ea:ba:ea:51:7e:2a:d2:eb:a5:e4:31:6f:
95:db:db:1f:0f:4c:65:61:a7:92:08:8f:14:f2:0e:
75:99:d7:1f:bb:59:6e:b6:fa:70:89:e0:4b:e7:3b:
dc:af:97:e8:8d:1e:e2:df:13:bd:bd:23:39:82:e0:
43:46:01:08:3d:47:23:45:64:fa:eb:23:21:8a:3f:
36:9c:b8:29:12:92:5f:9f:c7:39:38:25:65:64:a8:
fb:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:72:AB:EA:2F:FA:CA:28:A2:F7:22:E8:5E:7F:C3:03:35:AC:5C:D2
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/dHKr6i_6yiii9yLoXn_DAzWsXNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.0.0-31.56.111.255
31.56.116.0/24
31.58.236.0-31.58.255.255
31.59.12.0/22
85.15.48.0/23
94.182.0.0/15
151.240.80.0/21
151.240.168.0/22
151.240.192.0/21
151.240.240.0/21
151.241.224.0/21
151.242.0.0-151.242.11.255
151.244.48.0-151.244.75.255
151.247.214.0-151.247.241.255
151.247.248.0/22
Signature Algorithm: sha256WithRSAEncryption
25:e0:4e:85:4d:17:f6:79:b9:bf:6a:c0:a8:c6:8b:b0:4c:8b:
98:17:13:25:3f:e3:3e:55:e3:db:dd:43:f8:da:93:11:c3:d8:
96:e3:91:f1:27:3b:ce:14:a7:af:0a:e2:3e:e2:83:c9:57:75:
e7:6b:73:4e:1f:97:de:11:a3:0d:05:af:8b:2c:e5:cc:42:82:
8c:ee:1b:f6:69:64:53:0a:d4:45:16:ff:25:6e:41:43:c4:e3:
4a:80:09:e5:11:3c:cc:9f:84:47:a7:1e:d6:7a:78:79:0c:f9:
22:a0:7f:0e:7f:a8:fd:58:3b:03:f3:2f:3b:61:36:38:83:f7:
b9:7b:15:99:6b:bd:6c:f9:ba:43:7b:99:34:03:e6:ea:28:8a:
63:d5:83:09:75:5e:df:b8:74:cf:cc:a4:65:7b:e4:52:18:5e:
13:bd:16:bd:08:8c:ba:a0:e1:1a:46:a4:43:bf:57:b8:d1:cb:
15:c1:f5:08:ae:8c:a0:a4:1b:50:b8:b5:f0:01:0f:a0:91:9b:
e9:7c:99:87:82:6a:8a:66:57:49:0c:3c:cf:87:a0:cf:be:30:
40:bf:46:dd:d8:97:d8:43:69:19:e5:9c:96:70:0a:1d:e8:9b:
40:08:f7:81:b2:77:c3:56:60:b4:9a:f7:87:e7:18:0f:29:4e:
1c:af:93:26
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYuJsnXFfnoWWpEwhWnLt2/vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjMxMTAxMDcwNDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDcyYWJlYTJmZmFjYTI4YTJmNzIyZTg1ZTdmYzMwMzM1YWM1Y2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgmn5cPsDUeVSO58qFhNbl71v7SH/
wghdEukZcJLJeUdoBtgwmgNf1aIsWD/kYW6ztuoMA+4L70MmY5RXNBVhPmwmftLI
gr/wPDYPciimQ6cVBeGSBjPaiRmNd6hf5sC8MSKAHYNn3e9T0tkQoUE7bfhebeIB
Xar/H5/KKv+RKbI2Oo5Dhyka9XliBJJoLjj3h6iNom2ZnWfSvga8kAWHUHd9G4Pl
0PHquupRfirS66XkMW+V29sfD0xlYaeSCI8U8g51mdcfu1lutvpwieBL5zvcr5fo
jR7i3xO9vSM5guBDRgEIPUcjRWT66yMhij82nLgpEpJfn8c5OCVlZKj7yQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFHRyq+ov+sooovci6F5/wwM1rFzSMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvZEhLcjZpXzZ5aWlpOXlMb1huX0RBeldzWE5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfjALAwMD
HzgDBAQfOGADBAAfOHQwCwMEAh867AMDAB86AwQCHzsMAwQBVQ8wAwMBXrYDBAOX
8FADBAKX8KgDBAOX8MADBAOX8PADBAOX8eAwCwMDAZfyAwQCl/IIMAwDBASX9DAD
BAKX9EgwDAMEAZf31gMEAZf38AMEApf3+DANBgkqhkiG9w0BAQsFAAOCAQEAJeBO
hU0X9nm5v2rAqMaLsEyLmBcTJT/jPlXj291D+NqTEcPYluOR8Sc7zhSnrwriPuKD
yVd152tzTh+X3hGjDQWviyzlzEKCjO4b9mlkUwrURRb/JW5BQ8TjSoAJ5RE8zJ+E
R6ce1np4eQz5IqB/Dn+o/Vg7A/MvO2E2OIP3uXsVmWu9bPm6Q3uZNAPm6iiKY9WD
CXVe37h0z8ykZXvkUhheE70WvQiMuqDhGkakQ79XuNHLFcH1CK6MoKQbULi18AEP
oJGb6XyZh4JqimZXSQw8z4egz74wQL9G3diX2ENpGeWclnAKHeibQAj3gbJ3w1Zg
tJr3h+cYDylOHK+TJg==
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:06:20 2025 by rpki-client