Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/sA33_SAxEbVV5WOVVbuxk_W2k6U.roa
File: sA33_SAxEbVV5WOVVbuxk_W2k6U.roa (raw, json)
Hash identifier: mnvkUV3zdhsaRd+iA362tnAEwnaPFr6U9G07yE8zL0Q=
Subject key identifier: B0:0D:F7:FD:20:31:11:B5:55:E5:63:95:55:BB:B1:93:F5:B6:93:A5
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 393716FB
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/sA33_SAxEbVV5WOVVbuxk_W2k6U.roa
Signing time: Mon 20 Jun 2022 04:57:44 +0000
ROA not before: Mon 20 Jun 2022 04:57:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205647
IP address blocks: 151.247.216.0/21 maxlen: 21
94.182.41.0/24 maxlen: 24
151.247.214.0/23 maxlen: 23
151.247.224.0/22 maxlen: 22
151.240.80.0/21 maxlen: 21
31.56.116.0/24 maxlen: 24
85.15.49.0/24 maxlen: 24
85.15.48.0/24 maxlen: 24
94.182.206.0/24 maxlen: 24
94.182.204.0/24 maxlen: 24
94.182.204.0/22 maxlen: 22
94.182.205.0/24 maxlen: 24
94.182.207.0/24 maxlen: 24
94.182.217.0/24 maxlen: 24
94.182.226.0/24 maxlen: 24
94.182.8.0/23 maxlen: 23
94.182.12.0/23 maxlen: 23
94.182.228.0/22 maxlen: 22
31.56.64.0/19 maxlen: 19
31.56.96.0/20 maxlen: 20
31.56.0.0/18 maxlen: 18
94.182.116.0/22 maxlen: 22
94.182.120.0/21 maxlen: 21
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 959911675 (0x393716fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Jun 20 04:57:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b00df7fd203111b555e5639555bbb193f5b693a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:8a:c1:91:22:9d:f2:54:6e:73:b0:c1:48:c3:
c3:33:d8:0b:75:24:d1:35:f6:f8:57:27:4b:76:11:
5f:75:0e:43:a0:03:e9:ae:36:bb:be:68:46:a3:cf:
78:76:55:03:f7:54:f9:87:99:0c:53:8d:a7:ad:dc:
fb:a4:79:d6:5c:ea:4b:f4:a3:27:3d:e4:b5:37:ad:
c9:d9:16:5c:46:d8:82:fc:6d:ed:17:35:cb:0e:fc:
ee:58:00:fa:dd:cb:a2:11:64:c0:c4:ac:97:28:66:
9e:be:02:29:02:20:d3:9f:f4:31:a8:a1:97:ce:05:
dc:61:a4:c1:48:19:a0:3c:eb:e9:0e:44:42:0f:2f:
f0:28:50:4e:ef:f8:24:78:fe:cc:26:0a:81:a0:8a:
e5:05:c3:34:4d:6e:ae:38:5f:e2:34:21:fc:68:e1:
40:e1:69:35:4e:eb:26:ac:d8:36:01:51:c5:bf:97:
31:c2:3f:07:a8:6c:34:02:bd:4b:2f:b6:1c:62:54:
ba:18:1f:8f:84:04:18:94:d5:77:b8:0c:23:72:bd:
f3:f7:9b:97:f3:1a:c6:42:c5:23:a6:2b:79:18:3d:
ad:44:6b:f7:3f:61:5e:3a:86:e2:95:7c:19:ff:d9:
8a:c3:6a:2c:5e:a5:7e:73:a6:96:8d:d0:0b:b6:95:
a2:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:0D:F7:FD:20:31:11:B5:55:E5:63:95:55:BB:B1:93:F5:B6:93:A5
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/sA33_SAxEbVV5WOVVbuxk_W2k6U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.0.0-31.56.111.255
31.56.116.0/24
85.15.48.0/23
94.182.8.0/23
94.182.12.0/23
94.182.41.0/24
94.182.116.0-94.182.127.255
94.182.204.0/22
94.182.217.0/24
94.182.226.0/24
94.182.228.0/22
151.240.80.0/21
151.247.214.0-151.247.227.255
Signature Algorithm: sha256WithRSAEncryption
31:36:8d:eb:77:68:93:59:29:4e:96:69:61:69:b9:1c:79:7d:
7e:6e:45:62:2b:aa:64:14:cf:1f:59:ef:52:d1:93:81:f4:89:
22:e6:be:10:58:4f:0c:13:93:d4:42:2e:cf:62:76:15:41:bd:
49:b7:0c:64:72:0a:52:73:88:0f:ca:a2:3f:ed:73:9c:b9:7c:
ee:c2:f4:67:79:e9:ab:f6:cc:b6:db:f4:27:3b:50:5c:bc:93:
86:e4:66:7b:33:db:2f:47:7a:b2:31:56:bf:cc:92:21:59:dc:
d9:1a:73:20:39:ec:2d:5f:49:35:8b:fb:22:fe:7a:22:b5:f5:
9e:11:1f:1a:04:3e:30:58:03:e7:ab:ad:42:a1:ed:2c:76:b5:
22:82:42:5d:30:ba:4e:9c:70:ec:df:07:a4:56:af:1d:dd:f2:
dd:40:b0:de:f7:05:3d:9d:32:fd:f6:04:38:6a:7c:c7:3f:9d:
ce:9e:59:29:0c:67:9f:8e:95:92:8a:60:c7:e3:2a:92:35:fa:
c0:3b:60:26:fd:0a:11:94:be:53:0c:98:36:ed:69:df:5d:15:
ca:f3:31:73:f1:82:d9:22:c7:04:c0:fd:a7:9d:ac:36:4a:60:
74:4d:ce:61:f3:8d:0f:1b:4f:87:89:23:62:53:d0:68:72:49:
6f:2b:12:07
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgIEOTcW+zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZGY0OTE0ODhhN2NkODQ0OGE0MjA5NDU4NzFjMGI5OTY3MmRjNjZlMB4XDTIyMDYy
MDA0NTc0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjAwZGY3ZmQyMDMx
MTFiNTU1ZTU2Mzk1NTViYmIxOTNmNWI2OTNhNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMaKwZEinfJUbnOwwUjDwzPYC3Uk0TX2+FcnS3YRX3UOQ6AD
6a42u75oRqPPeHZVA/dU+YeZDFONp63c+6R51lzqS/SjJz3ktTetydkWXEbYgvxt
7Rc1yw787lgA+t3LohFkwMSslyhmnr4CKQIg05/0Maihl84F3GGkwUgZoDzr6Q5E
Qg8v8ChQTu/4JHj+zCYKgaCK5QXDNE1urjhf4jQh/GjhQOFpNU7rJqzYNgFRxb+X
McI/B6hsNAK9Sy+2HGJUuhgfj4QEGJTVd7gMI3K98/ebl/MaxkLFI6YreRg9rURr
9z9hXjqG4pV8Gf/ZisNqLF6lfnOmlo3QC7aVor8CAwEAAaOCAmgwggJkMB0GA1Ud
DgQWBBSwDff9IDERtVXlY5VVu7GT9baTpTAfBgNVHSMEGDAWgBSt9JFIinzYRIpC
CUWHHAuZZy3GbjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JmU1JTSXA4MkVTS1FnbEZoeHdMbVdjdHhtNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzIvNzE1ZDE1LTI4MTAtNDgyNy04ZGJkLTBiZWUwNjEyNmIxYS8x
L3NBMzNfU0F4RWJWVjVXT1ZWYnV4a19XMms2VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzIv
NzE1ZDE1LTI4MTAtNDgyNy04ZGJkLTBiZWUwNjEyNmIxYS8xL3JmU1JTSXA4MkVT
S1FnbEZoeHdMbVdjdHhtNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB+
BggrBgEFBQcBBwEB/wRvMG0wawQCAAEwZTALAwMDHzgDBAQfOGADBAAfOHQDBAFV
DzADBAFetggDBAFetgwDBABetikwDAMEAl62dAMEB162AAMEAl62zAMEAF622QME
AF624gMEAl625AMEA5fwUDAMAwQBl/fWAwQCl/fgMA0GCSqGSIb3DQEBCwUAA4IB
AQAxNo3rd2iTWSlOlmlhabkceX1+bkViK6pkFM8fWe9S0ZOB9Iki5r4QWE8ME5PU
Qi7PYnYVQb1JtwxkcgpSc4gPyqI/7XOcuXzuwvRneemr9sy22/QnO1BcvJOG5GZ7
M9svR3qyMVa/zJIhWdzZGnMgOewtX0k1i/si/noitfWeER8aBD4wWAPnq61Coe0s
drUigkJdMLpOnHDs3wekVq8d3fLdQLDe9wU9nTL99gQ4anzHP53OnlkpDGefjpWS
imDH4yqSNfrAO2Am/QoRlL5TDJg27WnfXRXK8zFz8YLZIscEwP2nnaw2SmB0Tc5h
840PG0+HiSNiU9BocklvKxIH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:52 2024 by rpki-client on console-fra.rpki-client.org