Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/3EDywXhIBToEtOC42YM2A_Gc1o0.roa
File: 3EDywXhIBToEtOC42YM2A_Gc1o0.roa (raw, json)
Hash identifier: /gzTpMrBtS2Jv33pAs9lWne82tPPBQNIB9S95TCvyLc=
Subject key identifier: DC:40:F2:C1:78:48:05:3A:04:B4:E0:B8:D9:83:36:03:F1:9C:D6:8D
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 0186B7B30E46E421B1D4A2FAF2E4ECB9FB90
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/3EDywXhIBToEtOC42YM2A_Gc1o0.roa
Signing time: Mon 06 Mar 2023 16:13:30 +0000
ROA not before: Mon 06 Mar 2023 16:13:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12325
IP address blocks: 94.177.28.0/24 maxlen: 24
86.105.144.0/22 maxlen: 24
185.18.224.0/23 maxlen: 24
89.37.107.0/24 maxlen: 24
86.106.26.0/24 maxlen: 24
89.35.124.0/23 maxlen: 24
93.114.176.0/23 maxlen: 24
89.45.162.0/24 maxlen: 24
89.46.128.0/22 maxlen: 24
89.39.94.0/23 maxlen: 24
89.40.70.0/24 maxlen: 24
94.177.144.0/24 maxlen: 24
89.39.123.0/24 maxlen: 24
188.213.216.0/24 maxlen: 24
89.45.228.0/24 maxlen: 24
188.215.40.0/22 maxlen: 24
92.114.32.0/24 maxlen: 24
86.107.100.0/24 maxlen: 24
89.40.222.0/23 maxlen: 24
89.45.35.0/24 maxlen: 24
92.114.54.0/24 maxlen: 24
31.14.228.0/22 maxlen: 24
89.46.232.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b7:b3:0e:46:e4:21:b1:d4:a2:fa:f2:e4:ec:b9:fb:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Mar 6 16:13:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc40f2c17848053a04b4e0b8d9833603f19cd68d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:66:f9:51:0c:e2:48:e3:6d:19:25:0a:02:9b:
13:d8:90:34:ca:3a:a7:be:c5:55:1a:19:79:78:de:
92:42:df:b6:c9:28:5c:74:88:66:81:07:f3:da:1d:
b5:46:65:02:b1:c4:57:e4:74:93:42:65:2e:a1:ce:
c2:88:5c:b6:63:b6:37:71:cd:86:8c:ee:4e:d3:e9:
8f:09:b5:89:7c:a1:40:0c:b6:22:05:31:46:5c:c9:
98:e1:6d:84:e7:f6:c0:22:a5:7c:52:bf:54:c8:02:
7a:ad:16:ec:02:5d:49:36:59:d0:d8:9c:33:24:a5:
8f:03:95:7a:20:db:04:0f:ef:da:bc:24:96:88:41:
d0:08:db:e9:07:46:ec:80:6e:d5:5e:30:ed:f6:0e:
ec:53:66:e6:5f:9b:4a:f4:36:ab:3d:7b:b5:d2:53:
69:ea:94:06:bb:58:61:3c:01:35:4f:aa:55:ec:86:
04:d9:43:c9:04:ba:0e:be:a9:83:1f:2b:4c:c5:7d:
36:63:7a:53:ed:ef:4a:82:8b:fc:9f:07:8f:a0:c9:
92:f9:33:f5:47:30:97:ca:1a:07:9f:74:74:12:9e:
83:b0:a4:f5:68:f1:d0:d5:0c:51:5a:82:57:3a:de:
e9:e2:ef:fb:c1:ba:64:2e:d3:88:bc:66:7a:c8:d4:
83:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:40:F2:C1:78:48:05:3A:04:B4:E0:B8:D9:83:36:03:F1:9C:D6:8D
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/3EDywXhIBToEtOC42YM2A_Gc1o0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.228.0/22
86.105.144.0/22
86.106.26.0/24
86.107.100.0/24
89.35.124.0/23
89.37.107.0/24
89.39.94.0/23
89.39.123.0/24
89.40.70.0/24
89.40.222.0/23
89.45.35.0/24
89.45.162.0/24
89.45.228.0/24
89.46.128.0/22
89.46.232.0/21
92.114.32.0/24
92.114.54.0/24
93.114.176.0/23
94.177.28.0/24
94.177.144.0/24
185.18.224.0/23
188.213.216.0/24
188.215.40.0/22
Signature Algorithm: sha256WithRSAEncryption
56:6e:46:cc:b2:bb:57:21:f3:6d:bb:a4:62:46:da:bf:61:a9:
9d:9b:a9:9b:3b:2c:4c:cf:bb:4a:e4:c1:f2:7f:ae:52:60:dc:
e7:22:ac:39:f4:72:bb:ec:e9:f5:32:4e:16:00:1d:52:5e:b6:
70:db:cb:ae:17:67:db:de:48:c4:38:60:63:1b:2c:61:7b:f8:
e4:e7:96:69:9c:ef:d0:2e:d5:7a:aa:fa:0b:35:35:c1:d9:8e:
36:75:50:72:8b:71:30:82:d1:41:d7:b1:8f:19:6f:33:a1:5a:
6f:24:9e:5b:46:36:1f:86:61:e1:f0:2a:e6:c0:60:56:ab:24:
ea:a9:d4:f0:72:0a:15:c3:df:83:d4:aa:26:e0:a5:02:10:b7:
37:a8:c2:d5:ca:e1:05:ad:84:d9:8e:af:67:1f:bc:83:27:f7:
5e:4e:e8:2f:fc:4d:e5:8d:25:2c:39:36:41:6b:a7:a0:e9:57:
15:85:25:9b:6a:16:cd:83:7a:12:bb:3c:af:05:95:67:5b:a9:
58:29:ba:e2:42:c1:c2:6a:e2:5c:e3:42:3d:ba:e5:6f:60:c4:
1f:37:60:5a:06:02:06:84:28:7f:92:5a:9a:dd:6f:c4:84:ad:
af:02:80:f8:0c:9b:96:80:8f:7b:68:db:fe:f4:2a:ad:c5:29:
43:b5:e5:ee
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAYa3sw5G5CGx1KL68uTsufuQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjMwMzA2MTYxMzMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzQwZjJjMTc4NDgwNTNhMDRiNGUwYjhkOTgzMzYwM2YxOWNkNjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmb5UQziSONtGSUKApsT2JA0yjqn
vsVVGhl5eN6SQt+2yShcdIhmgQfz2h21RmUCscRX5HSTQmUuoc7CiFy2Y7Y3cc2G
jO5O0+mPCbWJfKFADLYiBTFGXMmY4W2E5/bAIqV8Ur9UyAJ6rRbsAl1JNlnQ2Jwz
JKWPA5V6INsED+/avCSWiEHQCNvpB0bsgG7VXjDt9g7sU2bmX5tK9DarPXu10lNp
6pQGu1hhPAE1T6pV7IYE2UPJBLoOvqmDHytMxX02Y3pT7e9Kgov8nwePoMmS+TP1
RzCXyhoHn3R0Ep6DsKT1aPHQ1QxRWoJXOt7p4u/7wbpkLtOIvGZ6yNSDdQIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFNxA8sF4SAU6BLTguNmDNgPxnNaNMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xLzNFRHl3WGhJQlRvRXRPQzQyWU0yQV9HYzFvMC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgacGCCsGAQUFBwEHAQH/BIGXMIGUMIGRBAIAATCBigME
Ah8O5AMEAlZpkAMEAFZqGgMEAFZrZAMEAVkjfAMEAFklawMEAVknXgMEAFknewME
AFkoRgMEAVko3gMEAFktIwMEAFktogMEAFkt5AMEAlkugAMEA1ku6AMEAFxyIAME
AFxyNgMEAV1ysAMEAF6xHAMEAF6xkAMEAbkS4AMEALzV2AMEArzXKDANBgkqhkiG
9w0BAQsFAAOCAQEAVm5GzLK7VyHzbbukYkbav2GpnZupmzssTM+7SuTB8n+uUmDc
5yKsOfRyu+zp9TJOFgAdUl62cNvLrhdn295IxDhgYxssYXv45OeWaZzv0C7Veqr6
CzU1wdmONnVQcotxMILRQdexjxlvM6FabySeW0Y2H4Zh4fAq5sBgVqsk6qnU8HIK
FcPfg9SqJuClAhC3N6jC1crhBa2E2Y6vZx+8gyf3Xk7oL/xN5Y0lLDk2QWunoOlX
FYUlm2oWzYN6Ers8rwWVZ1upWCm64kLBwmriXONCPbrlb2DEHzdgWgYCBoQof5Ja
mt1vxIStrwKA+AybloCPe2jb/vQqrcUpQ7Xl7g==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:49 2023 by rpki-client on console-ams.rpki-client.org