Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/4xr5oZmckFb7q8yXUKznrcN7a0M.roa
File: 4xr5oZmckFb7q8yXUKznrcN7a0M.roa (raw, json)
Hash identifier: qX6EozMhm/tOsXpHvWbG8RPt/V19BcxFK9M9UUwxSY0=
Subject key identifier: E3:1A:F9:A1:99:9C:90:56:FB:AB:CC:97:50:AC:E7:AD:C3:7B:6B:43
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 018636AE31FBBE68E39518EF33923AF098AA
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/4xr5oZmckFb7q8yXUKznrcN7a0M.roa
Signing time: Thu 09 Feb 2023 14:57:11 +0000
ROA not before: Thu 09 Feb 2023 14:57:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12325
IP address blocks: 94.177.28.0/24 maxlen: 24
86.105.144.0/22 maxlen: 24
185.18.224.0/23 maxlen: 24
89.35.124.0/23 maxlen: 24
89.35.130.0/23 maxlen: 24
89.46.128.0/22 maxlen: 24
89.46.42.0/24 maxlen: 24
188.213.212.0/24 maxlen: 24
188.213.216.0/24 maxlen: 24
89.47.36.0/24 maxlen: 24
188.215.40.0/22 maxlen: 24
92.114.32.0/24 maxlen: 24
89.40.222.0/23 maxlen: 24
92.114.54.0/24 maxlen: 24
31.14.228.0/22 maxlen: 24
89.46.232.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:36:ae:31:fb:be:68:e3:95:18:ef:33:92:3a:f0:98:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Feb 9 14:57:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e31af9a1999c9056fbabcc9750ace7adc37b6b43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:16:1f:7f:8f:09:b8:80:04:8b:3c:25:f6:0e:
20:6c:b2:32:30:99:e5:73:f8:d8:7c:db:c6:36:a8:
25:b5:6e:6e:73:45:d5:26:a3:3e:74:47:78:da:1c:
66:ba:fc:96:7b:00:21:5f:af:18:13:77:2f:eb:24:
f2:dd:04:c2:5b:29:c2:75:40:a5:c9:cb:ee:a3:fb:
60:04:70:d4:ec:87:34:49:18:5e:bc:9c:66:5f:c9:
4b:f5:31:f5:c3:2a:3e:cd:b9:ab:96:3c:75:3c:af:
6b:ca:f4:ab:e3:99:ae:d6:5e:78:1d:5c:13:2e:a6:
28:d9:de:bd:c0:ae:95:f6:9c:f0:7d:78:4d:68:bf:
2b:da:83:bf:04:db:39:88:b5:d6:7a:47:e5:f8:10:
e2:6a:cb:e0:ef:9d:a9:60:2d:07:55:72:d8:77:97:
81:85:38:5c:80:84:1d:55:3c:3d:cc:05:b8:c6:e7:
af:c4:44:77:63:ea:51:21:2f:01:4f:97:fc:38:f9:
fc:0a:fd:1a:4e:d3:92:d3:11:14:90:ff:10:c2:f7:
92:71:5f:81:21:25:3a:4f:7c:b5:c7:47:c9:ec:d7:
2e:8a:b9:c9:4d:4d:81:48:b4:d6:e6:ba:50:a5:84:
99:53:79:d4:23:78:6d:97:68:44:31:d9:56:f0:59:
e1:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:1A:F9:A1:99:9C:90:56:FB:AB:CC:97:50:AC:E7:AD:C3:7B:6B:43
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/4xr5oZmckFb7q8yXUKznrcN7a0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.228.0/22
86.105.144.0/22
89.35.124.0/23
89.35.130.0/23
89.40.222.0/23
89.46.42.0/24
89.46.128.0/22
89.46.232.0/21
89.47.36.0/24
92.114.32.0/24
92.114.54.0/24
94.177.28.0/24
185.18.224.0/23
188.213.212.0/24
188.213.216.0/24
188.215.40.0/22
Signature Algorithm: sha256WithRSAEncryption
b0:6f:26:7d:1a:56:70:00:f8:4e:41:c6:3e:c3:6c:d7:ad:64:
39:69:2e:4f:f5:4d:f7:a0:13:54:f9:8c:54:bc:32:b3:0f:76:
1d:b8:8f:58:1c:f4:4c:c3:9f:b9:76:d3:9e:f7:37:07:f3:43:
82:0e:1b:89:65:e7:aa:18:f9:83:29:52:9b:ef:fe:5c:7b:0e:
64:c0:8b:1e:56:c3:29:91:9b:d6:a1:87:6b:5a:c8:8d:70:86:
e6:62:b8:78:d1:10:d2:ed:15:36:df:c7:a1:2d:82:30:f9:ed:
38:d5:77:3d:1b:34:d7:9d:c5:97:bf:7a:fa:aa:21:87:8b:f4:
4c:0d:bd:37:8d:1f:08:25:c8:6b:45:83:88:cb:40:72:12:cb:
15:10:6f:4d:3a:ea:50:68:e5:d3:e2:86:4a:4c:a3:4e:5e:86:
55:2e:b2:fd:8f:74:ed:8f:06:66:0c:10:99:5e:5f:83:7f:42:
4f:57:6f:15:6b:95:cc:d1:88:1c:3c:83:7a:84:3f:f2:4a:dc:
db:3f:0b:af:a4:49:60:2a:52:96:1a:90:9c:78:7e:0f:40:a4:
d1:85:e0:d5:64:1e:b0:63:69:fd:c3:01:bc:d5:fa:4f:d2:8e:
f3:d2:8c:66:30:0b:6d:d8:72:c2:30:7c:41:a5:02:de:fc:ca:
73:4b:d7:25
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAYY2rjH7vmjjlRjvM5I68JiqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjMwMjA5MTQ1NzExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzFhZjlhMTk5OWM5MDU2ZmJhYmNjOTc1MGFjZTdhZGMzN2I2YjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlBYff48JuIAEizwl9g4gbLIyMJnl
c/jYfNvGNqgltW5uc0XVJqM+dEd42hxmuvyWewAhX68YE3cv6yTy3QTCWynCdUCl
ycvuo/tgBHDU7Ic0SRhevJxmX8lL9TH1wyo+zbmrljx1PK9ryvSr45mu1l54HVwT
LqYo2d69wK6V9pzwfXhNaL8r2oO/BNs5iLXWekfl+BDiasvg752pYC0HVXLYd5eB
hThcgIQdVTw9zAW4xuevxER3Y+pRIS8BT5f8OPn8Cv0aTtOS0xEUkP8QwveScV+B
ISU6T3y1x0fJ7NcuirnJTU2BSLTW5rpQpYSZU3nUI3htl2hEMdlW8FnhaQIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFOMa+aGZnJBW+6vMl1Cs563De2tDMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xLzR4cjVvWm1ja0ZiN3E4eVhVS3pucmNON2EwTS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIweQYIKwYBBQUHAQcBAf8EajBoMGYEAgABMGADBAIfDuQD
BAJWaZADBAFZI3wDBAFZI4IDBAFZKN4DBABZLioDBAJZLoADBANZLugDBABZLyQD
BABcciADBABccjYDBABesRwDBAG5EuADBAC81dQDBAC81dgDBAK81ygwDQYJKoZI
hvcNAQELBQADggEBALBvJn0aVnAA+E5Bxj7DbNetZDlpLk/1TfegE1T5jFS8MrMP
dh24j1gc9EzDn7l20573NwfzQ4IOG4ll56oY+YMpUpvv/lx7DmTAix5WwymRm9ah
h2tayI1whuZiuHjRENLtFTbfx6EtgjD57TjVdz0bNNedxZe/evqqIYeL9EwNvTeN
HwglyGtFg4jLQHISyxUQb0066lBo5dPihkpMo05ehlUusv2PdO2PBmYMEJleX4N/
Qk9XbxVrlczRiBw8g3qEP/JK3Ns/C6+kSWAqUpYakJx4fg9ApNGF4NVkHrBjaf3D
AbzV+k/SjvPSjGYwC23YcsIwfEGlAt78ynNL1yU=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:49 2023 by rpki-client on console-ams.rpki-client.org