Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/E7w6uPziWHCtUYS5vChaBOsXPL4.roa
File: E7w6uPziWHCtUYS5vChaBOsXPL4.roa (raw, json)
Hash identifier: cRDG/YDyWPzH+IofWaeugGQ49Ttc+YG9zqia0Wm00yI=
Subject key identifier: 13:BC:3A:B8:FC:E2:58:70:AD:51:84:B9:BC:28:5A:04:EB:17:3C:BE
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 01862C283B1C59834F6237494AC0CE708EA8
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/E7w6uPziWHCtUYS5vChaBOsXPL4.roa
Signing time: Tue 07 Feb 2023 13:54:39 +0000
ROA not before: Tue 07 Feb 2023 13:54:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12325
IP address blocks: 94.177.28.0/24 maxlen: 24
86.105.144.0/22 maxlen: 24
185.18.224.0/23 maxlen: 24
89.35.124.0/23 maxlen: 24
89.35.130.0/23 maxlen: 24
89.46.128.0/22 maxlen: 24
89.46.42.0/24 maxlen: 24
188.213.212.0/24 maxlen: 24
188.213.216.0/24 maxlen: 24
89.47.36.0/24 maxlen: 24
188.215.40.0/22 maxlen: 24
92.114.32.0/24 maxlen: 24
89.40.222.0/23 maxlen: 24
92.114.54.0/24 maxlen: 24
188.211.238.0/24 maxlen: 24
31.14.228.0/22 maxlen: 24
89.46.232.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:2c:28:3b:1c:59:83:4f:62:37:49:4a:c0:ce:70:8e:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Feb 7 13:54:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=13bc3ab8fce25870ad5184b9bc285a04eb173cbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a7:ce:55:05:db:87:d3:85:da:66:91:1c:a3:
0b:b0:93:73:af:6c:bf:95:79:85:9f:2e:a2:13:61:
50:d1:8b:80:08:2d:ff:00:95:ed:c7:f9:5f:e0:dd:
e4:9c:4e:6c:9b:b8:6e:b2:e3:d2:60:d8:51:77:0a:
5d:e8:c5:d3:49:65:bb:e5:7e:bc:9e:85:1d:07:e0:
ff:b3:63:16:b5:e6:89:a4:7e:9b:57:b1:c9:69:b8:
75:85:93:0f:48:c2:80:37:5e:ff:14:ce:f7:70:0e:
d1:51:98:cc:9d:31:6b:e6:54:b1:1d:1f:55:ab:f0:
7d:ee:f6:41:e5:87:a1:10:35:41:b5:2e:34:e6:2c:
4c:5e:a4:44:bc:8c:6a:8e:df:bd:82:28:70:9b:23:
b4:2f:e2:ce:29:79:fb:c6:0c:c9:75:25:7f:c9:92:
ac:b7:cc:16:30:05:cd:ee:0e:e1:76:8c:fc:d7:dc:
26:a3:07:9c:d2:50:65:de:e5:c8:9b:7a:e2:f3:05:
71:65:8a:05:ad:cd:ad:94:bd:a8:b6:4b:26:aa:a4:
e8:77:8c:4d:67:92:5e:12:cc:ab:44:03:81:80:8c:
82:50:da:aa:36:94:6b:95:6c:e3:ec:79:43:97:b5:
23:e9:35:e2:11:fd:46:df:bc:fa:93:fb:01:c6:1b:
9b:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:BC:3A:B8:FC:E2:58:70:AD:51:84:B9:BC:28:5A:04:EB:17:3C:BE
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/E7w6uPziWHCtUYS5vChaBOsXPL4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.228.0/22
86.105.144.0/22
89.35.124.0/23
89.35.130.0/23
89.40.222.0/23
89.46.42.0/24
89.46.128.0/22
89.46.232.0/21
89.47.36.0/24
92.114.32.0/24
92.114.54.0/24
94.177.28.0/24
185.18.224.0/23
188.211.238.0/24
188.213.212.0/24
188.213.216.0/24
188.215.40.0/22
Signature Algorithm: sha256WithRSAEncryption
02:15:6f:9f:7f:5b:a6:03:8a:36:40:67:41:6d:e4:4a:27:4e:
aa:16:83:28:9d:b5:d0:e0:1b:3d:86:37:e9:b0:9a:82:b4:97:
77:50:50:5b:c2:50:95:a8:f4:fe:9d:ef:ca:af:67:99:1b:6b:
9a:19:e6:a7:ad:ae:fe:a8:93:5f:f9:5f:c5:4a:e1:79:e5:ef:
61:e0:5a:1d:74:a2:d7:7c:a8:f0:0e:1b:72:48:b6:13:1c:ee:
bc:ac:07:33:24:c2:f1:1a:27:d6:7a:58:79:1e:9a:e3:53:56:
1a:5e:91:b8:e2:7a:dd:b6:d1:e5:38:3a:bf:aa:f9:0b:15:4d:
c8:78:91:51:93:19:dc:43:86:7f:74:ca:13:d0:d4:78:f6:63:
c3:2c:d7:0c:a5:35:8f:a5:77:73:f1:f6:66:03:de:db:e6:7b:
88:5f:c1:ef:c9:95:e1:3a:2d:67:18:47:43:57:d3:41:9f:be:
e6:09:6c:5f:b0:e3:bd:07:3d:41:4b:3c:a1:37:be:e0:8e:bb:
d3:91:b2:b0:98:82:50:e2:9c:16:44:b5:c2:0a:7b:53:7f:f4:
e9:33:15:1d:f5:ad:8a:24:a6:55:0d:d3:d0:20:c6:5b:3e:be:
8c:ec:83:d2:4d:c8:cb:21:fd:76:ea:d3:3c:f6:0a:7e:1f:7a:
6b:a9:2b:22
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgISAYYsKDscWYNPYjdJSsDOcI6oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjMwMjA3MTM1NDM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2JjM2FiOGZjZTI1ODcwYWQ1MTg0YjliYzI4NWEwNGViMTczY2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6fOVQXbh9OF2maRHKMLsJNzr2y/
lXmFny6iE2FQ0YuACC3/AJXtx/lf4N3knE5sm7husuPSYNhRdwpd6MXTSWW75X68
noUdB+D/s2MWteaJpH6bV7HJabh1hZMPSMKAN17/FM73cA7RUZjMnTFr5lSxHR9V
q/B97vZB5YehEDVBtS405ixMXqREvIxqjt+9gihwmyO0L+LOKXn7xgzJdSV/yZKs
t8wWMAXN7g7hdoz819wmowec0lBl3uXIm3ri8wVxZYoFrc2tlL2otksmqqTod4xN
Z5JeEsyrRAOBgIyCUNqqNpRrlWzj7HlDl7Uj6TXiEf1G37z6k/sBxhubzwIDAQAB
o4ICazCCAmcwHQYDVR0OBBYEFBO8Orj84lhwrVGEubwoWgTrFzy+MB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL0U3dzZ1UHppV0hDdFVZUzV2Q2hhQk9zWFBMNC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwfwYIKwYBBQUHAQcBAf8EcDBuMGwEAgABMGYDBAIfDuQD
BAJWaZADBAFZI3wDBAFZI4IDBAFZKN4DBABZLioDBAJZLoADBANZLugDBABZLyQD
BABcciADBABccjYDBABesRwDBAG5EuADBAC80+4DBAC81dQDBAC81dgDBAK81ygw
DQYJKoZIhvcNAQELBQADggEBAAIVb59/W6YDijZAZ0Ft5EonTqoWgyidtdDgGz2G
N+mwmoK0l3dQUFvCUJWo9P6d78qvZ5kba5oZ5qetrv6ok1/5X8VK4Xnl72HgWh10
otd8qPAOG3JIthMc7rysBzMkwvEaJ9Z6WHkemuNTVhpekbjiet220eU4Or+q+QsV
Tch4kVGTGdxDhn90yhPQ1Hj2Y8Ms1wylNY+ld3Px9mYD3tvme4hfwe/JleE6LWcY
R0NX00GfvuYJbF+w470HPUFLPKE3vuCOu9ORsrCYglDinBZEtcIKe1N/9OkzFR31
rYokplUN09Agxls+vozsg9JNyMsh/Xbq0zz2Cn4femupKyI=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:30:11 2025 by rpki-client