Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/dSEH0g7cIDnayth7dedxKQcr4Xs.roa
File: dSEH0g7cIDnayth7dedxKQcr4Xs.roa (raw, json)
Hash identifier: vJ4Yr4nNOgMB+M3hWAjcpCBdjMDdnoRR/wrtiHyvazs=
Subject key identifier: 75:21:07:D2:0E:DC:20:39:DA:CA:D8:7B:75:E7:71:29:07:2B:E1:7B
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 0187139CDC5D595B22FD0E3683EEFB1BB28F
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/dSEH0g7cIDnayth7dedxKQcr4Xs.roa
Signing time: Fri 24 Mar 2023 12:34:19 +0000
ROA not before: Fri 24 Mar 2023 12:34:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12325
IP address blocks: 94.177.28.0/24 maxlen: 24
86.105.144.0/22 maxlen: 24
185.18.224.0/23 maxlen: 24
89.37.107.0/24 maxlen: 24
86.106.26.0/24 maxlen: 24
89.35.124.0/23 maxlen: 24
93.114.176.0/23 maxlen: 24
89.46.128.0/22 maxlen: 24
89.39.94.0/23 maxlen: 24
94.177.144.0/24 maxlen: 24
89.39.123.0/24 maxlen: 24
89.45.228.0/24 maxlen: 24
188.215.40.0/22 maxlen: 24
89.40.222.0/23 maxlen: 24
31.14.228.0/22 maxlen: 24
89.46.232.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:13:9c:dc:5d:59:5b:22:fd:0e:36:83:ee:fb:1b:b2:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Mar 24 12:34:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=752107d20edc2039dacad87b75e77129072be17b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:47:d4:57:ac:79:7a:a3:a1:05:34:01:6d:b9:
bf:1e:f0:8c:62:6a:8c:2b:45:cb:2c:e9:68:8a:1c:
ca:6d:98:cb:86:2d:a0:47:b2:aa:55:bd:36:c4:06:
b9:39:7b:bc:38:f4:a9:d1:c8:e1:95:0c:27:62:10:
f2:e9:1e:c2:33:8a:d5:b7:1a:19:9d:85:2e:34:8d:
27:6f:c3:a4:d9:94:b4:e9:60:db:3e:54:f4:6d:d7:
5f:a0:c1:33:c4:cf:dd:98:d7:8d:20:54:4e:a6:e8:
43:7c:89:ef:60:0e:8c:19:42:b4:23:41:f3:b1:ee:
60:15:ee:58:f1:98:d1:bd:64:30:e0:2a:fc:34:2f:
69:57:9a:b6:46:96:22:56:6c:a1:6f:c9:d5:d6:f7:
8e:f8:4e:d9:9a:1e:34:6c:99:1c:ef:86:47:c0:48:
06:2d:53:62:6a:28:58:90:5e:82:97:d3:56:41:04:
80:e7:77:55:ce:d6:b4:90:20:01:e5:d6:70:9b:77:
a5:c5:11:68:6b:fe:cd:bf:2f:28:e0:ba:1e:40:d8:
88:fe:2d:60:5b:1b:9c:96:24:24:42:a5:49:1f:94:
23:79:7a:72:80:f0:11:b0:f9:14:fd:dd:76:14:27:
0f:97:26:80:73:2e:cc:b9:e5:91:00:bc:3c:57:9a:
bd:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:21:07:D2:0E:DC:20:39:DA:CA:D8:7B:75:E7:71:29:07:2B:E1:7B
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/dSEH0g7cIDnayth7dedxKQcr4Xs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.228.0/22
86.105.144.0/22
86.106.26.0/24
89.35.124.0/23
89.37.107.0/24
89.39.94.0/23
89.39.123.0/24
89.40.222.0/23
89.45.228.0/24
89.46.128.0/22
89.46.232.0/21
93.114.176.0/23
94.177.28.0/24
94.177.144.0/24
185.18.224.0/23
188.215.40.0/22
Signature Algorithm: sha256WithRSAEncryption
e0:0f:bb:1d:eb:f5:7a:74:d0:11:4b:7e:b8:1e:fc:f9:91:92:
db:31:af:c5:dd:1a:a0:55:e8:b4:f1:23:8d:4a:2c:d2:2d:56:
c2:19:de:91:80:0d:08:40:3c:b4:03:9b:70:cb:81:ab:67:ef:
1c:a2:94:6b:7c:98:a6:c7:fc:cd:63:98:93:5c:05:29:62:07:
48:45:33:b7:f3:d9:2e:c2:e4:ef:44:6d:9b:99:e3:85:de:50:
f1:dd:86:6a:dd:be:e0:d5:43:32:e7:c3:ef:1f:28:d1:cd:5d:
71:62:fe:d8:cb:d2:aa:a4:4f:0a:28:23:ad:97:9b:75:4e:d5:
a9:da:50:c8:6a:d1:ee:30:4d:c1:79:42:ce:4e:1f:30:8d:e2:
4c:12:84:97:04:24:44:a3:1f:b6:cc:65:b2:55:b9:10:d0:3d:
03:af:f0:ad:7b:ff:69:e8:9f:cf:7c:1e:38:c4:9a:d8:f2:c1:
fa:45:ad:66:34:fc:50:1b:6d:8d:97:15:a9:6e:ae:a3:5f:f4:
d2:7d:01:e6:14:9a:69:14:1e:86:5d:1a:b3:f6:6c:8d:6e:5c:
54:6e:88:3f:e6:87:ae:92:88:0b:b0:06:1a:49:ef:3e:22:ef:
21:1a:90:a9:1d:87:e9:98:1a:5b:ae:9c:cc:c3:32:3b:2e:70:
c9:ce:17:2f
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAYcTnNxdWVsi/Q42g+77G7KPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjMwMzI0MTIzNDE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTIxMDdkMjBlZGMyMDM5ZGFjYWQ4N2I3NWU3NzEyOTA3MmJlMTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0fUV6x5eqOhBTQBbbm/HvCMYmqM
K0XLLOloihzKbZjLhi2gR7KqVb02xAa5OXu8OPSp0cjhlQwnYhDy6R7CM4rVtxoZ
nYUuNI0nb8Ok2ZS06WDbPlT0bddfoMEzxM/dmNeNIFROpuhDfInvYA6MGUK0I0Hz
se5gFe5Y8ZjRvWQw4Cr8NC9pV5q2RpYiVmyhb8nV1veO+E7Zmh40bJkc74ZHwEgG
LVNiaihYkF6Cl9NWQQSA53dVzta0kCAB5dZwm3elxRFoa/7Nvy8o4LoeQNiI/i1g
WxucliQkQqVJH5QjeXpygPARsPkU/d12FCcPlyaAcy7MueWRALw8V5q9LQIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFHUhB9IO3CA52srYe3XncSkHK+F7MB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL2RTRUgwZzdjSURuYXl0aDdkZWR4S1FjcjRYcy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIweQYIKwYBBQUHAQcBAf8EajBoMGYEAgABMGADBAIfDuQD
BAJWaZADBABWahoDBAFZI3wDBABZJWsDBAFZJ14DBABZJ3sDBAFZKN4DBABZLeQD
BAJZLoADBANZLugDBAFdcrADBABesRwDBABesZADBAG5EuADBAK81ygwDQYJKoZI
hvcNAQELBQADggEBAOAPux3r9Xp00BFLfrge/PmRktsxr8XdGqBV6LTxI41KLNIt
VsIZ3pGADQhAPLQDm3DLgatn7xyilGt8mKbH/M1jmJNcBSliB0hFM7fz2S7C5O9E
bZuZ44XeUPHdhmrdvuDVQzLnw+8fKNHNXXFi/tjL0qqkTwooI62Xm3VO1anaUMhq
0e4wTcF5Qs5OHzCN4kwShJcEJESjH7bMZbJVuRDQPQOv8K17/2non898HjjEmtjy
wfpFrWY0/FAbbY2XFalurqNf9NJ9AeYUmmkUHoZdGrP2bI1uXFRuiD/mh66SiAuw
BhpJ7z4i7yEakKkdh+mYGluunMzDMjsucMnOFy8=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:33:31 2025 by rpki-client