Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/vV9Blp5AE8P0lFHb_MrygzoMg4Y.roa
File: vV9Blp5AE8P0lFHb_MrygzoMg4Y.roa (raw, json)
Hash identifier: A0AO/d81ZL/8EqC2kkOy0f92f+N4DUvEE/j4hgFAW28=
Subject key identifier: BD:5F:41:96:9E:40:13:C3:F4:94:51:DB:FC:CA:F2:83:3A:0C:83:86
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 0185883DFCAE910AA374C4648BAD009F7AB5
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/vV9Blp5AE8P0lFHb_MrygzoMg4Y.roa
Signing time: Fri 06 Jan 2023 18:00:41 +0000
ROA not before: Fri 06 Jan 2023 18:00:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12325
IP address blocks: 86.105.144.0/22 maxlen: 24
89.34.219.0/24 maxlen: 24
89.36.140.0/24 maxlen: 24
176.223.66.0/24 maxlen: 24
89.46.128.0/22 maxlen: 24
188.213.212.0/24 maxlen: 24
188.213.216.0/24 maxlen: 24
94.176.213.0/24 maxlen: 24
89.47.36.0/24 maxlen: 24
93.115.203.0/24 maxlen: 24
92.114.32.0/24 maxlen: 24
92.114.54.0/24 maxlen: 24
89.40.36.0/24 maxlen: 24
188.211.238.0/24 maxlen: 24
31.14.228.0/22 maxlen: 24
188.212.121.0/24 maxlen: 24
94.177.28.0/24 maxlen: 24
85.204.18.0/24 maxlen: 24
37.153.158.0/24 maxlen: 24
185.18.224.0/23 maxlen: 24
89.35.124.0/23 maxlen: 24
89.35.130.0/23 maxlen: 24
89.35.129.0/24 maxlen: 24
128.0.41.0/24 maxlen: 24
46.102.237.0/24 maxlen: 24
89.46.42.0/24 maxlen: 24
188.213.0.0/24 maxlen: 24
89.40.222.0/23 maxlen: 24
217.19.4.0/24 maxlen: 24
77.81.100.0/24 maxlen: 24
86.105.4.0/24 maxlen: 24
89.44.105.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:88:3d:fc:ae:91:0a:a3:74:c4:64:8b:ad:00:9f:7a:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 6 18:00:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd5f41969e4013c3f49451dbfccaf2833a0c8386
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d1:7e:60:e7:7a:7e:9f:f7:37:af:64:f1:dd:
43:42:6c:7e:d9:a8:dc:c8:a1:44:dc:3f:71:d0:5f:
8b:e3:f8:37:a4:04:5a:5b:31:3d:28:ac:9d:9f:f3:
19:73:b3:0d:b8:d9:cc:41:20:49:a4:0c:7a:56:7b:
b1:91:2c:95:5c:3e:ad:85:ee:9c:5d:26:04:3f:4a:
8c:53:b2:2a:93:a0:ea:b5:f9:60:69:0a:ee:82:e3:
12:90:81:68:a5:70:37:f5:ad:50:9c:28:84:64:ce:
4a:9a:c9:09:de:e0:71:bf:8e:ee:79:22:f6:19:7b:
33:c0:92:84:27:8c:27:fd:6a:de:a8:26:2a:85:e7:
05:5b:e2:87:5c:c9:36:72:94:7a:f9:50:78:06:05:
ac:15:ae:eb:cf:7a:75:9e:45:c1:b9:d2:19:01:a7:
bf:a1:d5:22:54:f2:8f:ad:2a:8a:af:c5:d4:c4:00:
74:6b:e2:c6:a3:6e:bd:76:04:d0:f1:5f:35:08:8c:
e5:b4:82:cf:6b:ec:28:bf:8a:b5:33:7e:99:6f:63:
08:2c:2d:bc:48:59:dc:47:68:00:50:5d:5b:95:d6:
f7:01:61:cc:8f:ef:1f:9b:19:4e:b1:77:19:b1:c1:
72:5d:b6:60:b0:e8:75:9c:9c:82:cd:81:9f:4b:25:
67:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:5F:41:96:9E:40:13:C3:F4:94:51:DB:FC:CA:F2:83:3A:0C:83:86
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/vV9Blp5AE8P0lFHb_MrygzoMg4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.228.0/22
37.153.158.0/24
46.102.237.0/24
77.81.100.0/24
85.204.18.0/24
86.105.4.0/24
86.105.144.0/22
89.34.219.0/24
89.35.124.0/23
89.35.129.0-89.35.131.255
89.36.140.0/24
89.40.36.0/24
89.40.222.0/23
89.44.105.0/24
89.46.42.0/24
89.46.128.0/22
89.47.36.0/24
92.114.32.0/24
92.114.54.0/24
93.115.203.0/24
94.176.213.0/24
94.177.28.0/24
128.0.41.0/24
176.223.66.0/24
185.18.224.0/23
188.211.238.0/24
188.212.121.0/24
188.213.0.0/24
188.213.212.0/24
188.213.216.0/24
217.19.4.0/24
Signature Algorithm: sha256WithRSAEncryption
df:5e:fe:da:eb:02:e3:18:ca:6f:19:0b:f5:0b:b2:d0:fe:5f:
1a:c9:4d:8b:c3:58:e1:49:68:80:e9:bd:1f:70:68:f5:69:58:
aa:93:6f:84:d2:b1:ae:07:6a:5d:ef:5a:1f:98:74:43:c3:60:
7e:e2:de:2c:f0:be:1c:18:90:a6:1e:fa:d9:45:c4:11:67:94:
22:fe:95:dd:52:1b:24:84:46:bd:b9:89:71:da:63:1d:ab:f6:
54:56:13:e8:80:03:da:66:96:f7:37:c9:38:17:f4:62:14:23:
8b:a5:52:9c:bb:45:69:60:ff:82:93:58:29:45:fb:55:f2:78:
93:bd:58:c6:af:73:a3:6d:3d:83:6c:59:2b:10:27:ec:8a:89:
ab:13:41:98:fd:20:b3:f5:6d:71:35:3f:4a:59:91:5f:81:a7:
74:18:31:46:ce:8b:b5:2a:dd:14:9c:23:1e:16:b4:52:3f:49:
97:e3:c8:bc:e5:0c:a9:a6:c6:d5:07:80:42:4b:1e:28:32:64:
ad:03:ce:51:3e:63:be:46:62:7a:87:f7:17:a8:d3:bb:2a:57:
a4:d5:18:fc:b3:0a:61:9b:d2:09:f3:f3:8d:b2:02:47:56:12:
bc:81:51:bd:76:ed:de:a4:7a:1a:a6:ed:e0:79:48:7d:52:83:
d2:ad:76:98
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgISAYWIPfyukQqjdMRki60An3q1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjMwMTA2MTgwMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDVmNDE5NjllNDAxM2MzZjQ5NDUxZGJmY2NhZjI4MzNhMGM4Mzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudF+YOd6fp/3N69k8d1DQmx+2ajc
yKFE3D9x0F+L4/g3pARaWzE9KKydn/MZc7MNuNnMQSBJpAx6VnuxkSyVXD6the6c
XSYEP0qMU7Iqk6DqtflgaQruguMSkIFopXA39a1QnCiEZM5KmskJ3uBxv47ueSL2
GXszwJKEJ4wn/WreqCYqhecFW+KHXMk2cpR6+VB4BgWsFa7rz3p1nkXBudIZAae/
odUiVPKPrSqKr8XUxAB0a+LGo269dgTQ8V81CIzltILPa+wov4q1M36Zb2MILC28
SFncR2gAUF1bldb3AWHMj+8fmxlOsXcZscFyXbZgsOh1nJyCzYGfSyVnaQIDAQAB
o4ICzDCCAsgwHQYDVR0OBBYEFL1fQZaeQBPD9JRR2/zK8oM6DIOGMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL3ZWOUJscDVBRThQMGxGSGJfTXJ5Z3pvTWc0WS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgd8GCCsGAQUFBwEHAQH/BIHPMIHMMIHJBAIAATCBwgME
Ah8O5AMEACWZngMEAC5m7QMEAE1RZAMEAFXMEgMEAFZpBAMEAlZpkAMEAFki2wME
AVkjfDAMAwQAWSOBAwQCWSOAAwQAWSSMAwQAWSgkAwQBWSjeAwQAWSxpAwQAWS4q
AwQCWS6AAwQAWS8kAwQAXHIgAwQAXHI2AwQAXXPLAwQAXrDVAwQAXrEcAwQAgAAp
AwQAsN9CAwQBuRLgAwQAvNPuAwQAvNR5AwQAvNUAAwQAvNXUAwQAvNXYAwQA2RME
MA0GCSqGSIb3DQEBCwUAA4IBAQDfXv7a6wLjGMpvGQv1C7LQ/l8ayU2Lw1jhSWiA
6b0fcGj1aViqk2+E0rGuB2pd71ofmHRDw2B+4t4s8L4cGJCmHvrZRcQRZ5Qi/pXd
UhskhEa9uYlx2mMdq/ZUVhPogAPaZpb3N8k4F/RiFCOLpVKcu0VpYP+Ck1gpRftV
8niTvVjGr3OjbT2DbFkrECfsiomrE0GY/SCz9W1xNT9KWZFfgad0GDFGzou1Kt0U
nCMeFrRSP0mX48i85QyppsbVB4BCSx4oMmStA85RPmO+RmJ6h/cXqNO7Klek1Rj8
swphm9IJ8/ONsgJHVhK8gVG9du3epHoapu3geUh9UoPSrXaY
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:49 2023 by rpki-client on console-ams.rpki-client.org