Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/c89677-1d9a-418d-8593-c18e3ccc742b/1/z-FY-PRPVW60RyHEE4Vjrv4aj4U.roa
File: z-FY-PRPVW60RyHEE4Vjrv4aj4U.roa (raw, json)
Hash identifier: LM4sBOs7bx8AVD0FkeXOQsu6keOUHN61El/nxGcINuk=
Subject key identifier: CF:E1:58:F8:F4:4F:55:6E:B4:47:21:C4:13:85:63:AE:FE:1A:8F:85
Certificate issuer: /CN=5c6b0c001a99ab6296e242173bf7e7fdcf03c019
Certificate serial: 6C0555
Authority key identifier: 5C:6B:0C:00:1A:99:AB:62:96:E2:42:17:3B:F7:E7:FD:CF:03:C0:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XGsMABqZq2KW4kIXO_fn_c8DwBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/c89677-1d9a-418d-8593-c18e3ccc742b/1/z-FY-PRPVW60RyHEE4Vjrv4aj4U.roa
Signing time: Mon 31 Jan 2022 10:03:42 +0000
ROA not before: Mon 31 Jan 2022 10:03:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44600
IP address blocks: 185.46.148.0/22 maxlen: 22
185.128.232.0/22 maxlen: 22
185.128.235.0/24 maxlen: 24
91.202.72.0/22 maxlen: 22
194.42.200.0/22 maxlen: 24
185.41.248.0/22 maxlen: 22
46.182.80.0/22 maxlen: 22
46.182.84.0/22 maxlen: 22
94.131.245.0/24 maxlen: 24
94.131.244.0/24 maxlen: 24
94.131.250.0/23 maxlen: 23
94.131.250.0/24 maxlen: 24
94.131.249.0/24 maxlen: 24
94.131.252.0/24 maxlen: 24
94.131.253.0/24 maxlen: 24
94.131.248.0/24 maxlen: 24
2a03:a600::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7079253 (0x6c0555)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c6b0c001a99ab6296e242173bf7e7fdcf03c019
Validity
Not Before: Jan 31 10:03:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cfe158f8f44f556eb44721c4138563aefe1a8f85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:c1:58:d6:2e:59:6c:99:f1:37:2e:6b:33:23:
c9:69:be:43:bc:b3:59:44:20:f0:a1:4c:9c:43:b1:
31:fe:7f:d9:a2:f7:b5:74:9a:4f:cd:0a:5a:39:5c:
c0:a0:e2:ef:f5:38:8e:25:15:f0:d2:ea:29:cf:69:
c0:06:31:0a:cf:cb:ba:ee:39:f1:50:f7:b6:21:98:
f4:0a:03:54:6c:b3:1b:56:cb:7a:eb:1d:d0:7b:0a:
7a:f1:b3:48:9f:7f:0b:64:71:3e:fc:7a:4f:ec:79:
fd:f7:f3:53:37:cd:79:51:45:77:7e:67:9c:b7:09:
34:a1:67:81:d0:9a:32:4f:21:d7:51:42:55:47:78:
85:9e:e5:80:e9:27:e5:16:18:5e:6b:fc:b8:49:a0:
15:79:d8:f7:18:bb:ba:e7:7b:3e:b0:3d:a0:26:50:
ed:5f:7d:70:72:74:0e:71:99:d8:d9:61:2c:b3:ff:
e4:2f:33:1e:45:d0:a0:46:8d:48:b5:e8:a5:5c:e3:
f3:25:24:10:32:bc:3e:3c:8d:5a:a3:a2:b0:91:4f:
91:5f:b4:2a:25:20:06:f1:84:52:45:1b:07:7d:20:
cc:4f:91:7c:29:c9:96:fd:8c:ce:a4:7e:e2:92:3b:
09:ab:46:23:f4:56:91:45:ed:99:37:37:6b:98:df:
5c:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:E1:58:F8:F4:4F:55:6E:B4:47:21:C4:13:85:63:AE:FE:1A:8F:85
X509v3 Authority Key Identifier:
keyid:5C:6B:0C:00:1A:99:AB:62:96:E2:42:17:3B:F7:E7:FD:CF:03:C0:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XGsMABqZq2KW4kIXO_fn_c8DwBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/c89677-1d9a-418d-8593-c18e3ccc742b/1/z-FY-PRPVW60RyHEE4Vjrv4aj4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/c89677-1d9a-418d-8593-c18e3ccc742b/1/XGsMABqZq2KW4kIXO_fn_c8DwBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.182.80.0/21
91.202.72.0/22
94.131.244.0/23
94.131.248.0-94.131.253.255
185.41.248.0/22
185.46.148.0/22
185.128.232.0/22
194.42.200.0/22
IPv6:
2a03:a600::/29
Signature Algorithm: sha256WithRSAEncryption
0e:dc:05:9a:a4:3f:e3:56:af:06:00:fb:d7:f9:25:96:bf:3f:
9e:73:09:aa:2f:e3:05:90:79:84:6a:4f:5f:35:ba:7b:82:a1:
fd:3c:58:b1:e0:39:09:3c:21:c3:47:f5:fd:c9:e5:22:27:20:
9d:94:52:d8:7b:2e:ab:67:5b:3b:dc:a2:e2:f8:8e:10:8c:dc:
a4:a0:bf:ca:1c:03:8e:f3:19:4a:80:c0:f2:4d:bf:be:a3:f6:
9f:10:9f:3b:e6:75:8e:b1:30:01:cc:e9:44:12:0b:34:70:53:
6f:8c:0a:d8:d6:e4:b8:32:05:8b:9b:ba:da:a2:a0:c2:90:8c:
48:74:6c:ae:ce:93:2e:e8:53:73:f2:79:f6:28:01:21:68:77:
98:0a:b3:94:4e:0c:ac:39:b1:c1:ce:c1:cf:59:f9:72:33:59:
22:7b:29:61:5d:97:f9:1c:38:cb:aa:85:55:28:da:e7:43:8f:
37:dc:d5:d6:e2:b9:63:1e:8b:55:25:ba:d2:a6:c2:ff:30:b5:
87:8e:ef:91:15:4e:ec:b0:4f:4d:0e:fb:a4:27:03:b1:55:ab:
d1:4a:4f:36:cf:b9:e3:64:ca:a9:c4:20:56:e6:fe:9a:8e:d6:
61:b8:6f:9d:cd:64:19:1d:5b:3c:95:6f:2d:41:53:15:38:e0:
08:ba:8a:61
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIDbAVVMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDVj
NmIwYzAwMWE5OWFiNjI5NmUyNDIxNzNiZjdlN2ZkY2YwM2MwMTkwHhcNMjIwMTMx
MTAwMzQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhjZmUxNThmOGY0NGY1
NTZlYjQ0NzIxYzQxMzg1NjNhZWZlMWE4Zjg1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEArMFY1i5ZbJnxNy5rMyPJab5DvLNZRCDwoUycQ7Ex/n/Zove1
dJpPzQpaOVzAoOLv9TiOJRXw0uopz2nABjEKz8u67jnxUPe2IZj0CgNUbLMbVst6
6x3Qewp68bNIn38LZHE+/HpP7Hn99/NTN815UUV3fmectwk0oWeB0JoyTyHXUUJV
R3iFnuWA6SflFhhea/y4SaAVedj3GLu653s+sD2gJlDtX31wcnQOcZnY2WEss//k
LzMeRdCgRo1IteilXOPzJSQQMrw+PI1ao6KwkU+RX7QqJSAG8YRSRRsHfSDMT5F8
KcmW/YzOpH7ikjsJq0Yj9FaRRe2ZNzdrmN9csQIDAQABo4ICSjCCAkYwHQYDVR0O
BBYEFM/hWPj0T1VutEchxBOFY67+Go+FMB8GA1UdIwQYMBaAFFxrDAAamatiluJC
Fzv35/3PA8AZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
WEdzTUFCcVpxMktXNGtJWE9fZm5fYzhEd0JrLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC83ZS9jODk2NzctMWQ5YS00MThkLTg1OTMtYzE4ZTNjY2M3NDJiLzEv
ei1GWS1QUlBWVzYwUnlIRUU0VmpydjRhajRVLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9j
ODk2NzctMWQ5YS00MThkLTg1OTMtYzE4ZTNjY2M3NDJiLzEvWEdzTUFCcVpxMktX
NGtJWE9fZm5fYzhEd0JrLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGAG
CCsGAQUFBwEHAQH/BFEwTzA+BAIAATA4AwQDLrZQAwQCW8pIAwQBXoP0MAwDBANe
g/gDBAFeg/wDBAK5KfgDBAK5LpQDBAK5gOgDBALCKsgwDQQCAAIwBwMFAyoDpgAw
DQYJKoZIhvcNAQELBQADggEBAA7cBZqkP+NWrwYA+9f5JZa/P55zCaov4wWQeYRq
T181unuCof08WLHgOQk8IcNH9f3J5SInIJ2UUth7LqtnWzvcouL4jhCM3KSgv8oc
A47zGUqAwPJNv76j9p8QnzvmdY6xMAHM6UQSCzRwU2+MCtjW5LgyBYubutqioMKQ
jEh0bK7Oky7oU3PyefYoASFod5gKs5RODKw5scHOwc9Z+XIzWSJ7KWFdl/kcOMuq
hVUo2udDjzfc1dbiuWMei1UlutKmwv8wtYeO75EVTuywT00O+6QnA7FVq9FKTzbP
ueNkyqnEIFbm/pqO1mG4b53NZBkdWzyVby1BUxU44Ai6imE=
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:15:10 2025 by rpki-client