Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/27b39b-0449-4c64-ba79-a2aa6540f875/1/9C3ptUXNuzkxxSsDW5giGQGmuOo.roa
File: 9C3ptUXNuzkxxSsDW5giGQGmuOo.roa (raw, json)
Hash identifier: vPn4vC1bXhWhZYqf3TjnsMoxi7RXOf4cfIZugY2cQIU=
Subject key identifier: F4:2D:E9:B5:45:CD:BB:39:31:C5:2B:03:5B:98:22:19:01:A6:B8:EA
Certificate issuer: /CN=bfc470e9b58e557ea8c1dbedaeb9c6a5fc455125
Certificate serial: 018CC6B79B9B263E5497F92A6507B2812E85
Authority key identifier: BF:C4:70:E9:B5:8E:55:7E:A8:C1:DB:ED:AE:B9:C6:A5:FC:45:51:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v8Rw6bWOVX6owdvtrrnGpfxFUSU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/27b39b-0449-4c64-ba79-a2aa6540f875/1/9C3ptUXNuzkxxSsDW5giGQGmuOo.roa
Signing time: Mon 01 Jan 2024 20:29:30 +0000
ROA not before: Mon 01 Jan 2024 20:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57112
IP address blocks: 185.103.236.0/22 maxlen: 22
185.87.104.0/22 maxlen: 22
185.38.152.0/22 maxlen: 22
185.87.116.0/22 maxlen: 22
185.33.152.0/22 maxlen: 22
81.30.64.0/20 maxlen: 20
45.84.40.0/22 maxlen: 24
185.23.140.0/22 maxlen: 22
185.72.160.0/22 maxlen: 22
185.82.192.0/22 maxlen: 22
45.92.224.0/22 maxlen: 22
45.91.56.0/22 maxlen: 22
185.236.16.0/22 maxlen: 22
217.76.16.0/20 maxlen: 20
217.76.16.0/21 maxlen: 21
217.76.24.0/21 maxlen: 21
31.177.32.0/21 maxlen: 21
185.133.108.0/22 maxlen: 22
5.104.112.0/20 maxlen: 20
185.87.156.0/22 maxlen: 22
185.70.236.0/22 maxlen: 22
86.111.208.0/22 maxlen: 22
185.113.172.0/22 maxlen: 22
185.192.144.0/22 maxlen: 24
2a0e:9680::/29 maxlen: 29
2a0a:4980::/29 maxlen: 29
2a0e:c40::/29 maxlen: 29
2a03:ea40::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:9b:9b:26:3e:54:97:f9:2a:65:07:b2:81:2e:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfc470e9b58e557ea8c1dbedaeb9c6a5fc455125
Validity
Not Before: Jan 1 20:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f42de9b545cdbb3931c52b035b98221901a6b8ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:6d:e7:bd:8b:0e:54:ec:41:fe:e8:33:04:2e:
ab:65:6d:c4:55:ba:ac:ad:f2:e3:4f:f5:19:85:e8:
3e:ca:f5:55:fe:85:58:4c:8d:93:f2:7d:5c:7e:f9:
56:c2:a9:25:5f:ac:fd:11:4f:cb:44:46:f4:6d:ff:
bc:b3:0b:a1:87:2b:f2:24:63:4e:54:aa:f1:76:27:
47:aa:88:4e:67:8f:ce:11:4a:c6:46:21:03:d3:a5:
da:b2:ff:ec:76:5c:b7:5e:4b:36:a0:7d:0e:9c:58:
e7:e0:7d:56:d9:4f:01:8a:d6:1c:9e:86:a5:63:26:
53:fa:83:e5:0e:e4:7b:8f:08:50:f9:61:4c:45:93:
54:34:14:60:eb:3e:22:ab:4d:fd:29:4e:1f:90:61:
cc:aa:4d:9e:de:ab:74:e1:5a:00:08:b1:0a:5a:36:
d3:86:d3:32:30:e1:e8:0c:19:c8:6f:ca:bb:6e:93:
27:50:b4:f2:70:4c:c5:db:de:e6:96:28:0f:f0:4b:
c7:c0:38:ca:f3:dc:4e:14:05:76:cd:15:78:8a:fa:
6f:c6:1e:be:f9:c8:a7:4b:37:b2:3d:8a:00:dd:98:
c5:49:e6:37:33:ec:d4:00:ab:42:07:96:9a:98:dd:
dd:77:4c:5c:de:7a:c5:9e:f7:18:e0:b7:4b:9c:4f:
9d:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:2D:E9:B5:45:CD:BB:39:31:C5:2B:03:5B:98:22:19:01:A6:B8:EA
X509v3 Authority Key Identifier:
keyid:BF:C4:70:E9:B5:8E:55:7E:A8:C1:DB:ED:AE:B9:C6:A5:FC:45:51:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v8Rw6bWOVX6owdvtrrnGpfxFUSU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/27b39b-0449-4c64-ba79-a2aa6540f875/1/9C3ptUXNuzkxxSsDW5giGQGmuOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/27b39b-0449-4c64-ba79-a2aa6540f875/1/v8Rw6bWOVX6owdvtrrnGpfxFUSU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.112.0/20
31.177.32.0/21
45.84.40.0/22
45.91.56.0/22
45.92.224.0/22
81.30.64.0/20
86.111.208.0/22
185.23.140.0/22
185.33.152.0/22
185.38.152.0/22
185.70.236.0/22
185.72.160.0/22
185.82.192.0/22
185.87.104.0/22
185.87.116.0/22
185.87.156.0/22
185.103.236.0/22
185.113.172.0/22
185.133.108.0/22
185.192.144.0/22
185.236.16.0/22
217.76.16.0/20
IPv6:
2a03:ea40::/32
2a0a:4980::/29
2a0e:c40::/29
2a0e:9680::/29
Signature Algorithm: sha256WithRSAEncryption
ab:e1:c8:68:cc:2d:20:c3:3a:ee:9a:78:59:3c:0f:f4:ee:ac:
c2:db:01:5c:9d:99:7a:b0:47:ce:65:17:33:41:19:8d:cc:36:
54:66:ad:78:ee:00:7a:9d:36:29:45:da:57:48:22:62:31:f9:
76:b3:e9:b6:1a:30:8c:1a:fb:ca:61:af:97:78:a1:e0:7e:d8:
44:4a:23:65:19:13:2d:98:60:0a:c6:13:2a:da:cb:94:56:31:
75:c5:e2:e0:3c:50:b6:38:df:98:b5:36:f4:fa:e8:f5:16:d3:
65:5d:ea:ba:e2:04:47:1c:02:a4:a4:a0:4c:8a:1d:84:7a:b9:
cb:19:08:75:9e:fb:af:ba:24:eb:5e:bd:05:15:bf:d4:9d:ca:
26:1a:e5:ed:2d:89:50:05:24:76:a2:25:24:9b:b5:30:bd:d3:
7b:0e:aa:8e:64:4f:43:3d:f9:4f:8c:e7:18:97:72:ef:bd:20:
f6:7a:4e:ae:9d:99:60:67:a6:be:55:07:46:87:2b:d9:9e:3a:
de:fa:e1:1a:a2:cb:8d:a2:0a:dc:40:2b:9d:5a:58:bb:03:b8:
7e:22:af:fc:75:1b:7e:2e:7f:d9:ee:2c:bc:19:68:da:e3:89:
e0:3d:46:de:ce:97:83:07:4c:45:99:8c:96:26:a8:97:7b:5d:
6d:9d:e5:b2
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAYzGt5ubJj5Ul/kqZQeygS6FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYzQ3MGU5YjU4ZTU1N2VhOGMxZGJlZGFlYjljNmE1ZmM0
NTUxMjUwHhcNMjQwMTAxMjAyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDJkZTliNTQ1Y2RiYjM5MzFjNTJiMDM1Yjk4MjIxOTAxYTZiOGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArG3nvYsOVOxB/ugzBC6rZW3EVbqs
rfLjT/UZheg+yvVV/oVYTI2T8n1cfvlWwqklX6z9EU/LREb0bf+8swuhhyvyJGNO
VKrxdidHqohOZ4/OEUrGRiED06Xasv/sdly3Xks2oH0OnFjn4H1W2U8BitYcnoal
YyZT+oPlDuR7jwhQ+WFMRZNUNBRg6z4iq039KU4fkGHMqk2e3qt04VoACLEKWjbT
htMyMOHoDBnIb8q7bpMnULTycEzF297mligP8EvHwDjK89xOFAV2zRV4ivpvxh6+
+cinSzeyPYoA3ZjFSeY3M+zUAKtCB5aamN3dd0xc3nrFnvcY4LdLnE+dxwIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFPQt6bVFzbs5McUrA1uYIhkBprjqMB8GA1UdIwQY
MBaAFL/EcOm1jlV+qMHb7a65xqX8RVElMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjhSdzZiV09WWDZvd2R2dHJybkdwZnhGVVNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi8yN2IzOWItMDQ0OS00YzY0LWJhNzkt
YTJhYTY1NDBmODc1LzEvOUMzcHRVWE51emt4eFNzRFc1Z2lHUUdtdU9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi8yN2IzOWItMDQ0OS00YzY0LWJhNzktYTJhYTY1NDBmODc1
LzEvdjhSdzZiV09WWDZvd2R2dHJybkdwZnhGVVNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjCBiwQCAAEwgYQDBAQF
aHADBAMfsSADBAItVCgDBAItWzgDBAItXOADBARRHkADBAJWb9ADBAK5F4wDBAK5
IZgDBAK5JpgDBAK5RuwDBAK5SKADBAK5UsADBAK5V2gDBAK5V3QDBAK5V5wDBAK5
Z+wDBAK5cawDBAK5hWwDBAK5wJADBAK57BADBATZTBAwIgQCAAIwHAMFACoD6kAD
BQMqCkmAAwUDKg4MQAMFAyoOloAwDQYJKoZIhvcNAQELBQADggEBAKvhyGjMLSDD
Ou6aeFk8D/TurMLbAVydmXqwR85lFzNBGY3MNlRmrXjuAHqdNilF2ldIImIx+Xaz
6bYaMIwa+8phr5d4oeB+2ERKI2UZEy2YYArGEyray5RWMXXF4uA8ULY435i1NvT6
6PUW02Vd6rriBEccAqSkoEyKHYR6ucsZCHWe+6+6JOtevQUVv9SdyiYa5e0tiVAF
JHaiJSSbtTC903sOqo5kT0M9+U+M5xiXcu+9IPZ6Tq6dmWBnpr5VB0aHK9meOt76
4Rqiy42iCtxAK51aWLsDuH4ir/x1G34uf9nuLLwZaNrjieA9Rt7Ol4MHTEWZjJYm
qJd7XW2d5bI=
Generated at Tue Nov 5 10:21:31 2024 by rpki-client on console-fra.rpki-client.org