Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/0FyC3mpi0zzIASX3Bh8kYt_X3Zk.roa
File: 0FyC3mpi0zzIASX3Bh8kYt_X3Zk.roa (raw, json)
Hash identifier: rywWr+kXURO4PlHW8YOXRk61eHrAq23GZ/hMP6e9o3I=
Subject key identifier: D0:5C:82:DE:6A:62:D3:3C:C8:01:25:F7:06:1F:24:62:DF:D7:DD:99
Certificate issuer: /CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Certificate serial: 018AAA27321EF0115A22D12BC3F316FEFC30
Authority key identifier: E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/0FyC3mpi0zzIASX3Bh8kYt_X3Zk.roa
Signing time: Mon 18 Sep 2023 21:16:50 +0000
ROA not before: Mon 18 Sep 2023 21:16:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60683
IP address blocks: 188.132.153.0/24 maxlen: 24
212.68.55.0/24 maxlen: 24
188.132.229.0/24 maxlen: 24
188.132.240.0/24 maxlen: 24
188.132.242.0/24 maxlen: 24
77.92.145.0/24 maxlen: 24
77.92.143.0/24 maxlen: 24
77.92.147.0/24 maxlen: 24
212.68.48.0/24 maxlen: 24
31.210.48.0/24 maxlen: 24
188.132.184.0/24 maxlen: 24
188.132.200.0/24 maxlen: 24
188.132.210.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:aa:27:32:1e:f0:11:5a:22:d1:2b:c3:f3:16:fe:fc:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Validity
Not Before: Sep 18 21:16:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d05c82de6a62d33cc80125f7061f2462dfd7dd99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:d2:8b:63:72:44:4b:f1:60:c3:f3:87:59:53:
65:11:04:bd:2f:ba:e2:43:d1:6f:54:c1:06:ee:97:
00:70:ad:c1:3f:fb:0a:d1:76:c0:1f:a0:24:61:ea:
cd:1b:b0:2c:ff:f6:65:18:b5:87:cd:91:0d:1e:a6:
d6:bd:52:f3:b5:c2:b2:3e:f9:c5:8e:a3:93:ec:1e:
62:c4:7a:05:3e:a3:d3:75:32:66:3b:58:ba:54:d6:
58:eb:9b:3c:18:c5:71:d1:b8:73:96:90:ee:16:4e:
44:d2:19:7c:e2:f6:0e:15:10:69:c5:70:75:9b:cf:
d8:b4:b6:28:eb:67:3b:d2:56:6f:bc:59:ac:c0:81:
24:ef:a3:e5:7a:aa:79:37:4a:4b:08:b1:1a:f8:16:
4e:4a:f3:ca:43:6f:92:ca:5d:cf:62:3e:68:ed:65:
8d:18:47:a4:74:3c:39:b9:ec:f7:27:89:8c:67:c3:
5e:c3:71:a4:05:37:2c:ce:4b:fe:59:79:18:36:87:
a8:9a:1f:91:43:80:26:ab:7c:27:39:51:f0:9e:3c:
12:60:d1:48:e9:52:a9:4e:9e:91:ce:ad:f0:8d:1d:
35:64:fb:bd:96:34:b2:7a:54:ae:69:a3:db:be:0e:
11:df:54:24:b9:e3:a8:7b:d9:96:5b:ba:49:97:a8:
b2:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:5C:82:DE:6A:62:D3:3C:C8:01:25:F7:06:1F:24:62:DF:D7:DD:99
X509v3 Authority Key Identifier:
keyid:E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/0FyC3mpi0zzIASX3Bh8kYt_X3Zk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/5KK46Q0VfqAi-OcAAkqT3DVqUU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.48.0/24
77.92.143.0/24
77.92.145.0/24
77.92.147.0/24
188.132.153.0/24
188.132.184.0/24
188.132.200.0/24
188.132.210.0/24
188.132.229.0/24
188.132.240.0/24
188.132.242.0/24
212.68.48.0/24
212.68.55.0/24
Signature Algorithm: sha256WithRSAEncryption
85:31:3f:cd:1d:85:56:a6:e2:4b:f1:56:3e:e0:6c:76:fd:4e:
1c:1d:92:e7:0d:da:70:79:bc:95:db:81:5d:86:08:10:86:4a:
64:f9:3f:28:6c:55:e5:e7:20:66:08:11:47:4d:a2:76:ee:dc:
f0:1d:f7:1e:50:71:46:a7:2e:49:44:28:84:41:6b:c9:19:2e:
09:da:bf:47:ac:b9:ee:50:f7:df:30:b9:61:49:c4:a5:98:86:
7c:4a:9e:67:78:45:d4:7b:4a:a4:08:7a:c4:9b:43:ef:ee:2f:
c9:11:b9:f2:28:22:c8:ed:b6:f0:07:86:32:4b:2c:30:f5:52:
1f:22:1f:32:e2:17:16:91:a4:fd:f9:6a:78:ad:33:b6:3c:1e:
34:f5:aa:67:7c:18:22:28:ae:63:ab:a4:b8:8c:de:8b:ca:05:
98:56:12:f7:14:a9:aa:8c:2c:a9:31:e2:ac:88:62:78:34:4b:
95:aa:b7:e7:c8:dd:21:fd:98:3d:ff:de:16:5d:70:84:7d:48:
09:1d:9c:17:87:f2:b8:96:5f:b7:e0:4a:bf:7f:4e:6b:32:7a:
57:f9:06:61:3d:fa:8b:73:b0:e9:b0:33:f0:68:14:30:61:92:
f6:76:7d:e8:b0:d7:6f:5b:01:ff:42:7b:10:ca:1e:48:37:01:
c1:f8:6d:d8
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYqqJzIe8BFaItErw/MW/vwwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTJiOGU5MGQxNTdlYTAyMmY4ZTcwMDAyNGE5M2RjMzU2
YTUxNGQwHhcNMjMwOTE4MjExNjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDVjODJkZTZhNjJkMzNjYzgwMTI1ZjcwNjFmMjQ2MmRmZDdkZDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgtKLY3JES/Fgw/OHWVNlEQS9L7ri
Q9FvVMEG7pcAcK3BP/sK0XbAH6AkYerNG7As//ZlGLWHzZENHqbWvVLztcKyPvnF
jqOT7B5ixHoFPqPTdTJmO1i6VNZY65s8GMVx0bhzlpDuFk5E0hl84vYOFRBpxXB1
m8/YtLYo62c70lZvvFmswIEk76Pleqp5N0pLCLEa+BZOSvPKQ2+Syl3PYj5o7WWN
GEekdDw5uez3J4mMZ8New3GkBTcszkv+WXkYNoeomh+RQ4Amq3wnOVHwnjwSYNFI
6VKpTp6Rzq3wjR01ZPu9ljSyelSuaaPbvg4R31QkueOoe9mWW7pJl6iytQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFNBcgt5qYtM8yAEl9wYfJGLf192ZMB8GA1UdIwQY
MBaAFOSiuOkNFX6gIvjnAAJKk9w1alFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTct
ZGY0YTJlNzYwY2NiLzEvMEZ5QzNtcGkwenpJQVNYM0JoOGtZdF9YM1prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTctZGY0YTJlNzYwY2Ni
LzEvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAH9IwAwQA
TVyPAwQATVyRAwQATVyTAwQAvISZAwQAvIS4AwQAvITIAwQAvITSAwQAvITlAwQA
vITwAwQAvITyAwQA1EQwAwQA1EQ3MA0GCSqGSIb3DQEBCwUAA4IBAQCFMT/NHYVW
puJL8VY+4Gx2/U4cHZLnDdpwebyV24FdhggQhkpk+T8obFXl5yBmCBFHTaJ27tzw
HfceUHFGpy5JRCiEQWvJGS4J2r9HrLnuUPffMLlhScSlmIZ8Sp5neEXUe0qkCHrE
m0Pv7i/JEbnyKCLI7bbwB4YySyww9VIfIh8y4hcWkaT9+Wp4rTO2PB409apnfBgi
KK5jq6S4jN6LygWYVhL3FKmqjCypMeKsiGJ4NEuVqrfnyN0h/Zg9/94WXXCEfUgJ
HZwXh/K4ll+34Eq/f05rMnpX+QZhPfqLc7DpsDPwaBQwYZL2dn3osNdvWwH/QnsQ
yh5INwHB+G3Y
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:56 2025 by rpki-client