Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/7f1649-0c9d-405d-a134-66d253432f5f/1/V0I7fPSFqoeJ1dCf44ieqzuc87U.roa
File: V0I7fPSFqoeJ1dCf44ieqzuc87U.roa (raw, json)
Hash identifier: Oq7QNfTTGKL7Y4WEUstp5jEcgUfTu6zIuMsW0t6YJbo=
Subject key identifier: 57:42:3B:7C:F4:85:AA:87:89:D5:D0:9F:E3:88:9E:AB:3B:9C:F3:B5
Certificate issuer: /CN=942f565ed16d8c337a8c8ab3cdc572ef1150f5a9
Certificate serial: 0BB97ABC
Authority key identifier: 94:2F:56:5E:D1:6D:8C:33:7A:8C:8A:B3:CD:C5:72:EF:11:50:F5:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lC9WXtFtjDN6jIqzzcVy7xFQ9ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/7f1649-0c9d-405d-a134-66d253432f5f/1/V0I7fPSFqoeJ1dCf44ieqzuc87U.roa
Signing time: Sat 01 Jan 2022 05:52:17 +0000
ROA not before: Sat 01 Jan 2022 05:52:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39180
IP address blocks: 185.153.244.0/22 maxlen: 22
79.110.56.0/22 maxlen: 22
37.148.240.0/21 maxlen: 21
93.191.40.0/21 maxlen: 21
185.242.140.0/22 maxlen: 22
178.18.48.0/20 maxlen: 20
188.93.40.0/21 maxlen: 21
81.18.176.0/20 maxlen: 20
185.29.64.0/23 maxlen: 23
2a01:378::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 196704956 (0xbb97abc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=942f565ed16d8c337a8c8ab3cdc572ef1150f5a9
Validity
Not Before: Jan 1 05:52:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=57423b7cf485aa8789d5d09fe3889eab3b9cf3b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:57:d2:c7:b1:c3:03:b8:c8:e1:c7:50:20:fa:
dc:5e:d4:5a:07:7d:a0:3e:87:89:34:1b:e5:2f:c7:
9b:d9:5c:21:7b:ab:93:e6:6f:cd:d4:1d:95:8a:0d:
3e:6f:46:be:f4:5a:e4:d8:55:86:08:63:3b:91:b8:
86:7e:da:38:34:62:e4:bf:ed:08:ae:a8:ae:42:53:
d3:66:14:23:4c:51:9a:e6:19:98:f0:5d:3c:2a:ba:
02:1d:e2:ee:12:2e:3e:f5:0c:5d:cb:7d:05:e8:a6:
19:31:06:e5:bd:c0:9c:59:8c:41:d9:e1:d4:0a:b1:
46:b9:95:22:1b:38:8e:62:b1:63:94:77:b7:e6:a6:
d8:cb:93:38:63:43:9c:c6:f1:8b:e5:e4:f1:32:a1:
db:8b:e6:1c:80:27:e0:be:82:56:31:49:3c:95:d4:
cf:ed:bc:29:fc:d3:fc:7b:be:94:3a:f1:bd:5a:69:
54:3e:81:9f:3f:65:d2:b6:dd:fe:db:e3:e8:5a:59:
bc:e4:38:03:52:8e:43:fa:d4:40:3c:a2:3b:48:64:
f3:ec:9d:4e:5b:a2:b1:33:f3:35:33:93:4d:25:ac:
f2:71:ac:cd:50:ff:9a:63:1f:73:ce:16:e0:8b:b3:
cd:28:d5:41:81:85:d8:c9:7e:26:f7:97:b1:2b:77:
51:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:42:3B:7C:F4:85:AA:87:89:D5:D0:9F:E3:88:9E:AB:3B:9C:F3:B5
X509v3 Authority Key Identifier:
keyid:94:2F:56:5E:D1:6D:8C:33:7A:8C:8A:B3:CD:C5:72:EF:11:50:F5:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lC9WXtFtjDN6jIqzzcVy7xFQ9ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/7f1649-0c9d-405d-a134-66d253432f5f/1/V0I7fPSFqoeJ1dCf44ieqzuc87U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/7f1649-0c9d-405d-a134-66d253432f5f/1/lC9WXtFtjDN6jIqzzcVy7xFQ9ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.148.240.0/21
79.110.56.0/22
81.18.176.0/20
93.191.40.0/21
178.18.48.0/20
185.29.64.0/23
185.153.244.0/22
185.242.140.0/22
188.93.40.0/21
IPv6:
2a01:378::/32
Signature Algorithm: sha256WithRSAEncryption
59:d7:fd:8b:1f:cd:34:1b:24:b0:26:af:2c:20:f7:78:d3:bc:
7f:61:70:9c:80:41:eb:3b:ae:d3:8f:5d:aa:e7:6b:92:1f:b7:
3f:ff:d3:57:92:ed:bb:4e:07:54:59:d8:f6:94:ab:14:f8:73:
54:fc:64:20:cd:74:d8:6c:c8:2b:1b:4e:a8:d2:87:00:09:bc:
ea:27:f4:04:89:03:5a:55:a0:af:3b:ef:1e:39:b3:34:37:6c:
35:9c:01:85:0f:07:9e:2a:d1:3d:82:cf:9f:78:13:5b:5a:b0:
d0:15:45:e4:00:07:dc:86:b9:0e:30:2d:ce:c4:68:61:11:c8:
34:a8:1c:d9:51:f7:98:09:3c:aa:54:ed:b2:5e:36:f4:8e:ad:
b9:99:c9:1d:3f:32:a2:91:bf:a9:6e:a5:90:d2:50:dc:5b:89:
65:75:90:bc:c3:a0:a7:a9:d2:7c:6e:85:20:28:e2:ab:76:5b:
8d:ba:50:30:d2:3d:d3:fe:b1:4b:46:19:e6:f0:61:b2:db:77:
8c:b3:98:85:54:b4:c7:bd:9a:dc:f9:52:38:c1:98:8e:f9:7e:
4b:a0:af:c8:ae:92:ba:13:dd:6f:0d:55:02:4d:6b:89:b2:ec:
f3:9f:27:9a:3a:99:f2:17:8f:9d:22:bf:e2:50:23:ce:be:6e:
07:cd:ce:15
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgIEC7l6vDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDJmNTY1ZWQxNmQ4YzMzN2E4YzhhYjNjZGM1NzJlZjExNTBmNWE5MB4XDTIyMDEw
MTA1NTIxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTc0MjNiN2NmNDg1
YWE4Nzg5ZDVkMDlmZTM4ODllYWIzYjljZjNiNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMdX0sexwwO4yOHHUCD63F7UWgd9oD6HiTQb5S/Hm9lcIXur
k+ZvzdQdlYoNPm9GvvRa5NhVhghjO5G4hn7aODRi5L/tCK6orkJT02YUI0xRmuYZ
mPBdPCq6Ah3i7hIuPvUMXct9BeimGTEG5b3AnFmMQdnh1AqxRrmVIhs4jmKxY5R3
t+am2MuTOGNDnMbxi+Xk8TKh24vmHIAn4L6CVjFJPJXUz+28KfzT/Hu+lDrxvVpp
VD6Bnz9l0rbd/tvj6FpZvOQ4A1KOQ/rUQDyiO0hk8+ydTluisTPzNTOTTSWs8nGs
zVD/mmMfc84W4IuzzSjVQYGF2Ml+JveXsSt3UUkCAwEAAaOCAkgwggJEMB0GA1Ud
DgQWBBRXQjt89IWqh4nV0J/jiJ6rO5zztTAfBgNVHSMEGDAWgBSUL1Ze0W2MM3qM
irPNxXLvEVD1qTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xDOVdYdEZ0akRONmpJcXp6Y1Z5N3hGUTlhay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWMvN2YxNjQ5LTBjOWQtNDA1ZC1hMTM0LTY2ZDI1MzQzMmY1Zi8x
L1YwSTdmUFNGcW9lSjFkQ2Y0NGllcXp1Yzg3VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMv
N2YxNjQ5LTBjOWQtNDA1ZC1hMTM0LTY2ZDI1MzQzMmY1Zi8xL2xDOVdYdEZ0akRO
NmpJcXp6Y1Z5N3hGUTlhay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBe
BggrBgEFBQcBBwEB/wRPME0wPAQCAAEwNgMEAyWU8AMEAk9uOAMEBFESsAMEA12/
KAMEBLISMAMEAbkdQAMEArmZ9AMEArnyjAMEA7xdKDANBAIAAjAHAwUAKgEDeDAN
BgkqhkiG9w0BAQsFAAOCAQEAWdf9ix/NNBsksCavLCD3eNO8f2FwnIBB6zuu049d
qudrkh+3P//TV5Ltu04HVFnY9pSrFPhzVPxkIM102GzIKxtOqNKHAAm86if0BIkD
WlWgrzvvHjmzNDdsNZwBhQ8HnirRPYLPn3gTW1qw0BVF5AAH3Ia5DjAtzsRoYRHI
NKgc2VH3mAk8qlTtsl429I6tuZnJHT8yopG/qW6lkNJQ3FuJZXWQvMOgp6nSfG6F
ICjiq3ZbjbpQMNI90/6xS0YZ5vBhstt3jLOYhVS0x72a3PlSOMGYjvl+S6CvyK6S
uhPdbw1VAk1ribLs858nmjqZ8hePnSK/4lAjzr5uB83OFQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:01 2025 by rpki-client