Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/205p6sb8fowXwmiJHFqbFLb_sy4.roa
File: 205p6sb8fowXwmiJHFqbFLb_sy4.roa (raw, json)
Hash identifier: Lgggl72gKrTr8heAJALONxScJHwskbDBspAVytrA3bg=
Subject key identifier: DB:4E:69:EA:C6:FC:7E:8C:17:C2:68:89:1C:5A:9B:14:B6:FF:B3:2E
Certificate issuer: /CN=53b62ace615b906b42ab27f4fb1d203df36d5436
Certificate serial: 0183B1D1F75074C1D3FA44BA27B33771DFB2
Authority key identifier: 53:B6:2A:CE:61:5B:90:6B:42:AB:27:F4:FB:1D:20:3D:F3:6D:54:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U7YqzmFbkGtCqyf0-x0gPfNtVDY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/205p6sb8fowXwmiJHFqbFLb_sy4.roa
Signing time: Fri 07 Oct 2022 09:41:11 +0000
ROA not before: Fri 07 Oct 2022 09:41:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31708
IP address blocks: 185.96.220.0/22 maxlen: 22
109.70.136.0/21 maxlen: 21
109.70.143.0/24 maxlen: 24
109.70.141.0/24 maxlen: 24
145.255.224.0/22 maxlen: 22
145.255.224.0/21 maxlen: 21
145.255.231.0/24 maxlen: 24
145.255.230.0/23 maxlen: 23
145.255.230.0/24 maxlen: 24
193.26.222.0/24 maxlen: 24
31.193.168.0/21 maxlen: 21
31.193.170.0/24 maxlen: 24
86.105.196.0/24 maxlen: 24
85.13.192.0/24 maxlen: 24
185.101.80.0/23 maxlen: 23
185.101.80.0/22 maxlen: 24
185.101.83.0/24 maxlen: 24
85.13.199.0/24 maxlen: 24
85.13.192.0/18 maxlen: 18
89.187.64.0/19 maxlen: 19
85.13.208.0/24 maxlen: 24
85.13.209.0/24 maxlen: 24
89.187.78.0/24 maxlen: 24
89.187.72.0/24 maxlen: 24
89.187.85.0/24 maxlen: 24
89.187.80.0/24 maxlen: 24
89.187.81.0/24 maxlen: 24
89.187.79.0/24 maxlen: 24
89.187.84.0/24 maxlen: 24
85.13.214.0/24 maxlen: 24
85.13.216.0/24 maxlen: 24
89.187.86.0/24 maxlen: 24
89.187.91.0/24 maxlen: 24
85.13.222.0/24 maxlen: 24
62.197.44.0/24 maxlen: 24
62.197.44.0/23 maxlen: 23
62.197.40.0/23 maxlen: 23
62.197.50.0/23 maxlen: 23
83.142.28.0/24 maxlen: 24
83.142.29.0/24 maxlen: 24
85.13.228.0/24 maxlen: 24
85.13.230.0/24 maxlen: 24
89.187.95.0/24 maxlen: 24
89.187.93.0/24 maxlen: 24
85.13.234.0/24 maxlen: 24
85.13.247.0/24 maxlen: 24
83.142.24.0/21 maxlen: 21
2a01:c0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:b1:d1:f7:50:74:c1:d3:fa:44:ba:27:b3:37:71:df:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53b62ace615b906b42ab27f4fb1d203df36d5436
Validity
Not Before: Oct 7 09:41:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=db4e69eac6fc7e8c17c268891c5a9b14b6ffb32e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ae:83:27:f1:f1:1f:9b:6c:79:97:8d:cf:b1:
6b:63:28:4b:9d:f4:fd:11:70:3e:46:43:e2:65:67:
cf:de:a8:cc:e0:7d:29:a7:40:4c:3c:35:81:97:c3:
02:74:9c:59:36:ef:ef:ae:f7:8b:22:2a:a3:60:26:
4f:72:ed:ef:77:f3:46:39:4a:a7:a2:d3:2a:27:3c:
42:27:bf:2f:ba:fe:9e:83:df:2f:f8:f2:22:d9:73:
be:b4:c6:9d:3d:6e:22:6b:6b:ab:5b:68:27:1c:05:
aa:62:d8:b4:72:b1:90:d8:43:fb:1b:6d:a3:9d:30:
08:e3:61:14:41:2b:dc:f5:12:21:09:2a:89:73:c1:
02:7e:93:9c:ea:6f:19:66:a4:90:06:77:1e:f2:53:
b4:60:b2:0a:e5:8d:8e:6d:27:4a:ed:49:c9:20:ee:
3e:f1:1d:3b:9f:62:2b:37:8c:98:86:5b:29:c5:86:
60:4e:4e:b0:f6:c3:1e:3e:bf:f2:85:e2:fe:32:ca:
4b:d7:5b:33:33:e3:c2:86:43:5b:1a:a2:5b:dc:67:
0a:99:f8:f7:d3:cf:6a:34:d6:63:94:c8:7a:2c:78:
c4:60:82:33:b4:40:bb:56:6b:f5:b8:25:4a:c9:b7:
05:9f:82:bf:dd:f6:1a:ae:b2:73:c3:9a:cc:45:71:
bf:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:4E:69:EA:C6:FC:7E:8C:17:C2:68:89:1C:5A:9B:14:B6:FF:B3:2E
X509v3 Authority Key Identifier:
keyid:53:B6:2A:CE:61:5B:90:6B:42:AB:27:F4:FB:1D:20:3D:F3:6D:54:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U7YqzmFbkGtCqyf0-x0gPfNtVDY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/205p6sb8fowXwmiJHFqbFLb_sy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/U7YqzmFbkGtCqyf0-x0gPfNtVDY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.168.0/21
62.197.40.0/23
62.197.44.0/23
62.197.50.0/23
83.142.24.0/21
85.13.192.0/18
86.105.196.0/24
89.187.64.0/19
109.70.136.0/21
145.255.224.0/21
185.96.220.0/22
185.101.80.0/22
193.26.222.0/24
IPv6:
2a01:c0::/32
Signature Algorithm: sha256WithRSAEncryption
75:d6:4b:fb:a8:65:c3:43:65:18:df:fc:e0:ae:6e:51:58:f3:
6f:13:e0:d1:2e:98:96:24:f1:92:9c:8b:81:13:05:47:a3:ea:
6a:4a:11:9a:94:31:a8:e5:cb:d9:a8:54:27:23:61:f0:e9:6a:
8a:fe:24:60:f0:b2:f2:18:69:5a:a0:f6:f4:5c:ad:2c:c2:a7:
8b:3e:2e:3d:85:79:b6:8b:49:14:ed:30:65:9d:12:4b:b4:95:
3c:1c:5c:c0:32:ea:78:ef:aa:99:90:63:3c:e6:f3:27:76:4b:
e4:8f:39:c7:fd:c6:6b:a4:c0:39:c8:eb:22:4b:ee:40:02:1d:
fb:cc:ed:c0:7d:97:51:73:55:89:13:99:74:bb:6f:43:6f:fe:
ee:fb:21:09:c5:45:f0:d6:37:c4:92:25:de:c0:6b:63:4c:f4:
7e:41:b0:b9:a0:da:60:f8:c8:ed:6e:8d:e9:8e:7c:bb:e6:cd:
1b:db:99:a1:c0:0f:bd:4c:70:d4:a3:f3:9e:d8:ef:e2:0d:4a:
5f:e0:36:86:d4:5b:dd:0d:93:dd:d2:6b:c1:26:37:33:e3:0a:
3c:01:2c:47:b1:34:a2:6d:75:d3:77:d8:69:04:5d:0f:f1:6e:
ef:5e:33:ef:10:78:55:47:c2:a1:b9:2d:f0:ca:69:c3:cf:fc:
17:ac:3e:3c
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAYOx0fdQdMHT+kS6J7M3cd+yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYjYyYWNlNjE1YjkwNmI0MmFiMjdmNGZiMWQyMDNkZjM2
ZDU0MzYwHhcNMjIxMDA3MDk0MTExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjRlNjllYWM2ZmM3ZThjMTdjMjY4ODkxYzVhOWIxNGI2ZmZiMzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvK6DJ/HxH5tseZeNz7FrYyhLnfT9
EXA+RkPiZWfP3qjM4H0pp0BMPDWBl8MCdJxZNu/vrveLIiqjYCZPcu3vd/NGOUqn
otMqJzxCJ78vuv6eg98v+PIi2XO+tMadPW4ia2urW2gnHAWqYti0crGQ2EP7G22j
nTAI42EUQSvc9RIhCSqJc8ECfpOc6m8ZZqSQBnce8lO0YLIK5Y2ObSdK7UnJIO4+
8R07n2IrN4yYhlspxYZgTk6w9sMePr/yheL+MspL11szM+PChkNbGqJb3GcKmfj3
089qNNZjlMh6LHjEYIIztEC7Vmv1uCVKybcFn4K/3fYarrJzw5rMRXG/RQIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFNtOaerG/H6MF8JoiRxamxS2/7MuMB8GA1UdIwQY
MBaAFFO2Ks5hW5BrQqsn9PsdID3zbVQ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTdZcXptRmJrR3RDcXlmMC14MGdQZk50VkRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC84YjA3Y2QtMGNlZC00YWZjLThkMDIt
OTcyYTRjM2RjM2YzLzEvMjA1cDZzYjhmb3dYd21pSkhGcWJGTGJfc3k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC84YjA3Y2QtMGNlZC00YWZjLThkMDItOTcyYTRjM2RjM2Yz
LzEvVTdZcXptRmJrR3RDcXlmMC14MGdQZk50VkRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwQDH8GoAwQB
PsUoAwQBPsUsAwQBPsUyAwQDU44YAwQGVQ3AAwQAVmnEAwQFWbtAAwQDbUaIAwQD
kf/gAwQCuWDcAwQCuWVQAwQAwRreMA0EAgACMAcDBQAqAQDAMA0GCSqGSIb3DQEB
CwUAA4IBAQB11kv7qGXDQ2UY3/zgrm5RWPNvE+DRLpiWJPGSnIuBEwVHo+pqShGa
lDGo5cvZqFQnI2Hw6WqK/iRg8LLyGGlaoPb0XK0swqeLPi49hXm2i0kU7TBlnRJL
tJU8HFzAMup476qZkGM85vMndkvkjznH/cZrpMA5yOsiS+5AAh37zO3AfZdRc1WJ
E5l0u29Db/7u+yEJxUXw1jfEkiXewGtjTPR+QbC5oNpg+Mjtbo3pjny75s0b25mh
wA+9THDUo/Oe2O/iDUpf4DaG1FvdDZPd0mvBJjcz4wo8ASxHsTSibXXTd9hpBF0P
8W7vXjPvEHhVR8KhuS3wymnDz/wXrD48
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:50 2023 by rpki-client on console-ams.rpki-client.org