Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/3Myz1e98MjpGsUu6ivk7J2MkahY.roa
File: 3Myz1e98MjpGsUu6ivk7J2MkahY.roa (raw, json)
Hash identifier: UH0Bl1EARADmzx80uYa4YyJHs76N8Mb3Tl2AHAA5XwE=
Subject key identifier: DC:CC:B3:D5:EF:7C:32:3A:46:B1:4B:BA:8A:F9:3B:27:63:24:6A:16
Certificate issuer: /CN=53b62ace615b906b42ab27f4fb1d203df36d5436
Certificate serial: 0183AD1DC610BFA938F731F6E1665230D99A
Authority key identifier: 53:B6:2A:CE:61:5B:90:6B:42:AB:27:F4:FB:1D:20:3D:F3:6D:54:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U7YqzmFbkGtCqyf0-x0gPfNtVDY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/3Myz1e98MjpGsUu6ivk7J2MkahY.roa
Signing time: Thu 06 Oct 2022 11:45:53 +0000
ROA not before: Thu 06 Oct 2022 11:45:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31708
IP address blocks: 185.96.220.0/22 maxlen: 22
109.70.136.0/21 maxlen: 21
109.70.143.0/24 maxlen: 24
109.70.141.0/24 maxlen: 24
145.255.224.0/22 maxlen: 22
145.255.224.0/21 maxlen: 21
145.255.231.0/24 maxlen: 24
145.255.230.0/24 maxlen: 24
145.255.230.0/23 maxlen: 23
193.26.222.0/24 maxlen: 24
89.187.64.0/19 maxlen: 19
89.187.78.0/24 maxlen: 24
89.187.72.0/24 maxlen: 24
89.187.85.0/24 maxlen: 24
89.187.80.0/24 maxlen: 24
89.187.81.0/24 maxlen: 24
89.187.79.0/24 maxlen: 24
89.187.84.0/24 maxlen: 24
89.187.86.0/24 maxlen: 24
89.187.91.0/24 maxlen: 24
62.197.32.0/19 maxlen: 19
62.197.44.0/24 maxlen: 24
62.197.44.0/23 maxlen: 23
62.197.40.0/23 maxlen: 23
62.197.50.0/23 maxlen: 23
89.187.95.0/24 maxlen: 24
89.187.93.0/24 maxlen: 24
31.193.168.0/21 maxlen: 21
31.193.170.0/24 maxlen: 24
86.105.196.0/24 maxlen: 24
85.13.192.0/24 maxlen: 24
185.101.80.0/22 maxlen: 24
185.101.80.0/23 maxlen: 23
185.101.83.0/24 maxlen: 24
85.13.199.0/24 maxlen: 24
85.13.192.0/18 maxlen: 18
85.13.208.0/24 maxlen: 24
85.13.209.0/24 maxlen: 24
85.13.214.0/24 maxlen: 24
85.13.216.0/24 maxlen: 24
85.13.222.0/24 maxlen: 24
83.142.28.0/24 maxlen: 24
83.142.29.0/24 maxlen: 24
85.13.228.0/24 maxlen: 24
85.13.230.0/24 maxlen: 24
85.13.234.0/24 maxlen: 24
85.13.247.0/24 maxlen: 24
83.142.24.0/21 maxlen: 21
2a01:c0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ad:1d:c6:10:bf:a9:38:f7:31:f6:e1:66:52:30:d9:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53b62ace615b906b42ab27f4fb1d203df36d5436
Validity
Not Before: Oct 6 11:45:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dcccb3d5ef7c323a46b14bba8af93b2763246a16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:9f:f0:2b:f3:57:a6:cf:09:6c:31:57:a5:ca:
79:82:e9:55:d5:e3:08:39:4c:ca:49:58:94:bb:e4:
9c:70:e5:25:0b:d9:90:64:37:b6:f6:a5:06:dd:39:
1a:42:d8:87:e6:3d:29:fd:82:5c:0f:d0:dd:e3:9e:
28:1c:a4:ef:44:c7:39:6e:84:f2:3b:c7:c2:f2:b9:
32:d0:42:ee:9f:a8:43:5d:9d:79:4e:fd:88:fe:8c:
11:7b:1f:9f:4f:e0:3f:78:32:44:0a:ee:24:9a:6f:
dc:de:60:7e:bc:aa:d6:cc:e6:3e:31:96:d5:06:0d:
9a:be:66:da:e6:23:11:ab:ef:5f:75:ac:5f:c4:00:
6d:29:9d:76:5a:09:d2:16:75:d2:dd:43:9c:32:4f:
04:34:c7:38:a6:a6:62:3c:f2:7a:90:eb:35:50:c7:
e6:0b:80:41:e4:09:52:1d:24:7c:fc:1f:97:bf:8c:
41:1f:54:d6:cf:81:28:34:fd:c4:76:95:fd:bd:45:
97:4c:47:4a:da:d3:f9:da:45:ad:08:13:2e:07:6c:
76:a7:6b:85:b5:d9:2b:d1:4d:a2:7f:ad:b3:4c:70:
ef:55:6e:ba:96:9d:bc:c5:2d:4b:c5:1a:4a:b3:90:
2b:49:08:22:6e:44:79:f6:37:21:9c:d5:96:72:ce:
f2:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:CC:B3:D5:EF:7C:32:3A:46:B1:4B:BA:8A:F9:3B:27:63:24:6A:16
X509v3 Authority Key Identifier:
keyid:53:B6:2A:CE:61:5B:90:6B:42:AB:27:F4:FB:1D:20:3D:F3:6D:54:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U7YqzmFbkGtCqyf0-x0gPfNtVDY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/3Myz1e98MjpGsUu6ivk7J2MkahY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/U7YqzmFbkGtCqyf0-x0gPfNtVDY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.168.0/21
62.197.32.0/19
83.142.24.0/21
85.13.192.0/18
86.105.196.0/24
89.187.64.0/19
109.70.136.0/21
145.255.224.0/21
185.96.220.0/22
185.101.80.0/22
193.26.222.0/24
IPv6:
2a01:c0::/32
Signature Algorithm: sha256WithRSAEncryption
00:14:47:e5:c4:90:09:c3:bb:19:be:fc:01:8d:a8:c9:e6:09:
87:77:93:8b:4c:96:4a:01:1f:c2:14:04:7a:fc:51:6c:2a:fd:
58:22:60:3e:f7:f5:a6:9e:b4:9b:cc:2d:55:80:a3:59:8f:98:
2f:ab:5e:15:72:b7:3b:eb:bd:eb:b5:26:22:1d:bd:58:73:75:
0a:8e:56:c9:ff:47:2a:cc:80:53:2d:c5:3c:98:6b:42:c7:13:
51:3f:f8:3d:01:07:e2:aa:b1:ed:a3:68:8e:30:41:c9:1e:99:
16:f2:2d:f6:fd:31:5c:9b:bb:da:b7:4c:51:c4:66:8e:ea:18:
ef:1f:ce:0c:25:4e:4f:18:70:cf:9d:8f:41:81:e6:64:00:b0:
50:3d:07:55:ac:e3:82:18:de:b4:23:39:f3:fe:28:70:29:d8:
57:40:c8:be:89:c6:ab:15:53:48:77:bf:fa:18:73:85:d9:77:
d5:bd:0b:72:de:7f:a6:5a:8a:d8:03:ac:1c:f9:2d:fa:4f:15:
d6:bb:06:47:77:f8:de:bc:cc:ed:11:78:95:88:0b:e5:fe:76:
5e:28:af:7c:e8:44:a6:ac:95:04:ed:35:99:b9:59:fc:c4:54:
36:ee:79:a2:a0:da:5e:9e:56:45:d7:41:18:11:89:6f:fc:98:
2b:2a:a7:3c
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAYOtHcYQv6k49zH24WZSMNmaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYjYyYWNlNjE1YjkwNmI0MmFiMjdmNGZiMWQyMDNkZjM2
ZDU0MzYwHhcNMjIxMDA2MTE0NTUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2NjYjNkNWVmN2MzMjNhNDZiMTRiYmE4YWY5M2IyNzYzMjQ2YTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi5/wK/NXps8JbDFXpcp5gulV1eMI
OUzKSViUu+SccOUlC9mQZDe29qUG3TkaQtiH5j0p/YJcD9Dd454oHKTvRMc5boTy
O8fC8rky0ELun6hDXZ15Tv2I/owRex+fT+A/eDJECu4kmm/c3mB+vKrWzOY+MZbV
Bg2avmba5iMRq+9fdaxfxABtKZ12WgnSFnXS3UOcMk8ENMc4pqZiPPJ6kOs1UMfm
C4BB5AlSHSR8/B+Xv4xBH1TWz4EoNP3EdpX9vUWXTEdK2tP52kWtCBMuB2x2p2uF
tdkr0U2if62zTHDvVW66lp28xS1LxRpKs5ArSQgibkR59jchnNWWcs7yjwIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFNzMs9XvfDI6RrFLuor5OydjJGoWMB8GA1UdIwQY
MBaAFFO2Ks5hW5BrQqsn9PsdID3zbVQ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTdZcXptRmJrR3RDcXlmMC14MGdQZk50VkRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC84YjA3Y2QtMGNlZC00YWZjLThkMDIt
OTcyYTRjM2RjM2YzLzEvM015ejFlOThNanBHc1V1Nml2azdKMk1rYWhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC84YjA3Y2QtMGNlZC00YWZjLThkMDItOTcyYTRjM2RjM2Yz
LzEvVTdZcXptRmJrR3RDcXlmMC14MGdQZk50VkRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQDH8GoAwQF
PsUgAwQDU44YAwQGVQ3AAwQAVmnEAwQFWbtAAwQDbUaIAwQDkf/gAwQCuWDcAwQC
uWVQAwQAwRreMA0EAgACMAcDBQAqAQDAMA0GCSqGSIb3DQEBCwUAA4IBAQAAFEfl
xJAJw7sZvvwBjajJ5gmHd5OLTJZKAR/CFAR6/FFsKv1YImA+9/WmnrSbzC1VgKNZ
j5gvq14Vcrc7673rtSYiHb1Yc3UKjlbJ/0cqzIBTLcU8mGtCxxNRP/g9AQfiqrHt
o2iOMEHJHpkW8i32/TFcm7vat0xRxGaO6hjvH84MJU5PGHDPnY9BgeZkALBQPQdV
rOOCGN60Iznz/ihwKdhXQMi+icarFVNId7/6GHOF2XfVvQty3n+mWorYA6wc+S36
TxXWuwZHd/jevMztEXiViAvl/nZeKK986ESmrJUE7TWZuVn8xFQ27nmioNpenlZF
10EYEYlv/JgrKqc8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:57 2024 by rpki-client on console-fra.rpki-client.org