Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/7-XHCGzRk5ovDitMEhUSLLjVL88.roa
File: 7-XHCGzRk5ovDitMEhUSLLjVL88.roa (raw, json)
Hash identifier: YOn+hIXepxBD7s2nJEh6KiOkvaoRaTxtfBD0Vx0sPn4=
Subject key identifier: EF:E5:C7:08:6C:D1:93:9A:2F:0E:2B:4C:12:15:12:2C:B8:D5:2F:CF
Certificate issuer: /CN=53b62ace615b906b42ab27f4fb1d203df36d5436
Certificate serial: 01902BC40DEBC6921AAF5AF973F3F2F83A53
Authority key identifier: 53:B6:2A:CE:61:5B:90:6B:42:AB:27:F4:FB:1D:20:3D:F3:6D:54:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U7YqzmFbkGtCqyf0-x0gPfNtVDY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/7-XHCGzRk5ovDitMEhUSLLjVL88.roa
Signing time: Tue 18 Jun 2024 14:33:07 +0000
ROA not before: Tue 18 Jun 2024 14:33:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31708
IP address blocks: 31.193.168.0/21 maxlen: 21
31.193.170.0/24 maxlen: 24
62.197.40.0/23 maxlen: 23
62.197.44.0/23 maxlen: 23
62.197.44.0/24 maxlen: 24
62.197.50.0/23 maxlen: 23
83.142.24.0/22 maxlen: 22
83.142.28.0/24 maxlen: 24
83.142.29.0/24 maxlen: 24
85.13.192.0/18 maxlen: 18
85.13.192.0/24 maxlen: 24
85.13.199.0/24 maxlen: 24
85.13.208.0/24 maxlen: 24
85.13.209.0/24 maxlen: 24
85.13.214.0/24 maxlen: 24
85.13.216.0/24 maxlen: 24
85.13.222.0/24 maxlen: 24
85.13.228.0/24 maxlen: 24
85.13.230.0/24 maxlen: 24
85.13.234.0/24 maxlen: 24
85.13.247.0/24 maxlen: 24
85.13.251.0/24 maxlen: 24
89.187.64.0/22 maxlen: 22
89.187.70.0/23 maxlen: 23
89.187.72.0/24 maxlen: 24
89.187.74.0/23 maxlen: 23
89.187.76.0/24 maxlen: 24
89.187.78.0/23 maxlen: 23
89.187.78.0/24 maxlen: 24
89.187.79.0/24 maxlen: 24
89.187.80.0/21 maxlen: 21
89.187.80.0/24 maxlen: 24
89.187.81.0/24 maxlen: 24
89.187.84.0/24 maxlen: 24
89.187.85.0/24 maxlen: 24
89.187.86.0/24 maxlen: 24
89.187.88.0/22 maxlen: 22
89.187.91.0/24 maxlen: 24
89.187.92.0/24 maxlen: 24
89.187.94.0/23 maxlen: 23
89.187.95.0/24 maxlen: 24
109.70.136.0/21 maxlen: 21
109.70.141.0/24 maxlen: 24
109.70.143.0/24 maxlen: 24
193.26.222.0/24 maxlen: 24
2a01:c0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:2b:c4:0d:eb:c6:92:1a:af:5a:f9:73:f3:f2:f8:3a:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53b62ace615b906b42ab27f4fb1d203df36d5436
Validity
Not Before: Jun 18 14:33:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=efe5c7086cd1939a2f0e2b4c1215122cb8d52fcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:0f:f3:fc:f1:2f:bd:21:bc:cd:e5:76:b1:4f:
2e:25:34:19:dc:15:b0:f9:fe:e4:73:b2:68:48:7a:
50:00:4d:93:6b:87:d2:5e:db:32:70:26:35:cf:dc:
c9:57:db:80:f5:59:50:67:ba:84:6c:95:e5:2c:01:
22:eb:ba:c2:6c:50:1d:46:56:2d:59:45:c5:b7:c0:
07:11:c6:0d:b6:67:f8:26:81:fa:7a:60:b1:4e:9b:
61:1d:54:3d:ae:26:25:a2:70:1c:9e:4e:65:b6:3f:
fe:e0:cb:ca:67:87:b9:92:bb:e5:c7:80:e8:8f:f4:
84:c8:76:fe:ad:8e:93:be:9d:8a:17:45:88:50:f5:
82:5a:a6:2f:15:cc:b0:cd:25:6c:60:11:4f:55:38:
62:ae:69:5c:eb:40:af:99:75:ac:23:e9:ac:9f:46:
b9:98:14:de:2b:16:72:7c:3c:e5:32:86:f5:97:42:
1d:b3:36:36:4c:56:bd:f4:68:e5:6a:21:79:54:cf:
6c:e0:bd:56:51:20:40:78:9e:19:a2:7e:14:92:0d:
32:77:74:e4:80:c0:79:80:e8:9f:ae:81:02:50:81:
9c:35:bf:db:bc:a6:34:c7:b9:97:b0:66:10:71:c6:
fb:91:28:d9:91:78:9b:08:ba:b2:36:61:d1:d5:59:
5a:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:E5:C7:08:6C:D1:93:9A:2F:0E:2B:4C:12:15:12:2C:B8:D5:2F:CF
X509v3 Authority Key Identifier:
keyid:53:B6:2A:CE:61:5B:90:6B:42:AB:27:F4:FB:1D:20:3D:F3:6D:54:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U7YqzmFbkGtCqyf0-x0gPfNtVDY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/7-XHCGzRk5ovDitMEhUSLLjVL88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/U7YqzmFbkGtCqyf0-x0gPfNtVDY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.168.0/21
62.197.40.0/23
62.197.44.0/23
62.197.50.0/23
83.142.24.0-83.142.29.255
85.13.192.0/18
89.187.64.0/22
89.187.70.0-89.187.72.255
89.187.74.0-89.187.76.255
89.187.78.0-89.187.92.255
89.187.94.0/23
109.70.136.0/21
193.26.222.0/24
IPv6:
2a01:c0::/32
Signature Algorithm: sha256WithRSAEncryption
a1:ca:ff:c5:db:0a:82:0d:76:68:85:08:3b:72:aa:e7:9a:87:
9f:09:1c:7e:6f:f2:1b:a6:38:55:6b:37:f8:9d:42:14:ee:24:
38:67:54:09:4b:6b:d2:45:a8:5d:e3:7d:68:d0:f7:3f:45:43:
0c:96:76:6f:90:a9:8f:6a:1e:3f:22:38:ef:fe:53:d2:68:8b:
f7:3e:ab:72:f0:2b:4f:e2:44:6b:f4:27:e8:a9:dc:06:a5:e9:
a0:87:04:9b:a5:8c:ee:f5:3e:91:5d:6f:0c:b7:a4:f3:aa:fc:
4a:ad:84:15:e3:7c:4e:a7:33:ae:e8:15:3f:b5:bc:fa:00:f3:
3f:52:00:df:f3:9f:e0:12:9c:88:10:22:ff:67:5b:bd:97:f4:
cc:29:fc:7d:25:e0:0c:74:a7:24:ec:bf:42:16:df:a6:ff:b0:
53:f3:91:86:f1:f3:84:93:a2:d9:b8:af:62:9f:52:92:b1:2d:
3a:26:f0:55:10:46:af:27:83:98:d0:6e:6b:eb:4f:87:8e:57:
00:da:6f:11:b3:c5:72:2c:52:cf:63:3d:29:b0:d2:e1:e5:c8:
c9:0f:fa:f6:85:5d:f6:d1:8b:b2:dc:96:68:b2:17:d8:dc:4d:
63:fb:f4:c4:39:69:fc:dd:43:92:a6:1c:51:44:59:50:d5:f0:
47:ba:2e:07
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAZArxA3rxpIar1r5c/Py+DpTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYjYyYWNlNjE1YjkwNmI0MmFiMjdmNGZiMWQyMDNkZjM2
ZDU0MzYwHhcNMjQwNjE4MTQzMzA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmU1YzcwODZjZDE5MzlhMmYwZTJiNGMxMjE1MTIyY2I4ZDUyZmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwg/z/PEvvSG8zeV2sU8uJTQZ3BWw
+f7kc7JoSHpQAE2Ta4fSXtsycCY1z9zJV9uA9VlQZ7qEbJXlLAEi67rCbFAdRlYt
WUXFt8AHEcYNtmf4JoH6emCxTpthHVQ9riYlonAcnk5ltj/+4MvKZ4e5krvlx4Do
j/SEyHb+rY6Tvp2KF0WIUPWCWqYvFcywzSVsYBFPVThirmlc60CvmXWsI+msn0a5
mBTeKxZyfDzlMob1l0IdszY2TFa99GjlaiF5VM9s4L1WUSBAeJ4Zon4Ukg0yd3Tk
gMB5gOifroECUIGcNb/bvKY0x7mXsGYQccb7kSjZkXibCLqyNmHR1VlatQIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFO/lxwhs0ZOaLw4rTBIVEiy41S/PMB8GA1UdIwQY
MBaAFFO2Ks5hW5BrQqsn9PsdID3zbVQ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTdZcXptRmJrR3RDcXlmMC14MGdQZk50VkRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC84YjA3Y2QtMGNlZC00YWZjLThkMDIt
OTcyYTRjM2RjM2YzLzEvNy1YSENHelJrNW92RGl0TUVoVVNMTGpWTDg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC84YjA3Y2QtMGNlZC00YWZjLThkMDItOTcyYTRjM2RjM2Yz
LzEvVTdZcXptRmJrR3RDcXlmMC14MGdQZk50VkRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTB0BAIAATBuAwQDH8Go
AwQBPsUoAwQBPsUsAwQBPsUyMAwDBANTjhgDBAFTjhwDBAZVDcADBAJZu0AwDAME
AVm7RgMEAFm7SDAMAwQBWbtKAwQAWbtMMAwDBAFZu04DBABZu1wDBAFZu14DBANt
RogDBADBGt4wDQQCAAIwBwMFACoBAMAwDQYJKoZIhvcNAQELBQADggEBAKHK/8Xb
CoINdmiFCDtyqueah58JHH5v8humOFVrN/idQhTuJDhnVAlLa9JFqF3jfWjQ9z9F
QwyWdm+QqY9qHj8iOO/+U9Joi/c+q3LwK0/iRGv0J+ip3Aal6aCHBJuljO71PpFd
bwy3pPOq/EqthBXjfE6nM67oFT+1vPoA8z9SAN/zn+ASnIgQIv9nW72X9Mwp/H0l
4Ax0pyTsv0IW36b/sFPzkYbx84STotm4r2KfUpKxLTom8FUQRq8ng5jQbmvrT4eO
VwDabxGzxXIsUs9jPSmw0uHlyMkP+vaFXfbRi7LclmiyF9jcTWP79MQ5afzdQ5Km
HFFEWVDV8Ee6Lgc=
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:34:35 2025 by rpki-client