Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/AGcKg-7A6AKXOlAU5o4kM26XH-k.roa
File: AGcKg-7A6AKXOlAU5o4kM26XH-k.roa (raw, json)
Hash identifier: ZBo+YifcnKgRJRhx8Kzn/iKPhGBQoK3+ACqFDn45fhA=
Subject key identifier: 00:67:0A:83:EE:C0:E8:02:97:3A:50:14:E6:8E:24:33:6E:97:1F:E9
Certificate issuer: /CN=53b62ace615b906b42ab27f4fb1d203df36d5436
Certificate serial: 0AF06036
Authority key identifier: 53:B6:2A:CE:61:5B:90:6B:42:AB:27:F4:FB:1D:20:3D:F3:6D:54:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U7YqzmFbkGtCqyf0-x0gPfNtVDY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/AGcKg-7A6AKXOlAU5o4kM26XH-k.roa
Signing time: Mon 25 Apr 2022 23:30:31 +0000
ROA not before: Mon 25 Apr 2022 23:30:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31708
IP address blocks: 185.96.220.0/22 maxlen: 22
109.70.136.0/21 maxlen: 21
109.70.143.0/24 maxlen: 24
109.70.141.0/24 maxlen: 24
145.255.224.0/21 maxlen: 21
145.255.231.0/24 maxlen: 24
145.255.230.0/23 maxlen: 23
145.255.230.0/24 maxlen: 24
193.26.222.0/24 maxlen: 24
31.193.168.0/21 maxlen: 21
31.193.170.0/24 maxlen: 24
86.105.196.0/24 maxlen: 24
85.13.192.0/24 maxlen: 24
185.101.80.0/23 maxlen: 23
185.101.83.0/24 maxlen: 24
85.13.192.0/18 maxlen: 18
89.187.64.0/19 maxlen: 19
85.13.199.0/24 maxlen: 24
85.13.208.0/24 maxlen: 24
89.187.72.0/24 maxlen: 24
85.13.209.0/24 maxlen: 24
89.187.78.0/24 maxlen: 24
89.187.85.0/24 maxlen: 24
89.187.80.0/24 maxlen: 24
89.187.81.0/24 maxlen: 24
85.13.214.0/24 maxlen: 24
89.187.79.0/24 maxlen: 24
89.187.84.0/24 maxlen: 24
85.13.216.0/24 maxlen: 24
85.13.222.0/24 maxlen: 24
89.187.86.0/24 maxlen: 24
89.187.91.0/24 maxlen: 24
62.197.32.0/19 maxlen: 19
62.197.44.0/24 maxlen: 24
83.142.28.0/24 maxlen: 24
83.142.29.0/24 maxlen: 24
89.187.95.0/24 maxlen: 24
85.13.228.0/24 maxlen: 24
89.187.93.0/24 maxlen: 24
85.13.230.0/24 maxlen: 24
85.13.234.0/24 maxlen: 24
85.13.247.0/24 maxlen: 24
83.142.24.0/21 maxlen: 21
2a01:c0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 183525430 (0xaf06036)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53b62ace615b906b42ab27f4fb1d203df36d5436
Validity
Not Before: Apr 25 23:30:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=00670a83eec0e802973a5014e68e24336e971fe9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:1a:76:cd:53:fb:f5:52:e8:c7:f6:5a:61:30:
dc:a0:2d:9b:14:2e:01:74:db:52:ed:d0:03:b2:db:
80:30:be:77:6d:6f:2d:0a:6f:d0:3c:cd:77:3d:52:
65:0b:7d:c2:5e:3f:93:24:d3:75:35:2b:4f:66:a2:
25:dc:00:8e:37:77:e2:9c:f8:18:c9:51:f7:bb:eb:
9e:d4:7d:37:a5:15:85:90:a8:fd:0d:0e:dd:f6:09:
00:3f:4f:ea:7f:d4:ad:24:96:dd:6e:1f:64:02:d3:
93:47:f4:b6:c3:31:ed:cc:e5:88:52:69:95:a4:9a:
d1:51:10:45:c2:b8:ae:ef:96:85:1e:58:de:51:86:
71:11:b1:e2:56:b3:4a:b3:31:27:7d:a0:8e:5b:6f:
3a:b0:fb:2a:d3:7f:3f:4e:2e:ef:2b:fe:94:1c:4b:
ca:d4:fa:9d:8c:e9:fc:62:44:87:9f:ab:ee:42:99:
95:c1:e8:83:e5:40:12:4d:7a:db:fa:10:25:f5:5c:
76:d7:4b:99:92:68:dd:78:9e:ad:c8:08:af:87:73:
d5:e3:ef:e5:37:77:39:55:97:17:25:e7:bc:67:c8:
ed:df:4c:fa:44:a1:1c:d1:ef:75:24:61:b4:90:75:
90:23:d7:e0:ff:99:c7:bd:2c:66:74:b5:8c:df:ba:
b1:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:67:0A:83:EE:C0:E8:02:97:3A:50:14:E6:8E:24:33:6E:97:1F:E9
X509v3 Authority Key Identifier:
keyid:53:B6:2A:CE:61:5B:90:6B:42:AB:27:F4:FB:1D:20:3D:F3:6D:54:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U7YqzmFbkGtCqyf0-x0gPfNtVDY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/AGcKg-7A6AKXOlAU5o4kM26XH-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/U7YqzmFbkGtCqyf0-x0gPfNtVDY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.168.0/21
62.197.32.0/19
83.142.24.0/21
85.13.192.0/18
86.105.196.0/24
89.187.64.0/19
109.70.136.0/21
145.255.224.0/21
185.96.220.0/22
185.101.80.0/23
185.101.83.0/24
193.26.222.0/24
IPv6:
2a01:c0::/32
Signature Algorithm: sha256WithRSAEncryption
0d:52:87:79:18:b3:42:98:1f:ea:2d:50:98:10:21:11:bc:e2:
d9:26:c5:c6:54:f3:9c:47:37:2b:b9:6b:95:18:6f:33:91:8d:
ab:e5:77:c5:ce:be:51:a0:e2:34:56:02:54:cc:38:a6:99:f0:
b9:8e:e5:5a:63:f4:ba:4b:44:25:ec:bb:d1:d6:8f:29:16:e6:
e7:1a:11:e4:3a:76:18:8c:73:da:5c:e1:99:35:22:88:de:83:
79:97:83:64:de:6f:29:42:d7:09:98:25:2b:7a:f6:6c:16:45:
4e:67:53:dd:f5:97:e1:67:dd:81:bd:ac:fe:46:b2:42:e7:64:
ca:99:7c:e1:79:17:ff:7e:8e:90:5c:e1:fa:27:69:7e:54:9c:
4d:eb:e8:1a:df:6e:ad:f0:c0:f7:b8:f8:29:e7:a7:1d:6b:d5:
65:bc:da:30:c5:1c:16:00:6a:6e:53:ca:50:88:8c:fa:3a:6a:
65:c5:1e:21:7f:76:85:eb:75:b3:77:15:60:65:84:7a:e6:12:
bc:8e:cb:12:be:5a:94:6e:67:4d:2e:f8:c6:47:22:9d:71:09:
0c:b2:05:3d:61:14:12:e1:86:4e:00:6a:e1:64:e3:cd:85:a2:
e3:81:62:b1:0a:30:6f:68:0a:f5:77:dd:90:65:f3:59:18:ea:
45:1e:70:04
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIECvBgNjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
M2I2MmFjZTYxNWI5MDZiNDJhYjI3ZjRmYjFkMjAzZGYzNmQ1NDM2MB4XDTIyMDQy
NTIzMzAzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDA2NzBhODNlZWMw
ZTgwMjk3M2E1MDE0ZTY4ZTI0MzM2ZTk3MWZlOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALEads1T+/VS6Mf2WmEw3KAtmxQuAXTbUu3QA7LbgDC+d21v
LQpv0DzNdz1SZQt9wl4/kyTTdTUrT2aiJdwAjjd34pz4GMlR97vrntR9N6UVhZCo
/Q0O3fYJAD9P6n/UrSSW3W4fZALTk0f0tsMx7czliFJplaSa0VEQRcK4ru+WhR5Y
3lGGcRGx4lazSrMxJ32gjltvOrD7KtN/P04u7yv+lBxLytT6nYzp/GJEh5+r7kKZ
lcHog+VAEk162/oQJfVcdtdLmZJo3XiercgIr4dz1ePv5Td3OVWXFyXnvGfI7d9M
+kShHNHvdSRhtJB1kCPX4P+Zx70sZnS1jN+6sZkCAwEAAaOCAlowggJWMB0GA1Ud
DgQWBBQAZwqD7sDoApc6UBTmjiQzbpcf6TAfBgNVHSMEGDAWgBRTtirOYVuQa0Kr
J/T7HSA9821UNjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1U3WXF6bUZia0d0Q3F5ZjAteDBnUGZOdFZEWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWQvOGIwN2NkLTBjZWQtNGFmYy04ZDAyLTk3MmE0YzNkYzNmMy8x
L0FHY0tnLTdBNkFLWE9sQVU1bzRrTTI2WEgtay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWQv
OGIwN2NkLTBjZWQtNGFmYy04ZDAyLTk3MmE0YzNkYzNmMy8xL1U3WXF6bUZia0d0
Q3F5ZjAteDBnUGZOdFZEWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBw
BggrBgEFBQcBBwEB/wRhMF8wTgQCAAEwSAMEAx/BqAMEBT7FIAMEA1OOGAMEBlUN
wAMEAFZpxAMEBVm7QAMEA21GiAMEA5H/4AMEArlg3AMEAbllUAMEALllUwMEAMEa
3jANBAIAAjAHAwUAKgEAwDANBgkqhkiG9w0BAQsFAAOCAQEADVKHeRizQpgf6i1Q
mBAhEbzi2SbFxlTznEc3K7lrlRhvM5GNq+V3xc6+UaDiNFYCVMw4ppnwuY7lWmP0
uktEJey70daPKRbm5xoR5Dp2GIxz2lzhmTUiiN6DeZeDZN5vKULXCZglK3r2bBZF
TmdT3fWX4Wfdgb2s/kayQudkypl84XkX/36OkFzh+idpflScTevoGt9urfDA97j4
KeenHWvVZbzaMMUcFgBqblPKUIiM+jpqZcUeIX92het1s3cVYGWEeuYSvI7LEr5a
lG5nTS74xkcinXEJDLIFPWEUEuGGTgBq4WTjzYWi44FisQowb2gK9XfdkGXzWRjq
RR5wBA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:15 2024 by rpki-client on console-ams.rpki-client.org