Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/DEs7Ls6qm2asCIGSJUTh2dLNiZY.roa
File: DEs7Ls6qm2asCIGSJUTh2dLNiZY.roa (raw, json)
Hash identifier: npgYL6uz4UhqhU4ruxLhkMM6P9Yb+IkwCiEjdKmZyKg=
Subject key identifier: 0C:4B:3B:2E:CE:AA:9B:66:AC:08:81:92:25:44:E1:D9:D2:CD:89:96
Certificate issuer: /CN=53b62ace615b906b42ab27f4fb1d203df36d5436
Certificate serial: 018216BA4DF870487C48A2487F71398BDF98
Authority key identifier: 53:B6:2A:CE:61:5B:90:6B:42:AB:27:F4:FB:1D:20:3D:F3:6D:54:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U7YqzmFbkGtCqyf0-x0gPfNtVDY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/DEs7Ls6qm2asCIGSJUTh2dLNiZY.roa
Signing time: Tue 19 Jul 2022 13:51:24 +0000
ROA not before: Tue 19 Jul 2022 13:51:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31708
IP address blocks: 185.96.220.0/22 maxlen: 22
109.70.136.0/21 maxlen: 21
109.70.143.0/24 maxlen: 24
109.70.141.0/24 maxlen: 24
145.255.224.0/22 maxlen: 22
145.255.224.0/21 maxlen: 21
145.255.231.0/24 maxlen: 24
145.255.230.0/24 maxlen: 24
145.255.230.0/23 maxlen: 23
193.26.222.0/24 maxlen: 24
31.193.168.0/21 maxlen: 21
31.193.170.0/24 maxlen: 24
86.105.196.0/24 maxlen: 24
85.13.192.0/24 maxlen: 24
185.101.80.0/23 maxlen: 23
185.101.80.0/22 maxlen: 22
185.101.83.0/24 maxlen: 24
85.13.192.0/18 maxlen: 18
89.187.64.0/19 maxlen: 19
85.13.199.0/24 maxlen: 24
85.13.208.0/24 maxlen: 24
89.187.72.0/24 maxlen: 24
85.13.209.0/24 maxlen: 24
89.187.78.0/24 maxlen: 24
89.187.85.0/24 maxlen: 24
89.187.80.0/24 maxlen: 24
89.187.81.0/24 maxlen: 24
85.13.214.0/24 maxlen: 24
89.187.79.0/24 maxlen: 24
89.187.84.0/24 maxlen: 24
85.13.216.0/24 maxlen: 24
85.13.222.0/24 maxlen: 24
89.187.86.0/24 maxlen: 24
89.187.91.0/24 maxlen: 24
62.197.32.0/19 maxlen: 19
62.197.44.0/24 maxlen: 24
83.142.28.0/24 maxlen: 24
83.142.29.0/24 maxlen: 24
89.187.95.0/24 maxlen: 24
85.13.228.0/24 maxlen: 24
89.187.93.0/24 maxlen: 24
85.13.230.0/24 maxlen: 24
85.13.234.0/24 maxlen: 24
85.13.247.0/24 maxlen: 24
83.142.24.0/21 maxlen: 21
2a01:c0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:16:ba:4d:f8:70:48:7c:48:a2:48:7f:71:39:8b:df:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53b62ace615b906b42ab27f4fb1d203df36d5436
Validity
Not Before: Jul 19 13:51:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0c4b3b2eceaa9b66ac0881922544e1d9d2cd8996
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ec:45:80:e7:92:4e:14:22:27:32:db:89:60:
78:b4:1d:e0:d0:b0:cc:3f:b2:2b:5e:04:3c:8d:c3:
f3:81:49:3f:d1:c2:fa:b8:ae:ec:79:6b:82:1a:48:
ff:2d:49:84:41:73:19:f4:24:3f:bd:84:10:7b:ac:
25:37:81:04:92:5a:d7:bc:59:4b:5a:26:c6:fa:72:
24:86:b2:1a:a3:88:e4:d0:59:cf:6a:a5:ba:12:77:
9d:a7:e5:0d:b8:30:bd:f0:91:e2:7d:fa:92:26:cc:
29:ec:2a:85:79:52:c3:91:b9:d9:88:0e:55:01:d4:
17:ad:a4:65:71:f7:cb:39:ed:1b:1a:1b:59:ad:89:
b4:88:c5:ef:17:d2:c6:c5:a5:15:e2:ee:4e:83:33:
41:6d:fc:63:99:00:ab:78:5b:7c:b0:d7:18:a4:da:
23:d4:56:3b:fe:03:1d:23:ae:26:d0:d9:bc:09:11:
83:76:39:70:6f:10:a7:4e:87:89:43:49:0f:98:33:
f2:f8:8f:63:0e:d5:aa:96:71:02:40:92:cb:3a:8f:
78:22:f4:2e:e3:74:16:c4:77:91:84:20:31:7f:a3:
1c:0c:98:b1:87:4b:11:ea:5b:3e:fa:30:24:0b:ca:
ea:7e:e1:9b:4e:f8:60:46:42:5d:de:f3:0f:c3:eb:
f5:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:4B:3B:2E:CE:AA:9B:66:AC:08:81:92:25:44:E1:D9:D2:CD:89:96
X509v3 Authority Key Identifier:
keyid:53:B6:2A:CE:61:5B:90:6B:42:AB:27:F4:FB:1D:20:3D:F3:6D:54:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U7YqzmFbkGtCqyf0-x0gPfNtVDY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/DEs7Ls6qm2asCIGSJUTh2dLNiZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/U7YqzmFbkGtCqyf0-x0gPfNtVDY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.168.0/21
62.197.32.0/19
83.142.24.0/21
85.13.192.0/18
86.105.196.0/24
89.187.64.0/19
109.70.136.0/21
145.255.224.0/21
185.96.220.0/22
185.101.80.0/22
193.26.222.0/24
IPv6:
2a01:c0::/32
Signature Algorithm: sha256WithRSAEncryption
77:db:d7:cc:7f:61:ad:c3:3f:c5:da:6d:a8:08:3f:d4:49:45:
50:f7:e1:34:8f:76:1d:57:a2:bf:ec:96:9c:8b:27:09:49:98:
04:50:e6:37:ff:7f:9e:74:fc:28:93:6f:2b:39:11:42:1e:fa:
4b:07:6a:cf:a4:1b:a0:ee:cd:09:df:54:5c:ba:e8:17:83:08:
86:40:ca:64:04:35:7b:cc:23:11:96:c6:e7:32:36:c9:2a:0a:
e5:a3:86:e1:d2:8d:6d:ae:15:45:44:14:df:35:fc:bb:6e:56:
9d:5b:ba:d6:25:f6:a8:7e:1f:bf:8c:5a:b7:22:8c:4c:4e:a3:
d7:ad:25:82:e8:7f:8e:35:44:44:fc:4e:f9:e1:c1:e6:81:49:
1b:08:f4:95:cb:b6:19:84:10:3a:0a:d0:fe:e2:39:f9:63:33:
8f:73:98:88:cb:ed:0d:dd:b1:f6:d2:f9:10:30:04:6d:15:3c:
b8:1f:fb:1b:8c:88:9c:03:b4:d5:81:91:37:83:37:b0:a0:ee:
00:28:a8:f1:00:71:95:96:f7:5e:b0:c0:5f:0c:40:86:c3:45:
41:49:02:cd:3c:1d:8f:22:b6:e0:c7:3c:0e:46:c2:87:00:52:
4a:b2:ba:9f:0a:a0:98:79:76:bb:14:1f:13:9e:a5:49:c2:d5:
36:49:56:58
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAYIWuk34cEh8SKJIf3E5i9+YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYjYyYWNlNjE1YjkwNmI0MmFiMjdmNGZiMWQyMDNkZjM2
ZDU0MzYwHhcNMjIwNzE5MTM1MTI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzRiM2IyZWNlYWE5YjY2YWMwODgxOTIyNTQ0ZTFkOWQyY2Q4OTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhOxFgOeSThQiJzLbiWB4tB3g0LDM
P7IrXgQ8jcPzgUk/0cL6uK7seWuCGkj/LUmEQXMZ9CQ/vYQQe6wlN4EEklrXvFlL
WibG+nIkhrIao4jk0FnPaqW6Enedp+UNuDC98JHiffqSJswp7CqFeVLDkbnZiA5V
AdQXraRlcffLOe0bGhtZrYm0iMXvF9LGxaUV4u5OgzNBbfxjmQCreFt8sNcYpNoj
1FY7/gMdI64m0Nm8CRGDdjlwbxCnToeJQ0kPmDPy+I9jDtWqlnECQJLLOo94IvQu
43QWxHeRhCAxf6McDJixh0sR6ls++jAkC8rqfuGbTvhgRkJd3vMPw+v11wIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFAxLOy7OqptmrAiBkiVE4dnSzYmWMB8GA1UdIwQY
MBaAFFO2Ks5hW5BrQqsn9PsdID3zbVQ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTdZcXptRmJrR3RDcXlmMC14MGdQZk50VkRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC84YjA3Y2QtMGNlZC00YWZjLThkMDIt
OTcyYTRjM2RjM2YzLzEvREVzN0xzNnFtMmFzQ0lHU0pVVGgyZExOaVpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC84YjA3Y2QtMGNlZC00YWZjLThkMDItOTcyYTRjM2RjM2Yz
LzEvVTdZcXptRmJrR3RDcXlmMC14MGdQZk50VkRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQDH8GoAwQF
PsUgAwQDU44YAwQGVQ3AAwQAVmnEAwQFWbtAAwQDbUaIAwQDkf/gAwQCuWDcAwQC
uWVQAwQAwRreMA0EAgACMAcDBQAqAQDAMA0GCSqGSIb3DQEBCwUAA4IBAQB329fM
f2Gtwz/F2m2oCD/USUVQ9+E0j3YdV6K/7JaciycJSZgEUOY3/3+edPwok28rORFC
HvpLB2rPpBug7s0J31RcuugXgwiGQMpkBDV7zCMRlsbnMjbJKgrlo4bh0o1trhVF
RBTfNfy7bladW7rWJfaofh+/jFq3IoxMTqPXrSWC6H+ONURE/E754cHmgUkbCPSV
y7YZhBA6CtD+4jn5YzOPc5iIy+0N3bH20vkQMARtFTy4H/sbjIicA7TVgZE3gzew
oO4AKKjxAHGVlvdesMBfDECGw0VBSQLNPB2PIrbgxzwORsKHAFJKsrqfCqCYeXa7
FB8TnqVJwtU2SVZY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:15 2024 by rpki-client on console-ams.rpki-client.org