Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/F61icBkBAsW0H0alnBFoYe7rjSo.roa
File: F61icBkBAsW0H0alnBFoYe7rjSo.roa (raw, json)
Hash identifier: 55Bonf+Lz0nITKNHa5h5F54+7fIBchkDTY1gCOIEW9s=
Subject key identifier: 17:AD:62:70:19:01:02:C5:B4:1F:46:A5:9C:11:68:61:EE:EB:8D:2A
Certificate issuer: /CN=53b62ace615b906b42ab27f4fb1d203df36d5436
Certificate serial: 01862FFD37ABB6B4784C57BE65EA3B014B9F
Authority key identifier: 53:B6:2A:CE:61:5B:90:6B:42:AB:27:F4:FB:1D:20:3D:F3:6D:54:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U7YqzmFbkGtCqyf0-x0gPfNtVDY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/F61icBkBAsW0H0alnBFoYe7rjSo.roa
Signing time: Wed 08 Feb 2023 07:46:09 +0000
ROA not before: Wed 08 Feb 2023 07:46:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31708
IP address blocks: 109.70.136.0/21 maxlen: 21
109.70.143.0/24 maxlen: 24
109.70.141.0/24 maxlen: 24
193.26.222.0/24 maxlen: 24
31.193.168.0/21 maxlen: 21
31.193.170.0/24 maxlen: 24
85.13.192.0/24 maxlen: 24
185.101.80.0/23 maxlen: 23
185.101.80.0/22 maxlen: 24
185.101.83.0/24 maxlen: 24
85.13.192.0/18 maxlen: 18
89.187.64.0/19 maxlen: 19
85.13.199.0/24 maxlen: 24
85.13.208.0/24 maxlen: 24
89.187.72.0/24 maxlen: 24
85.13.209.0/24 maxlen: 24
89.187.78.0/24 maxlen: 24
89.187.85.0/24 maxlen: 24
89.187.80.0/24 maxlen: 24
89.187.81.0/24 maxlen: 24
85.13.214.0/24 maxlen: 24
89.187.79.0/24 maxlen: 24
89.187.84.0/24 maxlen: 24
85.13.216.0/24 maxlen: 24
85.13.222.0/24 maxlen: 24
89.187.86.0/24 maxlen: 24
89.187.91.0/24 maxlen: 24
62.197.44.0/24 maxlen: 24
62.197.44.0/23 maxlen: 23
62.197.40.0/23 maxlen: 23
62.197.50.0/23 maxlen: 23
83.142.28.0/24 maxlen: 24
83.142.29.0/24 maxlen: 24
89.187.95.0/24 maxlen: 24
85.13.228.0/24 maxlen: 24
89.187.93.0/24 maxlen: 24
85.13.230.0/24 maxlen: 24
85.13.234.0/24 maxlen: 24
85.13.247.0/24 maxlen: 24
83.142.24.0/21 maxlen: 21
2a01:c0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:2f:fd:37:ab:b6:b4:78:4c:57:be:65:ea:3b:01:4b:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53b62ace615b906b42ab27f4fb1d203df36d5436
Validity
Not Before: Feb 8 07:46:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=17ad6270190102c5b41f46a59c116861eeeb8d2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:16:a8:ab:2b:8d:b8:8d:9c:81:54:1e:eb:f9:
49:6a:87:c1:3d:a4:bd:9b:4d:cc:ae:9f:5b:81:05:
48:db:fd:2c:db:71:a0:9e:e8:48:cb:d6:8d:5d:3b:
2f:d9:ad:c5:ae:f5:5f:da:72:b2:f9:b8:07:e0:b3:
db:22:5a:45:07:1e:72:99:aa:a2:44:57:85:7d:93:
e1:b2:5a:b0:29:45:05:d9:48:2f:9b:b9:ec:d4:90:
3b:6a:14:b0:88:0f:bf:a7:1d:99:ca:47:a0:d6:4c:
97:c8:49:c6:72:46:a6:36:95:60:3d:71:c8:70:4c:
78:7a:05:8a:64:dd:b8:68:8e:0f:0e:b2:61:c5:fc:
1e:bc:81:78:9f:45:00:ab:05:29:30:0c:d8:92:3f:
d0:4f:28:69:f8:31:2f:6b:22:9d:4c:ca:df:8e:1e:
55:a0:e6:a4:43:33:8f:af:fe:6f:f2:a4:80:4c:94:
56:d8:63:d4:4e:b2:0b:9a:8e:f9:8a:b6:a5:c5:17:
d6:df:3a:2a:d1:5a:ad:5a:62:97:b7:87:5c:a7:96:
9d:cd:96:d3:af:5f:35:b8:5c:03:07:79:b3:f0:02:
b4:a1:81:03:48:2b:9d:d3:37:b0:75:4c:11:0c:17:
d2:41:a7:67:48:f4:67:96:bd:0f:db:04:e1:1c:aa:
ed:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:AD:62:70:19:01:02:C5:B4:1F:46:A5:9C:11:68:61:EE:EB:8D:2A
X509v3 Authority Key Identifier:
keyid:53:B6:2A:CE:61:5B:90:6B:42:AB:27:F4:FB:1D:20:3D:F3:6D:54:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U7YqzmFbkGtCqyf0-x0gPfNtVDY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/F61icBkBAsW0H0alnBFoYe7rjSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/U7YqzmFbkGtCqyf0-x0gPfNtVDY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.168.0/21
62.197.40.0/23
62.197.44.0/23
62.197.50.0/23
83.142.24.0/21
85.13.192.0/18
89.187.64.0/19
109.70.136.0/21
185.101.80.0/22
193.26.222.0/24
IPv6:
2a01:c0::/32
Signature Algorithm: sha256WithRSAEncryption
10:2b:7b:dd:cc:a3:da:5d:25:cc:be:fc:b5:a9:e4:68:2f:f5:
df:a8:b0:c2:2d:f7:ad:dc:91:b2:b8:44:75:af:28:a6:66:d5:
77:25:9b:a6:da:83:3e:68:05:fb:98:18:03:40:ba:0b:e2:fd:
ac:d4:1e:04:f4:01:19:7c:96:8a:3d:41:19:06:4e:58:16:74:
63:79:1f:03:ed:6d:f1:3f:5b:16:06:bc:71:93:76:55:57:ff:
92:df:c4:d4:0c:43:37:9b:9d:31:59:a0:0f:7f:1e:20:b6:10:
25:b5:55:1e:1c:98:1c:51:1b:92:c4:38:4e:36:16:0f:26:a3:
69:b9:8a:50:2f:9b:d9:f1:57:41:8f:f5:d3:0f:42:27:ff:4f:
b1:10:fd:35:ea:55:b4:80:fb:62:f8:eb:5c:d0:c8:1b:57:9d:
38:50:4c:e3:74:f5:97:72:fc:0b:53:04:d5:8d:a7:d0:0c:c1:
91:82:a0:5d:1a:5e:fe:df:ea:68:3e:0b:5f:d3:f8:dc:8b:81:
5d:c6:9d:93:0c:e6:d9:49:29:aa:b7:da:4f:c5:57:7a:e0:ab:
06:b6:9b:48:91:54:2d:49:b6:50:f4:de:2d:c8:ff:83:87:22:
a5:0f:97:e9:6f:a8:99:32:01:b7:3b:16:e8:50:a2:35:b4:f3:
a9:36:36:77
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYYv/TertrR4TFe+Zeo7AUufMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYjYyYWNlNjE1YjkwNmI0MmFiMjdmNGZiMWQyMDNkZjM2
ZDU0MzYwHhcNMjMwMjA4MDc0NjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2FkNjI3MDE5MDEwMmM1YjQxZjQ2YTU5YzExNjg2MWVlZWI4ZDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxaoqyuNuI2cgVQe6/lJaofBPaS9
m03Mrp9bgQVI2/0s23GgnuhIy9aNXTsv2a3FrvVf2nKy+bgH4LPbIlpFBx5ymaqi
RFeFfZPhslqwKUUF2Ugvm7ns1JA7ahSwiA+/px2Zykeg1kyXyEnGckamNpVgPXHI
cEx4egWKZN24aI4PDrJhxfwevIF4n0UAqwUpMAzYkj/QTyhp+DEvayKdTMrfjh5V
oOakQzOPr/5v8qSATJRW2GPUTrILmo75iralxRfW3zoq0VqtWmKXt4dcp5adzZbT
r181uFwDB3mz8AK0oYEDSCud0zewdUwRDBfSQadnSPRnlr0P2wThHKrtkQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFBetYnAZAQLFtB9GpZwRaGHu640qMB8GA1UdIwQY
MBaAFFO2Ks5hW5BrQqsn9PsdID3zbVQ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTdZcXptRmJrR3RDcXlmMC14MGdQZk50VkRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC84YjA3Y2QtMGNlZC00YWZjLThkMDIt
OTcyYTRjM2RjM2YzLzEvRjYxaWNCa0JBc1cwSDBhbG5CRm9ZZTdyalNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC84YjA3Y2QtMGNlZC00YWZjLThkMDItOTcyYTRjM2RjM2Yz
LzEvVTdZcXptRmJrR3RDcXlmMC14MGdQZk50VkRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQDH8GoAwQB
PsUoAwQBPsUsAwQBPsUyAwQDU44YAwQGVQ3AAwQFWbtAAwQDbUaIAwQCuWVQAwQA
wRreMA0EAgACMAcDBQAqAQDAMA0GCSqGSIb3DQEBCwUAA4IBAQAQK3vdzKPaXSXM
vvy1qeRoL/XfqLDCLfet3JGyuER1ryimZtV3JZum2oM+aAX7mBgDQLoL4v2s1B4E
9AEZfJaKPUEZBk5YFnRjeR8D7W3xP1sWBrxxk3ZVV/+S38TUDEM3m50xWaAPfx4g
thAltVUeHJgcURuSxDhONhYPJqNpuYpQL5vZ8VdBj/XTD0In/0+xEP016lW0gPti
+Otc0MgbV504UEzjdPWXcvwLUwTVjafQDMGRgqBdGl7+3+poPgtf0/jci4Fdxp2T
DObZSSmqt9pPxVd64KsGtptIkVQtSbZQ9N4tyP+DhyKlD5fpb6iZMgG3OxboUKI1
tPOpNjZ3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:15 2024 by rpki-client on console-ams.rpki-client.org