Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/GnMDInapRecweqH4gq-osn2UjCY.roa
File: GnMDInapRecweqH4gq-osn2UjCY.roa (raw, json)
Hash identifier: /Dqa35DYnreEJctzBgQegsONI2GPYE3Y7/qbJBzo4pM=
Subject key identifier: 1A:73:03:22:76:A9:45:E7:30:7A:A1:F8:82:AF:A8:B2:7D:94:8C:26
Certificate issuer: /CN=53b62ace615b906b42ab27f4fb1d203df36d5436
Certificate serial: 0AC31225
Authority key identifier: 53:B6:2A:CE:61:5B:90:6B:42:AB:27:F4:FB:1D:20:3D:F3:6D:54:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U7YqzmFbkGtCqyf0-x0gPfNtVDY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/GnMDInapRecweqH4gq-osn2UjCY.roa
Signing time: Tue 05 Apr 2022 02:24:07 +0000
ROA not before: Tue 05 Apr 2022 02:24:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31708
IP address blocks: 185.96.220.0/22 maxlen: 22
109.70.136.0/21 maxlen: 21
109.70.143.0/24 maxlen: 24
109.70.141.0/24 maxlen: 24
145.255.224.0/21 maxlen: 21
145.255.231.0/24 maxlen: 24
145.255.230.0/24 maxlen: 24
145.255.230.0/23 maxlen: 23
193.26.222.0/24 maxlen: 24
31.193.168.0/21 maxlen: 21
31.193.170.0/24 maxlen: 24
86.105.196.0/24 maxlen: 24
85.13.192.0/24 maxlen: 24
85.13.192.0/18 maxlen: 18
89.187.64.0/19 maxlen: 19
85.13.199.0/24 maxlen: 24
85.13.208.0/24 maxlen: 24
89.187.72.0/24 maxlen: 24
85.13.209.0/24 maxlen: 24
89.187.78.0/24 maxlen: 24
89.187.85.0/24 maxlen: 24
89.187.80.0/24 maxlen: 24
89.187.81.0/24 maxlen: 24
85.13.214.0/24 maxlen: 24
89.187.79.0/24 maxlen: 24
89.187.84.0/24 maxlen: 24
85.13.216.0/24 maxlen: 24
85.13.222.0/24 maxlen: 24
89.187.86.0/24 maxlen: 24
89.187.91.0/24 maxlen: 24
62.197.32.0/19 maxlen: 19
62.197.44.0/24 maxlen: 24
83.142.28.0/24 maxlen: 24
83.142.29.0/24 maxlen: 24
89.187.95.0/24 maxlen: 24
85.13.228.0/24 maxlen: 24
89.187.93.0/24 maxlen: 24
85.13.230.0/24 maxlen: 24
85.13.234.0/24 maxlen: 24
85.13.247.0/24 maxlen: 24
83.142.24.0/21 maxlen: 21
2a01:c0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 180556325 (0xac31225)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53b62ace615b906b42ab27f4fb1d203df36d5436
Validity
Not Before: Apr 5 02:24:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1a73032276a945e7307aa1f882afa8b27d948c26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:f6:1e:a5:7b:14:f0:d8:b6:80:5a:3f:cf:3b:
02:49:57:d0:35:96:52:e2:fe:b4:41:87:44:64:3d:
b9:50:2c:a8:26:76:bf:8f:77:4f:f7:ec:89:65:b0:
02:8e:d3:34:e3:62:b4:5a:d6:31:2c:19:64:ee:cb:
4b:43:1b:ab:a1:5f:32:48:f7:3d:7a:a4:8c:7b:5b:
08:00:d4:c3:83:d9:42:4a:57:ad:e7:2d:e9:ed:41:
96:44:71:9b:4f:4a:ce:da:1a:fc:2a:a6:54:6f:11:
04:20:b1:18:a3:0f:c1:46:3d:4f:5e:fe:ba:df:89:
f0:54:8b:b8:f8:7d:02:a2:b3:91:01:05:d9:20:1c:
56:30:de:04:7b:82:a8:02:10:48:7f:21:13:74:91:
39:69:de:67:63:21:53:86:bc:7c:6f:fa:6a:91:27:
ec:26:43:4e:05:4e:c3:b0:d1:b5:f5:4a:59:c1:d9:
b3:ed:61:4c:ef:20:01:24:ef:78:72:39:bb:63:ba:
7e:7d:f6:95:95:79:c5:bc:41:d7:a8:e8:a3:f3:13:
ef:aa:9b:69:1b:d2:59:c6:ec:58:58:75:88:25:fb:
a8:55:da:b2:3b:f2:f6:7a:e9:43:8c:6b:f2:a0:49:
df:79:64:d8:b5:21:5f:af:01:16:ae:ca:e2:fa:42:
f9:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:73:03:22:76:A9:45:E7:30:7A:A1:F8:82:AF:A8:B2:7D:94:8C:26
X509v3 Authority Key Identifier:
keyid:53:B6:2A:CE:61:5B:90:6B:42:AB:27:F4:FB:1D:20:3D:F3:6D:54:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U7YqzmFbkGtCqyf0-x0gPfNtVDY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/GnMDInapRecweqH4gq-osn2UjCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/U7YqzmFbkGtCqyf0-x0gPfNtVDY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.168.0/21
62.197.32.0/19
83.142.24.0/21
85.13.192.0/18
86.105.196.0/24
89.187.64.0/19
109.70.136.0/21
145.255.224.0/21
185.96.220.0/22
193.26.222.0/24
IPv6:
2a01:c0::/32
Signature Algorithm: sha256WithRSAEncryption
79:9a:36:22:12:d1:44:ed:85:99:71:b9:a9:a6:a0:c9:5e:2a:
16:57:a9:69:46:e0:c1:26:ea:60:47:3b:0b:4e:2e:7b:b0:19:
11:75:4d:2f:70:af:4d:7c:39:9d:aa:72:24:76:5b:a5:cf:7b:
f5:4f:ad:57:04:b2:f6:36:03:e0:a0:bf:b1:a1:5c:6d:eb:ed:
f0:dc:58:05:94:4b:28:bb:f2:5d:9f:64:18:1c:b9:ef:52:f3:
09:cf:f2:aa:26:85:cc:ee:6a:de:94:80:dc:cc:79:79:8d:b5:
55:42:07:54:a1:0a:21:ba:a2:ea:67:6d:e7:98:e5:3f:fd:7f:
7d:d3:6d:ff:08:cb:2b:40:41:49:e7:04:18:dc:17:40:d7:dc:
a2:8a:e8:a8:e0:76:69:cd:d1:d0:c4:7a:92:62:c0:0c:f1:b8:
f1:9a:6c:a9:9d:a2:47:49:f0:c9:eb:a9:f9:15:41:f1:22:c6:
54:21:97:31:8e:6b:2e:73:ba:8d:90:7f:9b:00:7a:59:37:91:
44:e3:8c:92:94:e4:9a:cf:c4:e4:ac:e0:63:b6:bc:70:a1:da:
4e:93:4b:24:c3:56:b0:09:9f:73:89:5b:72:08:14:32:44:00:
4e:14:36:b7:09:f9:78:84:7a:26:fc:48:c9:81:8b:cd:df:76:
ad:c1:51:1b
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIECsMSJTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
M2I2MmFjZTYxNWI5MDZiNDJhYjI3ZjRmYjFkMjAzZGYzNmQ1NDM2MB4XDTIyMDQw
NTAyMjQwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWE3MzAzMjI3NmE5
NDVlNzMwN2FhMWY4ODJhZmE4YjI3ZDk0OGMyNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANn2HqV7FPDYtoBaP887AklX0DWWUuL+tEGHRGQ9uVAsqCZ2
v493T/fsiWWwAo7TNONitFrWMSwZZO7LS0Mbq6FfMkj3PXqkjHtbCADUw4PZQkpX
rect6e1BlkRxm09Kztoa/CqmVG8RBCCxGKMPwUY9T17+ut+J8FSLuPh9AqKzkQEF
2SAcVjDeBHuCqAIQSH8hE3SROWneZ2MhU4a8fG/6apEn7CZDTgVOw7DRtfVKWcHZ
s+1hTO8gASTveHI5u2O6fn32lZV5xbxB16joo/MT76qbaRvSWcbsWFh1iCX7qFXa
sjvy9nrpQ4xr8qBJ33lk2LUhX68BFq7K4vpC+Y0CAwEAAaOCAk4wggJKMB0GA1Ud
DgQWBBQacwMidqlF5zB6ofiCr6iyfZSMJjAfBgNVHSMEGDAWgBRTtirOYVuQa0Kr
J/T7HSA9821UNjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1U3WXF6bUZia0d0Q3F5ZjAteDBnUGZOdFZEWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWQvOGIwN2NkLTBjZWQtNGFmYy04ZDAyLTk3MmE0YzNkYzNmMy8x
L0duTURJbmFwUmVjd2VxSDRncS1vc24yVWpDWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWQv
OGIwN2NkLTBjZWQtNGFmYy04ZDAyLTk3MmE0YzNkYzNmMy8xL1U3WXF6bUZia0d0
Q3F5ZjAteDBnUGZOdFZEWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBk
BggrBgEFBQcBBwEB/wRVMFMwQgQCAAEwPAMEAx/BqAMEBT7FIAMEA1OOGAMEBlUN
wAMEAFZpxAMEBVm7QAMEA21GiAMEA5H/4AMEArlg3AMEAMEa3jANBAIAAjAHAwUA
KgEAwDANBgkqhkiG9w0BAQsFAAOCAQEAeZo2IhLRRO2FmXG5qaagyV4qFlepaUbg
wSbqYEc7C04ue7AZEXVNL3CvTXw5napyJHZbpc979U+tVwSy9jYD4KC/saFcbevt
8NxYBZRLKLvyXZ9kGBy571LzCc/yqiaFzO5q3pSA3Mx5eY21VUIHVKEKIbqi6mdt
55jlP/1/fdNt/wjLK0BBSecEGNwXQNfcooroqOB2ac3R0MR6kmLADPG48ZpsqZ2i
R0nwyeup+RVB8SLGVCGXMY5rLnO6jZB/mwB6WTeRROOMkpTkms/E5KzgY7a8cKHa
TpNLJMNWsAmfc4lbcggUMkQAThQ2twn5eIR6JvxIyYGLzd92rcFRGw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:57 2024 by rpki-client on console-fra.rpki-client.org