Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/HgYm993JreyaAbKI3-egjVq9Szw.roa
File: HgYm993JreyaAbKI3-egjVq9Szw.roa (raw, json)
Hash identifier: +VKYafioNnGJglxiz/Vsm2rETU20qQgk63Sz5FbVpuc=
Subject key identifier: 1E:06:26:F7:DD:C9:AD:EC:9A:01:B2:88:DF:E7:A0:8D:5A:BD:4B:3C
Certificate issuer: /CN=53b62ace615b906b42ab27f4fb1d203df36d5436
Certificate serial: 01847A670B7C05E285D07FAA3AB8715A9BC7
Authority key identifier: 53:B6:2A:CE:61:5B:90:6B:42:AB:27:F4:FB:1D:20:3D:F3:6D:54:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U7YqzmFbkGtCqyf0-x0gPfNtVDY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/HgYm993JreyaAbKI3-egjVq9Szw.roa
Signing time: Tue 15 Nov 2022 08:28:04 +0000
ROA not before: Tue 15 Nov 2022 08:28:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31708
IP address blocks: 109.70.136.0/21 maxlen: 21
109.70.143.0/24 maxlen: 24
109.70.141.0/24 maxlen: 24
145.255.224.0/22 maxlen: 22
145.255.224.0/21 maxlen: 21
145.255.231.0/24 maxlen: 24
145.255.230.0/23 maxlen: 23
145.255.230.0/24 maxlen: 24
193.26.222.0/24 maxlen: 24
31.193.168.0/21 maxlen: 21
31.193.170.0/24 maxlen: 24
85.13.192.0/24 maxlen: 24
185.101.80.0/23 maxlen: 23
185.101.80.0/22 maxlen: 24
185.101.83.0/24 maxlen: 24
85.13.192.0/18 maxlen: 18
89.187.64.0/19 maxlen: 19
85.13.199.0/24 maxlen: 24
85.13.208.0/24 maxlen: 24
89.187.72.0/24 maxlen: 24
85.13.209.0/24 maxlen: 24
89.187.78.0/24 maxlen: 24
89.187.85.0/24 maxlen: 24
89.187.80.0/24 maxlen: 24
89.187.81.0/24 maxlen: 24
85.13.214.0/24 maxlen: 24
89.187.79.0/24 maxlen: 24
89.187.84.0/24 maxlen: 24
85.13.216.0/24 maxlen: 24
85.13.222.0/24 maxlen: 24
89.187.86.0/24 maxlen: 24
89.187.91.0/24 maxlen: 24
62.197.44.0/24 maxlen: 24
62.197.44.0/23 maxlen: 23
62.197.40.0/23 maxlen: 23
62.197.50.0/23 maxlen: 23
83.142.28.0/24 maxlen: 24
83.142.29.0/24 maxlen: 24
89.187.95.0/24 maxlen: 24
85.13.228.0/24 maxlen: 24
89.187.93.0/24 maxlen: 24
85.13.230.0/24 maxlen: 24
85.13.234.0/24 maxlen: 24
85.13.247.0/24 maxlen: 24
83.142.24.0/21 maxlen: 21
2a01:c0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7a:67:0b:7c:05:e2:85:d0:7f:aa:3a:b8:71:5a:9b:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53b62ace615b906b42ab27f4fb1d203df36d5436
Validity
Not Before: Nov 15 08:28:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1e0626f7ddc9adec9a01b288dfe7a08d5abd4b3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:2f:69:f2:28:30:31:86:04:9d:d5:9d:d9:da:
12:7e:4c:f8:96:f7:c6:84:47:c9:26:37:de:30:f2:
15:49:b1:74:53:f3:c6:bf:9e:d1:57:ac:d5:6f:a8:
e7:ae:93:e3:8d:ae:1e:8c:8c:71:df:06:7f:9b:3d:
9b:c9:fb:a9:6d:5c:09:48:25:d4:f9:c8:d1:2e:28:
83:7d:8a:97:f0:4e:a3:31:47:56:39:d3:7d:fa:cc:
a1:94:5f:33:5a:42:c2:01:73:54:3b:97:f5:a7:1d:
95:53:47:1e:1d:52:c4:ee:8c:98:16:26:96:45:40:
cc:b3:3a:0e:58:00:fd:8e:88:92:b5:58:2c:35:4b:
e6:b7:0c:2b:3e:cb:13:a4:87:e9:c3:1d:fd:09:a1:
f1:9a:c6:35:0e:8a:a4:b5:0c:f3:12:4f:35:bd:c7:
be:1f:6f:24:27:3e:5d:28:87:3f:ed:e3:a3:25:26:
05:ec:f9:5f:34:62:bc:a4:8e:2f:58:42:f5:ad:77:
af:53:48:b6:ee:90:0e:58:79:5b:d6:64:85:72:7b:
46:e9:e6:f2:6a:6d:57:5c:52:b0:1f:a2:40:cc:3e:
d0:a6:67:2d:7c:71:3d:21:4c:65:4a:c7:5b:b8:01:
cf:23:d0:60:ca:13:33:52:76:5c:5d:52:07:4c:2c:
fe:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:06:26:F7:DD:C9:AD:EC:9A:01:B2:88:DF:E7:A0:8D:5A:BD:4B:3C
X509v3 Authority Key Identifier:
keyid:53:B6:2A:CE:61:5B:90:6B:42:AB:27:F4:FB:1D:20:3D:F3:6D:54:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U7YqzmFbkGtCqyf0-x0gPfNtVDY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/HgYm993JreyaAbKI3-egjVq9Szw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/U7YqzmFbkGtCqyf0-x0gPfNtVDY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.168.0/21
62.197.40.0/23
62.197.44.0/23
62.197.50.0/23
83.142.24.0/21
85.13.192.0/18
89.187.64.0/19
109.70.136.0/21
145.255.224.0/21
185.101.80.0/22
193.26.222.0/24
IPv6:
2a01:c0::/32
Signature Algorithm: sha256WithRSAEncryption
90:c8:6f:08:7d:72:f7:b1:30:a0:80:17:3f:e4:1d:94:9f:eb:
42:05:c5:b8:7a:28:24:8e:81:62:6c:a4:86:68:c9:01:19:28:
14:9d:cb:8f:df:a3:fe:f0:b8:f8:68:d2:45:58:7f:15:79:9b:
69:58:49:33:1b:2c:19:52:1c:7c:6f:4d:2b:e9:ba:3f:c6:7f:
52:33:b9:a1:69:6b:bf:8f:96:68:12:07:f1:db:27:f2:d3:9d:
8f:10:27:ea:5d:6a:0a:f7:61:a4:fa:b0:ae:85:a6:08:93:9d:
0c:4d:66:a3:4b:fc:d9:67:6f:5f:9c:a5:67:ee:8c:50:d1:d7:
af:09:57:d2:db:76:e1:68:ad:de:71:98:e8:1c:9e:aa:5c:54:
7f:8f:42:0e:88:ce:35:2f:c7:26:3d:36:b0:8c:35:b7:84:92:
e7:35:f9:22:81:a1:bd:14:56:94:53:37:61:fa:24:d1:ed:3b:
ee:8c:6f:8d:b9:d3:5e:8f:e3:f3:bf:1d:1c:e2:db:a4:6d:77:
dc:6b:3b:50:8f:f6:ff:c2:ba:dd:69:89:24:c1:b1:c4:44:1a:
0b:15:ec:0a:49:33:7a:a6:d6:f9:f3:5b:a5:66:3b:09:0e:e1:
95:ea:71:1a:9e:a3:4f:53:f7:db:46:ca:e0:47:26:93:80:50:
ad:42:5d:30
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAYR6Zwt8BeKF0H+qOrhxWpvHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYjYyYWNlNjE1YjkwNmI0MmFiMjdmNGZiMWQyMDNkZjM2
ZDU0MzYwHhcNMjIxMTE1MDgyODA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTA2MjZmN2RkYzlhZGVjOWEwMWIyODhkZmU3YTA4ZDVhYmQ0YjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhy9p8igwMYYEndWd2doSfkz4lvfG
hEfJJjfeMPIVSbF0U/PGv57RV6zVb6jnrpPjja4ejIxx3wZ/mz2byfupbVwJSCXU
+cjRLiiDfYqX8E6jMUdWOdN9+syhlF8zWkLCAXNUO5f1px2VU0ceHVLE7oyYFiaW
RUDMszoOWAD9joiStVgsNUvmtwwrPssTpIfpwx39CaHxmsY1DoqktQzzEk81vce+
H28kJz5dKIc/7eOjJSYF7PlfNGK8pI4vWEL1rXevU0i27pAOWHlb1mSFcntG6eby
am1XXFKwH6JAzD7QpmctfHE9IUxlSsdbuAHPI9BgyhMzUnZcXVIHTCz+swIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFB4GJvfdya3smgGyiN/noI1avUs8MB8GA1UdIwQY
MBaAFFO2Ks5hW5BrQqsn9PsdID3zbVQ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTdZcXptRmJrR3RDcXlmMC14MGdQZk50VkRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC84YjA3Y2QtMGNlZC00YWZjLThkMDIt
OTcyYTRjM2RjM2YzLzEvSGdZbTk5M0pyZXlhQWJLSTMtZWdqVnE5U3p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC84YjA3Y2QtMGNlZC00YWZjLThkMDItOTcyYTRjM2RjM2Yz
LzEvVTdZcXptRmJrR3RDcXlmMC14MGdQZk50VkRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQDH8GoAwQB
PsUoAwQBPsUsAwQBPsUyAwQDU44YAwQGVQ3AAwQFWbtAAwQDbUaIAwQDkf/gAwQC
uWVQAwQAwRreMA0EAgACMAcDBQAqAQDAMA0GCSqGSIb3DQEBCwUAA4IBAQCQyG8I
fXL3sTCggBc/5B2Un+tCBcW4eigkjoFibKSGaMkBGSgUncuP36P+8Lj4aNJFWH8V
eZtpWEkzGywZUhx8b00r6bo/xn9SM7mhaWu/j5ZoEgfx2yfy052PECfqXWoK92Gk
+rCuhaYIk50MTWajS/zZZ29fnKVn7oxQ0devCVfS23bhaK3ecZjoHJ6qXFR/j0IO
iM41L8cmPTawjDW3hJLnNfkigaG9FFaUUzdh+iTR7TvujG+NudNej+Pzvx0c4tuk
bXfcaztQj/b/wrrdaYkkwbHERBoLFewKSTN6ptb581ulZjsJDuGV6nEanqNPU/fb
RsrgRyaTgFCtQl0w
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:57 2024 by rpki-client on console-fra.rpki-client.org