Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/jEqxWobfS5AlVl69AM5pbcJeBV8.roa
File: jEqxWobfS5AlVl69AM5pbcJeBV8.roa (raw, json)
Hash identifier: 3BAv04skUqQXlETZj7U57fSDYwljMKBoyyxDnJXoSXI=
Subject key identifier: 8C:4A:B1:5A:86:DF:4B:90:25:56:5E:BD:00:CE:69:6D:C2:5E:05:5F
Certificate issuer: /CN=53b62ace615b906b42ab27f4fb1d203df36d5436
Certificate serial: 09E20ED5
Authority key identifier: 53:B6:2A:CE:61:5B:90:6B:42:AB:27:F4:FB:1D:20:3D:F3:6D:54:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U7YqzmFbkGtCqyf0-x0gPfNtVDY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/jEqxWobfS5AlVl69AM5pbcJeBV8.roa
Signing time: Sat 01 Jan 2022 09:01:19 +0000
ROA not before: Sat 01 Jan 2022 09:01:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31708
IP address blocks: 185.96.220.0/22 maxlen: 22
109.70.136.0/21 maxlen: 21
109.70.143.0/24 maxlen: 24
109.70.141.0/24 maxlen: 24
145.255.224.0/21 maxlen: 21
145.255.231.0/24 maxlen: 24
145.255.230.0/23 maxlen: 23
145.255.230.0/24 maxlen: 24
193.26.222.0/24 maxlen: 24
31.193.168.0/21 maxlen: 21
31.193.170.0/24 maxlen: 24
86.105.196.0/24 maxlen: 24
85.13.192.0/24 maxlen: 24
85.13.192.0/18 maxlen: 18
89.187.64.0/19 maxlen: 19
85.13.199.0/24 maxlen: 24
85.13.208.0/24 maxlen: 24
89.187.72.0/24 maxlen: 24
85.13.209.0/24 maxlen: 24
89.187.78.0/24 maxlen: 24
89.187.85.0/24 maxlen: 24
89.187.80.0/24 maxlen: 24
89.187.81.0/24 maxlen: 24
85.13.214.0/24 maxlen: 24
89.187.79.0/24 maxlen: 24
89.187.84.0/24 maxlen: 24
85.13.216.0/24 maxlen: 24
89.187.86.0/24 maxlen: 24
89.187.91.0/24 maxlen: 24
62.197.32.0/19 maxlen: 19
62.197.44.0/24 maxlen: 24
83.142.28.0/24 maxlen: 24
83.142.29.0/24 maxlen: 24
89.187.95.0/24 maxlen: 24
85.13.228.0/24 maxlen: 24
89.187.93.0/24 maxlen: 24
85.13.230.0/24 maxlen: 24
85.13.234.0/24 maxlen: 24
85.13.247.0/24 maxlen: 24
83.142.24.0/21 maxlen: 21
2a01:c0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 165809877 (0x9e20ed5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53b62ace615b906b42ab27f4fb1d203df36d5436
Validity
Not Before: Jan 1 09:01:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8c4ab15a86df4b9025565ebd00ce696dc25e055f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:4d:0f:e9:8b:1d:24:2d:06:fa:79:74:6c:63:
9f:fb:90:5f:03:3b:dd:61:b8:bf:b5:6e:5a:a8:34:
e3:af:25:a2:98:ca:f8:c3:64:f7:c3:d4:f5:63:cb:
21:61:b4:f1:1b:3e:f9:d7:46:bb:71:c4:82:85:73:
6d:58:d7:8b:04:85:fb:59:7e:a6:9b:d3:80:fd:d0:
21:0b:fd:fe:81:98:46:07:ff:5a:fd:1c:f6:74:9e:
6c:97:da:9a:8f:0b:e9:75:a5:63:83:77:2a:b7:b3:
09:7d:37:04:49:16:0e:c9:ce:17:11:8d:af:06:7e:
24:3a:5e:46:65:c5:be:be:6f:9f:75:0e:61:17:77:
00:30:be:b5:5e:80:7b:25:46:61:73:c8:33:c0:c9:
d8:b5:0a:8b:30:e1:ec:21:6e:97:10:2b:48:db:b5:
1d:22:67:f1:21:a2:2f:7a:48:d4:63:a1:52:11:7f:
62:35:a1:91:6b:9e:67:1c:2e:b0:de:94:19:d3:10:
e4:ab:e1:13:70:a6:b8:b4:51:8e:65:62:29:27:4e:
8c:80:3f:b5:58:30:e4:26:1a:95:5e:a3:3f:ea:50:
33:53:01:a2:e9:64:e3:05:2d:91:2b:5a:92:7c:f4:
ad:b3:6d:4d:99:21:e3:fb:ba:b7:b7:3e:cc:0d:a1:
2a:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:4A:B1:5A:86:DF:4B:90:25:56:5E:BD:00:CE:69:6D:C2:5E:05:5F
X509v3 Authority Key Identifier:
keyid:53:B6:2A:CE:61:5B:90:6B:42:AB:27:F4:FB:1D:20:3D:F3:6D:54:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U7YqzmFbkGtCqyf0-x0gPfNtVDY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/jEqxWobfS5AlVl69AM5pbcJeBV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/U7YqzmFbkGtCqyf0-x0gPfNtVDY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.168.0/21
62.197.32.0/19
83.142.24.0/21
85.13.192.0/18
86.105.196.0/24
89.187.64.0/19
109.70.136.0/21
145.255.224.0/21
185.96.220.0/22
193.26.222.0/24
IPv6:
2a01:c0::/32
Signature Algorithm: sha256WithRSAEncryption
aa:b7:fe:9a:d3:5e:5e:26:9b:46:d5:57:53:42:61:df:79:5b:
03:52:24:80:45:61:58:41:ca:48:42:fa:f1:88:1f:85:7f:99:
7a:0c:7f:ae:b9:55:76:f5:b3:8b:3a:94:f8:8a:27:c8:2a:89:
f6:63:65:a5:1d:eb:01:53:53:2d:52:e0:ad:c8:dc:dd:ce:dc:
4e:cb:80:1c:d0:74:fe:3a:ea:a2:6e:70:5a:fd:fd:4b:69:aa:
a1:0a:bc:32:9e:88:0d:f3:e1:fb:ab:34:19:49:e0:e9:33:8d:
28:b0:74:aa:a7:e2:d9:21:60:32:d3:55:e4:51:89:8e:83:49:
eb:5a:1a:08:c9:9d:00:45:3e:f6:8d:42:48:cb:c6:44:2a:ab:
d5:04:ea:e0:1e:93:9c:a2:89:cb:ec:8c:cf:ac:68:af:1d:94:
79:19:13:a2:a1:d7:64:b6:3f:37:e6:bd:62:c5:5c:9e:49:8a:
02:99:bf:5e:91:76:1c:72:46:26:42:38:93:88:39:91:0f:96:
28:78:35:a8:ef:0e:67:2e:3c:c9:03:59:3f:d8:a3:06:d0:ed:
58:08:90:9f:40:8a:9e:5b:28:54:84:46:1d:53:ec:9b:d6:9c:
91:ee:94:c2:b9:9b:d1:77:96:63:15:c0:75:b0:38:b2:a5:32:
10:c3:37:a0
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIECeIO1TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
M2I2MmFjZTYxNWI5MDZiNDJhYjI3ZjRmYjFkMjAzZGYzNmQ1NDM2MB4XDTIyMDEw
MTA5MDExOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGM0YWIxNWE4NmRm
NGI5MDI1NTY1ZWJkMDBjZTY5NmRjMjVlMDU1ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKNND+mLHSQtBvp5dGxjn/uQXwM73WG4v7VuWqg0468lopjK
+MNk98PU9WPLIWG08Rs++ddGu3HEgoVzbVjXiwSF+1l+ppvTgP3QIQv9/oGYRgf/
Wv0c9nSebJfamo8L6XWlY4N3KrezCX03BEkWDsnOFxGNrwZ+JDpeRmXFvr5vn3UO
YRd3ADC+tV6AeyVGYXPIM8DJ2LUKizDh7CFulxArSNu1HSJn8SGiL3pI1GOhUhF/
YjWhkWueZxwusN6UGdMQ5KvhE3CmuLRRjmViKSdOjIA/tVgw5CYalV6jP+pQM1MB
oulk4wUtkStaknz0rbNtTZkh4/u6t7c+zA2hKpsCAwEAAaOCAk4wggJKMB0GA1Ud
DgQWBBSMSrFaht9LkCVWXr0Azmltwl4FXzAfBgNVHSMEGDAWgBRTtirOYVuQa0Kr
J/T7HSA9821UNjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1U3WXF6bUZia0d0Q3F5ZjAteDBnUGZOdFZEWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWQvOGIwN2NkLTBjZWQtNGFmYy04ZDAyLTk3MmE0YzNkYzNmMy8x
L2pFcXhXb2JmUzVBbFZsNjlBTTVwYmNKZUJWOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWQv
OGIwN2NkLTBjZWQtNGFmYy04ZDAyLTk3MmE0YzNkYzNmMy8xL1U3WXF6bUZia0d0
Q3F5ZjAteDBnUGZOdFZEWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBk
BggrBgEFBQcBBwEB/wRVMFMwQgQCAAEwPAMEAx/BqAMEBT7FIAMEA1OOGAMEBlUN
wAMEAFZpxAMEBVm7QAMEA21GiAMEA5H/4AMEArlg3AMEAMEa3jANBAIAAjAHAwUA
KgEAwDANBgkqhkiG9w0BAQsFAAOCAQEAqrf+mtNeXiabRtVXU0Jh33lbA1IkgEVh
WEHKSEL68YgfhX+Zegx/rrlVdvWzizqU+IonyCqJ9mNlpR3rAVNTLVLgrcjc3c7c
TsuAHNB0/jrqom5wWv39S2mqoQq8Mp6IDfPh+6s0GUng6TONKLB0qqfi2SFgMtNV
5FGJjoNJ61oaCMmdAEU+9o1CSMvGRCqr1QTq4B6TnKKJy+yMz6xorx2UeRkToqHX
ZLY/N+a9YsVcnkmKApm/XpF2HHJGJkI4k4g5kQ+WKHg1qO8OZy48yQNZP9ijBtDt
WAiQn0CKnlsoVIRGHVPsm9acke6Uwrmb0XeWYxXAdbA4sqUyEMM3oA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:15 2024 by rpki-client on console-ams.rpki-client.org