Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/k4tzdnrv8DOvRYt9a6wOA0DcqJY.roa
File: k4tzdnrv8DOvRYt9a6wOA0DcqJY.roa (raw, json)
Hash identifier: R5Flfj3j+A+EVdecfetqaeveCLSfOMPpPd0Rh68Tk1c=
Subject key identifier: 93:8B:73:76:7A:EF:F0:33:AF:45:8B:7D:6B:AC:0E:03:40:DC:A8:96
Certificate issuer: /CN=53b62ace615b906b42ab27f4fb1d203df36d5436
Certificate serial: 018F5A8E7671EECC869653972D340985686F
Authority key identifier: 53:B6:2A:CE:61:5B:90:6B:42:AB:27:F4:FB:1D:20:3D:F3:6D:54:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U7YqzmFbkGtCqyf0-x0gPfNtVDY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/k4tzdnrv8DOvRYt9a6wOA0DcqJY.roa
Signing time: Wed 08 May 2024 23:33:56 +0000
ROA not before: Wed 08 May 2024 23:33:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31708
IP address blocks: 31.193.168.0/21 maxlen: 21
31.193.170.0/24 maxlen: 24
62.197.40.0/23 maxlen: 23
62.197.44.0/23 maxlen: 23
62.197.44.0/24 maxlen: 24
62.197.50.0/23 maxlen: 23
83.142.24.0/21 maxlen: 21
83.142.24.0/22 maxlen: 22
83.142.28.0/24 maxlen: 24
83.142.29.0/24 maxlen: 24
83.142.30.0/23 maxlen: 23
85.13.192.0/18 maxlen: 18
85.13.192.0/24 maxlen: 24
85.13.199.0/24 maxlen: 24
85.13.208.0/24 maxlen: 24
85.13.209.0/24 maxlen: 24
85.13.214.0/24 maxlen: 24
85.13.216.0/24 maxlen: 24
85.13.222.0/24 maxlen: 24
85.13.228.0/24 maxlen: 24
85.13.230.0/24 maxlen: 24
85.13.234.0/24 maxlen: 24
85.13.247.0/24 maxlen: 24
85.13.251.0/24 maxlen: 24
89.187.64.0/19 maxlen: 19
89.187.72.0/24 maxlen: 24
89.187.78.0/24 maxlen: 24
89.187.79.0/24 maxlen: 24
89.187.80.0/24 maxlen: 24
89.187.81.0/24 maxlen: 24
89.187.84.0/24 maxlen: 24
89.187.85.0/24 maxlen: 24
89.187.86.0/24 maxlen: 24
89.187.91.0/24 maxlen: 24
89.187.93.0/24 maxlen: 24
89.187.95.0/24 maxlen: 24
109.70.136.0/21 maxlen: 21
109.70.141.0/24 maxlen: 24
109.70.143.0/24 maxlen: 24
185.101.80.0/22 maxlen: 24
185.101.80.0/23 maxlen: 23
185.101.83.0/24 maxlen: 24
193.26.222.0/24 maxlen: 24
2a01:c0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:5a:8e:76:71:ee:cc:86:96:53:97:2d:34:09:85:68:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53b62ace615b906b42ab27f4fb1d203df36d5436
Validity
Not Before: May 8 23:33:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=938b73767aeff033af458b7d6bac0e0340dca896
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:d8:ff:10:5d:24:db:59:cd:bb:d5:03:0e:51:
ad:6a:18:0c:a5:c4:75:5b:bf:c0:ee:10:ac:5f:fd:
55:cd:7a:a2:30:dd:dc:ca:f9:3e:a8:e7:62:fa:7d:
78:fc:48:6e:84:5b:ad:87:c7:05:8f:6d:36:6b:ca:
43:53:16:c8:78:76:5a:3c:65:f2:20:64:1a:36:66:
e8:b6:53:3e:dd:51:20:1a:f2:06:8f:a9:74:75:ba:
34:10:39:e2:cc:31:c6:2e:bd:8a:d5:30:6b:2b:0b:
09:ca:a0:ad:7c:97:06:15:67:0c:db:dd:e0:23:e4:
90:1a:30:1d:cb:9b:9b:fa:6e:fe:ba:43:91:37:c5:
05:ad:78:2b:ae:d9:98:96:00:bd:55:4d:02:1a:bf:
08:05:c1:6b:51:55:40:10:b6:3e:cf:fb:42:24:bb:
cc:c1:56:9f:6f:83:38:9c:c2:f9:67:63:da:24:40:
0d:0b:dd:9d:56:cf:55:93:77:7c:19:86:bd:79:99:
7e:a2:39:17:c4:32:df:f5:8d:93:78:e1:66:e1:f9:
e1:e2:32:b1:b7:5f:90:ca:1d:fd:6e:b5:bc:b8:93:
05:8e:67:22:43:02:85:83:e5:5e:94:b7:72:6f:30:
3e:8b:18:20:49:46:21:c8:0a:06:6e:f8:8c:04:9b:
24:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:8B:73:76:7A:EF:F0:33:AF:45:8B:7D:6B:AC:0E:03:40:DC:A8:96
X509v3 Authority Key Identifier:
keyid:53:B6:2A:CE:61:5B:90:6B:42:AB:27:F4:FB:1D:20:3D:F3:6D:54:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U7YqzmFbkGtCqyf0-x0gPfNtVDY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/k4tzdnrv8DOvRYt9a6wOA0DcqJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/U7YqzmFbkGtCqyf0-x0gPfNtVDY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.168.0/21
62.197.40.0/23
62.197.44.0/23
62.197.50.0/23
83.142.24.0/21
85.13.192.0/18
89.187.64.0/19
109.70.136.0/21
185.101.80.0/22
193.26.222.0/24
IPv6:
2a01:c0::/32
Signature Algorithm: sha256WithRSAEncryption
8d:0c:86:7c:08:17:95:dc:57:dc:a4:5b:96:c9:35:f3:24:63:
fc:b6:c6:d7:53:ce:bc:58:2c:62:46:49:b5:e0:97:dc:2c:bc:
4b:bd:13:74:79:1e:4a:8b:7c:78:02:a2:64:16:29:07:23:66:
5b:fa:79:99:98:a7:f1:27:cd:e0:4c:3e:3d:e9:e0:8c:07:21:
8a:33:4b:d9:e9:25:00:48:bb:66:c7:e7:96:7b:01:03:ba:04:
cf:a2:d4:d1:33:04:23:e5:36:eb:29:d0:3a:76:35:25:f6:4b:
5c:c5:cd:a3:f8:2b:41:3b:bd:8e:a2:02:71:5a:77:c5:12:f1:
25:00:de:c1:5a:1f:8b:e0:6b:53:c3:ce:0c:08:00:92:52:93:
e9:0a:fd:24:b5:4c:84:89:f8:11:3b:ce:31:35:d7:25:cc:79:
18:27:f5:9e:77:41:af:08:44:3c:44:76:57:d7:9e:31:ae:2b:
dd:0a:01:ab:dd:63:cb:a3:3d:54:ab:64:3c:f4:dc:59:05:47:
60:c0:e6:fc:51:91:52:e9:a1:5d:c3:2b:39:18:df:6a:71:af:
76:d8:77:4d:19:ae:4f:81:d6:e6:f2:d3:c5:81:ad:3f:85:20:
ff:73:6c:0f:bd:2e:ba:68:25:80:ae:e8:ae:e5:ac:5e:42:e9:
00:e7:82:91
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAY9ajnZx7syGllOXLTQJhWhvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYjYyYWNlNjE1YjkwNmI0MmFiMjdmNGZiMWQyMDNkZjM2
ZDU0MzYwHhcNMjQwNTA4MjMzMzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzhiNzM3NjdhZWZmMDMzYWY0NThiN2Q2YmFjMGUwMzQwZGNhODk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Nj/EF0k21nNu9UDDlGtahgMpcR1
W7/A7hCsX/1VzXqiMN3cyvk+qOdi+n14/EhuhFuth8cFj202a8pDUxbIeHZaPGXy
IGQaNmbotlM+3VEgGvIGj6l0dbo0EDnizDHGLr2K1TBrKwsJyqCtfJcGFWcM293g
I+SQGjAdy5ub+m7+ukORN8UFrXgrrtmYlgC9VU0CGr8IBcFrUVVAELY+z/tCJLvM
wVafb4M4nML5Z2PaJEANC92dVs9Vk3d8GYa9eZl+ojkXxDLf9Y2TeOFm4fnh4jKx
t1+Qyh39brW8uJMFjmciQwKFg+VelLdybzA+ixggSUYhyAoGbviMBJskAQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFJOLc3Z67/Azr0WLfWusDgNA3KiWMB8GA1UdIwQY
MBaAFFO2Ks5hW5BrQqsn9PsdID3zbVQ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTdZcXptRmJrR3RDcXlmMC14MGdQZk50VkRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC84YjA3Y2QtMGNlZC00YWZjLThkMDIt
OTcyYTRjM2RjM2YzLzEvazR0emRucnY4RE92Ull0OWE2d09BMERjcUpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC84YjA3Y2QtMGNlZC00YWZjLThkMDItOTcyYTRjM2RjM2Yz
LzEvVTdZcXptRmJrR3RDcXlmMC14MGdQZk50VkRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQDH8GoAwQB
PsUoAwQBPsUsAwQBPsUyAwQDU44YAwQGVQ3AAwQFWbtAAwQDbUaIAwQCuWVQAwQA
wRreMA0EAgACMAcDBQAqAQDAMA0GCSqGSIb3DQEBCwUAA4IBAQCNDIZ8CBeV3Ffc
pFuWyTXzJGP8tsbXU868WCxiRkm14JfcLLxLvRN0eR5Ki3x4AqJkFikHI2Zb+nmZ
mKfxJ83gTD496eCMByGKM0vZ6SUASLtmx+eWewEDugTPotTRMwQj5TbrKdA6djUl
9ktcxc2j+CtBO72OogJxWnfFEvElAN7BWh+L4GtTw84MCACSUpPpCv0ktUyEifgR
O84xNdclzHkYJ/Wed0GvCEQ8RHZX154xrivdCgGr3WPLoz1Uq2Q89NxZBUdgwOb8
UZFS6aFdwys5GN9qca922HdNGa5Pgdbm8tPFga0/hSD/c2wPvS66aCWAruiu5axe
QukA54KR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:57 2024 by rpki-client on console-fra.rpki-client.org