Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/0e651e-90c7-4acd-97b9-a54f8e4813e7/1/4248I4zioHwQVLZi9OTIpYfGe84.roa
File: 4248I4zioHwQVLZi9OTIpYfGe84.roa (raw, json)
Hash identifier: bqEGE6559sHE9TqclrMB1YbuTjL29N+pX8EOHrrZghk=
Subject key identifier: E3:6E:3C:23:8C:E2:A0:7C:10:54:B6:62:F4:E4:C8:A5:87:C6:7B:CE
Certificate issuer: /CN=9cd0758825dd89cfee5fdecc7dcb651f0a5d1018
Certificate serial: 0572AE0E
Authority key identifier: 9C:D0:75:88:25:DD:89:CF:EE:5F:DE:CC:7D:CB:65:1F:0A:5D:10:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nNB1iCXdic_uX97MfctlHwpdEBg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/0e651e-90c7-4acd-97b9-a54f8e4813e7/1/4248I4zioHwQVLZi9OTIpYfGe84.roa
Signing time: Sat 01 Jan 2022 07:02:23 +0000
ROA not before: Sat 01 Jan 2022 07:02:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209711
IP address blocks: 45.145.20.0/24 maxlen: 24
193.53.87.0/24 maxlen: 24
193.53.98.0/24 maxlen: 24
37.156.246.0/24 maxlen: 24
185.82.223.0/24 maxlen: 24
185.82.222.0/24 maxlen: 24
185.82.221.0/24 maxlen: 24
185.82.220.0/24 maxlen: 24
193.53.103.0/24 maxlen: 24
109.230.196.0/24 maxlen: 24
193.53.245.0/24 maxlen: 24
45.139.222.0/24 maxlen: 24
31.214.152.0/24 maxlen: 24
31.14.52.0/24 maxlen: 24
89.45.94.0/24 maxlen: 24
185.111.245.0/24 maxlen: 24
185.111.244.0/24 maxlen: 24
185.111.246.0/24 maxlen: 24
185.111.247.0/24 maxlen: 24
93.113.96.0/24 maxlen: 24
31.214.129.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91401742 (0x572ae0e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cd0758825dd89cfee5fdecc7dcb651f0a5d1018
Validity
Not Before: Jan 1 07:02:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e36e3c238ce2a07c1054b662f4e4c8a587c67bce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:4d:25:92:6d:d3:a8:6d:ac:61:51:e9:97:4b:
d2:d4:d8:33:35:f7:bd:11:79:91:06:5d:8c:f6:24:
54:16:c6:34:f1:06:1c:ec:f7:60:5c:97:58:47:ce:
ae:6d:2b:da:9a:f9:31:2b:92:8d:c9:c0:d8:de:16:
01:c7:c3:fe:06:df:36:74:79:80:c2:2b:e8:31:13:
3b:80:30:fa:61:50:d8:3a:a8:fe:34:8b:d3:00:17:
c2:b8:94:6e:fb:01:2f:da:85:8d:58:4f:a8:11:59:
d1:a5:0e:e7:f7:1e:a7:55:15:de:45:b6:76:ab:1e:
25:96:c0:fd:e4:b5:85:b9:77:9c:9a:f4:58:15:8e:
e2:e0:d9:36:34:a6:fb:86:4a:e5:e0:87:16:99:ad:
2b:60:a6:05:0e:2f:56:d0:0b:42:61:6a:a8:41:9c:
54:32:c2:bb:a5:46:30:59:af:36:ba:41:64:bf:95:
6a:82:01:65:eb:8a:87:4d:40:fa:84:c3:ed:20:ff:
a7:42:f6:a0:f3:6c:56:d6:65:24:7c:59:16:1c:cb:
a8:fd:38:10:7e:2f:0e:f6:01:64:0c:04:39:d9:ee:
13:87:b0:a5:5f:bc:de:5e:61:10:a0:2a:32:b1:bb:
85:42:94:5a:4a:98:82:3a:b1:8a:f6:89:15:d6:0f:
51:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:6E:3C:23:8C:E2:A0:7C:10:54:B6:62:F4:E4:C8:A5:87:C6:7B:CE
X509v3 Authority Key Identifier:
keyid:9C:D0:75:88:25:DD:89:CF:EE:5F:DE:CC:7D:CB:65:1F:0A:5D:10:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nNB1iCXdic_uX97MfctlHwpdEBg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/0e651e-90c7-4acd-97b9-a54f8e4813e7/1/4248I4zioHwQVLZi9OTIpYfGe84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/0e651e-90c7-4acd-97b9-a54f8e4813e7/1/nNB1iCXdic_uX97MfctlHwpdEBg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.52.0/24
31.214.129.0/24
31.214.152.0/24
37.156.246.0/24
45.139.222.0/24
45.145.20.0/24
89.45.94.0/24
93.113.96.0/24
109.230.196.0/24
185.82.220.0/22
185.111.244.0/22
193.53.87.0/24
193.53.98.0/24
193.53.103.0/24
193.53.245.0/24
Signature Algorithm: sha256WithRSAEncryption
05:8c:ed:4a:48:7c:83:6d:de:31:07:67:79:b0:69:6c:e9:b0:
c6:26:47:43:bc:87:8e:36:52:65:60:10:c2:46:62:ed:1e:2a:
21:b0:fc:32:b4:4d:c7:cc:aa:bb:4e:df:25:25:be:10:71:4e:
4b:8a:93:bc:73:20:e5:5c:8f:c8:fe:bc:5c:94:71:6e:3c:90:
b2:f7:85:fd:7d:85:20:7c:67:5e:1d:3b:41:60:57:53:6b:03:
8e:1f:01:76:f9:c3:9e:fe:ab:f5:1a:aa:1c:37:5f:99:6e:38:
f5:83:c7:0e:11:0c:bb:65:11:15:f3:fd:41:79:75:8a:0e:04:
4e:49:f7:1d:5e:61:5a:b9:c5:60:61:9d:46:d6:40:9d:94:9b:
b9:aa:1d:6c:2c:87:ae:6f:13:f4:c9:31:54:72:aa:1e:50:80:
d8:9d:dc:7c:ee:18:62:05:cf:d3:3d:f9:7e:17:23:77:9f:56:
ca:8d:85:75:ec:19:33:35:a1:93:e7:37:f5:e8:98:f4:01:9a:
c6:c2:be:ec:9f:4a:93:50:8e:c4:48:2a:f4:35:aa:b2:04:2f:
23:2c:46:bd:86:c2:14:ab:3d:b1:5d:20:e3:c8:0d:9c:55:ad:
52:cf:47:6d:ad:5c:d0:55:fc:c3:32:42:69:23:a0:f8:52:b8:
4d:be:63:8d
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIEBXKuDjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
Y2QwNzU4ODI1ZGQ4OWNmZWU1ZmRlY2M3ZGNiNjUxZjBhNWQxMDE4MB4XDTIyMDEw
MTA3MDIyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTM2ZTNjMjM4Y2Uy
YTA3YzEwNTRiNjYyZjRlNGM4YTU4N2M2N2JjZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANpNJZJt06htrGFR6ZdL0tTYMzX3vRF5kQZdjPYkVBbGNPEG
HOz3YFyXWEfOrm0r2pr5MSuSjcnA2N4WAcfD/gbfNnR5gMIr6DETO4Aw+mFQ2Dqo
/jSL0wAXwriUbvsBL9qFjVhPqBFZ0aUO5/cep1UV3kW2dqseJZbA/eS1hbl3nJr0
WBWO4uDZNjSm+4ZK5eCHFpmtK2CmBQ4vVtALQmFqqEGcVDLCu6VGMFmvNrpBZL+V
aoIBZeuKh01A+oTD7SD/p0L2oPNsVtZlJHxZFhzLqP04EH4vDvYBZAwEOdnuE4ew
pV+83l5hEKAqMrG7hUKUWkqYgjqxivaJFdYPUQ8CAwEAAaOCAl0wggJZMB0GA1Ud
DgQWBBTjbjwjjOKgfBBUtmL05Milh8Z7zjAfBgNVHSMEGDAWgBSc0HWIJd2Jz+5f
3sx9y2UfCl0QGDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25OQjFpQ1hkaWNfdVg5N01mY3RsSHdwZEVCZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWEvMGU2NTFlLTkwYzctNGFjZC05N2I5LWE1NGY4ZTQ4MTNlNy8x
LzQyNDhJNHppb0h3UVZMWmk5T1RJcFlmR2U4NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWEv
MGU2NTFlLTkwYzctNGFjZC05N2I5LWE1NGY4ZTQ4MTNlNy8xL25OQjFpQ1hkaWNf
dVg5N01mY3RsSHdwZEVCZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBz
BggrBgEFBQcBBwEB/wRkMGIwYAQCAAEwWgMEAB8ONAMEAB/WgQMEAB/WmAMEACWc
9gMEAC2L3gMEAC2RFAMEAFktXgMEAF1xYAMEAG3mxAMEArlS3AMEArlv9AMEAME1
VwMEAME1YgMEAME1ZwMEAME19TANBgkqhkiG9w0BAQsFAAOCAQEABYztSkh8g23e
MQdnebBpbOmwxiZHQ7yHjjZSZWAQwkZi7R4qIbD8MrRNx8yqu07fJSW+EHFOS4qT
vHMg5VyPyP68XJRxbjyQsveF/X2FIHxnXh07QWBXU2sDjh8BdvnDnv6r9RqqHDdf
mW449YPHDhEMu2URFfP9QXl1ig4ETkn3HV5hWrnFYGGdRtZAnZSbuaodbCyHrm8T
9MkxVHKqHlCA2J3cfO4YYgXP0z35fhcjd59Wyo2FdewZMzWhk+c39eiY9AGaxsK+
7J9Kk1COxEgq9DWqsgQvIyxGvYbCFKs9sV0g48gNnFWtUs9Hba1c0FX8wzJCaSOg
+FK4Tb5jjQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:59 2023 by rpki-client on console-fra.rpki-client.org