Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/1-fPi9TvZXScjKOY-fL7iiap6YfM.roa
File: 1-fPi9TvZXScjKOY-fL7iiap6YfM.roa (raw, json)
Hash identifier: OIFhob6EkN8Czirn08MJh/BUUyviHP19bQyAckDh1fw=
Subject key identifier: F9:F3:E2:F5:3B:D9:5D:27:23:28:E6:3E:7C:BE:E2:89:AA:7A:61:F3
Certificate issuer: /CN=679a75debd65359a45317f203f11a321e14b2f2c
Certificate serial: 065834F8
Authority key identifier: 67:9A:75:DE:BD:65:35:9A:45:31:7F:20:3F:11:A3:21:E1:4B:2F:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z5p13r1lNZpFMX8gPxGjIeFLLyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/1-fPi9TvZXScjKOY-fL7iiap6YfM.roa
Signing time: Thu 07 Apr 2022 06:21:33 +0000
ROA not before: Thu 07 Apr 2022 06:21:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 89.43.48.0/24 maxlen: 24
37.156.226.0/24 maxlen: 24
93.113.31.0/24 maxlen: 24
87.121.136.0/21 maxlen: 24
188.241.246.0/24 maxlen: 24
94.176.96.0/24 maxlen: 24
93.113.175.0/24 maxlen: 24
185.61.156.0/22 maxlen: 24
31.177.0.0/21 maxlen: 24
188.241.223.0/24 maxlen: 24
185.137.36.0/22 maxlen: 24
62.245.0.0/19 maxlen: 24
93.114.129.0/24 maxlen: 24
86.106.135.0/24 maxlen: 24
85.204.70.0/24 maxlen: 24
86.104.228.0/24 maxlen: 24
89.32.127.0/24 maxlen: 24
89.44.77.0/24 maxlen: 24
46.102.116.0/24 maxlen: 24
89.35.25.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106444024 (0x65834f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=679a75debd65359a45317f203f11a321e14b2f2c
Validity
Not Before: Apr 7 06:21:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f9f3e2f53bd95d272328e63e7cbee289aa7a61f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:3d:c9:76:2f:e4:03:68:00:57:61:c9:0b:15:
06:b0:9f:3f:97:53:57:94:d5:f3:9f:c9:3f:67:33:
84:bd:2c:69:62:dd:2b:80:df:84:83:6a:8d:9f:f7:
c1:6f:1d:94:41:89:f5:48:23:d3:13:ba:d6:f3:f0:
40:b2:14:b7:4f:42:ca:8e:09:83:59:a4:76:ab:be:
33:15:9e:a9:76:dc:92:04:1f:25:06:ff:8b:44:7b:
08:f0:ef:5e:b1:3a:c4:fd:03:2e:37:37:18:d0:92:
85:32:cf:78:cb:91:84:82:9c:a8:b6:81:b2:fb:ce:
b3:ba:35:a7:ca:cb:85:a4:c1:f8:6b:bb:17:65:32:
24:a8:ea:32:54:bb:80:e4:5f:d5:a5:64:c9:5b:c1:
8d:11:8a:73:16:f2:c7:e7:7d:00:75:cd:ef:ef:d1:
99:65:8c:00:f4:62:ec:8b:39:58:fd:d8:4d:6f:b1:
c5:25:80:aa:3e:29:01:76:0f:0c:ef:06:92:2b:6f:
40:7f:0a:98:b6:83:18:d8:87:3c:11:d9:0b:aa:53:
bc:3a:af:3b:53:80:52:e7:bb:6f:64:cd:7e:54:2f:
03:85:b3:f0:05:84:d2:23:ab:2a:c0:af:bc:6f:1a:
d4:e8:99:36:f6:f7:10:3f:38:3a:0b:36:18:42:d4:
59:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:F3:E2:F5:3B:D9:5D:27:23:28:E6:3E:7C:BE:E2:89:AA:7A:61:F3
X509v3 Authority Key Identifier:
keyid:67:9A:75:DE:BD:65:35:9A:45:31:7F:20:3F:11:A3:21:E1:4B:2F:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5p13r1lNZpFMX8gPxGjIeFLLyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/1-fPi9TvZXScjKOY-fL7iiap6YfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/Z5p13r1lNZpFMX8gPxGjIeFLLyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.177.0.0/21
37.156.226.0/24
46.102.116.0/24
62.245.0.0/19
85.204.70.0/24
86.104.228.0/24
86.106.135.0/24
87.121.136.0/21
89.32.127.0/24
89.35.25.0/24
89.43.48.0/24
89.44.77.0/24
93.113.31.0/24
93.113.175.0/24
93.114.129.0/24
94.176.96.0/24
185.61.156.0/22
185.137.36.0/22
188.241.223.0/24
188.241.246.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:f0:94:4e:9d:e1:af:16:e0:fb:58:47:17:50:a9:ce:bb:fb:
36:24:b2:7b:03:fb:24:0d:2f:a7:f9:3e:89:67:cd:c2:08:2e:
3e:4a:4d:6f:75:5c:d3:bf:d5:29:ae:ec:85:9f:81:c5:71:d3:
65:de:2b:36:c9:bf:42:b5:27:c9:21:d3:56:51:4f:2c:53:e0:
4f:7d:f0:21:80:07:15:cc:30:9f:6b:bd:0c:39:49:62:6d:8f:
3b:cb:20:c2:c4:1d:d2:ec:48:be:05:c3:c3:aa:48:70:20:72:
b2:db:4f:e4:cb:ea:f1:32:6b:81:8e:0c:9d:71:3e:6c:a1:04:
73:11:5a:ea:b4:5b:6c:a9:9a:8f:59:e1:f4:fb:dc:97:e5:a4:
7c:db:88:48:e6:ca:f9:88:5b:52:ac:98:1e:a8:76:db:ad:ac:
61:16:4c:31:4a:50:65:64:b7:e9:c1:e3:06:27:46:8f:52:88:
85:8e:33:cf:be:e8:2b:ef:30:3d:7f:98:60:9f:49:5e:c6:2f:
ae:86:03:93:6b:86:53:ae:85:51:7e:fb:a5:03:63:2d:a7:61:
27:d6:91:21:7f:5e:49:65:cb:3e:c8:58:c9:44:9a:62:38:b8:
a9:a2:90:d9:ab:bd:be:11:8b:ff:ef:54:b1:be:86:9e:d5:b3:
e1:25:89:f1
-----BEGIN CERTIFICATE-----
MIIFZTCCBE2gAwIBAgIEBlg0+DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NzlhNzVkZWJkNjUzNTlhNDUzMTdmMjAzZjExYTMyMWUxNGIyZjJjMB4XDTIyMDQw
NzA2MjEzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjlmM2UyZjUzYmQ5
NWQyNzIzMjhlNjNlN2NiZWUyODlhYTdhNjFmMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALI9yXYv5ANoAFdhyQsVBrCfP5dTV5TV85/JP2czhL0saWLd
K4DfhINqjZ/3wW8dlEGJ9Ugj0xO61vPwQLIUt09Cyo4Jg1mkdqu+MxWeqXbckgQf
JQb/i0R7CPDvXrE6xP0DLjc3GNCShTLPeMuRhIKcqLaBsvvOs7o1p8rLhaTB+Gu7
F2UyJKjqMlS7gORf1aVkyVvBjRGKcxbyx+d9AHXN7+/RmWWMAPRi7Is5WP3YTW+x
xSWAqj4pAXYPDO8GkitvQH8KmLaDGNiHPBHZC6pTvDqvO1OAUue7b2TNflQvA4Wz
8AWE0iOrKsCvvG8a1OiZNvb3ED84Ogs2GELUWX8CAwEAAaOCAn8wggJ7MB0GA1Ud
DgQWBBT58+L1O9ldJyMo5j58vuKJqnph8zAfBgNVHSMEGDAWgBRnmnXevWU1mkUx
fyA/EaMh4UsvLDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1o1cDEzcjFsTlpwRk1YOGdQeEdqSWVGTEx5dy5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjUvN2EzOWIxLTFkMWMtNDkxOS1iMTljLTNlZWJlNzE5Njk3Mi8x
LzEtZlBpOVR2WlhTY2pLT1ktZkw3aWlhcDZZZk0ucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2I1
LzdhMzliMS0xZDFjLTQ5MTktYjE5Yy0zZWViZTcxOTY5NzIvMS9aNXAxM3IxbE5a
cEZNWDhnUHhHakllRkxMeXcuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
gZMGCCsGAQUFBwEHAQH/BIGDMIGAMH4EAgABMHgDBAMfsQADBAAlnOIDBAAuZnQD
BAU+9QADBABVzEYDBABWaOQDBABWaocDBANXeYgDBABZIH8DBABZIxkDBABZKzAD
BABZLE0DBABdcR8DBABdca8DBABdcoEDBABesGADBAK5PZwDBAK5iSQDBAC88d8D
BAC88fYwDQYJKoZIhvcNAQELBQADggEBAIrwlE6d4a8W4PtYRxdQqc67+zYksnsD
+yQNL6f5PolnzcIILj5KTW91XNO/1Smu7IWfgcVx02XeKzbJv0K1J8kh01ZRTyxT
4E998CGABxXMMJ9rvQw5SWJtjzvLIMLEHdLsSL4Fw8OqSHAgcrLbT+TL6vEya4GO
DJ1xPmyhBHMRWuq0W2ypmo9Z4fT73JflpHzbiEjmyvmIW1KsmB6odtutrGEWTDFK
UGVkt+nB4wYnRo9SiIWOM8++6CvvMD1/mGCfSV7GL66GA5NrhlOuhVF++6UDYy2n
YSfWkSF/Xkllyz7IWMlEmmI4uKmikNmrvb4Ri//vVLG+hp7Vs+ElifE=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:36 2023 by rpki-client on console-fra.rpki-client.org