Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/1UAj5jQ53nkCs-Iv7TH81DmDqE0.roa
File: 1UAj5jQ53nkCs-Iv7TH81DmDqE0.roa (raw, json)
Hash identifier: eCCgUksgTM94TqXaa7ziIFGXGpFUBrfyJ0MBoUmmhag=
Subject key identifier: D5:40:23:E6:34:39:DE:79:02:B3:E2:2F:ED:31:FC:D4:39:83:A8:4D
Certificate issuer: /CN=679a75debd65359a45317f203f11a321e14b2f2c
Certificate serial: 06805757
Authority key identifier: 67:9A:75:DE:BD:65:35:9A:45:31:7F:20:3F:11:A3:21:E1:4B:2F:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z5p13r1lNZpFMX8gPxGjIeFLLyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/1UAj5jQ53nkCs-Iv7TH81DmDqE0.roa
Signing time: Thu 21 Apr 2022 01:21:09 +0000
ROA not before: Thu 21 Apr 2022 01:21:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 37.156.226.0/24 maxlen: 24
93.113.31.0/24 maxlen: 24
87.121.136.0/21 maxlen: 24
188.241.246.0/24 maxlen: 24
94.176.96.0/24 maxlen: 24
93.113.175.0/24 maxlen: 24
185.61.156.0/22 maxlen: 24
31.177.0.0/21 maxlen: 24
188.241.223.0/24 maxlen: 24
185.137.36.0/22 maxlen: 24
62.245.0.0/19 maxlen: 24
93.114.129.0/24 maxlen: 24
86.106.135.0/24 maxlen: 24
86.104.228.0/24 maxlen: 24
89.32.127.0/24 maxlen: 24
89.44.77.0/24 maxlen: 24
46.102.116.0/24 maxlen: 24
89.35.25.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 109074263 (0x6805757)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=679a75debd65359a45317f203f11a321e14b2f2c
Validity
Not Before: Apr 21 01:21:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d54023e63439de7902b3e22fed31fcd43983a84d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:56:93:7b:27:92:9e:51:1c:ff:c0:b4:92:1e:
71:ba:09:05:5a:d3:f0:8d:af:47:d1:1e:88:44:25:
4d:11:db:df:c2:2f:a1:18:5c:5e:5c:e3:a3:94:4d:
f0:a0:6c:8d:f7:f9:a5:02:d6:1b:2a:69:d0:f7:50:
44:e3:07:3e:5b:67:c4:b9:57:75:5a:08:5d:89:5c:
63:18:c2:8b:70:70:a5:2e:9b:6f:ba:74:d0:5a:db:
d4:36:1e:38:46:33:a9:1f:d6:4a:92:1a:37:96:c2:
8a:3b:e9:ef:8d:70:9d:b8:d3:08:fa:bc:67:e8:b2:
d0:12:2d:37:76:6c:79:60:c1:6c:f4:ea:e4:3a:3f:
ee:39:34:fd:6f:8a:c1:91:6f:58:ec:c7:6c:6e:de:
f7:b7:08:3f:fd:0a:4e:06:b7:90:e0:be:71:82:ab:
cc:55:02:04:43:bc:6b:52:1e:81:87:60:ab:2c:0b:
3a:94:c4:38:49:78:3f:78:2a:9a:df:22:c7:fd:62:
e8:f2:fc:34:0f:0f:51:dc:d9:e1:8a:21:39:6f:bf:
7f:3b:69:14:67:2c:b6:d2:05:eb:48:22:c3:57:cf:
5f:e6:a4:87:e3:0b:19:10:cf:48:16:c3:e0:38:fd:
02:f7:15:bc:99:39:af:bf:e7:48:b6:19:f4:22:de:
eb:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:40:23:E6:34:39:DE:79:02:B3:E2:2F:ED:31:FC:D4:39:83:A8:4D
X509v3 Authority Key Identifier:
keyid:67:9A:75:DE:BD:65:35:9A:45:31:7F:20:3F:11:A3:21:E1:4B:2F:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5p13r1lNZpFMX8gPxGjIeFLLyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/1UAj5jQ53nkCs-Iv7TH81DmDqE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/Z5p13r1lNZpFMX8gPxGjIeFLLyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.177.0.0/21
37.156.226.0/24
46.102.116.0/24
62.245.0.0/19
86.104.228.0/24
86.106.135.0/24
87.121.136.0/21
89.32.127.0/24
89.35.25.0/24
89.44.77.0/24
93.113.31.0/24
93.113.175.0/24
93.114.129.0/24
94.176.96.0/24
185.61.156.0/22
185.137.36.0/22
188.241.223.0/24
188.241.246.0/24
Signature Algorithm: sha256WithRSAEncryption
57:9b:6e:5b:ad:d7:7a:59:7f:be:35:0f:4b:ec:8c:85:35:fb:
64:4d:c4:39:98:a5:4b:5b:f4:71:c1:dc:75:7a:0c:32:d6:30:
78:15:01:fe:9f:a3:6b:81:10:06:47:0f:5e:59:b6:51:00:e3:
db:0d:d1:48:65:51:fe:2a:01:be:18:f3:44:b7:6d:12:b4:d7:
02:6e:26:9c:01:98:91:43:a7:b9:2c:92:30:55:4d:8e:67:c5:
e3:17:f1:9c:47:6d:23:55:89:a3:9d:07:a4:ce:cb:6d:e4:d7:
74:97:22:e2:6d:94:ae:1d:a2:dd:7b:5d:bc:f4:51:73:cd:6d:
55:dc:8a:fa:20:83:ce:2b:10:87:2a:96:a7:e4:1c:a2:54:3c:
ec:2f:fd:17:4f:8d:6b:5d:fa:87:f4:07:f0:25:7e:5c:38:87:
ed:7a:8e:33:61:dc:0b:b8:ae:99:16:3e:29:94:50:f4:41:4a:
03:1d:80:05:07:60:00:c0:39:72:be:45:9e:35:e6:d5:51:e5:
fa:dc:0b:07:2a:71:b1:1f:58:4e:e5:f5:96:b5:03:4f:86:be:
69:0f:1b:a4:f2:b0:05:9f:41:f8:fb:30:27:c3:c7:c2:94:1f:
b8:45:74:e2:06:ec:7e:92:51:fa:ab:db:62:8b:94:c8:cb:3e:
03:3d:a7:c3
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgIEBoBXVzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NzlhNzVkZWJkNjUzNTlhNDUzMTdmMjAzZjExYTMyMWUxNGIyZjJjMB4XDTIyMDQy
MTAxMjEwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDU0MDIzZTYzNDM5
ZGU3OTAyYjNlMjJmZWQzMWZjZDQzOTgzYTg0ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJVWk3snkp5RHP/AtJIecboJBVrT8I2vR9EeiEQlTRHb38Iv
oRhcXlzjo5RN8KBsjff5pQLWGypp0PdQROMHPltnxLlXdVoIXYlcYxjCi3BwpS6b
b7p00Frb1DYeOEYzqR/WSpIaN5bCijvp741wnbjTCPq8Z+iy0BItN3ZseWDBbPTq
5Do/7jk0/W+KwZFvWOzHbG7e97cIP/0KTga3kOC+cYKrzFUCBEO8a1IegYdgqywL
OpTEOEl4P3gqmt8ix/1i6PL8NA8PUdzZ4YohOW+/fztpFGcsttIF60giw1fPX+ak
h+MLGRDPSBbD4Dj9AvcVvJk5r7/nSLYZ9CLe69sCAwEAAaOCAnAwggJsMB0GA1Ud
DgQWBBTVQCPmNDneeQKz4i/tMfzUOYOoTTAfBgNVHSMEGDAWgBRnmnXevWU1mkUx
fyA/EaMh4UsvLDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1o1cDEzcjFsTlpwRk1YOGdQeEdqSWVGTEx5dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjUvN2EzOWIxLTFkMWMtNDkxOS1iMTljLTNlZWJlNzE5Njk3Mi8x
LzFVQWo1alE1M25rQ3MtSXY3VEg4MURtRHFFMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjUv
N2EzOWIxLTFkMWMtNDkxOS1iMTljLTNlZWJlNzE5Njk3Mi8xL1o1cDEzcjFsTlpw
Rk1YOGdQeEdqSWVGTEx5dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
hQYIKwYBBQUHAQcBAf8EdjB0MHIEAgABMGwDBAMfsQADBAAlnOIDBAAuZnQDBAU+
9QADBABWaOQDBABWaocDBANXeYgDBABZIH8DBABZIxkDBABZLE0DBABdcR8DBABd
ca8DBABdcoEDBABesGADBAK5PZwDBAK5iSQDBAC88d8DBAC88fYwDQYJKoZIhvcN
AQELBQADggEBAFebblut13pZf741D0vsjIU1+2RNxDmYpUtb9HHB3HV6DDLWMHgV
Af6fo2uBEAZHD15ZtlEA49sN0UhlUf4qAb4Y80S3bRK01wJuJpwBmJFDp7kskjBV
TY5nxeMX8ZxHbSNViaOdB6TOy23k13SXIuJtlK4dot17Xbz0UXPNbVXcivogg84r
EIcqlqfkHKJUPOwv/RdPjWtd+of0B/Alflw4h+16jjNh3Au4rpkWPimUUPRBSgMd
gAUHYADAOXK+RZ415tVR5frcCwcqcbEfWE7l9Za1A0+GvmkPG6TysAWfQfj7MCfD
x8KUH7hFdOIG7H6SUfqr22KLlMjLPgM9p8M=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:30 2023 by rpki-client on console-ams.rpki-client.org