Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/86FkHzw_oqy39dmJExETojjrYC0.roa
File: 86FkHzw_oqy39dmJExETojjrYC0.roa (raw, json)
Hash identifier: p1p3DBQ+AUcHDQLpyadkDBShE1kPHoAwNTggI8eq/Yw=
Subject key identifier: F3:A1:64:1F:3C:3F:A2:AC:B7:F5:D9:89:13:11:13:A2:38:EB:60:2D
Certificate issuer: /CN=679a75debd65359a45317f203f11a321e14b2f2c
Certificate serial: 05DC91B1
Authority key identifier: 67:9A:75:DE:BD:65:35:9A:45:31:7F:20:3F:11:A3:21:E1:4B:2F:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z5p13r1lNZpFMX8gPxGjIeFLLyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/86FkHzw_oqy39dmJExETojjrYC0.roa
Signing time: Tue 22 Feb 2022 21:22:42 +0000
ROA not before: Tue 22 Feb 2022 21:22:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 89.43.48.0/24 maxlen: 24
188.241.246.0/24 maxlen: 24
185.142.164.0/22 maxlen: 24
94.176.96.0/24 maxlen: 24
93.113.175.0/24 maxlen: 24
185.61.156.0/22 maxlen: 24
89.21.64.0/22 maxlen: 24
188.241.223.0/24 maxlen: 24
93.114.83.0/24 maxlen: 24
89.40.66.0/24 maxlen: 24
93.114.129.0/24 maxlen: 24
89.41.188.0/24 maxlen: 24
46.102.116.0/24 maxlen: 24
89.35.25.0/24 maxlen: 24
94.177.17.0/24 maxlen: 24
37.156.226.0/24 maxlen: 24
86.106.89.0/24 maxlen: 24
87.121.136.0/21 maxlen: 24
93.113.31.0/24 maxlen: 24
86.107.241.0/24 maxlen: 24
89.35.135.0/24 maxlen: 24
31.177.0.0/21 maxlen: 24
185.137.36.0/22 maxlen: 24
176.111.240.0/22 maxlen: 24
62.245.0.0/19 maxlen: 24
86.106.135.0/24 maxlen: 24
86.104.226.0/24 maxlen: 24
85.204.70.0/24 maxlen: 24
86.104.228.0/24 maxlen: 24
89.44.77.0/24 maxlen: 24
89.32.127.0/24 maxlen: 24
85.204.72.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98341297 (0x5dc91b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=679a75debd65359a45317f203f11a321e14b2f2c
Validity
Not Before: Feb 22 21:22:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f3a1641f3c3fa2acb7f5d989131113a238eb602d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:3d:40:19:67:93:9a:f1:1a:25:b6:6d:2d:df:
a5:aa:43:93:d8:ec:4c:c1:f4:18:65:24:59:6c:08:
5c:fe:be:cc:74:21:ee:4c:a3:ac:7f:fd:e6:39:e5:
2b:c1:d5:bf:38:ac:f7:18:f2:dc:43:19:80:51:2a:
b9:6c:5a:b8:e7:ef:e5:7e:8f:5d:05:a6:eb:37:7d:
bc:32:02:3b:06:57:26:82:82:f6:40:46:fa:11:92:
37:b1:7d:5c:c0:dd:5c:be:72:e2:04:24:ad:2e:a2:
66:28:7e:4b:98:54:30:b4:52:a9:e8:e2:92:69:a2:
7d:30:06:a8:39:a0:18:90:e5:e2:0c:46:1b:40:b0:
ef:20:0b:d2:9e:fc:03:35:e3:55:d6:d6:60:96:ee:
71:a3:bd:0f:15:51:62:99:96:5a:a8:40:72:6a:ac:
5a:98:48:ad:56:b0:e2:6c:b9:3c:7f:d8:40:c7:b9:
91:78:0a:60:5b:34:38:b3:80:fe:89:92:26:31:28:
04:93:b5:cf:57:2f:21:3b:4f:1a:59:46:d7:31:70:
eb:85:3f:1e:52:ea:b0:fa:70:97:a8:04:69:6d:4d:
8d:d6:dd:98:be:4e:e2:75:d6:25:fd:4e:c1:14:6e:
8c:bd:23:9f:dd:84:83:f9:ac:6c:00:b0:c7:5d:86:
14:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:A1:64:1F:3C:3F:A2:AC:B7:F5:D9:89:13:11:13:A2:38:EB:60:2D
X509v3 Authority Key Identifier:
keyid:67:9A:75:DE:BD:65:35:9A:45:31:7F:20:3F:11:A3:21:E1:4B:2F:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5p13r1lNZpFMX8gPxGjIeFLLyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/86FkHzw_oqy39dmJExETojjrYC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/Z5p13r1lNZpFMX8gPxGjIeFLLyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.177.0.0/21
37.156.226.0/24
46.102.116.0/24
62.245.0.0/19
85.204.70.0/24
85.204.72.0/24
86.104.226.0/24
86.104.228.0/24
86.106.89.0/24
86.106.135.0/24
86.107.241.0/24
87.121.136.0/21
89.21.64.0/22
89.32.127.0/24
89.35.25.0/24
89.35.135.0/24
89.40.66.0/24
89.41.188.0/24
89.43.48.0/24
89.44.77.0/24
93.113.31.0/24
93.113.175.0/24
93.114.83.0/24
93.114.129.0/24
94.176.96.0/24
94.177.17.0/24
176.111.240.0/22
185.61.156.0/22
185.137.36.0/22
185.142.164.0/22
188.241.223.0/24
188.241.246.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:91:7c:7c:a5:b3:04:00:04:98:55:b0:8c:a0:ec:28:e1:47:
22:19:9e:d5:8f:48:a0:04:34:fe:69:75:54:4a:8a:d5:f2:59:
fd:ac:7d:b8:19:8c:4d:fd:aa:92:ac:cd:97:ab:a0:1f:01:b1:
44:da:a9:f6:57:c4:06:de:c9:7b:c5:8f:f6:cd:98:cf:1d:c5:
b8:b7:dd:3e:7e:09:90:15:80:d9:e7:be:58:07:a2:17:9c:5a:
b1:42:e4:21:36:35:a7:db:0b:c3:50:c5:7d:26:a3:25:b8:e1:
84:ad:ae:2c:af:6e:2c:76:17:66:60:ae:b9:ba:48:74:47:b8:
4a:59:2d:cb:c6:6d:52:1f:92:0f:c5:6f:a9:3d:77:cf:24:76:
33:93:63:fc:85:af:f2:d4:f2:e9:dc:65:45:eb:f4:9c:ee:05:
e0:12:2f:7e:3c:17:94:ae:23:61:e4:59:db:46:a0:17:df:38:
bc:c8:a9:a4:65:f2:02:cc:97:52:44:81:2d:02:52:12:21:3b:
91:23:83:c8:85:1c:2d:89:b2:14:27:68:c8:52:fa:32:8c:de:
3b:49:5f:a3:33:50:75:c4:fd:e1:52:d5:9d:97:b6:20:7a:4c:
97:5b:13:a2:c5:12:48:40:81:ff:72:a5:07:53:a2:46:10:af:
11:6a:9f:cc
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgIEBdyRsTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NzlhNzVkZWJkNjUzNTlhNDUzMTdmMjAzZjExYTMyMWUxNGIyZjJjMB4XDTIyMDIy
MjIxMjI0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjNhMTY0MWYzYzNm
YTJhY2I3ZjVkOTg5MTMxMTEzYTIzOGViNjAyZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALE9QBlnk5rxGiW2bS3fpapDk9jsTMH0GGUkWWwIXP6+zHQh
7kyjrH/95jnlK8HVvzis9xjy3EMZgFEquWxauOfv5X6PXQWm6zd9vDICOwZXJoKC
9kBG+hGSN7F9XMDdXL5y4gQkrS6iZih+S5hUMLRSqejikmmifTAGqDmgGJDl4gxG
G0Cw7yAL0p78AzXjVdbWYJbucaO9DxVRYpmWWqhAcmqsWphIrVaw4my5PH/YQMe5
kXgKYFs0OLOA/omSJjEoBJO1z1cvITtPGllG1zFw64U/HlLqsPpwl6gEaW1Njdbd
mL5O4nXWJf1OwRRujL0jn92Eg/msbACwx12GFLECAwEAAaOCAsgwggLEMB0GA1Ud
DgQWBBTzoWQfPD+irLf12YkTEROiOOtgLTAfBgNVHSMEGDAWgBRnmnXevWU1mkUx
fyA/EaMh4UsvLDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1o1cDEzcjFsTlpwRk1YOGdQeEdqSWVGTEx5dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjUvN2EzOWIxLTFkMWMtNDkxOS1iMTljLTNlZWJlNzE5Njk3Mi8x
Lzg2RmtIendfb3F5MzlkbUpFeEVUb2pqcllDMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjUv
N2EzOWIxLTFkMWMtNDkxOS1iMTljLTNlZWJlNzE5Njk3Mi8xL1o1cDEzcjFsTlpw
Rk1YOGdQeEdqSWVGTEx5dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
3QYIKwYBBQUHAQcBAf8Egc0wgcowgccEAgABMIHAAwQDH7EAAwQAJZziAwQALmZ0
AwQFPvUAAwQAVcxGAwQAVcxIAwQAVmjiAwQAVmjkAwQAVmpZAwQAVmqHAwQAVmvx
AwQDV3mIAwQCWRVAAwQAWSB/AwQAWSMZAwQAWSOHAwQAWShCAwQAWSm8AwQAWSsw
AwQAWSxNAwQAXXEfAwQAXXGvAwQAXXJTAwQAXXKBAwQAXrBgAwQAXrERAwQCsG/w
AwQCuT2cAwQCuYkkAwQCuY6kAwQAvPHfAwQAvPH2MA0GCSqGSIb3DQEBCwUAA4IB
AQBMkXx8pbMEAASYVbCMoOwo4UciGZ7Vj0igBDT+aXVUSorV8ln9rH24GYxN/aqS
rM2Xq6AfAbFE2qn2V8QG3sl7xY/2zZjPHcW4t90+fgmQFYDZ575YB6IXnFqxQuQh
NjWn2wvDUMV9JqMluOGEra4sr24sdhdmYK65ukh0R7hKWS3Lxm1SH5IPxW+pPXfP
JHYzk2P8ha/y1PLp3GVF6/Sc7gXgEi9+PBeUriNh5FnbRqAX3zi8yKmkZfICzJdS
RIEtAlISITuRI4PIhRwtibIUJ2jIUvoyjN47SV+jM1B1xP3hUtWdl7YgekyXWxOi
xRJIQIH/cqUHU6JGEK8Rap/M
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:30 2023 by rpki-client on console-ams.rpki-client.org