Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/FfqeEQSnToiUD5D2YTQ6sLsdDdM.roa
File: FfqeEQSnToiUD5D2YTQ6sLsdDdM.roa (raw, json)
Hash identifier: xiUFVcG9F8T1OhYiPUg7ByI1you6PQXgSqY1UDQSYnY=
Subject key identifier: 15:FA:9E:11:04:A7:4E:88:94:0F:90:F6:61:34:3A:B0:BB:1D:0D:D3
Certificate issuer: /CN=679a75debd65359a45317f203f11a321e14b2f2c
Certificate serial: 06A24D81
Authority key identifier: 67:9A:75:DE:BD:65:35:9A:45:31:7F:20:3F:11:A3:21:E1:4B:2F:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z5p13r1lNZpFMX8gPxGjIeFLLyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/FfqeEQSnToiUD5D2YTQ6sLsdDdM.roa
Signing time: Wed 04 May 2022 00:21:59 +0000
ROA not before: Wed 04 May 2022 00:21:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 37.156.226.0/24 maxlen: 24
93.113.31.0/24 maxlen: 24
87.121.136.0/21 maxlen: 24
94.176.96.0/24 maxlen: 24
93.113.175.0/24 maxlen: 24
31.177.0.0/21 maxlen: 24
188.241.223.0/24 maxlen: 24
185.137.36.0/22 maxlen: 24
62.245.0.0/19 maxlen: 24
93.114.129.0/24 maxlen: 24
86.106.135.0/24 maxlen: 24
89.44.77.0/24 maxlen: 24
46.102.116.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 111299969 (0x6a24d81)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=679a75debd65359a45317f203f11a321e14b2f2c
Validity
Not Before: May 4 00:21:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=15fa9e1104a74e88940f90f661343ab0bb1d0dd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:00:a5:dd:1e:4f:1a:e8:d4:88:15:c4:3b:f4:
7e:4a:d3:b4:ec:2e:cd:bb:df:64:59:50:89:08:d1:
0b:83:aa:3d:b7:c2:a3:70:30:0f:ea:25:a1:f3:ad:
1d:53:e7:45:5f:5c:bd:f1:82:d2:fd:8c:e4:77:71:
7b:f9:86:e1:0e:37:89:d4:7e:fa:2c:31:a0:ff:9f:
a1:df:dc:89:7c:b8:1f:9e:ee:e0:3b:82:49:24:69:
5d:ca:66:2d:5f:62:38:e3:9c:95:27:a7:ce:df:90:
90:69:f2:22:10:72:00:72:b5:69:c3:44:cd:bb:59:
2b:b9:bd:6f:5f:bc:10:d2:fd:71:10:0f:c0:fe:6c:
c5:27:e8:79:93:03:c9:fa:72:ca:35:45:5e:78:ac:
b3:59:7f:d8:3d:47:80:41:a6:8f:7a:c4:2f:7d:fd:
b6:a2:2a:7c:31:62:b3:c9:b8:55:a6:02:c6:d6:a5:
9a:63:d7:07:f3:6d:aa:8d:7d:71:5a:52:8d:08:e1:
f8:07:62:c6:0f:c1:68:53:2b:df:83:1c:3b:63:be:
c9:c1:ba:27:d8:26:cb:5a:b7:ad:e8:26:68:c3:16:
b9:27:d6:97:3c:37:2b:f7:d5:51:a2:bd:68:19:da:
f9:5a:88:d3:a0:1f:61:ad:55:f8:30:4a:7a:9b:bd:
57:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:FA:9E:11:04:A7:4E:88:94:0F:90:F6:61:34:3A:B0:BB:1D:0D:D3
X509v3 Authority Key Identifier:
keyid:67:9A:75:DE:BD:65:35:9A:45:31:7F:20:3F:11:A3:21:E1:4B:2F:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5p13r1lNZpFMX8gPxGjIeFLLyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/FfqeEQSnToiUD5D2YTQ6sLsdDdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/Z5p13r1lNZpFMX8gPxGjIeFLLyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.177.0.0/21
37.156.226.0/24
46.102.116.0/24
62.245.0.0/19
86.106.135.0/24
87.121.136.0/21
89.44.77.0/24
93.113.31.0/24
93.113.175.0/24
93.114.129.0/24
94.176.96.0/24
185.137.36.0/22
188.241.223.0/24
Signature Algorithm: sha256WithRSAEncryption
42:dc:ef:37:b5:a1:ee:6a:2e:b9:37:60:dc:23:16:f8:f5:b9:
26:98:2c:93:9f:74:d5:c5:ff:9a:61:8d:99:3a:56:2f:63:1a:
96:32:ad:21:9c:8d:77:8e:8e:71:90:ce:38:4c:10:aa:5a:2d:
31:7f:0f:ef:f7:cc:9c:19:7e:13:7c:40:19:e5:5e:68:00:f2:
45:ee:4e:cb:e2:4a:8f:e0:14:1a:a2:24:18:93:14:ae:0e:20:
07:89:0b:19:ef:c6:4c:7c:57:4f:37:1d:6f:a7:82:c5:37:42:
7c:cc:bb:c0:75:c6:40:49:d3:08:af:c8:f2:fb:24:da:f0:4a:
a5:f4:48:78:a3:e5:2b:30:b6:63:df:2f:9d:84:d4:c3:e9:54:
37:93:4e:0c:69:53:fc:5e:0b:77:fc:1b:e5:2c:4d:15:c6:11:
32:74:21:8e:0a:d2:ea:82:15:a9:39:9e:5c:8c:31:ec:46:1b:
c3:1b:53:11:2a:ee:aa:64:7c:f7:63:d6:d6:0c:67:d4:f4:85:
a0:4d:6e:b7:d8:5e:af:76:36:5c:36:97:94:ac:04:22:ce:b1:
99:5d:15:26:c2:c1:78:be:89:37:7c:31:f2:03:be:d9:72:4e:
4b:a2:78:1c:6c:69:3d:da:67:f7:2a:b5:83:07:29:4e:5d:20:
d9:60:ce:4e
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIEBqJNgTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NzlhNzVkZWJkNjUzNTlhNDUzMTdmMjAzZjExYTMyMWUxNGIyZjJjMB4XDTIyMDUw
NDAwMjE1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTVmYTllMTEwNGE3
NGU4ODk0MGY5MGY2NjEzNDNhYjBiYjFkMGRkMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOcApd0eTxro1IgVxDv0fkrTtOwuzbvfZFlQiQjRC4OqPbfC
o3AwD+olofOtHVPnRV9cvfGC0v2M5Hdxe/mG4Q43idR++iwxoP+fod/ciXy4H57u
4DuCSSRpXcpmLV9iOOOclSenzt+QkGnyIhByAHK1acNEzbtZK7m9b1+8ENL9cRAP
wP5sxSfoeZMDyfpyyjVFXniss1l/2D1HgEGmj3rEL339tqIqfDFis8m4VaYCxtal
mmPXB/Ntqo19cVpSjQjh+Adixg/BaFMr34McO2O+ycG6J9gmy1q3regmaMMWuSfW
lzw3K/fVUaK9aBna+VqI06AfYa1V+DBKepu9VxUCAwEAAaOCAlEwggJNMB0GA1Ud
DgQWBBQV+p4RBKdOiJQPkPZhNDqwux0N0zAfBgNVHSMEGDAWgBRnmnXevWU1mkUx
fyA/EaMh4UsvLDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1o1cDEzcjFsTlpwRk1YOGdQeEdqSWVGTEx5dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjUvN2EzOWIxLTFkMWMtNDkxOS1iMTljLTNlZWJlNzE5Njk3Mi8x
L0ZmcWVFUVNuVG9pVUQ1RDJZVFE2c0xzZERkTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjUv
N2EzOWIxLTFkMWMtNDkxOS1iMTljLTNlZWJlNzE5Njk3Mi8xL1o1cDEzcjFsTlpw
Rk1YOGdQeEdqSWVGTEx5dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBn
BggrBgEFBQcBBwEB/wRYMFYwVAQCAAEwTgMEAx+xAAMEACWc4gMEAC5mdAMEBT71
AAMEAFZqhwMEA1d5iAMEAFksTQMEAF1xHwMEAF1xrwMEAF1ygQMEAF6wYAMEArmJ
JAMEALzx3zANBgkqhkiG9w0BAQsFAAOCAQEAQtzvN7Wh7mouuTdg3CMW+PW5Jpgs
k5901cX/mmGNmTpWL2MaljKtIZyNd46OcZDOOEwQqlotMX8P7/fMnBl+E3xAGeVe
aADyRe5Oy+JKj+AUGqIkGJMUrg4gB4kLGe/GTHxXTzcdb6eCxTdCfMy7wHXGQEnT
CK/I8vsk2vBKpfRIeKPlKzC2Y98vnYTUw+lUN5NODGlT/F4Ld/wb5SxNFcYRMnQh
jgrS6oIVqTmeXIwx7EYbwxtTESruqmR892PW1gxn1PSFoE1ut9her3Y2XDaXlKwE
Is6xmV0VJsLBeL6JN3wx8gO+2XJOS6J4HGxpPdpn9yq1gwcpTl0g2WDOTg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:30 2023 by rpki-client on console-ams.rpki-client.org