Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/KR3K_x9WP6lqjQfbvApDcWTXmUE.roa
File: KR3K_x9WP6lqjQfbvApDcWTXmUE.roa (raw, json)
Hash identifier: OwG+b/YZCrYmoyRyD7NLolXqHqY6hsNSlDS8xITWgdQ=
Subject key identifier: 29:1D:CA:FF:1F:56:3F:A9:6A:8D:07:DB:BC:0A:43:71:64:D7:99:41
Certificate issuer: /CN=679a75debd65359a45317f203f11a321e14b2f2c
Certificate serial: 06D54653
Authority key identifier: 67:9A:75:DE:BD:65:35:9A:45:31:7F:20:3F:11:A3:21:E1:4B:2F:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z5p13r1lNZpFMX8gPxGjIeFLLyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/KR3K_x9WP6lqjQfbvApDcWTXmUE.roa
Signing time: Tue 24 May 2022 18:29:13 +0000
ROA not before: Tue 24 May 2022 18:29:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 37.156.226.0/24 maxlen: 24
93.113.31.0/24 maxlen: 24
87.121.136.0/21 maxlen: 24
185.137.36.0/22 maxlen: 24
62.245.0.0/19 maxlen: 24
94.176.96.0/24 maxlen: 24
93.114.129.0/24 maxlen: 24
86.106.135.0/24 maxlen: 24
93.113.175.0/24 maxlen: 24
89.44.77.0/24 maxlen: 24
46.102.116.0/24 maxlen: 24
31.177.0.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114640467 (0x6d54653)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=679a75debd65359a45317f203f11a321e14b2f2c
Validity
Not Before: May 24 18:29:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=291dcaff1f563fa96a8d07dbbc0a437164d79941
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:54:14:de:12:49:c5:07:75:13:83:9a:06:fd:
7b:af:89:31:ed:46:63:8c:cc:b4:2c:a9:9e:6c:4a:
a0:a7:f4:df:91:e5:bf:9f:80:1d:db:63:8b:c9:cd:
2f:ac:57:55:0e:2f:a4:49:5e:d6:c3:7c:ec:ee:4b:
1d:9a:c7:65:47:44:03:4a:dd:fe:5b:59:31:08:4e:
54:ca:4b:b3:f2:46:da:aa:39:57:2a:12:a4:c9:ad:
59:cd:88:09:ea:d8:4c:08:56:10:e5:69:18:7c:04:
73:3d:87:12:af:ef:4f:01:a7:85:39:1d:24:53:cd:
80:cf:2d:ea:59:0b:57:d0:28:90:e8:83:eb:08:33:
7c:bd:bf:87:e0:fd:4b:f5:64:4d:8d:15:82:4f:0c:
1c:a2:0e:ad:5b:59:bc:c0:b1:c4:c9:cc:35:74:26:
3a:5b:05:46:f7:f6:7f:98:7c:3c:73:88:09:69:b5:
2f:8d:eb:2e:25:dc:8a:db:c0:0a:11:df:e0:5b:47:
03:5d:13:07:36:ce:b1:9f:41:1a:03:51:4b:3a:66:
13:8d:70:21:6a:9e:63:ba:60:01:70:a2:af:1d:67:
6c:fa:af:26:ab:f3:7b:90:27:6a:3b:8d:dc:7b:fc:
63:15:65:09:ce:55:2f:cf:9e:95:6b:e4:54:72:93:
4c:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:1D:CA:FF:1F:56:3F:A9:6A:8D:07:DB:BC:0A:43:71:64:D7:99:41
X509v3 Authority Key Identifier:
keyid:67:9A:75:DE:BD:65:35:9A:45:31:7F:20:3F:11:A3:21:E1:4B:2F:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5p13r1lNZpFMX8gPxGjIeFLLyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/KR3K_x9WP6lqjQfbvApDcWTXmUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/Z5p13r1lNZpFMX8gPxGjIeFLLyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.177.0.0/21
37.156.226.0/24
46.102.116.0/24
62.245.0.0/19
86.106.135.0/24
87.121.136.0/21
89.44.77.0/24
93.113.31.0/24
93.113.175.0/24
93.114.129.0/24
94.176.96.0/24
185.137.36.0/22
Signature Algorithm: sha256WithRSAEncryption
19:c3:98:56:23:0f:5e:55:66:ee:43:df:f2:26:c8:b3:60:bf:
60:66:b9:2f:5f:34:27:74:bf:64:12:ef:a0:da:70:40:0a:cb:
11:91:ca:63:3f:58:d7:88:27:51:ef:33:b4:d4:58:3b:a5:e0:
db:cd:5c:20:bd:cc:43:7b:1b:56:0c:40:b3:06:0b:cf:da:11:
22:53:73:a4:38:3f:0c:b4:06:18:d4:da:bc:44:2d:c3:d6:8c:
b9:49:0a:dd:45:c0:40:89:6a:cb:bf:6f:5c:7b:0a:14:f5:c9:
81:af:cf:e3:09:02:91:25:24:db:62:fb:6a:09:07:89:eb:af:
36:03:b8:5b:ca:83:57:6d:78:32:3a:9a:91:95:a3:fe:c7:ea:
56:fc:23:b6:5a:fa:f8:96:23:e7:c2:df:be:67:ba:94:a2:11:
62:74:c4:19:b7:40:04:33:bd:96:30:cb:5e:c6:63:24:52:4b:
f8:20:29:ed:e2:60:f6:fa:55:a7:30:2a:d3:eb:65:ac:e4:36:
16:9f:73:86:4a:d3:98:2a:26:6c:18:04:52:6e:24:65:9d:a7:
63:3a:af:84:ac:7f:91:43:65:bf:33:a2:18:f6:d0:6d:fd:42:
5c:db:50:85:b5:2b:74:bd:95:99:bd:fb:cb:72:08:96:ee:14:
f6:55:aa:79
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIEBtVGUzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NzlhNzVkZWJkNjUzNTlhNDUzMTdmMjAzZjExYTMyMWUxNGIyZjJjMB4XDTIyMDUy
NDE4MjkxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjkxZGNhZmYxZjU2
M2ZhOTZhOGQwN2RiYmMwYTQzNzE2NGQ3OTk0MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALBUFN4SScUHdRODmgb9e6+JMe1GY4zMtCypnmxKoKf035Hl
v5+AHdtji8nNL6xXVQ4vpEle1sN87O5LHZrHZUdEA0rd/ltZMQhOVMpLs/JG2qo5
VyoSpMmtWc2ICerYTAhWEOVpGHwEcz2HEq/vTwGnhTkdJFPNgM8t6lkLV9AokOiD
6wgzfL2/h+D9S/VkTY0Vgk8MHKIOrVtZvMCxxMnMNXQmOlsFRvf2f5h8PHOICWm1
L43rLiXcitvAChHf4FtHA10TBzbOsZ9BGgNRSzpmE41wIWqeY7pgAXCirx1nbPqv
Jqvze5AnajuN3Hv8YxVlCc5VL8+elWvkVHKTTGECAwEAAaOCAkswggJHMB0GA1Ud
DgQWBBQpHcr/H1Y/qWqNB9u8CkNxZNeZQTAfBgNVHSMEGDAWgBRnmnXevWU1mkUx
fyA/EaMh4UsvLDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1o1cDEzcjFsTlpwRk1YOGdQeEdqSWVGTEx5dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjUvN2EzOWIxLTFkMWMtNDkxOS1iMTljLTNlZWJlNzE5Njk3Mi8x
L0tSM0tfeDlXUDZscWpRZmJ2QXBEY1dUWG1VRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjUv
N2EzOWIxLTFkMWMtNDkxOS1iMTljLTNlZWJlNzE5Njk3Mi8xL1o1cDEzcjFsTlpw
Rk1YOGdQeEdqSWVGTEx5dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBh
BggrBgEFBQcBBwEB/wRSMFAwTgQCAAEwSAMEAx+xAAMEACWc4gMEAC5mdAMEBT71
AAMEAFZqhwMEA1d5iAMEAFksTQMEAF1xHwMEAF1xrwMEAF1ygQMEAF6wYAMEArmJ
JDANBgkqhkiG9w0BAQsFAAOCAQEAGcOYViMPXlVm7kPf8ibIs2C/YGa5L180J3S/
ZBLvoNpwQArLEZHKYz9Y14gnUe8ztNRYO6Xg281cIL3MQ3sbVgxAswYLz9oRIlNz
pDg/DLQGGNTavEQtw9aMuUkK3UXAQIlqy79vXHsKFPXJga/P4wkCkSUk22L7agkH
ieuvNgO4W8qDV214MjqakZWj/sfqVvwjtlr6+JYj58Lfvme6lKIRYnTEGbdABDO9
ljDLXsZjJFJL+CAp7eJg9vpVpzAq0+tlrOQ2Fp9zhkrTmCombBgEUm4kZZ2nYzqv
hKx/kUNlvzOiGPbQbf1CXNtQhbUrdL2Vmb37y3IIlu4U9lWqeQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:30 2023 by rpki-client on console-ams.rpki-client.org