Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/Zkbr3xnl4RYdAAoTIz3SYaIxknc.roa
File: Zkbr3xnl4RYdAAoTIz3SYaIxknc.roa (raw, json)
Hash identifier: Say386tM+FqKP6P2qn+CHYTFvyD2WSFvK4lyiM8traM=
Subject key identifier: 66:46:EB:DF:19:E5:E1:16:1D:00:0A:13:23:3D:D2:61:A2:31:92:77
Certificate issuer: /CN=679a75debd65359a45317f203f11a321e14b2f2c
Certificate serial: 0618537A
Authority key identifier: 67:9A:75:DE:BD:65:35:9A:45:31:7F:20:3F:11:A3:21:E1:4B:2F:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z5p13r1lNZpFMX8gPxGjIeFLLyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/Zkbr3xnl4RYdAAoTIz3SYaIxknc.roa
Signing time: Mon 14 Mar 2022 08:33:41 +0000
ROA not before: Mon 14 Mar 2022 08:33:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 89.43.48.0/24 maxlen: 24
188.241.246.0/24 maxlen: 24
185.142.164.0/22 maxlen: 24
94.176.96.0/24 maxlen: 24
93.113.175.0/24 maxlen: 24
185.61.156.0/22 maxlen: 24
188.241.223.0/24 maxlen: 24
89.40.66.0/24 maxlen: 24
93.114.129.0/24 maxlen: 24
89.41.188.0/24 maxlen: 24
46.102.116.0/24 maxlen: 24
89.35.25.0/24 maxlen: 24
37.156.226.0/24 maxlen: 24
86.106.89.0/24 maxlen: 24
87.121.136.0/21 maxlen: 24
93.113.31.0/24 maxlen: 24
86.107.241.0/24 maxlen: 24
89.35.135.0/24 maxlen: 24
31.177.0.0/21 maxlen: 24
185.137.36.0/22 maxlen: 24
176.111.240.0/22 maxlen: 24
62.245.0.0/19 maxlen: 24
86.106.135.0/24 maxlen: 24
86.104.226.0/24 maxlen: 24
85.204.70.0/24 maxlen: 24
86.104.228.0/24 maxlen: 24
89.44.77.0/24 maxlen: 24
89.32.127.0/24 maxlen: 24
85.204.72.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102257530 (0x618537a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=679a75debd65359a45317f203f11a321e14b2f2c
Validity
Not Before: Mar 14 08:33:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6646ebdf19e5e1161d000a13233dd261a2319277
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d2:24:cd:78:76:44:55:25:7b:52:c6:da:24:
da:65:68:29:63:ff:b7:37:03:df:af:38:ae:8f:84:
dd:4b:70:cf:73:30:37:74:d7:65:44:ee:4a:d5:12:
2d:0b:89:74:4c:95:93:de:d8:d7:63:8b:48:30:c5:
0a:08:2c:d1:c3:14:48:10:70:4e:42:f4:45:75:e0:
e8:05:88:78:9d:c4:d1:b8:0d:e0:da:9d:ad:cf:1f:
d6:2a:93:ab:3e:4c:8f:60:d1:dd:98:56:f8:3b:a5:
df:8a:c5:ee:e7:92:a1:85:8a:33:92:1b:96:d2:dc:
a8:82:4b:5e:24:5c:a6:9c:cf:2f:7c:d7:29:ee:02:
44:6d:e7:7f:d3:a1:64:48:40:be:af:08:ea:19:00:
03:98:dc:f6:bc:98:29:6f:03:1a:93:f0:c9:bb:fc:
a1:ab:7a:55:e6:f2:1e:bc:88:6d:85:8f:85:32:2f:
9c:2e:4d:e5:98:c3:1d:26:0a:60:b0:6e:dc:ef:a4:
79:6b:6d:32:a4:f9:99:91:fd:33:40:07:4c:8c:b7:
60:d2:de:81:68:fe:26:05:bf:59:2b:90:d7:10:05:
2b:14:7c:bf:0c:13:71:5a:db:84:52:80:60:55:96:
50:d6:e4:89:20:34:ec:4c:a3:fc:33:49:81:93:f7:
e9:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:46:EB:DF:19:E5:E1:16:1D:00:0A:13:23:3D:D2:61:A2:31:92:77
X509v3 Authority Key Identifier:
keyid:67:9A:75:DE:BD:65:35:9A:45:31:7F:20:3F:11:A3:21:E1:4B:2F:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5p13r1lNZpFMX8gPxGjIeFLLyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/Zkbr3xnl4RYdAAoTIz3SYaIxknc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/Z5p13r1lNZpFMX8gPxGjIeFLLyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.177.0.0/21
37.156.226.0/24
46.102.116.0/24
62.245.0.0/19
85.204.70.0/24
85.204.72.0/24
86.104.226.0/24
86.104.228.0/24
86.106.89.0/24
86.106.135.0/24
86.107.241.0/24
87.121.136.0/21
89.32.127.0/24
89.35.25.0/24
89.35.135.0/24
89.40.66.0/24
89.41.188.0/24
89.43.48.0/24
89.44.77.0/24
93.113.31.0/24
93.113.175.0/24
93.114.129.0/24
94.176.96.0/24
176.111.240.0/22
185.61.156.0/22
185.137.36.0/22
185.142.164.0/22
188.241.223.0/24
188.241.246.0/24
Signature Algorithm: sha256WithRSAEncryption
61:3c:a8:1a:1f:0a:27:bd:1e:89:8f:56:28:93:ca:e1:cf:8b:
7f:2e:78:6e:0d:ab:f0:7c:89:af:d2:bf:e0:23:ed:55:84:4f:
63:c5:36:75:a0:24:46:f2:e2:45:57:71:17:84:20:a4:66:ae:
31:be:3b:e0:a2:e5:8c:4d:db:cc:b7:bc:04:ae:3a:31:7e:c9:
08:ef:e6:d3:3d:4c:1b:76:6a:5d:ac:b3:01:f5:5a:00:41:8b:
16:32:92:06:28:e0:8a:8f:9a:5b:99:4d:bb:41:9c:42:aa:cf:
f8:51:4f:c5:64:82:66:73:35:fd:fb:99:c3:93:a5:3a:69:cd:
db:2b:97:a3:d5:8d:82:3a:3f:e3:4e:7a:79:c8:bf:90:d8:30:
38:3e:dd:4c:cf:01:e8:d8:79:8e:ef:34:01:32:4a:6c:cf:08:
a1:d6:3f:73:5c:b1:24:99:72:86:17:5e:fb:6f:7b:14:2a:fe:
13:64:a2:c3:dc:11:d6:53:87:bb:87:a1:88:62:0b:3d:2a:ea:
73:aa:bb:a7:79:73:61:a0:b1:22:24:9e:6f:34:6d:0a:70:81:
10:60:72:2d:9c:59:24:e6:ec:18:21:e5:5e:44:81:22:d8:26:
95:1b:30:6f:1c:a3:6f:07:ab:3e:d4:45:08:52:04:f8:b5:10:
9f:6a:76:bf
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIEBhhTejANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NzlhNzVkZWJkNjUzNTlhNDUzMTdmMjAzZjExYTMyMWUxNGIyZjJjMB4XDTIyMDMx
NDA4MzM0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjY0NmViZGYxOWU1
ZTExNjFkMDAwYTEzMjMzZGQyNjFhMjMxOTI3NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALPSJM14dkRVJXtSxtok2mVoKWP/tzcD3684ro+E3Utwz3Mw
N3TXZUTuStUSLQuJdEyVk97Y12OLSDDFCggs0cMUSBBwTkL0RXXg6AWIeJ3E0bgN
4Nqdrc8f1iqTqz5Mj2DR3ZhW+Dul34rF7ueSoYWKM5IbltLcqIJLXiRcppzPL3zX
Ke4CRG3nf9OhZEhAvq8I6hkAA5jc9ryYKW8DGpPwybv8oat6VebyHryIbYWPhTIv
nC5N5ZjDHSYKYLBu3O+keWttMqT5mZH9M0AHTIy3YNLegWj+JgW/WSuQ1xAFKxR8
vwwTcVrbhFKAYFWWUNbkiSA07Eyj/DNJgZP36TkCAwEAAaOCArYwggKyMB0GA1Ud
DgQWBBRmRuvfGeXhFh0AChMjPdJhojGSdzAfBgNVHSMEGDAWgBRnmnXevWU1mkUx
fyA/EaMh4UsvLDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1o1cDEzcjFsTlpwRk1YOGdQeEdqSWVGTEx5dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjUvN2EzOWIxLTFkMWMtNDkxOS1iMTljLTNlZWJlNzE5Njk3Mi8x
L1prYnIzeG5sNFJZZEFBb1RJejNTWWFJeGtuYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjUv
N2EzOWIxLTFkMWMtNDkxOS1iMTljLTNlZWJlNzE5Njk3Mi8xL1o1cDEzcjFsTlpw
Rk1YOGdQeEdqSWVGTEx5dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
ywYIKwYBBQUHAQcBAf8EgbswgbgwgbUEAgABMIGuAwQDH7EAAwQAJZziAwQALmZ0
AwQFPvUAAwQAVcxGAwQAVcxIAwQAVmjiAwQAVmjkAwQAVmpZAwQAVmqHAwQAVmvx
AwQDV3mIAwQAWSB/AwQAWSMZAwQAWSOHAwQAWShCAwQAWSm8AwQAWSswAwQAWSxN
AwQAXXEfAwQAXXGvAwQAXXKBAwQAXrBgAwQCsG/wAwQCuT2cAwQCuYkkAwQCuY6k
AwQAvPHfAwQAvPH2MA0GCSqGSIb3DQEBCwUAA4IBAQBhPKgaHwonvR6Jj1Yok8rh
z4t/LnhuDavwfImv0r/gI+1VhE9jxTZ1oCRG8uJFV3EXhCCkZq4xvjvgouWMTdvM
t7wErjoxfskI7+bTPUwbdmpdrLMB9VoAQYsWMpIGKOCKj5pbmU27QZxCqs/4UU/F
ZIJmczX9+5nDk6U6ac3bK5ej1Y2COj/jTnp5yL+Q2DA4Pt1MzwHo2HmO7zQBMkps
zwih1j9zXLEkmXKGF177b3sUKv4TZKLD3BHWU4e7h6GIYgs9KupzqruneXNhoLEi
JJ5vNG0KcIEQYHItnFkk5uwYIeVeRIEi2CaVGzBvHKNvB6s+1EUIUgT4tRCfana/
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:36 2023 by rpki-client on console-fra.rpki-client.org