Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/lkjfFI7Mvs5jhp1I7eftEU7d8cQ.roa
File: lkjfFI7Mvs5jhp1I7eftEU7d8cQ.roa (raw, json)
Hash identifier: OR3FO25fg497b5x48cPCumEy9UZcpCRerx9Gg6eHafk=
Subject key identifier: 96:48:DF:14:8E:CC:BE:CE:63:86:9D:48:ED:E7:ED:11:4E:DD:F1:C4
Certificate issuer: /CN=679a75debd65359a45317f203f11a321e14b2f2c
Certificate serial: 05EDFA1B
Authority key identifier: 67:9A:75:DE:BD:65:35:9A:45:31:7F:20:3F:11:A3:21:E1:4B:2F:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z5p13r1lNZpFMX8gPxGjIeFLLyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/lkjfFI7Mvs5jhp1I7eftEU7d8cQ.roa
Signing time: Tue 01 Mar 2022 19:42:47 +0000
ROA not before: Tue 01 Mar 2022 19:42:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 89.43.48.0/24 maxlen: 24
188.241.246.0/24 maxlen: 24
185.142.164.0/22 maxlen: 24
94.176.96.0/24 maxlen: 24
93.113.175.0/24 maxlen: 24
185.61.156.0/22 maxlen: 24
89.21.64.0/22 maxlen: 24
188.241.223.0/24 maxlen: 24
89.40.66.0/24 maxlen: 24
93.114.129.0/24 maxlen: 24
89.41.188.0/24 maxlen: 24
46.102.116.0/24 maxlen: 24
89.35.25.0/24 maxlen: 24
94.177.17.0/24 maxlen: 24
37.156.226.0/24 maxlen: 24
86.106.89.0/24 maxlen: 24
87.121.136.0/21 maxlen: 24
93.113.31.0/24 maxlen: 24
86.107.241.0/24 maxlen: 24
89.35.135.0/24 maxlen: 24
31.177.0.0/21 maxlen: 24
185.137.36.0/22 maxlen: 24
176.111.240.0/22 maxlen: 24
62.245.0.0/19 maxlen: 24
86.106.135.0/24 maxlen: 24
86.104.226.0/24 maxlen: 24
85.204.70.0/24 maxlen: 24
86.104.228.0/24 maxlen: 24
89.44.77.0/24 maxlen: 24
89.32.127.0/24 maxlen: 24
85.204.72.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99482139 (0x5edfa1b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=679a75debd65359a45317f203f11a321e14b2f2c
Validity
Not Before: Mar 1 19:42:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9648df148eccbece63869d48ede7ed114eddf1c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:4c:49:82:31:38:50:3b:22:d0:c6:9d:00:cf:
fa:17:0e:3d:b5:d0:86:cc:ce:fb:16:e5:66:3c:d8:
84:33:4f:5e:b2:13:f9:8b:25:b5:6e:26:bf:c0:cf:
b0:01:46:5e:2c:f6:38:c2:63:d8:8f:09:a9:5d:c6:
b9:ac:49:48:3f:33:4b:40:de:87:9b:b8:a9:2e:23:
fb:21:8c:5f:5f:b8:ba:78:58:ed:09:0b:22:2c:94:
2e:57:97:7f:26:45:21:23:45:ff:b5:d0:a9:1f:cf:
c3:2c:f5:39:4b:6e:9c:cf:66:99:dd:e0:7e:5c:a2:
3b:b1:94:e9:57:c4:f5:79:1e:80:c1:5a:6a:ba:70:
1d:9f:0b:c5:38:18:b6:aa:48:d9:f1:7d:74:dd:92:
82:a6:ba:51:c6:83:37:33:52:ae:95:f5:b1:fe:c8:
f2:77:09:c3:73:fd:00:5c:bf:3f:b4:9b:10:93:33:
16:5e:06:fc:c6:a3:d6:be:cd:c8:74:3e:71:75:30:
6d:7a:5b:46:51:8f:19:b1:ef:09:d1:b2:89:45:af:
d9:26:48:19:0c:66:67:44:68:13:0e:fd:99:63:22:
54:b4:b4:52:31:e4:1f:4a:6a:32:22:81:4d:14:47:
72:18:bd:8f:38:20:d8:dd:17:8b:87:21:5d:90:95:
0e:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:48:DF:14:8E:CC:BE:CE:63:86:9D:48:ED:E7:ED:11:4E:DD:F1:C4
X509v3 Authority Key Identifier:
keyid:67:9A:75:DE:BD:65:35:9A:45:31:7F:20:3F:11:A3:21:E1:4B:2F:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5p13r1lNZpFMX8gPxGjIeFLLyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/lkjfFI7Mvs5jhp1I7eftEU7d8cQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/Z5p13r1lNZpFMX8gPxGjIeFLLyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.177.0.0/21
37.156.226.0/24
46.102.116.0/24
62.245.0.0/19
85.204.70.0/24
85.204.72.0/24
86.104.226.0/24
86.104.228.0/24
86.106.89.0/24
86.106.135.0/24
86.107.241.0/24
87.121.136.0/21
89.21.64.0/22
89.32.127.0/24
89.35.25.0/24
89.35.135.0/24
89.40.66.0/24
89.41.188.0/24
89.43.48.0/24
89.44.77.0/24
93.113.31.0/24
93.113.175.0/24
93.114.129.0/24
94.176.96.0/24
94.177.17.0/24
176.111.240.0/22
185.61.156.0/22
185.137.36.0/22
185.142.164.0/22
188.241.223.0/24
188.241.246.0/24
Signature Algorithm: sha256WithRSAEncryption
99:ea:bb:fd:a0:a9:8f:9e:7f:70:14:cb:f0:d1:3f:cd:39:5c:
f1:8a:a7:14:02:22:fa:4a:d8:a4:cf:8a:59:1d:35:e6:d9:60:
9c:d9:96:b5:af:06:80:fc:b6:72:db:46:25:13:36:c3:76:4b:
79:6d:d6:d0:65:eb:b3:da:30:1d:2d:ff:7c:89:58:d8:3a:27:
e9:73:5f:e1:a6:58:31:d3:65:4a:8c:04:3e:97:2f:46:17:f1:
07:81:b2:9a:c3:00:40:a4:0f:af:55:28:d0:36:56:9a:f2:de:
82:50:f0:b2:bf:43:4d:8b:65:4a:10:19:5d:29:6f:6e:00:6e:
21:f7:22:3e:cb:24:81:86:57:de:45:3d:ac:be:bb:34:cd:98:
a5:40:79:64:84:d4:e2:77:c9:c9:49:73:99:dc:d6:fe:9c:2e:
25:47:bc:b7:e1:e6:00:8e:47:b1:95:16:c0:45:04:22:da:9d:
39:c9:d1:8a:e8:67:03:2d:dc:a8:8f:d7:17:3f:6f:c1:cb:d8:
eb:f3:8f:ee:0d:1a:19:f8:90:de:11:bf:b2:8d:5c:3b:12:fa:
9b:0e:10:67:e8:8a:b2:aa:f2:ce:91:72:c5:51:be:65:94:35:
86:01:13:15:c6:87:2f:fa:bf:aa:eb:3b:e1:0c:fe:40:9c:74:
d3:a8:9a:97
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgIEBe36GzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NzlhNzVkZWJkNjUzNTlhNDUzMTdmMjAzZjExYTMyMWUxNGIyZjJjMB4XDTIyMDMw
MTE5NDI0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTY0OGRmMTQ4ZWNj
YmVjZTYzODY5ZDQ4ZWRlN2VkMTE0ZWRkZjFjNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJVMSYIxOFA7ItDGnQDP+hcOPbXQhszO+xblZjzYhDNPXrIT
+YsltW4mv8DPsAFGXiz2OMJj2I8JqV3GuaxJSD8zS0Deh5u4qS4j+yGMX1+4unhY
7QkLIiyULleXfyZFISNF/7XQqR/Pwyz1OUtunM9mmd3gflyiO7GU6VfE9XkegMFa
arpwHZ8LxTgYtqpI2fF9dN2Sgqa6UcaDNzNSrpX1sf7I8ncJw3P9AFy/P7SbEJMz
Fl4G/Maj1r7NyHQ+cXUwbXpbRlGPGbHvCdGyiUWv2SZIGQxmZ0RoEw79mWMiVLS0
UjHkH0pqMiKBTRRHchi9jzgg2N0Xi4chXZCVDq8CAwEAAaOCAsIwggK+MB0GA1Ud
DgQWBBSWSN8Ujsy+zmOGnUjt5+0RTt3xxDAfBgNVHSMEGDAWgBRnmnXevWU1mkUx
fyA/EaMh4UsvLDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1o1cDEzcjFsTlpwRk1YOGdQeEdqSWVGTEx5dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjUvN2EzOWIxLTFkMWMtNDkxOS1iMTljLTNlZWJlNzE5Njk3Mi8x
L2xramZGSTdNdnM1amhwMUk3ZWZ0RVU3ZDhjUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjUv
N2EzOWIxLTFkMWMtNDkxOS1iMTljLTNlZWJlNzE5Njk3Mi8xL1o1cDEzcjFsTlpw
Rk1YOGdQeEdqSWVGTEx5dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
1wYIKwYBBQUHAQcBAf8EgccwgcQwgcEEAgABMIG6AwQDH7EAAwQAJZziAwQALmZ0
AwQFPvUAAwQAVcxGAwQAVcxIAwQAVmjiAwQAVmjkAwQAVmpZAwQAVmqHAwQAVmvx
AwQDV3mIAwQCWRVAAwQAWSB/AwQAWSMZAwQAWSOHAwQAWShCAwQAWSm8AwQAWSsw
AwQAWSxNAwQAXXEfAwQAXXGvAwQAXXKBAwQAXrBgAwQAXrERAwQCsG/wAwQCuT2c
AwQCuYkkAwQCuY6kAwQAvPHfAwQAvPH2MA0GCSqGSIb3DQEBCwUAA4IBAQCZ6rv9
oKmPnn9wFMvw0T/NOVzxiqcUAiL6Stikz4pZHTXm2WCc2Za1rwaA/LZy20YlEzbD
dkt5bdbQZeuz2jAdLf98iVjYOifpc1/hplgx02VKjAQ+ly9GF/EHgbKawwBApA+v
VSjQNlaa8t6CUPCyv0NNi2VKEBldKW9uAG4h9yI+yySBhlfeRT2svrs0zZilQHlk
hNTid8nJSXOZ3Nb+nC4lR7y34eYAjkexlRbARQQi2p05ydGK6GcDLdyoj9cXP2/B
y9jr84/uDRoZ+JDeEb+yjVw7EvqbDhBn6IqyqvLOkXLFUb5llDWGARMVxocv+r+q
6zvhDP5AnHTTqJqX
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:30 2023 by rpki-client on console-ams.rpki-client.org