Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/6-g_7iR3M1odV2MYsCTrb85XP98.roa
File: 6-g_7iR3M1odV2MYsCTrb85XP98.roa (raw, json)
Hash identifier: zZg8dUFcZN4GVoulBSgyQhDwHlIRrjKiwM2PooLgg+E=
Subject key identifier: EB:E8:3F:EE:24:77:33:5A:1D:57:63:18:B0:24:EB:6F:CE:57:3F:DF
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 0190DC2743FFB67B8318250172DC33FB6AA1
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/6-g_7iR3M1odV2MYsCTrb85XP98.roa
Signing time: Mon 22 Jul 2024 20:34:39 +0000
ROA not before: Mon 22 Jul 2024 20:34:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31362
IP address blocks: 31.14.43.0/24 maxlen: 24
31.14.53.0/24 maxlen: 24
31.14.54.0/24 maxlen: 24
31.14.100.0/23 maxlen: 23
37.156.245.0/24 maxlen: 24
84.247.55.0/24 maxlen: 24
84.247.56.0/24 maxlen: 24
86.104.124.0/24 maxlen: 24
86.105.169.0/24 maxlen: 24
86.105.170.0/24 maxlen: 24
86.106.156.0/24 maxlen: 24
86.107.31.0/24 maxlen: 24
89.33.45.0/24 maxlen: 24
89.33.238.0/23 maxlen: 23
89.34.5.0/24 maxlen: 24
89.34.93.0/24 maxlen: 24
89.35.55.0/24 maxlen: 24
89.35.117.0/24 maxlen: 24
89.36.19.0/24 maxlen: 24
89.36.92.0/24 maxlen: 24
89.36.148.0/23 maxlen: 23
89.36.196.0/24 maxlen: 24
89.37.41.0/24 maxlen: 24
89.37.159.0/24 maxlen: 24
89.38.138.0/23 maxlen: 23
89.40.77.0/24 maxlen: 24
89.40.136.0/23 maxlen: 23
89.41.63.0/24 maxlen: 24
89.42.14.0/24 maxlen: 24
89.42.35.0/24 maxlen: 24
89.42.214.0/24 maxlen: 24
89.44.104.0/24 maxlen: 24
94.176.128.0/24 maxlen: 24
185.99.91.0/24 maxlen: 24
188.211.27.0/24 maxlen: 24
188.211.30.0/24 maxlen: 24
188.211.31.0/24 maxlen: 24
188.240.12.0/24 maxlen: 24
188.241.104.0/24 maxlen: 24
188.241.105.0/24 maxlen: 24
188.241.184.0/23 maxlen: 23
217.19.9.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:dc:27:43:ff:b6:7b:83:18:25:01:72:dc:33:fb:6a:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jul 22 20:34:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ebe83fee2477335a1d576318b024eb6fce573fdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:4f:f0:09:9c:f4:47:31:cd:6e:2d:f9:ed:d2:
77:79:99:1f:68:71:17:ca:b9:65:67:d4:4b:9a:18:
13:7e:4b:bb:ed:6a:0d:40:08:ee:8e:b2:d3:b5:aa:
37:20:ee:b5:b7:49:3a:0e:65:3d:94:ef:43:2f:f8:
b3:50:4b:c4:de:63:b4:98:c7:45:73:85:f0:65:17:
8b:5c:ba:a8:14:30:69:3c:2c:6a:1d:1f:9b:14:4b:
d9:d4:bd:e3:78:70:ac:e0:bc:4d:d0:d5:22:cf:f1:
9e:dd:5a:cf:10:8a:7e:b1:8a:05:38:4e:9f:0e:43:
68:da:61:2a:bf:c7:06:fb:90:7d:34:03:99:6a:6f:
48:72:04:24:b7:e9:fc:db:3d:55:bf:eb:3a:3b:63:
93:31:00:c7:ee:db:df:d9:ed:87:ae:36:9b:11:41:
52:1c:e1:a6:02:22:a8:00:df:7b:55:ee:83:cf:ee:
a5:f6:46:d7:f0:a3:86:46:cf:48:e7:28:f8:f8:46:
ff:02:1c:53:70:75:11:56:61:4b:ff:fa:d0:89:86:
a9:e7:31:32:0d:fe:a3:f1:8f:2a:ac:38:82:c3:aa:
5b:67:73:72:52:de:54:d3:fd:e2:38:89:3f:72:53:
c6:9a:45:b3:22:45:e5:38:ed:eb:7a:8c:04:6c:8d:
40:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:E8:3F:EE:24:77:33:5A:1D:57:63:18:B0:24:EB:6F:CE:57:3F:DF
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/6-g_7iR3M1odV2MYsCTrb85XP98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.43.0/24
31.14.53.0-31.14.54.255
31.14.100.0/23
37.156.245.0/24
84.247.55.0-84.247.56.255
86.104.124.0/24
86.105.169.0-86.105.170.255
86.106.156.0/24
86.107.31.0/24
89.33.45.0/24
89.33.238.0/23
89.34.5.0/24
89.34.93.0/24
89.35.55.0/24
89.35.117.0/24
89.36.19.0/24
89.36.92.0/24
89.36.148.0/23
89.36.196.0/24
89.37.41.0/24
89.37.159.0/24
89.38.138.0/23
89.40.77.0/24
89.40.136.0/23
89.41.63.0/24
89.42.14.0/24
89.42.35.0/24
89.42.214.0/24
89.44.104.0/24
94.176.128.0/24
185.99.91.0/24
188.211.27.0/24
188.211.30.0/23
188.240.12.0/24
188.241.104.0/23
188.241.184.0/23
217.19.9.0/24
Signature Algorithm: sha256WithRSAEncryption
12:d8:44:27:83:cf:7a:3c:f7:b4:f9:65:12:45:f1:8b:f3:f2:
a7:39:08:33:69:4b:44:bc:ea:83:0e:23:15:18:cc:14:3c:ef:
b5:99:0d:b2:6d:b7:af:7d:b0:ee:4b:6a:6e:56:be:56:22:8e:
c6:08:d1:47:eb:87:36:5c:e9:e7:99:e4:26:ff:8e:b8:d3:47:
c0:39:f3:be:2c:42:b1:a7:72:22:95:09:85:c2:cd:36:06:a2:
ae:72:f3:07:c6:53:78:2e:72:de:78:a4:9e:f9:72:d7:3d:d1:
dc:9b:45:20:d2:24:6a:9c:17:26:bb:02:9d:c3:74:a3:f7:e8:
69:cc:f3:d1:28:9a:5d:d8:79:27:ae:82:02:74:69:97:09:2d:
f8:31:0f:b3:13:27:c8:2a:40:58:ec:1a:27:79:49:a7:df:0b:
97:67:23:f4:b0:ca:41:6e:6d:83:a0:76:51:f9:83:fd:90:c7:
6e:d9:8d:45:13:cb:b9:6e:85:03:d6:de:8e:93:da:7c:3e:21:
ae:3a:4b:24:0d:1e:4c:fb:92:42:23:bc:e8:2a:e1:5b:9e:78:
2b:6a:4e:37:49:f8:a2:78:31:bd:2b:e8:89:99:61:1d:cf:61:
07:2e:f1:81:6b:29:e9:7f:d7:3b:4f:fc:c4:25:a1:21:ff:f5:
ca:35:53:a0
-----BEGIN CERTIFICATE-----
MIIF9TCCBN2gAwIBAgISAZDcJ0P/tnuDGCUBctwz+2qhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjQwNzIyMjAzNDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmU4M2ZlZTI0NzczMzVhMWQ1NzYzMThiMDI0ZWI2ZmNlNTczZmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2k/wCZz0RzHNbi357dJ3eZkfaHEX
yrllZ9RLmhgTfku77WoNQAjujrLTtao3IO61t0k6DmU9lO9DL/izUEvE3mO0mMdF
c4XwZReLXLqoFDBpPCxqHR+bFEvZ1L3jeHCs4LxN0NUiz/Ge3VrPEIp+sYoFOE6f
DkNo2mEqv8cG+5B9NAOZam9IcgQkt+n82z1Vv+s6O2OTMQDH7tvf2e2HrjabEUFS
HOGmAiKoAN97Ve6Dz+6l9kbX8KOGRs9I5yj4+Eb/AhxTcHURVmFL//rQiYap5zEy
Df6j8Y8qrDiCw6pbZ3NyUt5U0/3iOIk/clPGmkWzIkXlOO3reowEbI1AXwIDAQAB
o4IDATCCAv0wHQYDVR0OBBYEFOvoP+4kdzNaHVdjGLAk62/OVz/fMB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvNi1nXzdpUjNNMW9kVjJNWXNDVHJiODVYUDk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBFQYIKwYBBQUHAQcBAf8EggEEMIIBADCB/QQCAAEwgfYD
BAAfDiswDAMEAB8ONQMEAB8ONgMEAR8OZAMEACWc9TAMAwQAVPc3AwQAVPc4AwQA
Vmh8MAwDBABWaakDBABWaaoDBABWapwDBABWax8DBABZIS0DBAFZIe4DBABZIgUD
BABZIl0DBABZIzcDBABZI3UDBABZJBMDBABZJFwDBAFZJJQDBABZJMQDBABZJSkD
BABZJZ8DBAFZJooDBABZKE0DBAFZKIgDBABZKT8DBABZKg4DBABZKiMDBABZKtYD
BABZLGgDBABesIADBAC5Y1sDBAC80xsDBAG80x4DBAC88AwDBAG88WgDBAG88bgD
BADZEwkwDQYJKoZIhvcNAQELBQADggEBABLYRCeDz3o897T5ZRJF8Yvz8qc5CDNp
S0S86oMOIxUYzBQ877WZDbJtt699sO5Lam5WvlYijsYI0UfrhzZc6eeZ5Cb/jrjT
R8A5874sQrGnciKVCYXCzTYGoq5y8wfGU3guct54pJ75ctc90dybRSDSJGqcFya7
Ap3DdKP36GnM89Eoml3YeSeuggJ0aZcJLfgxD7MTJ8gqQFjsGid5SaffC5dnI/Sw
ykFubYOgdlH5g/2Qx27ZjUUTy7luhQPW3o6T2nw+Ia46SyQNHkz7kkIjvOgq4Vue
eCtqTjdJ+KJ4Mb0r6ImZYR3PYQcu8YFrKel/1ztP/MQloSH/9co1U6A=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:53 2025 by rpki-client