Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/M3w_28Dfnm5B0ZI3yjaJ-IaUUrU.roa
File: M3w_28Dfnm5B0ZI3yjaJ-IaUUrU.roa (raw, json)
Hash identifier: 6Bmd3KyjsydesHnIZxlbuXa1gUHg+4QauZIs4E32H+8=
Subject key identifier: 33:7C:3F:DB:C0:DF:9E:6E:41:D1:92:37:CA:36:89:F8:86:94:52:B5
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 0190EECA77C3AD5223C382CEB049B4EAC8FD
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/M3w_28Dfnm5B0ZI3yjaJ-IaUUrU.roa
Signing time: Fri 26 Jul 2024 11:26:04 +0000
ROA not before: Fri 26 Jul 2024 11:26:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31362
IP address blocks: 31.14.43.0/24 maxlen: 24
31.14.53.0/24 maxlen: 24
31.14.54.0/24 maxlen: 24
37.156.245.0/24 maxlen: 24
86.104.124.0/24 maxlen: 24
86.105.169.0/24 maxlen: 24
89.34.5.0/24 maxlen: 24
89.34.93.0/24 maxlen: 24
89.35.55.0/24 maxlen: 24
89.36.19.0/24 maxlen: 24
89.36.92.0/24 maxlen: 24
89.37.41.0/24 maxlen: 24
89.41.63.0/24 maxlen: 24
89.42.14.0/24 maxlen: 24
89.42.35.0/24 maxlen: 24
89.42.214.0/24 maxlen: 24
89.44.104.0/24 maxlen: 24
185.99.91.0/24 maxlen: 24
188.240.12.0/24 maxlen: 24
217.19.9.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ee:ca:77:c3:ad:52:23:c3:82:ce:b0:49:b4:ea:c8:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jul 26 11:26:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=337c3fdbc0df9e6e41d19237ca3689f8869452b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:c4:50:24:6a:12:d5:ba:30:83:d5:f2:34:a1:
2e:3b:12:ad:0f:41:27:39:78:9f:a3:f2:27:e1:66:
76:d9:48:9f:57:b5:c0:95:1c:bd:b3:03:73:c6:b7:
0d:47:ab:4f:f1:d4:c8:2a:90:8e:bf:10:ec:18:db:
66:f0:cd:bd:63:50:7c:bc:ea:8d:b7:1e:49:0d:6f:
4b:5a:c7:3c:66:cd:71:81:ad:20:ba:f5:cf:88:ce:
08:1f:95:5a:84:8c:c8:d4:19:49:2c:54:5f:c6:ec:
cc:a0:29:a3:47:fa:46:9f:5c:80:fc:fa:c7:05:35:
8e:d4:0d:7e:4a:0a:27:84:49:e7:a7:79:b2:3c:a7:
bb:5b:68:77:ab:da:8d:d6:d7:48:53:51:ea:9c:36:
4f:49:8b:0f:1b:55:63:bd:bb:b9:98:12:cc:35:04:
85:8e:94:c4:9c:87:b4:b7:d3:12:70:e8:ba:60:6c:
ff:57:ce:1c:33:08:a9:51:96:db:6f:29:ed:fc:e9:
65:87:d3:fc:ab:1a:e8:28:83:38:61:e7:a1:ef:19:
cf:ac:c5:b6:9b:f5:7d:e3:eb:fe:0a:99:7e:7c:93:
59:89:a8:3c:6c:59:b9:03:36:3a:c4:b5:4c:65:27:
c2:aa:26:0f:0c:e0:9c:29:11:4b:20:c4:d9:06:46:
e2:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:7C:3F:DB:C0:DF:9E:6E:41:D1:92:37:CA:36:89:F8:86:94:52:B5
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/M3w_28Dfnm5B0ZI3yjaJ-IaUUrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.43.0/24
31.14.53.0-31.14.54.255
37.156.245.0/24
86.104.124.0/24
86.105.169.0/24
89.34.5.0/24
89.34.93.0/24
89.35.55.0/24
89.36.19.0/24
89.36.92.0/24
89.37.41.0/24
89.41.63.0/24
89.42.14.0/24
89.42.35.0/24
89.42.214.0/24
89.44.104.0/24
185.99.91.0/24
188.240.12.0/24
217.19.9.0/24
Signature Algorithm: sha256WithRSAEncryption
60:a6:eb:26:b9:c5:f9:87:eb:0a:72:b2:d2:53:20:b1:53:45:
d7:4f:8e:0e:8e:20:28:4f:48:3e:af:a1:66:ab:e2:e4:62:53:
f7:a5:e2:cb:30:2f:c2:17:97:bf:c0:a1:f0:62:e4:41:16:a3:
f3:3d:48:dd:1f:8e:e8:80:7b:66:06:67:71:e8:ed:a8:d3:3d:
fd:a9:28:14:9a:3f:52:a2:11:b4:d0:29:3f:05:5d:1e:da:23:
ec:f5:f1:09:33:9c:e4:e6:c3:9e:e1:6b:8a:cd:af:d1:c0:6d:
78:cd:21:7f:c9:46:c1:98:2b:85:2f:eb:46:15:a9:6d:26:8d:
f4:ef:17:58:73:9e:55:18:bc:d8:85:d2:a7:48:e2:ff:86:b0:
02:d5:7b:eb:f6:db:fc:8d:0a:de:90:17:89:3e:a0:9d:97:28:
e6:1b:d1:ba:b6:8f:b2:c8:21:fc:61:31:35:ee:29:c8:f0:b8:
0c:90:df:f4:90:8a:93:4d:e2:82:2f:6b:a3:87:01:88:2c:85:
8c:33:e7:c7:ad:73:9e:da:86:38:69:bd:2c:b4:a1:d2:0a:bb:
3f:4d:b5:d8:3e:48:4e:7a:c4:87:a9:59:d4:76:a3:8a:e8:dc:
1f:50:a4:71:eb:50:72:4d:19:43:8c:c7:b5:16:96:f8:ff:53:
07:19:db:74
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAZDuynfDrVIjw4LOsEm06sj9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjQwNzI2MTEyNjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzdjM2ZkYmMwZGY5ZTZlNDFkMTkyMzdjYTM2ODlmODg2OTQ1MmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA18RQJGoS1bowg9XyNKEuOxKtD0En
OXifo/In4WZ22UifV7XAlRy9swNzxrcNR6tP8dTIKpCOvxDsGNtm8M29Y1B8vOqN
tx5JDW9LWsc8Zs1xga0guvXPiM4IH5VahIzI1BlJLFRfxuzMoCmjR/pGn1yA/PrH
BTWO1A1+SgonhEnnp3myPKe7W2h3q9qN1tdIU1HqnDZPSYsPG1Vjvbu5mBLMNQSF
jpTEnIe0t9MScOi6YGz/V84cMwipUZbbbynt/Ollh9P8qxroKIM4Yeeh7xnPrMW2
m/V94+v+Cpl+fJNZiag8bFm5AzY6xLVMZSfCqiYPDOCcKRFLIMTZBkbiWwIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFDN8P9vA355uQdGSN8o2ifiGlFK1MB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvTTN3XzI4RGZubTVCMFpJM3lqYUotSWFVVXJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwegMEAB8O
KzAMAwQAHw41AwQAHw42AwQAJZz1AwQAVmh8AwQAVmmpAwQAWSIFAwQAWSJdAwQA
WSM3AwQAWSQTAwQAWSRcAwQAWSUpAwQAWSk/AwQAWSoOAwQAWSojAwQAWSrWAwQA
WSxoAwQAuWNbAwQAvPAMAwQA2RMJMA0GCSqGSIb3DQEBCwUAA4IBAQBgpusmucX5
h+sKcrLSUyCxU0XXT44OjiAoT0g+r6Fmq+LkYlP3peLLMC/CF5e/wKHwYuRBFqPz
PUjdH47ogHtmBmdx6O2o0z39qSgUmj9SohG00Ck/BV0e2iPs9fEJM5zk5sOe4WuK
za/RwG14zSF/yUbBmCuFL+tGFaltJo307xdYc55VGLzYhdKnSOL/hrAC1Xvr9tv8
jQrekBeJPqCdlyjmG9G6to+yyCH8YTE17inI8LgMkN/0kIqTTeKCL2ujhwGILIWM
M+fHrXOe2oY4ab0stKHSCrs/TbXYPkhOesSHqVnUdqOK6NwfUKRx61ByTRlDjMe1
Fpb4/1MHGdt0
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:42 2025 by rpki-client