Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/c6ZAmcJDzaMYq9q2pA7zLeD9riM.roa
File: c6ZAmcJDzaMYq9q2pA7zLeD9riM.roa (raw, json)
Hash identifier: syRdDODJZ0T6OPeH7ZTvWwbddsYz45iu+oib6vmZ0N4=
Subject key identifier: 73:A6:40:99:C2:43:CD:A3:18:AB:DA:B6:A4:0E:F3:2D:E0:FD:AE:23
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 01851646C79941BD607252C49602C2B4D464
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/c6ZAmcJDzaMYq9q2pA7zLeD9riM.roa
Signing time: Thu 15 Dec 2022 14:53:35 +0000
ROA not before: Thu 15 Dec 2022 14:53:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31362
IP address blocks: 89.33.45.0/24 maxlen: 24
89.36.148.0/23 maxlen: 23
84.247.29.0/24 maxlen: 24
86.105.169.0/24 maxlen: 24
86.105.170.0/24 maxlen: 24
188.241.184.0/23 maxlen: 23
31.14.100.0/23 maxlen: 23
86.107.31.0/24 maxlen: 24
89.38.138.0/23 maxlen: 23
89.40.77.0/24 maxlen: 24
185.99.91.0/24 maxlen: 24
84.247.55.0/24 maxlen: 24
84.247.56.0/24 maxlen: 24
94.176.128.0/24 maxlen: 24
89.36.196.0/24 maxlen: 24
89.33.238.0/23 maxlen: 23
37.156.245.0/24 maxlen: 24
89.35.117.0/24 maxlen: 24
89.40.136.0/23 maxlen: 23
89.37.41.0/24 maxlen: 24
31.14.43.0/24 maxlen: 24
31.14.53.0/24 maxlen: 24
31.14.54.0/24 maxlen: 24
217.19.9.0/24 maxlen: 24
86.106.156.0/24 maxlen: 24
188.241.104.0/24 maxlen: 24
188.241.105.0/24 maxlen: 24
89.37.159.0/24 maxlen: 24
188.211.31.0/24 maxlen: 24
188.211.27.0/24 maxlen: 24
188.211.30.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:16:46:c7:99:41:bd:60:72:52:c4:96:02:c2:b4:d4:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Dec 15 14:53:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=73a64099c243cda318abdab6a40ef32de0fdae23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:9c:2d:c2:13:46:56:42:77:c3:be:8e:80:c4:
82:10:12:1e:65:05:af:e9:80:4a:15:b4:a1:89:59:
7f:04:b9:3d:30:79:b6:5f:60:95:ce:12:eb:ba:dd:
b6:b4:59:69:8e:ef:d0:a8:72:dc:ac:3b:ba:ad:1f:
81:1f:ff:0d:24:82:52:0e:31:f6:16:3c:7c:92:ff:
38:33:68:15:6a:42:81:f2:67:f4:e3:36:8e:62:d6:
1e:e4:f0:36:40:ad:5a:3c:93:4c:05:42:25:4d:5e:
e0:c5:95:8a:fd:19:cb:63:b5:f6:f9:67:98:cc:11:
ec:9a:42:4f:15:65:71:e3:6e:b9:a4:1c:2c:08:c8:
f9:99:94:65:c1:ea:db:aa:44:1f:ea:ad:b8:29:5f:
89:ff:81:6e:92:d1:95:31:0a:fa:9b:3e:c7:3f:26:
17:5e:b8:1c:36:2b:55:4e:11:72:ea:fb:e8:3c:52:
20:01:29:24:d0:fb:4d:56:ec:e9:cc:3a:a8:c5:56:
7e:8e:d3:ca:35:69:ed:86:aa:3d:76:dd:a7:82:14:
c3:88:58:8c:1a:19:51:ca:22:34:7e:3b:75:ae:fe:
f5:71:dc:1e:20:fb:f5:05:a3:38:fb:09:7b:51:61:
3e:98:ad:0e:4b:18:ac:e6:43:be:42:a1:3b:0a:f2:
83:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:A6:40:99:C2:43:CD:A3:18:AB:DA:B6:A4:0E:F3:2D:E0:FD:AE:23
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/c6ZAmcJDzaMYq9q2pA7zLeD9riM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.43.0/24
31.14.53.0-31.14.54.255
31.14.100.0/23
37.156.245.0/24
84.247.29.0/24
84.247.55.0-84.247.56.255
86.105.169.0-86.105.170.255
86.106.156.0/24
86.107.31.0/24
89.33.45.0/24
89.33.238.0/23
89.35.117.0/24
89.36.148.0/23
89.36.196.0/24
89.37.41.0/24
89.37.159.0/24
89.38.138.0/23
89.40.77.0/24
89.40.136.0/23
94.176.128.0/24
185.99.91.0/24
188.211.27.0/24
188.211.30.0/23
188.241.104.0/23
188.241.184.0/23
217.19.9.0/24
Signature Algorithm: sha256WithRSAEncryption
56:ab:94:49:c8:eb:44:dc:1b:f0:63:c6:be:c7:6d:7e:08:3d:
b1:31:db:39:3d:3f:85:79:f7:76:2c:bd:48:32:ca:d0:ec:cf:
ca:6d:91:ac:f9:38:e0:03:d7:b6:82:3e:12:a8:99:e6:61:ab:
74:6c:15:03:fb:cb:bf:e3:c7:a1:9e:e8:76:f0:c8:e2:9a:87:
85:ae:bc:d2:82:cd:01:a3:ce:4e:54:d1:f6:47:05:47:43:be:
a5:b9:cf:d1:4b:37:89:7c:ca:07:d9:43:91:28:b6:3b:2e:fc:
2a:c0:b5:77:c8:f5:b5:7a:ef:fe:fc:e3:b7:87:d6:d4:79:1e:
c3:22:92:da:98:4b:58:a9:36:0c:3c:8c:67:6a:f6:ec:75:35:
df:5b:17:21:78:0e:13:27:97:db:22:67:b1:24:dc:94:fe:ec:
eb:f3:79:07:3f:1c:25:7d:b7:b9:ec:d5:00:0c:fd:c6:65:54:
5c:60:02:5c:93:34:06:1a:b6:46:cf:f1:c0:68:78:a6:ec:29:
69:1e:a3:78:46:c4:f2:1a:4c:25:a8:ff:14:9b:1c:58:7f:89:
b3:bd:21:f2:00:55:b0:8a:7d:b6:b1:19:fc:01:1a:03:35:72:
62:6d:d8:c3:15:4b:a3:d4:71:a0:9f:43:eb:13:99:2b:7b:3f:
b1:b2:07:d3
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgISAYUWRseZQb1gclLElgLCtNRkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjIxMjE1MTQ1MzM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2E2NDA5OWMyNDNjZGEzMThhYmRhYjZhNDBlZjMyZGUwZmRhZTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZwtwhNGVkJ3w76OgMSCEBIeZQWv
6YBKFbShiVl/BLk9MHm2X2CVzhLrut22tFlpju/QqHLcrDu6rR+BH/8NJIJSDjH2
Fjx8kv84M2gVakKB8mf04zaOYtYe5PA2QK1aPJNMBUIlTV7gxZWK/RnLY7X2+WeY
zBHsmkJPFWVx4265pBwsCMj5mZRlwerbqkQf6q24KV+J/4FuktGVMQr6mz7HPyYX
XrgcNitVThFy6vvoPFIgASkk0PtNVuzpzDqoxVZ+jtPKNWnthqo9dt2nghTDiFiM
GhlRyiI0fjt1rv71cdweIPv1BaM4+wl7UWE+mK0OSxis5kO+QqE7CvKDFQIDAQAB
o4ICvDCCArgwHQYDVR0OBBYEFHOmQJnCQ82jGKvatqQO8y3g/a4jMB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvYzZaQW1jSkR6YU1ZcTlxMnBBN3pMZUQ5cmlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHRBggrBgEFBQcBBwEB/wSBwTCBvjCBuwQCAAEwgbQDBAAf
DiswDAMEAB8ONQMEAB8ONgMEAR8OZAMEACWc9QMEAFT3HTAMAwQAVPc3AwQAVPc4
MAwDBABWaakDBABWaaoDBABWapwDBABWax8DBABZIS0DBAFZIe4DBABZI3UDBAFZ
JJQDBABZJMQDBABZJSkDBABZJZ8DBAFZJooDBABZKE0DBAFZKIgDBABesIADBAC5
Y1sDBAC80xsDBAG80x4DBAG88WgDBAG88bgDBADZEwkwDQYJKoZIhvcNAQELBQAD
ggEBAFarlEnI60TcG/Bjxr7HbX4IPbEx2zk9P4V593YsvUgyytDsz8ptkaz5OOAD
17aCPhKomeZhq3RsFQP7y7/jx6Ge6HbwyOKah4WuvNKCzQGjzk5U0fZHBUdDvqW5
z9FLN4l8ygfZQ5Eotjsu/CrAtXfI9bV67/7847eH1tR5HsMiktqYS1ipNgw8jGdq
9ux1Nd9bFyF4DhMnl9siZ7Ek3JT+7OvzeQc/HCV9t7ns1QAM/cZlVFxgAlyTNAYa
tkbP8cBoeKbsKWkeo3hGxPIaTCWo/xSbHFh/ibO9IfIAVbCKfbaxGfwBGgM1cmJt
2MMVS6PUcaCfQ+sTmSt7P7GyB9M=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:01 2025 by rpki-client