Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/lQEW_kEFVEzvp859orQkiiQEUs4.roa
File: lQEW_kEFVEzvp859orQkiiQEUs4.roa (raw, json)
Hash identifier: /rK3RP2mRLEY7fp347jeeRv0CVFP6LOhK9h7RTcvB/I=
Subject key identifier: 95:01:16:FE:41:05:54:4C:EF:A7:CE:7D:A2:B4:24:8A:24:04:52:CE
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 173F8B8E
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/lQEW_kEFVEzvp859orQkiiQEUs4.roa
Signing time: Sat 01 Jan 2022 16:03:43 +0000
ROA not before: Sat 01 Jan 2022 16:03:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31102
IP address blocks: 86.107.54.0/24 maxlen: 24
86.107.52.0/24 maxlen: 24
89.44.236.0/24 maxlen: 24
89.47.255.0/24 maxlen: 24
86.107.20.0/24 maxlen: 24
86.107.30.0/24 maxlen: 24
89.43.38.0/24 maxlen: 24
89.44.108.0/24 maxlen: 24
89.47.3.0/24 maxlen: 24
188.241.134.0/23 maxlen: 23
89.47.10.0/24 maxlen: 24
89.32.185.0/24 maxlen: 24
89.32.191.0/24 maxlen: 24
89.42.9.0/24 maxlen: 24
86.107.182.0/24 maxlen: 24
86.107.181.0/24 maxlen: 24
188.240.202.0/23 maxlen: 23
92.114.39.0/24 maxlen: 24
92.114.52.0/24 maxlen: 24
188.215.70.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 390040462 (0x173f8b8e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 1 16:03:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=950116fe4105544cefa7ce7da2b4248a240452ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:be:dc:50:6f:bb:dd:ea:3b:9a:b0:a1:3f:53:
2e:a3:68:b1:47:7d:21:ad:e9:45:23:a4:c7:64:ee:
f8:28:46:73:7f:f6:ce:d9:e6:11:d6:34:46:d0:7c:
7c:c8:9c:52:ab:86:24:bb:86:2c:09:45:ca:c6:6a:
8f:4b:b2:50:04:e3:f0:7e:25:43:8b:a6:83:04:96:
c2:55:20:ed:ed:e5:ba:a3:69:68:17:96:8c:95:08:
9e:39:de:eb:6a:0f:6a:8e:2a:0e:4a:13:47:a1:c8:
06:38:0c:59:f7:3f:8b:7a:e2:8b:b4:cf:2c:59:e3:
4d:6c:83:72:7d:11:ae:51:90:fd:58:73:5f:8b:c4:
e3:f5:1a:51:b0:d6:2d:0e:20:67:04:1d:93:12:65:
ee:69:ee:c9:3c:ff:dc:2b:24:06:b0:4c:90:2c:bc:
71:08:2c:df:7f:d5:a5:0c:c4:56:b2:b3:ee:86:02:
ff:d6:24:7e:af:9a:9c:87:14:0a:2c:c1:31:3e:a8:
a0:d6:23:08:36:ff:fb:5c:36:97:b0:65:07:4e:19:
af:84:c1:ae:b8:ef:b1:6f:1f:39:96:d4:67:c3:b8:
68:39:bc:0c:e5:fe:48:d1:9b:79:00:ff:b1:39:fb:
37:44:0e:48:8f:62:b0:2a:3c:e1:fc:da:89:cd:9e:
28:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:01:16:FE:41:05:54:4C:EF:A7:CE:7D:A2:B4:24:8A:24:04:52:CE
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/lQEW_kEFVEzvp859orQkiiQEUs4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.107.20.0/24
86.107.30.0/24
86.107.52.0/24
86.107.54.0/24
86.107.181.0-86.107.182.255
89.32.185.0/24
89.32.191.0/24
89.42.9.0/24
89.43.38.0/24
89.44.108.0/24
89.44.236.0/24
89.47.3.0/24
89.47.10.0/24
89.47.255.0/24
92.114.39.0/24
92.114.52.0/24
188.215.70.0/23
188.240.202.0/23
188.241.134.0/23
Signature Algorithm: sha256WithRSAEncryption
03:5a:dd:b9:b8:a5:0f:ef:06:69:b2:dd:4a:b4:31:66:b8:5a:
ce:7d:3b:ab:bd:24:8d:bf:20:60:f7:43:dc:4b:91:00:fb:49:
2f:3a:3d:f1:33:29:1a:99:06:79:56:7b:8c:49:17:cc:39:61:
1f:c0:96:23:80:03:cd:03:7d:45:ab:88:af:6d:73:17:c0:c4:
e2:bf:6c:77:7c:5d:c3:62:5b:23:0c:07:3e:dd:b0:cf:4e:3c:
06:09:4d:45:db:4b:3f:e9:e7:01:34:34:c7:15:bf:86:d4:62:
ad:af:25:c6:31:3a:7d:d9:15:fe:af:9f:38:da:f3:37:a0:b1:
7f:db:86:76:91:69:f4:c5:f7:10:32:f0:67:3c:07:67:4e:7f:
d9:f8:07:6a:bf:af:c0:9b:c2:6b:26:05:71:78:ad:3c:72:4e:
8f:bd:17:3f:87:aa:6c:d1:24:30:89:e7:df:4a:d0:90:f8:3f:
2f:d7:30:a4:ff:8c:0e:8f:b4:38:cd:e6:00:8c:0c:47:73:0b:
87:42:e7:9d:c7:99:f7:ec:0e:4e:c7:55:41:43:f2:2e:21:a7:
c1:c8:51:db:93:9e:cf:a2:62:ec:fd:e7:6b:6b:7e:8e:65:70:
da:e4:dc:19:fa:62:e8:d9:57:71:fe:99:77:be:ce:8e:da:aa:
59:2a:b6:c8
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgIEFz+LjjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZGYxMzJkZjEzZTRiZTUzZDgyNTBjOGM0ODQyMDI2NGVlZjZjMTRjMB4XDTIyMDEw
MTE2MDM0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTUwMTE2ZmU0MTA1
NTQ0Y2VmYTdjZTdkYTJiNDI0OGEyNDA0NTJjZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANm+3FBvu93qO5qwoT9TLqNosUd9Ia3pRSOkx2Tu+ChGc3/2
ztnmEdY0RtB8fMicUquGJLuGLAlFysZqj0uyUATj8H4lQ4umgwSWwlUg7e3luqNp
aBeWjJUInjne62oPao4qDkoTR6HIBjgMWfc/i3rii7TPLFnjTWyDcn0RrlGQ/Vhz
X4vE4/UaUbDWLQ4gZwQdkxJl7mnuyTz/3CskBrBMkCy8cQgs33/VpQzEVrKz7oYC
/9Ykfq+anIcUCizBMT6ooNYjCDb/+1w2l7BlB04Zr4TBrrjvsW8fOZbUZ8O4aDm8
DOX+SNGbeQD/sTn7N0QOSI9isCo84fzaic2eKAMCAwEAAaOCAoEwggJ9MB0GA1Ud
DgQWBBSVARb+QQVUTO+nzn2itCSKJARSzjAfBgNVHSMEGDAWgBR98TLfE+S+U9gl
DIxIQgJk7vbBTDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZmRXkzeFBrdmxQWUpReU1TRUlDWk83MndVdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvYzM3NDk3LTYzNzYtNDYxZS05M2M2LTk3Nzg2NzRlZGM5Ny8x
L2xRRVdfa0VGVkV6dnA4NTlvclFraWlRRVVzNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
YzM3NDk3LTYzNzYtNDYxZS05M2M2LTk3Nzg2NzRlZGM5Ny8xL2ZmRXkzeFBrdmxQ
WUpReU1TRUlDWk83MndVdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
lgYIKwYBBQUHAQcBAf8EgYYwgYMwgYAEAgABMHoDBABWaxQDBABWax4DBABWazQD
BABWazYwDAMEAFZrtQMEAFZrtgMEAFkguQMEAFkgvwMEAFkqCQMEAFkrJgMEAFks
bAMEAFks7AMEAFkvAwMEAFkvCgMEAFkv/wMEAFxyJwMEAFxyNAMEAbzXRgMEAbzw
ygMEAbzxhjANBgkqhkiG9w0BAQsFAAOCAQEAA1rdubilD+8GabLdSrQxZrhazn07
q70kjb8gYPdD3EuRAPtJLzo98TMpGpkGeVZ7jEkXzDlhH8CWI4ADzQN9RauIr21z
F8DE4r9sd3xdw2JbIwwHPt2wz048BglNRdtLP+nnATQ0xxW/htRira8lxjE6fdkV
/q+fONrzN6Cxf9uGdpFp9MX3EDLwZzwHZ05/2fgHar+vwJvCayYFcXitPHJOj70X
P4eqbNEkMInn30rQkPg/L9cwpP+MDo+0OM3mAIwMR3MLh0LnnceZ9+wOTsdVQUPy
LiGnwchR25Oez6Ji7P3na2t+jmVw2uTcGfpi6NlXcf6Zd77OjtqqWSq2yA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:40 2025 by rpki-client