Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/rDqDKxN_Ip7_hy02hC-j0bFIWEI.roa
File: rDqDKxN_Ip7_hy02hC-j0bFIWEI.roa (raw, json)
Hash identifier: Bp/EtBHG2GzlNItfbuJ9u5gf2eAdZgdyhYAWrJc1HrI=
Subject key identifier: AC:3A:83:2B:13:7F:22:9E:FF:87:2D:36:84:2F:A3:D1:B1:48:58:42
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 01856E41CCDA2FB9677063B679E8EC0BA8D6
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/rDqDKxN_Ip7_hy02hC-j0bFIWEI.roa
Signing time: Sun 01 Jan 2023 16:54:43 +0000
ROA not before: Sun 01 Jan 2023 16:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31102
IP address blocks: 86.107.54.0/24 maxlen: 24
86.107.52.0/24 maxlen: 24
89.44.236.0/24 maxlen: 24
89.47.255.0/24 maxlen: 24
86.107.20.0/24 maxlen: 24
86.107.30.0/24 maxlen: 24
89.43.38.0/24 maxlen: 24
89.44.108.0/24 maxlen: 24
89.47.3.0/24 maxlen: 24
188.241.134.0/23 maxlen: 23
89.47.10.0/24 maxlen: 24
89.32.185.0/24 maxlen: 24
89.32.191.0/24 maxlen: 24
89.42.9.0/24 maxlen: 24
86.107.182.0/24 maxlen: 24
86.107.181.0/24 maxlen: 24
188.240.202.0/23 maxlen: 23
92.114.39.0/24 maxlen: 24
92.114.52.0/24 maxlen: 24
188.215.70.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:41:cc:da:2f:b9:67:70:63:b6:79:e8:ec:0b:a8:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 1 16:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac3a832b137f229eff872d36842fa3d1b1485842
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:7d:3c:6f:be:2a:1d:ba:2c:7a:4a:42:c6:a6:
7d:f2:e0:a0:37:40:01:0d:82:e5:ac:21:87:c4:29:
93:b4:5c:f8:41:7c:a7:b5:7a:d1:95:3d:a2:f8:1f:
da:b7:ea:8c:80:50:62:c4:60:27:26:4c:e1:2b:3f:
27:b8:62:0d:b6:fd:81:9a:63:8a:88:07:f1:7d:65:
66:4a:a0:a7:64:7b:1e:7a:5b:4d:42:20:1a:8b:88:
85:82:98:5b:be:0d:a3:24:be:a0:3d:b9:65:4e:20:
1a:35:6b:3e:ac:62:7e:90:d7:40:1d:f9:42:95:47:
83:6f:e6:06:52:b6:88:93:7a:56:ff:82:0f:ef:6f:
35:19:67:90:02:62:b9:98:ff:f9:d5:31:6a:ab:7a:
f3:96:84:68:8a:d3:46:43:d4:0d:e3:57:37:a2:7e:
e7:12:dd:e1:38:21:e2:38:ac:8f:3a:85:0b:fe:ee:
6f:74:0e:23:bf:e5:5f:02:f2:a0:4a:e1:be:49:34:
c8:d5:d0:c0:b3:6e:24:ba:bb:eb:35:aa:64:fa:a0:
7e:6a:e0:9b:f3:79:da:0e:3c:96:74:e5:f5:60:0e:
c9:f6:f4:f3:57:35:ae:f6:f8:fe:f2:e5:3a:07:64:
a9:24:95:65:7d:8c:3e:74:88:11:01:b4:36:8c:cf:
f8:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:3A:83:2B:13:7F:22:9E:FF:87:2D:36:84:2F:A3:D1:B1:48:58:42
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/rDqDKxN_Ip7_hy02hC-j0bFIWEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.107.20.0/24
86.107.30.0/24
86.107.52.0/24
86.107.54.0/24
86.107.181.0-86.107.182.255
89.32.185.0/24
89.32.191.0/24
89.42.9.0/24
89.43.38.0/24
89.44.108.0/24
89.44.236.0/24
89.47.3.0/24
89.47.10.0/24
89.47.255.0/24
92.114.39.0/24
92.114.52.0/24
188.215.70.0/23
188.240.202.0/23
188.241.134.0/23
Signature Algorithm: sha256WithRSAEncryption
2a:ac:f0:d2:54:60:a8:f2:a8:5b:dd:4b:41:9e:ed:de:0b:e7:
8a:a9:34:cd:e4:11:22:65:a9:46:9d:7f:cd:5f:13:96:e4:76:
75:86:92:bd:30:ca:e9:fe:5a:d5:8b:49:c2:a3:29:ba:c2:b9:
bc:8b:8e:84:71:50:2d:c6:61:6d:82:b0:93:8a:d7:be:17:8c:
26:e6:3f:15:17:85:ed:a4:d1:bb:22:eb:ce:f5:ea:34:95:b8:
16:8a:0c:a6:cb:74:0e:00:14:e8:a2:6e:af:97:92:b6:b8:69:
88:f6:28:55:16:fd:29:5b:0a:53:11:52:55:6a:b4:47:69:e5:
8e:01:17:5b:88:69:ca:86:50:ad:00:a2:c8:84:1b:c5:f4:32:
64:c0:35:a5:24:71:62:2c:8d:8e:a0:e8:95:3d:4d:b5:84:69:
34:5d:e0:1f:0f:7b:59:98:e9:f2:ae:6d:e6:99:c9:4f:d1:ff:
b0:65:8e:82:30:db:7d:0f:62:27:df:9e:7c:74:72:c6:4d:c8:
3d:75:ad:83:f7:52:1e:b3:e9:22:89:85:0a:15:3b:da:09:d3:
ac:a9:50:18:b5:c2:c9:f8:f0:02:ab:cd:5a:b8:79:e9:81:ab:
7c:2a:1d:98:22:da:3d:d6:b5:fe:c3:c8:50:88:92:1c:95:51:
5f:6c:9a:e1
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAYVuQczaL7lncGO2eejsC6jWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjMwMTAxMTY1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzNhODMyYjEzN2YyMjllZmY4NzJkMzY4NDJmYTNkMWIxNDg1ODQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuH08b74qHbosekpCxqZ98uCgN0AB
DYLlrCGHxCmTtFz4QXyntXrRlT2i+B/at+qMgFBixGAnJkzhKz8nuGINtv2BmmOK
iAfxfWVmSqCnZHseeltNQiAai4iFgphbvg2jJL6gPbllTiAaNWs+rGJ+kNdAHflC
lUeDb+YGUraIk3pW/4IP7281GWeQAmK5mP/51TFqq3rzloRoitNGQ9QN41c3on7n
Et3hOCHiOKyPOoUL/u5vdA4jv+VfAvKgSuG+STTI1dDAs24kurvrNapk+qB+auCb
83naDjyWdOX1YA7J9vTzVzWu9vj+8uU6B2SpJJVlfYw+dIgRAbQ2jM/4OQIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFKw6gysTfyKe/4ctNoQvo9GxSFhCMB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvckRxREt4Tl9JcDdfaHkwMmhDLWowYkZJV0VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwegMEAFZr
FAMEAFZrHgMEAFZrNAMEAFZrNjAMAwQAVmu1AwQAVmu2AwQAWSC5AwQAWSC/AwQA
WSoJAwQAWSsmAwQAWSxsAwQAWSzsAwQAWS8DAwQAWS8KAwQAWS//AwQAXHInAwQA
XHI0AwQBvNdGAwQBvPDKAwQBvPGGMA0GCSqGSIb3DQEBCwUAA4IBAQAqrPDSVGCo
8qhb3UtBnu3eC+eKqTTN5BEiZalGnX/NXxOW5HZ1hpK9MMrp/lrVi0nCoym6wrm8
i46EcVAtxmFtgrCTite+F4wm5j8VF4XtpNG7IuvO9eo0lbgWigymy3QOABToom6v
l5K2uGmI9ihVFv0pWwpTEVJVarRHaeWOARdbiGnKhlCtAKLIhBvF9DJkwDWlJHFi
LI2OoOiVPU21hGk0XeAfD3tZmOnyrm3mmclP0f+wZY6CMNt9D2In3558dHLGTcg9
da2D91Ies+kiiYUKFTvaCdOsqVAYtcLJ+PACq81auHnpgat8Kh2YIto91rX+w8hQ
iJIclVFfbJrh
-----END CERTIFICATE-----
Generated at Fri Apr 18 07:43:55 2025 by rpki-client