Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/9c0a7e-9963-4c0d-94ac-446d0a7e9404/1/7Ar8AvAbZNlZRRQOvA811vDS3rc.roa
File: 7Ar8AvAbZNlZRRQOvA811vDS3rc.roa (raw, json)
Hash identifier: mc9Ru8wbxOZRChWOqHi56qfIWfxH3LoAO54knctZQ8c=
Subject key identifier: EC:0A:FC:02:F0:1B:64:D9:59:45:14:0E:BC:0F:35:D6:F0:D2:DE:B7
Certificate issuer: /CN=73dfeea9c7de246e6d7d1a507406285b226f9286
Certificate serial: 01875B78E48FA68264CB4B96D54614703247
Authority key identifier: 73:DF:EE:A9:C7:DE:24:6E:6D:7D:1A:50:74:06:28:5B:22:6F:92:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c9_uqcfeJG5tfRpQdAYoWyJvkoY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/9c0a7e-9963-4c0d-94ac-446d0a7e9404/1/7Ar8AvAbZNlZRRQOvA811vDS3rc.roa
Signing time: Fri 07 Apr 2023 11:27:42 +0000
ROA not before: Fri 07 Apr 2023 11:27:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60159
IP address blocks: 194.146.191.0/24 maxlen: 24
194.146.190.0/24 maxlen: 24
194.146.189.0/24 maxlen: 24
194.146.188.0/22 maxlen: 22
185.41.20.0/22 maxlen: 22
193.57.44.0/22 maxlen: 22
193.57.46.0/24 maxlen: 24
193.57.47.0/24 maxlen: 24
185.212.248.0/22 maxlen: 22
185.239.24.0/22 maxlen: 22
2a0c:d540::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:5b:78:e4:8f:a6:82:64:cb:4b:96:d5:46:14:70:32:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73dfeea9c7de246e6d7d1a507406285b226f9286
Validity
Not Before: Apr 7 11:27:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ec0afc02f01b64d95945140ebc0f35d6f0d2deb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:89:2d:6f:46:3d:ba:ad:f5:b9:25:65:f1:dc:
cf:3a:37:34:2b:0f:51:d4:2b:bc:93:4f:01:9f:9a:
93:da:de:80:e6:04:13:ed:05:73:39:85:00:88:f3:
db:fa:52:c8:e3:f1:41:12:36:9e:ec:4b:ef:96:09:
b1:0b:1e:bd:bf:ad:0c:89:85:1b:0f:42:34:3b:1b:
78:dd:16:65:b8:9d:83:12:e1:12:fd:ba:16:f1:39:
5a:a7:2a:5a:c1:7e:15:64:b2:9f:bd:af:a7:e7:27:
6e:cf:75:6f:97:f1:e0:7d:01:7f:21:8f:ea:8a:75:
d8:a3:f5:3f:83:34:c0:cf:43:31:dd:c1:00:a3:a3:
64:3b:d8:95:1c:52:6a:ac:28:e6:6b:cb:00:e5:1c:
30:f5:f1:fe:ab:c7:09:da:95:ca:6e:60:37:09:4d:
61:20:c7:bc:58:96:33:53:22:b8:83:9d:8c:e4:7d:
80:98:64:bf:56:30:97:26:55:3b:04:93:83:e4:c4:
31:0f:9a:eb:e0:d4:cc:f4:6f:39:9c:d3:c1:15:a8:
5a:21:fd:ab:68:40:16:69:23:09:15:12:66:e0:d0:
98:0d:2f:0d:fb:7d:95:8f:c7:44:e1:ce:97:b7:e9:
68:8b:d0:cd:f1:03:e4:08:4b:b4:fc:39:7e:3c:4b:
4a:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:0A:FC:02:F0:1B:64:D9:59:45:14:0E:BC:0F:35:D6:F0:D2:DE:B7
X509v3 Authority Key Identifier:
keyid:73:DF:EE:A9:C7:DE:24:6E:6D:7D:1A:50:74:06:28:5B:22:6F:92:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9_uqcfeJG5tfRpQdAYoWyJvkoY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/9c0a7e-9963-4c0d-94ac-446d0a7e9404/1/7Ar8AvAbZNlZRRQOvA811vDS3rc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/9c0a7e-9963-4c0d-94ac-446d0a7e9404/1/c9_uqcfeJG5tfRpQdAYoWyJvkoY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.41.20.0/22
185.212.248.0/22
185.239.24.0/22
193.57.44.0/22
194.146.188.0/22
IPv6:
2a0c:d540::/32
Signature Algorithm: sha256WithRSAEncryption
75:2d:83:35:39:eb:cf:f9:14:61:3c:29:8d:8b:92:05:93:5f:
76:45:09:28:c1:62:d7:e1:40:7c:4b:b1:a2:e3:c2:77:54:8c:
63:b3:38:54:f5:92:aa:ff:d0:83:b6:3a:ba:fc:ca:86:f2:66:
c7:33:6f:70:d8:fe:02:c3:c7:87:f9:27:82:c8:e3:5c:a9:2a:
a0:41:83:cf:7f:be:a0:95:c5:e4:d9:90:3b:16:18:03:bf:7c:
61:45:97:4b:b2:c6:ee:d7:8a:83:9c:45:3d:64:d6:26:0f:63:
f9:87:1c:8d:b9:49:d8:c6:59:3b:6e:22:f5:f7:17:38:80:18:
4d:af:e0:08:b7:63:54:1e:e9:82:f1:c1:7e:df:e2:c3:ee:6f:
35:c2:05:0f:55:94:b5:43:d4:4f:b7:dc:51:83:f9:50:e7:b7:
d5:9f:3c:c6:b4:52:0f:52:97:be:22:a6:af:83:f2:87:7a:cf:
0b:66:c7:65:75:6c:d2:28:f6:86:cc:39:d8:16:c3:95:a8:83:
05:cd:d8:e2:7e:c2:fb:97:5c:75:e9:69:4b:6e:80:45:3b:46:
f0:4a:d2:ca:04:8e:14:0a:9d:ab:41:0c:c3:75:b0:c5:d5:5a:
98:6c:b7:c8:a2:c6:0d:bb:67:23:49:7f:61:f1:e4:42:9e:54:
36:83:ae:82
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYdbeOSPpoJky0uW1UYUcDJHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZGZlZWE5YzdkZTI0NmU2ZDdkMWE1MDc0MDYyODViMjI2
ZjkyODYwHhcNMjMwNDA3MTEyNzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzBhZmMwMmYwMWI2NGQ5NTk0NTE0MGViYzBmMzVkNmYwZDJkZWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsoktb0Y9uq31uSVl8dzPOjc0Kw9R
1Cu8k08Bn5qT2t6A5gQT7QVzOYUAiPPb+lLI4/FBEjae7EvvlgmxCx69v60MiYUb
D0I0Oxt43RZluJ2DEuES/boW8TlapypawX4VZLKfva+n5yduz3Vvl/HgfQF/IY/q
inXYo/U/gzTAz0Mx3cEAo6NkO9iVHFJqrCjma8sA5Rww9fH+q8cJ2pXKbmA3CU1h
IMe8WJYzUyK4g52M5H2AmGS/VjCXJlU7BJOD5MQxD5rr4NTM9G85nNPBFahaIf2r
aEAWaSMJFRJm4NCYDS8N+32Vj8dE4c6Xt+loi9DN8QPkCEu0/Dl+PEtKAwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFOwK/ALwG2TZWUUUDrwPNdbw0t63MB8GA1UdIwQY
MBaAFHPf7qnH3iRubX0aUHQGKFsib5KGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzlfdXFjZmVKRzV0ZlJwUWRBWW9XeUp2a29ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS85YzBhN2UtOTk2My00YzBkLTk0YWMt
NDQ2ZDBhN2U5NDA0LzEvN0FyOEF2QWJaTmxaUlJRT3ZBODExdkRTM3JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS85YzBhN2UtOTk2My00YzBkLTk0YWMtNDQ2ZDBhN2U5NDA0
LzEvYzlfdXFjZmVKRzV0ZlJwUWRBWW9XeUp2a29ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCuSkUAwQC
udT4AwQCue8YAwQCwTksAwQCwpK8MA0EAgACMAcDBQAqDNVAMA0GCSqGSIb3DQEB
CwUAA4IBAQB1LYM1OevP+RRhPCmNi5IFk192RQkowWLX4UB8S7Gi48J3VIxjszhU
9ZKq/9CDtjq6/MqG8mbHM29w2P4Cw8eH+SeCyONcqSqgQYPPf76glcXk2ZA7FhgD
v3xhRZdLssbu14qDnEU9ZNYmD2P5hxyNuUnYxlk7biL19xc4gBhNr+AIt2NUHumC
8cF+3+LD7m81wgUPVZS1Q9RPt9xRg/lQ57fVnzzGtFIPUpe+Iqavg/KHes8LZsdl
dWzSKPaGzDnYFsOVqIMFzdjifsL7l1x16WlLboBFO0bwStLKBI4UCp2rQQzDdbDF
1VqYbLfIosYNu2cjSX9h8eRCnlQ2g66C
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:22 2023 by rpki-client on console-fra.rpki-client.org