Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/c8QTtGWH5QzjOgHz8c_0eDlSxJQ.roa
File: c8QTtGWH5QzjOgHz8c_0eDlSxJQ.roa (raw, json)
Hash identifier: 1MF7R1Rktg+bYE6bA5EE+E9Ybqvpu8fZ0EsyLjnRj+o=
Subject key identifier: 73:C4:13:B4:65:87:E5:0C:E3:3A:01:F3:F1:CF:F4:78:39:52:C4:94
Certificate issuer: /CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Certificate serial: 383141A1
Authority key identifier: 6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/c8QTtGWH5QzjOgHz8c_0eDlSxJQ.roa
Signing time: Fri 29 Apr 2022 15:32:08 +0000
ROA not before: Fri 29 Apr 2022 15:32:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56582
IP address blocks: 185.33.61.0/24 maxlen: 24
185.33.63.0/24 maxlen: 24
31.169.65.0/24 maxlen: 24
31.169.70.0/24 maxlen: 24
31.169.69.0/24 maxlen: 24
31.169.71.0/24 maxlen: 24
31.169.67.0/24 maxlen: 24
31.169.66.0/24 maxlen: 24
31.169.68.0/24 maxlen: 24
31.169.72.0/24 maxlen: 24
31.169.77.0/24 maxlen: 24
31.169.76.0/24 maxlen: 24
31.169.78.0/24 maxlen: 24
31.169.74.0/24 maxlen: 24
31.169.81.0/24 maxlen: 24
31.169.91.0/24 maxlen: 24
31.169.90.0/24 maxlen: 24
31.169.88.0/24 maxlen: 24
31.169.93.0/24 maxlen: 24
31.169.92.0/24 maxlen: 24
31.169.94.0/24 maxlen: 24
31.169.95.0/24 maxlen: 24
31.169.64.0/24 maxlen: 24
2a00:5740::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 942752161 (0x383141a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Validity
Not Before: Apr 29 15:32:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=73c413b46587e50ce33a01f3f1cff4783952c494
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:7c:46:1e:93:4e:6c:e5:fe:d7:d4:04:da:1b:
0d:2f:f2:59:05:72:f6:a2:5c:9e:6c:80:5c:2f:b4:
9a:7f:e2:3d:68:9c:95:d3:d4:c1:1b:9b:bd:a9:c9:
84:ec:50:3f:3e:5a:79:14:9e:b1:f9:52:55:10:1a:
98:fa:77:21:78:e1:34:81:3c:7f:c2:c0:ca:24:00:
66:76:56:d6:56:d3:83:59:6a:71:92:c6:a2:f8:58:
4e:de:66:57:0d:2e:ab:c7:5c:6b:75:38:bb:01:a7:
5a:27:ad:d7:fc:4e:a8:d4:f2:77:a1:b5:c5:a7:24:
1e:8e:10:b9:27:e9:1d:93:0f:07:b6:76:7c:5a:a9:
73:ea:24:be:1b:ee:31:af:08:39:ab:b3:c4:f0:ba:
1a:24:fc:cc:ed:f3:71:bf:1b:7b:0c:d2:dd:ed:2c:
05:13:dd:cf:3e:f9:53:fb:71:eb:7c:2b:1e:3e:c5:
5e:5c:51:d0:a8:1d:cc:e3:2d:11:13:47:66:30:f7:
d5:13:4e:54:18:62:e2:08:5f:82:a4:1d:5e:9c:5e:
79:7b:f4:00:aa:d2:12:67:93:51:bf:a6:c1:cc:2e:
bd:44:1b:57:a7:26:70:8d:68:60:d8:60:7e:ee:a1:
0a:c9:36:1e:a5:05:ef:0b:07:33:16:c2:14:3c:c0:
d8:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:C4:13:B4:65:87:E5:0C:E3:3A:01:F3:F1:CF:F4:78:39:52:C4:94
X509v3 Authority Key Identifier:
keyid:6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/c8QTtGWH5QzjOgHz8c_0eDlSxJQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.64.0-31.169.72.255
31.169.74.0/24
31.169.76.0-31.169.78.255
31.169.81.0/24
31.169.88.0/24
31.169.90.0-31.169.95.255
185.33.61.0/24
185.33.63.0/24
IPv6:
2a00:5740::/32
Signature Algorithm: sha256WithRSAEncryption
9a:23:7e:25:14:15:b2:aa:4c:5d:f9:16:58:d8:4c:b4:86:8e:
a0:5f:bc:48:81:7d:bd:8e:ba:33:aa:6e:37:b7:a6:24:b5:eb:
99:2e:1c:e8:08:3b:be:be:0e:3d:7b:e6:d0:7b:11:06:b0:21:
a1:8a:67:86:7d:cc:c2:3c:78:6a:02:06:d4:8a:b3:ef:e6:f5:
d8:eb:4c:79:3d:34:88:3c:d5:c5:76:0c:84:15:f2:71:ff:00:
24:d4:20:8c:17:d7:fe:5a:63:c9:c9:7c:47:84:b1:d0:86:f4:
eb:44:3e:9d:59:7d:57:67:f3:8d:e7:05:a4:49:96:f1:f2:81:
9b:cb:f5:7a:d8:b6:63:25:7b:55:71:6c:f2:12:c3:ad:7c:e7:
cf:d6:ab:df:97:2f:62:50:cf:ff:01:76:38:34:85:79:eb:b7:
e4:90:67:13:79:f0:87:f5:b3:5a:77:79:60:62:6d:8f:fc:20:
81:8a:00:1f:32:e4:4d:77:aa:42:6d:03:d2:9d:fa:8f:76:42:
23:cc:3f:66:c0:27:84:73:37:3f:5c:b1:cc:df:8d:3f:af:63:
55:68:a9:56:af:35:55:7b:c9:53:24:8b:98:fb:5b:f4:95:7c:
4a:84:27:60:fa:36:63:4b:aa:99:39:b5:2b:a2:1c:d3:ab:f4:
8e:fd:69:1b
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIEODFBoTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZDY5ZGE0NGFlMDY3ZmMxYTk4YTVmNmYwNWYxMmU1NDVkMGZjNjJhMB4XDTIyMDQy
OTE1MzIwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzNjNDEzYjQ2NTg3
ZTUwY2UzM2EwMWYzZjFjZmY0NzgzOTUyYzQ5NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANJ8Rh6TTmzl/tfUBNobDS/yWQVy9qJcnmyAXC+0mn/iPWic
ldPUwRubvanJhOxQPz5aeRSesflSVRAamPp3IXjhNIE8f8LAyiQAZnZW1lbTg1lq
cZLGovhYTt5mVw0uq8dca3U4uwGnWiet1/xOqNTyd6G1xackHo4QuSfpHZMPB7Z2
fFqpc+okvhvuMa8IOauzxPC6GiT8zO3zcb8bewzS3e0sBRPdzz75U/tx63wrHj7F
XlxR0KgdzOMtERNHZjD31RNOVBhi4ghfgqQdXpxeeXv0AKrSEmeTUb+mwcwuvUQb
V6cmcI1oYNhgfu6hCsk2HqUF7wsHMxbCFDzA2G8CAwEAAaOCAlowggJWMB0GA1Ud
DgQWBBRzxBO0ZYflDOM6AfPxz/R4OVLElDAfBgNVHSMEGDAWgBRtadpErgZ/wamK
X28F8S5UXQ/GKjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JXbmFSSzRHZjhHcGlsOXZCZkV1VkYwUHhpby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDEvYjFhODJhLTQ5MGYtNDNmYi05ODZlLTI2MTcwZGE0YTBiMS8x
L2M4UVR0R1dINVF6ak9nSHo4Y18wZURsU3hKUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDEv
YjFhODJhLTQ5MGYtNDNmYi05ODZlLTI2MTcwZGE0YTBiMS8xL2JXbmFSSzRHZjhH
cGlsOXZCZkV1VkYwUHhpby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBw
BggrBgEFBQcBBwEB/wRhMF8wTgQCAAEwSDAMAwQGH6lAAwQAH6lIAwQAH6lKMAwD
BAIfqUwDBAAfqU4DBAAfqVEDBAAfqVgwDAMEAR+pWgMEBR+pQAMEALkhPQMEALkh
PzANBAIAAjAHAwUAKgBXQDANBgkqhkiG9w0BAQsFAAOCAQEAmiN+JRQVsqpMXfkW
WNhMtIaOoF+8SIF9vY66M6puN7emJLXrmS4c6Ag7vr4OPXvm0HsRBrAhoYpnhn3M
wjx4agIG1Iqz7+b12OtMeT00iDzVxXYMhBXycf8AJNQgjBfX/lpjycl8R4Sx0Ib0
60Q+nVl9V2fzjecFpEmW8fKBm8v1eti2YyV7VXFs8hLDrXznz9ar35cvYlDP/wF2
ODSFeeu35JBnE3nwh/WzWnd5YGJtj/wggYoAHzLkTXeqQm0D0p36j3ZCI8w/ZsAn
hHM3P1yxzN+NP69jVWipVq81VXvJUySLmPtb9JV8SoQnYPo2Y0uqmTm1K6Ic06v0
jv1pGw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:14 2023 by rpki-client on console-ams.rpki-client.org