Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/FldNE0UqNAYSm4B2vicvnlzA3ok.roa
File: FldNE0UqNAYSm4B2vicvnlzA3ok.roa (raw, json)
Hash identifier: +UIN2ugdQv8wYAoSQoHd9iKyXxVB8fwcZHunlpUjn2g=
Subject key identifier: 16:57:4D:13:45:2A:34:06:12:9B:80:76:BE:27:2F:9E:5C:C0:DE:89
Certificate issuer: /CN=ec3a633ef2c08251a58603562e56aa6efa93ec25
Certificate serial: 01A6920F
Authority key identifier: EC:3A:63:3E:F2:C0:82:51:A5:86:03:56:2E:56:AA:6E:FA:93:EC:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7DpjPvLAglGlhgNWLlaqbvqT7CU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/FldNE0UqNAYSm4B2vicvnlzA3ok.roa
Signing time: Tue 04 Jan 2022 10:14:26 +0000
ROA not before: Tue 04 Jan 2022 10:14:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12975
IP address blocks: 199.204.215.0/24 maxlen: 24
194.169.123.0/24 maxlen: 24
94.26.112.0/20 maxlen: 20
82.205.0.0/20 maxlen: 20
217.66.233.0/24 maxlen: 24
217.66.237.0/24 maxlen: 24
217.66.234.0/23 maxlen: 23
86.107.16.0/22 maxlen: 22
82.205.96.0/20 maxlen: 20
82.205.104.0/21 maxlen: 21
89.239.32.0/20 maxlen: 20
82.205.16.0/20 maxlen: 20
37.8.0.0/17 maxlen: 20
37.8.0.0/20 maxlen: 20
37.8.16.0/20 maxlen: 20
82.205.27.0/24 maxlen: 24
85.184.240.0/22 maxlen: 22
37.8.32.0/20 maxlen: 20
37.8.48.0/20 maxlen: 20
82.102.240.0/20 maxlen: 20
185.40.192.0/22 maxlen: 22
185.138.132.0/22 maxlen: 22
185.90.242.0/24 maxlen: 24
82.205.120.0/21 maxlen: 21
82.102.192.0/20 maxlen: 20
82.102.208.0/21 maxlen: 21
82.102.218.0/23 maxlen: 23
82.102.224.0/20 maxlen: 20
82.102.220.0/22 maxlen: 22
217.78.60.0/22 maxlen: 22
217.21.2.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27693583 (0x1a6920f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec3a633ef2c08251a58603562e56aa6efa93ec25
Validity
Not Before: Jan 4 10:14:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=16574d13452a3406129b8076be272f9e5cc0de89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e5:bb:71:77:d5:12:92:63:f8:3f:d2:2c:8a:
e2:62:52:ef:10:4d:1f:e0:fc:01:be:16:d4:e2:50:
db:34:1f:f0:de:42:d0:61:2a:0e:41:d4:66:c5:1a:
55:0b:67:c3:bd:14:1c:84:d9:87:15:e2:ce:4f:3f:
1e:a3:5a:46:eb:04:14:c0:7d:24:8a:ed:9f:fc:3a:
7e:0d:18:20:a6:1a:cf:2d:7d:bc:5a:0c:e1:39:6e:
53:60:45:fb:b3:04:ec:55:dd:eb:39:68:1a:a1:04:
6f:15:4f:9d:48:70:97:45:dd:47:13:7d:f8:51:19:
10:ee:26:50:2f:09:11:f7:af:32:43:b7:5c:0a:d2:
8e:7e:74:7b:28:16:1d:26:b3:07:01:45:8a:7f:0e:
8c:7e:bc:aa:5b:83:34:cb:1a:35:f2:7d:00:a0:1d:
bd:db:06:50:19:70:ad:55:b2:31:f5:8c:59:14:1c:
46:65:71:48:5f:1e:80:76:48:83:1e:63:c6:06:77:
a7:77:f6:f9:11:0d:a5:da:e5:0e:d8:f5:69:c7:4f:
47:87:70:7d:c8:21:9c:fd:ac:2f:0b:a4:7b:2b:86:
32:f9:31:3d:eb:6d:9d:63:75:87:e2:a1:be:52:da:
ee:b9:74:58:c6:45:a5:c8:80:d5:4a:cc:f3:91:e4:
4a:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:57:4D:13:45:2A:34:06:12:9B:80:76:BE:27:2F:9E:5C:C0:DE:89
X509v3 Authority Key Identifier:
keyid:EC:3A:63:3E:F2:C0:82:51:A5:86:03:56:2E:56:AA:6E:FA:93:EC:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7DpjPvLAglGlhgNWLlaqbvqT7CU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/FldNE0UqNAYSm4B2vicvnlzA3ok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/7DpjPvLAglGlhgNWLlaqbvqT7CU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.8.0.0/17
82.102.192.0-82.102.215.255
82.102.218.0-82.102.255.255
82.205.0.0/19
82.205.96.0/20
82.205.120.0/21
85.184.240.0/22
86.107.16.0/22
89.239.32.0/20
94.26.112.0/20
185.40.192.0/22
185.90.242.0/24
185.138.132.0/22
194.169.123.0/24
199.204.215.0/24
217.21.2.0/24
217.66.233.0-217.66.235.255
217.66.237.0/24
217.78.60.0/22
Signature Algorithm: sha256WithRSAEncryption
73:f2:e7:ce:4c:d6:ba:be:a5:91:5f:0c:e7:f1:58:ff:f1:f1:
44:57:aa:20:94:c7:b5:57:a5:71:2f:9d:e7:d0:49:b5:40:56:
77:9f:e8:e2:b8:26:87:3d:7b:80:5b:2b:12:ca:85:d9:62:08:
5d:f8:be:39:f4:99:7f:4b:6b:06:94:52:9e:95:10:60:a4:9a:
3e:7c:4e:9d:47:04:44:67:b6:3c:71:6b:5d:8b:0b:e5:01:75:
0d:3d:c2:b2:c1:54:47:23:d0:2a:74:ec:e3:98:1f:08:28:04:
50:65:26:a3:84:7b:13:cb:2e:17:dd:9e:ac:5c:70:1b:a7:c4:
6a:86:3f:ba:f2:b9:92:e2:60:ae:d9:cb:30:79:93:d0:3d:64:
00:4b:de:a1:6d:19:6b:c5:88:4a:fb:a7:7b:bc:26:9e:65:19:
cf:36:fb:99:9e:c0:bf:a5:fc:94:ff:e1:af:7f:7e:35:f4:d3:
17:e2:56:6d:6f:9a:d1:c7:46:b1:b8:9e:19:36:e1:e3:ed:69:
3e:3b:c8:41:73:8c:63:6d:de:20:2a:e9:29:0b:ac:bd:ce:04:
b2:05:e7:e4:53:35:77:fd:94:9e:49:db:e6:73:6c:6d:f2:9e:
3c:12:5c:59:2a:4c:e8:28:cf:ef:65:ca:13:14:aa:48:da:ff:
a3:d3:42:69
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgIEAaaSDzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YzNhNjMzZWYyYzA4MjUxYTU4NjAzNTYyZTU2YWE2ZWZhOTNlYzI1MB4XDTIyMDEw
NDEwMTQyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTY1NzRkMTM0NTJh
MzQwNjEyOWI4MDc2YmUyNzJmOWU1Y2MwZGU4OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKzlu3F31RKSY/g/0iyK4mJS7xBNH+D8Ab4W1OJQ2zQf8N5C
0GEqDkHUZsUaVQtnw70UHITZhxXizk8/HqNaRusEFMB9JIrtn/w6fg0YIKYazy19
vFoM4TluU2BF+7ME7FXd6zloGqEEbxVPnUhwl0XdRxN9+FEZEO4mUC8JEfevMkO3
XArSjn50eygWHSazBwFFin8OjH68qluDNMsaNfJ9AKAdvdsGUBlwrVWyMfWMWRQc
RmVxSF8egHZIgx5jxgZ3p3f2+RENpdrlDtj1acdPR4dwfcghnP2sLwukeyuGMvkx
PettnWN1h+KhvlLa7rl0WMZFpciA1UrM85HkSmkCAwEAAaOCApEwggKNMB0GA1Ud
DgQWBBQWV00TRSo0BhKbgHa+Jy+eXMDeiTAfBgNVHSMEGDAWgBTsOmM+8sCCUaWG
A1YuVqpu+pPsJTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdEcGpQdkxBZ2xHbGhnTldMbGFxYnZxVDdDVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDQvYzFiMWYwLTIzNGYtNDVkNS04NTk1LWY3YzJjMmE5MWJjMi8x
L0ZsZE5FMFVxTkFZU200QjJ2aWN2bmx6QTNvay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDQv
YzFiMWYwLTIzNGYtNDVkNS04NTk1LWY3YzJjMmE5MWJjMi8xLzdEcGpQdkxBZ2xH
bGhnTldMbGFxYnZxVDdDVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
pgYIKwYBBQUHAQcBAf8EgZYwgZMwgZAEAgABMIGJAwQHJQgAMAwDBAZSZsADBANS
ZtAwCwMEAVJm2gMDAFJmAwQFUs0AAwQEUs1gAwQDUs14AwQCVbjwAwQCVmsQAwQE
We8gAwQEXhpwAwQCuSjAAwQAuVryAwQCuYqEAwQAwql7AwQAx8zXAwQA2RUCMAwD
BADZQukDBALZQugDBADZQu0DBALZTjwwDQYJKoZIhvcNAQELBQADggEBAHPy585M
1rq+pZFfDOfxWP/x8URXqiCUx7VXpXEvnefQSbVAVnef6OK4Joc9e4BbKxLKhdli
CF34vjn0mX9LawaUUp6VEGCkmj58Tp1HBERntjxxa12LC+UBdQ09wrLBVEcj0Cp0
7OOYHwgoBFBlJqOEexPLLhfdnqxccBunxGqGP7ryuZLiYK7ZyzB5k9A9ZABL3qFt
GWvFiEr7p3u8Jp5lGc82+5mewL+l/JT/4a9/fjX00xfiVm1vmtHHRrG4nhk24ePt
aT47yEFzjGNt3iAq6SkLrL3OBLIF5+RTNXf9lJ5J2+ZzbG3ynjwSXFkqTOgoz+9l
yhMUqkja/6PTQmk=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:26 2023 by rpki-client on console-ams.rpki-client.org