Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/06fe14-d146-4e66-a841-2c64c291353e/1/Q_74Idx7zISS24wTrw1mckwvmBY.roa
File: Q_74Idx7zISS24wTrw1mckwvmBY.roa (raw, json)
Hash identifier: G/sf/mBp/TiJL6+n7eqU988d1yFm4Bejv8941bCFZvI=
Subject key identifier: 43:FE:F8:21:DC:7B:CC:84:92:DB:8C:13:AF:0D:66:72:4C:2F:98:16
Certificate issuer: /CN=27c007e5082b8e8d8289018718cfd527a7893e5e
Certificate serial: 04ACC8BA
Authority key identifier: 27:C0:07:E5:08:2B:8E:8D:82:89:01:87:18:CF:D5:27:A7:89:3E:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J8AH5Qgrjo2CiQGHGM_VJ6eJPl4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/06fe14-d146-4e66-a841-2c64c291353e/1/Q_74Idx7zISS24wTrw1mckwvmBY.roa
Signing time: Sat 01 Jan 2022 10:59:26 +0000
ROA not before: Sat 01 Jan 2022 10:59:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31400
IP address blocks: 94.199.213.0/24 maxlen: 24
94.199.212.0/22 maxlen: 22
94.199.212.0/24 maxlen: 24
94.199.215.0/24 maxlen: 24
185.245.96.0/22 maxlen: 22
185.245.96.0/24 maxlen: 24
185.245.99.0/24 maxlen: 24
185.194.239.0/24 maxlen: 24
185.194.238.0/24 maxlen: 24
185.194.237.0/24 maxlen: 24
185.194.236.0/24 maxlen: 24
185.194.236.0/22 maxlen: 22
193.32.220.0/22 maxlen: 22
185.248.141.0/24 maxlen: 24
185.248.140.0/22 maxlen: 22
185.248.140.0/24 maxlen: 24
46.251.251.0/24 maxlen: 24
213.190.28.0/22 maxlen: 22
194.48.168.0/22 maxlen: 22
194.48.171.0/24 maxlen: 24
185.242.112.0/24 maxlen: 24
185.242.112.0/22 maxlen: 22
88.218.224.0/22 maxlen: 22
185.242.113.0/24 maxlen: 24
185.242.115.0/24 maxlen: 24
185.242.114.0/24 maxlen: 24
88.218.227.0/24 maxlen: 24
134.255.244.0/24 maxlen: 24
134.255.247.0/24 maxlen: 24
91.216.245.0/24 maxlen: 24
194.26.180.0/22 maxlen: 22
194.26.183.0/24 maxlen: 24
193.135.8.0/22 maxlen: 22
193.135.10.0/24 maxlen: 24
91.210.225.0/24 maxlen: 24
91.210.224.0/24 maxlen: 24
91.210.224.0/22 maxlen: 22
185.250.249.0/24 maxlen: 24
185.250.248.0/22 maxlen: 22
185.250.248.0/24 maxlen: 24
185.250.251.0/24 maxlen: 24
185.250.250.0/24 maxlen: 24
109.230.219.0/24 maxlen: 24
31.214.144.0/24 maxlen: 24
193.142.41.0/24 maxlen: 24
193.142.40.0/22 maxlen: 22
2a0a:51c0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78432442 (0x4acc8ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27c007e5082b8e8d8289018718cfd527a7893e5e
Validity
Not Before: Jan 1 10:59:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=43fef821dc7bcc8492db8c13af0d66724c2f9816
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:36:ad:d5:1a:2f:0e:2d:12:c8:d9:b3:27:c8:
3c:e2:6d:0d:b9:f2:40:8f:8e:75:97:c8:9f:4d:d5:
a0:d9:b6:30:67:5c:85:f8:5e:04:cc:f1:05:d9:45:
20:8e:1c:3e:b0:a8:fb:15:e2:5b:d2:24:db:5a:b4:
d8:25:ec:85:2f:ef:fe:7c:5c:fd:17:ce:2c:fe:11:
12:80:fe:46:5c:f0:bd:62:8a:6b:cc:4b:48:a6:23:
d8:64:55:f1:40:73:9c:b9:8f:ca:7d:ad:29:7e:82:
e8:81:07:bb:e8:dc:8a:dd:a0:8f:0f:0b:c5:b0:19:
7e:f8:80:38:8e:f6:9c:9d:29:3f:44:6d:f4:45:5a:
74:de:d5:35:a6:5e:65:06:71:ba:3f:c0:0f:17:c0:
78:17:4f:77:b9:2d:e2:7f:c1:40:8e:03:31:7d:0e:
1b:33:d7:cf:08:dc:ef:21:fa:f6:52:19:df:df:fe:
67:4d:a4:cf:20:1e:80:d9:87:3b:92:d0:65:d0:24:
52:d0:d7:8c:55:4e:ac:b6:64:43:34:b7:c0:39:b3:
20:02:5b:f9:72:91:4d:56:e2:6c:f8:fd:b9:32:67:
0d:41:9f:c0:1c:0f:3f:49:ca:de:07:de:49:e3:8c:
02:90:33:70:36:7d:4c:71:ab:40:72:a0:1d:90:31:
d7:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:FE:F8:21:DC:7B:CC:84:92:DB:8C:13:AF:0D:66:72:4C:2F:98:16
X509v3 Authority Key Identifier:
keyid:27:C0:07:E5:08:2B:8E:8D:82:89:01:87:18:CF:D5:27:A7:89:3E:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J8AH5Qgrjo2CiQGHGM_VJ6eJPl4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/06fe14-d146-4e66-a841-2c64c291353e/1/Q_74Idx7zISS24wTrw1mckwvmBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/06fe14-d146-4e66-a841-2c64c291353e/1/J8AH5Qgrjo2CiQGHGM_VJ6eJPl4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.144.0/24
46.251.251.0/24
88.218.224.0/22
91.210.224.0/22
91.216.245.0/24
94.199.212.0/22
109.230.219.0/24
134.255.244.0/24
134.255.247.0/24
185.194.236.0/22
185.242.112.0/22
185.245.96.0/22
185.248.140.0/22
185.250.248.0/22
193.32.220.0/22
193.135.8.0/22
193.142.40.0/22
194.26.180.0/22
194.48.168.0/22
213.190.28.0/22
IPv6:
2a0a:51c0::/32
Signature Algorithm: sha256WithRSAEncryption
c1:4d:7c:b6:a8:6a:21:5f:98:39:bc:35:73:8f:4d:fe:87:3e:
72:29:2b:e1:1e:6a:47:09:ee:a6:b3:3e:7f:d9:ef:81:49:17:
fc:41:0c:86:ed:1c:9e:22:08:5d:a5:c0:9c:e9:a1:86:9d:c9:
9d:34:1e:11:3d:4e:ce:51:13:4f:be:76:d1:b5:22:f5:db:23:
5d:e2:02:38:02:e4:20:b4:60:fd:3d:ab:7d:ba:a9:7a:75:50:
93:ea:73:fa:bc:b5:54:c1:43:7f:71:dc:f2:aa:da:b4:93:01:
26:e4:80:a3:85:97:08:32:97:3a:72:a9:58:8f:08:61:21:c5:
bb:e1:76:1b:10:07:3b:40:b7:61:e0:e8:50:15:92:16:0f:4f:
90:f7:ba:c8:4a:9e:45:ec:66:05:b0:f6:89:dc:5c:97:16:d5:
e7:5f:31:7d:13:7d:a5:8b:fb:b6:69:7b:05:5d:36:98:14:ce:
5f:3e:ec:83:9c:56:90:a9:bc:33:d6:01:90:46:9c:83:03:1f:
7e:77:e4:46:dc:9c:dd:41:11:95:3c:53:1d:a7:dc:50:72:0c:
b7:fd:45:1b:40:58:ab:ef:b7:56:d8:33:5d:c4:9f:2f:47:75:
63:93:0e:71:38:bc:8c:32:8f:13:ac:12:f8:1a:f2:b1:b7:92:
6d:d2:9e:06
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgIEBKzIujANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
N2MwMDdlNTA4MmI4ZThkODI4OTAxODcxOGNmZDUyN2E3ODkzZTVlMB4XDTIyMDEw
MTEwNTkyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDNmZWY4MjFkYzdi
Y2M4NDkyZGI4YzEzYWYwZDY2NzI0YzJmOTgxNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOU2rdUaLw4tEsjZsyfIPOJtDbnyQI+OdZfIn03VoNm2MGdc
hfheBMzxBdlFII4cPrCo+xXiW9Ik21q02CXshS/v/nxc/RfOLP4REoD+RlzwvWKK
a8xLSKYj2GRV8UBznLmPyn2tKX6C6IEHu+jcit2gjw8LxbAZfviAOI72nJ0pP0Rt
9EVadN7VNaZeZQZxuj/ADxfAeBdPd7kt4n/BQI4DMX0OGzPXzwjc7yH69lIZ39/+
Z02kzyAegNmHO5LQZdAkUtDXjFVOrLZkQzS3wDmzIAJb+XKRTVbibPj9uTJnDUGf
wBwPP0nK3gfeSeOMApAzcDZ9THGrQHKgHZAx1/ECAwEAAaOCAo0wggKJMB0GA1Ud
DgQWBBRD/vgh3HvMhJLbjBOvDWZyTC+YFjAfBgNVHSMEGDAWgBQnwAflCCuOjYKJ
AYcYz9Unp4k+XjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0o4QUg1UWdyam8yQ2lRR0hHTV9WSjZlSlBsNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjYvMDZmZTE0LWQxNDYtNGU2Ni1hODQxLTJjNjRjMjkxMzUzZS8x
L1FfNzRJZHg3eklTUzI0d1RydzFtY2t3dm1CWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYv
MDZmZTE0LWQxNDYtNGU2Ni1hODQxLTJjNjRjMjkxMzUzZS8xL0o4QUg1UWdyam8y
Q2lRR0hHTV9WSjZlSlBsNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
ogYIKwYBBQUHAQcBAf8EgZIwgY8wfgQCAAEweAMEAB/WkAMEAC77+wMEAlja4AME
AlvS4AMEAFvY9QMEAl7H1AMEAG3m2wMEAIb/9AMEAIb/9wMEArnC7AMEArnycAME
Arn1YAMEArn4jAMEArn6+AMEAsEg3AMEAsGHCAMEAsGOKAMEAsIatAMEAsIwqAME
AtW+HDANBAIAAjAHAwUAKgpRwDANBgkqhkiG9w0BAQsFAAOCAQEAwU18tqhqIV+Y
Obw1c49N/oc+cikr4R5qRwnuprM+f9nvgUkX/EEMhu0cniIIXaXAnOmhhp3JnTQe
ET1OzlETT7520bUi9dsjXeICOALkILRg/T2rfbqpenVQk+pz+ry1VMFDf3Hc8qra
tJMBJuSAo4WXCDKXOnKpWI8IYSHFu+F2GxAHO0C3YeDoUBWSFg9PkPe6yEqeRexm
BbD2idxclxbV518xfRN9pYv7tml7BV02mBTOXz7sg5xWkKm8M9YBkEacgwMffnfk
Rtyc3UERlTxTHafcUHIMt/1FG0BYq++3VtgzXcSfL0d1Y5MOcTi8jDKPE6wS+Bry
sbeSbdKeBg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:51 2024 by rpki-client on console-fra.rpki-client.org