Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/9e2b1a-163b-4854-961a-ea75ddf47b4a/1/Hm_73bh2aQkoCfH8NTYox3QDrJ4.roa
File: Hm_73bh2aQkoCfH8NTYox3QDrJ4.roa (raw, json)
Hash identifier: V9Xet4pEEKpHii8bslHRgWPxEPA4IIqf1S9OUNVvN4s=
Subject key identifier: 1E:6F:FB:DD:B8:76:69:09:28:09:F1:FC:35:36:28:C7:74:03:AC:9E
Certificate issuer: /CN=f4c0aa7b3e3cbff88262add92b339e35051ce1a0
Certificate serial: 0189DE93DA3BC0F30265BF4DBE374340C55F
Authority key identifier: F4:C0:AA:7B:3E:3C:BF:F8:82:62:AD:D9:2B:33:9E:35:05:1C:E1:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9MCqez48v_iCYq3ZKzOeNQUc4aA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/9e2b1a-163b-4854-961a-ea75ddf47b4a/1/Hm_73bh2aQkoCfH8NTYox3QDrJ4.roa
Signing time: Thu 10 Aug 2023 08:32:58 +0000
ROA not before: Thu 10 Aug 2023 08:32:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47956
IP address blocks: 141.226.144.0/20 maxlen: 24
141.226.144.0/21 maxlen: 21
141.226.152.0/21 maxlen: 21
188.120.128.0/19 maxlen: 24
141.226.160.0/20 maxlen: 24
141.226.160.0/22 maxlen: 22
141.226.160.0/21 maxlen: 21
141.226.168.0/21 maxlen: 21
141.226.176.0/21 maxlen: 24
94.230.80.0/20 maxlen: 24
141.226.0.0/22 maxlen: 22
141.226.0.0/21 maxlen: 21
141.226.0.0/19 maxlen: 24
141.226.4.0/22 maxlen: 22
141.226.8.0/22 maxlen: 22
141.226.8.0/21 maxlen: 21
141.226.12.0/22 maxlen: 22
5.102.192.0/18 maxlen: 24
91.205.152.0/22 maxlen: 24
31.210.176.0/20 maxlen: 24
37.46.32.0/20 maxlen: 24
141.226.32.0/20 maxlen: 24
141.226.48.0/22 maxlen: 24
141.226.52.0/23 maxlen: 24
141.226.54.0/24 maxlen: 24
141.226.56.0/21 maxlen: 24
141.226.64.0/22 maxlen: 24
141.226.68.0/23 maxlen: 24
141.226.70.0/24 maxlen: 24
141.226.72.0/21 maxlen: 24
2a02:ed5::/32 maxlen: 32
2a02:ed0::/29 maxlen: 29
2a02:ed1::/32 maxlen: 32
2a02:ed2::/32 maxlen: 32
2a02:ed3::/32 maxlen: 48
2a02:ed0::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:de:93:da:3b:c0:f3:02:65:bf:4d:be:37:43:40:c5:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4c0aa7b3e3cbff88262add92b339e35051ce1a0
Validity
Not Before: Aug 10 08:32:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e6ffbddb87669092809f1fc353628c77403ac9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:20:8e:ef:3e:e0:e6:1e:68:a5:59:ed:4b:60:
b9:b5:1d:a7:9b:80:c5:95:0b:d4:ea:80:94:90:ac:
ce:dc:ec:b0:0a:92:fa:d7:bb:cc:96:00:9d:ad:55:
ec:26:fc:4b:a0:a3:3f:c9:bc:a5:2f:b5:20:77:8f:
e2:a0:a4:fa:1f:84:d0:0d:ab:70:fe:86:f8:0d:ea:
dc:50:66:9a:17:63:49:04:a7:fb:90:91:b1:e1:af:
02:c6:1d:85:70:a3:5f:40:22:81:39:ef:f7:a0:aa:
bd:59:ad:cc:95:b5:c0:fd:54:a4:0a:7f:2c:f8:c3:
c5:3c:05:27:d3:f1:9c:0c:23:ad:ac:b9:c7:f7:0d:
6a:24:7a:5d:06:b8:fd:4e:b7:25:ed:b5:05:12:26:
8c:9c:da:34:cc:cf:b0:42:f5:f8:a4:26:40:9d:5f:
a7:5a:d9:b6:45:90:12:5f:00:6b:a8:ba:05:2e:80:
9a:ed:95:80:50:04:24:94:6a:f0:c4:1b:c7:42:25:
27:ab:36:c2:26:ea:13:60:57:44:a8:5e:4a:26:16:
92:25:c7:5d:a6:7f:a8:ba:21:05:ad:06:d0:ba:bf:
ab:c4:71:80:70:1b:1e:65:a5:c4:75:fe:d9:97:07:
51:b8:77:20:bf:bb:ec:8a:27:66:63:2f:48:20:f5:
d8:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:6F:FB:DD:B8:76:69:09:28:09:F1:FC:35:36:28:C7:74:03:AC:9E
X509v3 Authority Key Identifier:
keyid:F4:C0:AA:7B:3E:3C:BF:F8:82:62:AD:D9:2B:33:9E:35:05:1C:E1:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9MCqez48v_iCYq3ZKzOeNQUc4aA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/9e2b1a-163b-4854-961a-ea75ddf47b4a/1/Hm_73bh2aQkoCfH8NTYox3QDrJ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/9e2b1a-163b-4854-961a-ea75ddf47b4a/1/9MCqez48v_iCYq3ZKzOeNQUc4aA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.192.0/18
31.210.176.0/20
37.46.32.0/20
91.205.152.0/22
94.230.80.0/20
141.226.0.0-141.226.54.255
141.226.56.0-141.226.70.255
141.226.72.0/21
141.226.144.0-141.226.183.255
188.120.128.0/19
IPv6:
2a02:ed0::/29
Signature Algorithm: sha256WithRSAEncryption
25:b0:4e:83:1f:64:92:2a:69:71:8b:14:16:b6:58:86:4c:2b:
6d:e2:b9:dd:a0:cc:9f:01:d6:58:f4:aa:b5:c5:e7:1d:48:4d:
06:f4:62:27:20:e5:ee:83:1e:d3:3a:fa:0f:5f:78:be:11:a7:
01:8c:10:53:f4:07:5e:6f:52:81:05:50:40:1f:7a:62:ff:29:
84:76:48:7f:70:a5:9a:4b:75:58:1c:af:ce:ce:67:05:5d:3f:
ae:6c:7e:d2:38:88:78:c9:57:a9:d7:6d:11:3e:84:3b:88:23:
ee:fc:6c:d2:b4:bd:9d:08:29:79:67:e7:bf:72:ee:14:48:38:
42:df:87:09:f0:4e:f2:82:06:5d:4b:b2:2d:02:8b:02:aa:16:
57:b8:cd:3d:7b:dd:94:28:ad:22:5f:cf:e3:da:70:19:68:fa:
6b:df:c9:a1:07:5d:be:8c:83:d7:c0:dd:14:c2:32:f1:2d:af:
4b:80:da:48:c2:38:6e:c0:d0:9d:a3:b9:8b:3d:47:2b:b6:5e:
92:2b:40:f9:02:54:eb:34:70:6d:1d:2b:80:c3:05:39:7d:5b:
fb:a3:a0:fc:55:56:5f:a7:47:e4:26:39:ad:43:27:66:ec:6f:
f7:5f:74:42:58:db:de:3d:98:64:5f:fd:91:b1:b2:06:d1:3a:
84:de:b9:53
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAYnek9o7wPMCZb9NvjdDQMVfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YzBhYTdiM2UzY2JmZjg4MjYyYWRkOTJiMzM5ZTM1MDUx
Y2UxYTAwHhcNMjMwODEwMDgzMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTZmZmJkZGI4NzY2OTA5MjgwOWYxZmMzNTM2MjhjNzc0MDNhYzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgCCO7z7g5h5opVntS2C5tR2nm4DF
lQvU6oCUkKzO3OywCpL617vMlgCdrVXsJvxLoKM/ybylL7Ugd4/ioKT6H4TQDatw
/ob4DercUGaaF2NJBKf7kJGx4a8Cxh2FcKNfQCKBOe/3oKq9Wa3MlbXA/VSkCn8s
+MPFPAUn0/GcDCOtrLnH9w1qJHpdBrj9Trcl7bUFEiaMnNo0zM+wQvX4pCZAnV+n
Wtm2RZASXwBrqLoFLoCa7ZWAUAQklGrwxBvHQiUnqzbCJuoTYFdEqF5KJhaSJcdd
pn+ouiEFrQbQur+rxHGAcBseZaXEdf7ZlwdRuHcgv7vsiidmYy9IIPXYOwIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFB5v+924dmkJKAnx/DU2KMd0A6yeMB8GA1UdIwQY
MBaAFPTAqns+PL/4gmKt2SsznjUFHOGgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU1DcWV6NDh2X2lDWXEzWkt6T2VOUVVjNGFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS85ZTJiMWEtMTYzYi00ODU0LTk2MWEt
ZWE3NWRkZjQ3YjRhLzEvSG1fNzNiaDJhUWtvQ2ZIOE5UWW94M1FEcko0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS85ZTJiMWEtMTYzYi00ODU0LTk2MWEtZWE3NWRkZjQ3YjRh
LzEvOU1DcWV6NDh2X2lDWXEzWkt6T2VOUVVjNGFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBZBAIAATBTAwQGBWbAAwQE
H9KwAwQEJS4gAwQCW82YAwQEXuZQMAsDAwGN4gMEAI3iNjAMAwQDjeI4AwQAjeJG
AwQDjeJIMAwDBASN4pADBAON4rADBAW8eIAwDQQCAAIwBwMFAyoCDtAwDQYJKoZI
hvcNAQELBQADggEBACWwToMfZJIqaXGLFBa2WIZMK23iud2gzJ8B1lj0qrXF5x1I
TQb0Yicg5e6DHtM6+g9feL4RpwGMEFP0B15vUoEFUEAfemL/KYR2SH9wpZpLdVgc
r87OZwVdP65sftI4iHjJV6nXbRE+hDuII+78bNK0vZ0IKXln579y7hRIOELfhwnw
TvKCBl1Lsi0CiwKqFle4zT173ZQorSJfz+PacBlo+mvfyaEHXb6Mg9fA3RTCMvEt
r0uA2kjCOG7A0J2juYs9Ryu2XpIrQPkCVOs0cG0dK4DDBTl9W/ujoPxVVl+nR+Qm
Oa1DJ2bsb/dfdEJY2949mGRf/ZGxsgbROoTeuVM=
-----END CERTIFICATE-----
Generated at Sun Apr 27 20:22:06 2025 by rpki-client