Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Bb98xWi8v-7YSPCm9p7vm-SWTp4.roa
File: Bb98xWi8v-7YSPCm9p7vm-SWTp4.roa (raw, json)
Hash identifier: mIeK4NHH2wM3UcEETkbrSKSHVoOEHAgMOt0LSqn2sQk=
Subject key identifier: 05:BF:7C:C5:68:BC:BF:EE:D8:48:F0:A6:F6:9E:EF:9B:E4:96:4E:9E
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 01886706E4770BB94C11A3FAF7A6CD358DAD
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Bb98xWi8v-7YSPCm9p7vm-SWTp4.roa
Signing time: Mon 29 May 2023 10:21:24 +0000
ROA not before: Mon 29 May 2023 10:21:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31732
IP address blocks: 82.97.240.0/20 maxlen: 24
185.220.236.0/22 maxlen: 24
188.209.155.0/24 maxlen: 24
45.137.180.0/22 maxlen: 24
82.115.12.0/23 maxlen: 24
185.129.108.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:67:06:e4:77:0b:b9:4c:11:a3:fa:f7:a6:cd:35:8d:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: May 29 10:21:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05bf7cc568bcbfeed848f0a6f69eef9be4964e9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:d2:fa:e3:b0:dc:3f:a6:b2:19:5c:22:65:76:
2d:6b:fe:a1:f1:85:cf:52:8e:e6:eb:9a:5f:3e:ec:
e6:a3:48:1b:f1:89:23:9c:90:8d:3e:c2:30:df:a7:
0e:5d:6f:cd:82:62:94:28:f1:47:c1:1f:d8:a1:b6:
c1:db:4a:e9:cc:5f:5e:99:17:75:51:45:98:3c:a5:
35:86:3d:db:a9:f8:0e:7a:9c:e3:91:17:e1:34:f7:
af:eb:b0:72:e0:3b:8f:25:20:36:3e:b9:bd:e9:c5:
03:26:96:14:23:2a:99:f2:c7:c3:fc:29:06:cf:b3:
8d:70:51:14:7c:dc:aa:43:e0:b6:d5:cd:08:94:b0:
a0:df:c6:83:53:51:e8:ba:36:61:4b:13:06:d7:4a:
4a:54:8a:c6:38:be:c4:1f:98:37:c7:82:aa:c2:00:
6d:7b:67:ea:98:23:d7:bf:47:fe:95:a2:e3:fd:64:
f3:08:0b:e4:68:79:ed:89:cb:33:f4:59:ea:31:48:
af:e4:00:a5:80:06:07:6e:23:73:cd:8b:9a:3c:d9:
28:88:43:b5:c9:7e:36:de:dc:69:9a:ab:af:47:9f:
f2:46:0c:9f:7c:93:f0:23:95:11:b1:92:85:da:4b:
39:30:ba:4e:49:9b:e3:d8:11:b1:72:dc:cb:59:3a:
5f:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:BF:7C:C5:68:BC:BF:EE:D8:48:F0:A6:F6:9E:EF:9B:E4:96:4E:9E
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Bb98xWi8v-7YSPCm9p7vm-SWTp4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.180.0/22
82.97.240.0/20
82.115.12.0/23
185.129.108.0/22
185.220.236.0/22
188.209.155.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:7c:57:53:a9:4e:fd:90:4d:4e:b1:92:44:2f:34:2a:52:e9:
69:46:de:40:a5:54:a8:29:1f:a7:08:2a:1f:dc:7e:44:8d:20:
eb:76:6b:b9:24:36:93:46:32:d3:22:be:ae:1f:7b:4e:7a:68:
fa:5d:a2:ab:d8:3a:4b:55:ec:e6:73:25:97:c9:75:14:11:3d:
61:22:21:1d:55:ec:02:c4:bf:7f:2f:67:e2:be:01:38:91:11:
90:a0:8b:bc:28:c0:3d:92:69:a0:24:2d:2d:b4:5f:f2:d2:55:
2a:54:0a:fa:da:e5:f9:98:fd:37:87:a5:3a:3a:94:b3:dc:6d:
e7:da:d3:40:fb:61:49:8b:8b:73:11:ee:ee:90:74:ed:ff:23:
3b:3c:8b:47:d5:3e:90:ef:79:fd:2e:36:bd:99:54:1c:78:df:
0f:aa:9e:6b:d6:d8:82:f8:20:14:c6:bb:5f:84:3b:86:75:e4:
d8:d4:5c:b0:48:00:c2:95:7a:d6:ab:5c:ea:18:ea:a5:c6:a3:
89:8f:a1:08:4c:22:48:db:e5:b4:ed:d8:90:da:91:b4:f5:a1:
d9:32:16:86:f9:ea:d3:43:0a:50:73:db:fb:bc:6c:e1:48:93:
eb:7b:a7:aa:e7:6e:7f:f0:26:68:56:a5:2e:0b:9e:d2:49:af:
e7:2b:c0:c5
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYhnBuR3C7lMEaP696bNNY2tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMwNTI5MTAyMTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWJmN2NjNTY4YmNiZmVlZDg0OGYwYTZmNjllZWY5YmU0OTY0ZTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiNL647DcP6ayGVwiZXYta/6h8YXP
Uo7m65pfPuzmo0gb8YkjnJCNPsIw36cOXW/NgmKUKPFHwR/YobbB20rpzF9emRd1
UUWYPKU1hj3bqfgOepzjkRfhNPev67By4DuPJSA2Prm96cUDJpYUIyqZ8sfD/CkG
z7ONcFEUfNyqQ+C21c0IlLCg38aDU1HoujZhSxMG10pKVIrGOL7EH5g3x4KqwgBt
e2fqmCPXv0f+laLj/WTzCAvkaHnticsz9FnqMUiv5AClgAYHbiNzzYuaPNkoiEO1
yX423txpmquvR5/yRgyffJPwI5URsZKF2ks5MLpOSZvj2BGxctzLWTpfuwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFAW/fMVovL/u2Ejwpvae75vklk6eMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvQmI5OHhXaTh2LTdZU1BDbTlwN3ZtLVNXVHA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCLYm0AwQE
UmHwAwQBUnMMAwQCuYFsAwQCudzsAwQAvNGbMA0GCSqGSIb3DQEBCwUAA4IBAQC7
fFdTqU79kE1OsZJELzQqUulpRt5ApVSoKR+nCCof3H5EjSDrdmu5JDaTRjLTIr6u
H3tOemj6XaKr2DpLVezmcyWXyXUUET1hIiEdVewCxL9/L2fivgE4kRGQoIu8KMA9
kmmgJC0ttF/y0lUqVAr62uX5mP03h6U6OpSz3G3n2tNA+2FJi4tzEe7ukHTt/yM7
PItH1T6Q73n9Lja9mVQceN8Pqp5r1tiC+CAUxrtfhDuGdeTY1FywSADClXrWq1zq
GOqlxqOJj6EITCJI2+W07diQ2pG09aHZMhaG+erTQwpQc9v7vGzhSJPre6eq525/
8CZoVqUuC57SSa/nK8DF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:15 2024 by rpki-client on console-ams.rpki-client.org