Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/PvRs3EEno9Zwr6C_8DbXfMzxlng.roa
File: PvRs3EEno9Zwr6C_8DbXfMzxlng.roa (raw, json)
Hash identifier: WQQ9uX56IStjDzR2cazTGLJX5ceEwjnLNfiJGzrWQCM=
Subject key identifier: 3E:F4:6C:DC:41:27:A3:D6:70:AF:A0:BF:F0:36:D7:7C:CC:F1:96:78
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 01827405A60486213F6D39FCB2572F6804F0
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/PvRs3EEno9Zwr6C_8DbXfMzxlng.roa
Signing time: Sat 06 Aug 2022 16:38:23 +0000
ROA not before: Sat 06 Aug 2022 16:38:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12325
IP address blocks: 89.46.42.0/24 maxlen: 24
94.177.28.0/24 maxlen: 24
188.213.212.0/24 maxlen: 24
188.213.216.0/24 maxlen: 24
94.176.213.0/24 maxlen: 24
89.47.36.0/24 maxlen: 24
92.114.32.0/24 maxlen: 24
89.40.222.0/23 maxlen: 24
92.114.54.0/24 maxlen: 24
89.35.124.0/23 maxlen: 24
89.44.105.0/24 maxlen: 24
86.105.220.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:74:05:a6:04:86:21:3f:6d:39:fc:b2:57:2f:68:04:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Aug 6 16:38:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3ef46cdc4127a3d670afa0bff036d77cccf19678
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:18:5f:21:85:da:1a:8d:90:f0:9c:69:68:18:
64:6f:ac:2d:6b:f4:8d:64:f3:39:6e:ed:bf:7d:05:
d1:0a:26:1f:24:de:ca:57:1c:fb:58:b3:51:75:71:
0c:eb:e6:b5:f4:e9:28:e7:0f:09:e4:ca:cd:69:17:
d6:fb:79:36:3e:2a:d7:b4:61:95:b6:78:f0:ed:41:
58:c6:a2:ac:50:b4:b3:a0:97:5f:0c:ff:5c:7c:f8:
6e:9c:b0:be:33:35:db:dc:0f:d9:3f:7b:87:6a:38:
e2:a6:23:55:4c:c9:c0:30:c7:34:08:0a:b8:8c:dc:
77:d5:b6:da:8b:f6:09:d2:7c:de:b0:ea:39:ea:7d:
ba:66:4a:23:9e:87:60:c1:c6:7d:ae:e2:bc:bd:1a:
88:75:18:76:ee:70:f3:3c:10:a0:87:e1:c9:0f:13:
fb:3a:5a:ba:4b:e4:70:35:ff:41:06:50:9d:59:cd:
49:23:c1:f9:6f:92:57:25:53:32:1e:a2:ad:32:b4:
56:72:31:4c:f0:1f:0d:7e:85:df:85:ab:8d:43:14:
94:64:5d:b0:1c:a4:83:bf:2b:1c:14:82:b0:22:ee:
a2:63:de:9d:fe:0d:90:cf:d3:18:4b:98:90:ca:08:
23:bd:af:62:da:43:6f:7e:49:66:b1:76:8f:1f:96:
16:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:F4:6C:DC:41:27:A3:D6:70:AF:A0:BF:F0:36:D7:7C:CC:F1:96:78
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/PvRs3EEno9Zwr6C_8DbXfMzxlng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.105.220.0/24
89.35.124.0/23
89.40.222.0/23
89.44.105.0/24
89.46.42.0/24
89.47.36.0/24
92.114.32.0/24
92.114.54.0/24
94.176.213.0/24
94.177.28.0/24
188.213.212.0/24
188.213.216.0/24
Signature Algorithm: sha256WithRSAEncryption
be:b1:df:8c:8a:cb:19:63:1d:fa:52:14:e8:e3:c6:02:2a:e7:
f2:f6:12:1a:0a:6e:aa:75:f1:a2:fb:75:60:34:f8:e5:16:9a:
18:f3:b0:11:7a:60:22:f7:ce:71:f0:8f:6e:9b:80:e9:06:e8:
a5:71:1f:0e:4f:c1:fb:88:a0:a0:21:30:d2:70:5e:b6:bd:ee:
3c:9f:69:dd:c4:b1:bf:ae:3e:87:df:a0:f2:5f:98:04:f1:db:
a7:15:31:1b:e8:12:28:5c:66:81:39:d2:52:b7:87:cc:72:81:
c9:ea:c5:d9:75:52:59:61:30:c7:88:61:5a:5e:56:00:d9:c1:
eb:53:c2:97:ee:0c:82:33:18:7c:2f:b9:a5:de:28:cc:23:44:
7a:bc:4d:2b:b0:96:bd:f2:64:bc:c4:70:28:02:15:f5:5a:cc:
ad:ff:88:ff:85:5a:fc:e0:e9:99:96:eb:be:c5:e9:2c:86:4f:
a0:0c:4c:99:88:8a:88:b4:84:5d:50:3a:5d:8c:b2:88:52:03:
47:e7:5d:a3:95:19:86:22:4f:3f:33:30:e5:cd:9a:64:be:72:
06:08:1f:9e:97:65:8a:d7:65:94:0f:66:99:29:24:ca:df:8a:
77:a6:4f:a8:e6:f6:a1:05:99:12:d2:6e:67:3a:6e:10:14:24:
dc:f6:33:4a
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYJ0BaYEhiE/bTn8slcvaATwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjIwODA2MTYzODIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWY0NmNkYzQxMjdhM2Q2NzBhZmEwYmZmMDM2ZDc3Y2NjZjE5Njc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRhfIYXaGo2Q8JxpaBhkb6wta/SN
ZPM5bu2/fQXRCiYfJN7KVxz7WLNRdXEM6+a19Oko5w8J5MrNaRfW+3k2PirXtGGV
tnjw7UFYxqKsULSzoJdfDP9cfPhunLC+MzXb3A/ZP3uHajjipiNVTMnAMMc0CAq4
jNx31bbai/YJ0nzesOo56n26ZkojnodgwcZ9ruK8vRqIdRh27nDzPBCgh+HJDxP7
Olq6S+RwNf9BBlCdWc1JI8H5b5JXJVMyHqKtMrRWcjFM8B8NfoXfhauNQxSUZF2w
HKSDvyscFIKwIu6iY96d/g2Qz9MYS5iQyggjva9i2kNvfklmsXaPH5YWcQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFD70bNxBJ6PWcK+gv/A213zM8ZZ4MB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL1B2UnMzRUVubzlad3I2Q184RGJYZk16eGxuZy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwYQYIKwYBBQUHAQcBAf8EUjBQME4EAgABMEgDBABWadwD
BAFZI3wDBAFZKN4DBABZLGkDBABZLioDBABZLyQDBABcciADBABccjYDBABesNUD
BABesRwDBAC81dQDBAC81dgwDQYJKoZIhvcNAQELBQADggEBAL6x34yKyxljHfpS
FOjjxgIq5/L2EhoKbqp18aL7dWA0+OUWmhjzsBF6YCL3znHwj26bgOkG6KVxHw5P
wfuIoKAhMNJwXra97jyfad3Esb+uPoffoPJfmATx26cVMRvoEihcZoE50lK3h8xy
gcnqxdl1UllhMMeIYVpeVgDZwetTwpfuDIIzGHwvuaXeKMwjRHq8TSuwlr3yZLzE
cCgCFfVazK3/iP+FWvzg6ZmW677F6SyGT6AMTJmIioi0hF1QOl2MsohSA0fnXaOV
GYYiTz8zMOXNmmS+cgYIH56XZYrXZZQPZpkpJMrfinemT6jm9qEFmRLSbmc6bhAU
JNz2M0o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:52 2024 by rpki-client on console-ams.rpki-client.org