Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/WB-iE-FHEtJq7rzsS3GlgZQq8uw.roa
File: WB-iE-FHEtJq7rzsS3GlgZQq8uw.roa (raw, json)
Hash identifier: WZgHvlfotBc0wvd+BGlqW8Nae8pWAM6PqhTflu/jJJY=
Subject key identifier: 58:1F:A2:13:E1:47:12:D2:6A:EE:BC:EC:4B:71:A5:81:94:2A:F2:EC
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 018698EEB4C9F9077693F21E7054066217A6
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/WB-iE-FHEtJq7rzsS3GlgZQq8uw.roa
Signing time: Tue 28 Feb 2023 16:50:25 +0000
ROA not before: Tue 28 Feb 2023 16:50:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12325
IP address blocks: 94.177.28.0/24 maxlen: 24
86.105.144.0/22 maxlen: 24
185.18.224.0/23 maxlen: 24
89.35.124.0/23 maxlen: 24
93.114.176.0/23 maxlen: 24
89.45.162.0/24 maxlen: 24
89.46.128.0/22 maxlen: 24
89.40.70.0/24 maxlen: 24
188.213.212.0/24 maxlen: 24
188.213.216.0/24 maxlen: 24
188.215.40.0/22 maxlen: 24
92.114.32.0/24 maxlen: 24
89.40.222.0/23 maxlen: 24
89.45.35.0/24 maxlen: 24
92.114.54.0/24 maxlen: 24
31.14.228.0/22 maxlen: 24
89.46.232.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:98:ee:b4:c9:f9:07:76:93:f2:1e:70:54:06:62:17:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Feb 28 16:50:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=581fa213e14712d26aeebcec4b71a581942af2ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:b3:20:a7:5d:61:2c:67:f4:63:77:3e:84:6a:
be:17:4d:bb:2e:c6:37:5d:e0:b8:da:4d:66:43:e9:
7c:6e:fb:7a:f2:86:45:42:40:42:17:d1:45:69:ba:
ce:57:0f:b1:77:bf:82:1d:6d:ee:8b:6c:4d:fa:1b:
3d:4a:d8:7c:67:06:d0:ef:95:be:31:9b:19:20:10:
26:1c:ba:64:43:f8:fc:ad:52:e3:3e:af:42:29:bb:
d4:b4:82:d9:4f:a8:38:db:ab:bd:ba:53:7d:df:b0:
cd:1b:6f:d6:07:d5:f2:79:51:f7:c5:63:74:a5:83:
26:4b:06:8c:8f:0d:53:c1:cd:2d:10:9c:d7:61:83:
d6:79:09:33:47:95:63:ea:fa:be:8e:2f:5d:66:7c:
f6:d6:89:91:68:0e:35:ac:d0:df:4c:d1:25:87:6a:
60:fb:0d:cf:93:fb:21:20:50:c2:41:ff:11:5a:8f:
77:eb:ed:4b:16:bd:eb:93:26:37:94:cc:ef:f2:8d:
83:0c:23:b5:89:9a:39:73:c9:df:cb:76:66:2f:b6:
33:b7:90:66:ca:b1:3f:0c:0f:53:34:5b:1c:eb:c2:
ad:30:82:c2:66:4e:7a:a2:15:2b:1c:99:62:95:2b:
ec:2b:59:8e:e5:af:84:6b:14:d5:85:c0:1c:f6:27:
50:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:1F:A2:13:E1:47:12:D2:6A:EE:BC:EC:4B:71:A5:81:94:2A:F2:EC
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/WB-iE-FHEtJq7rzsS3GlgZQq8uw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.228.0/22
86.105.144.0/22
89.35.124.0/23
89.40.70.0/24
89.40.222.0/23
89.45.35.0/24
89.45.162.0/24
89.46.128.0/22
89.46.232.0/21
92.114.32.0/24
92.114.54.0/24
93.114.176.0/23
94.177.28.0/24
185.18.224.0/23
188.213.212.0/24
188.213.216.0/24
188.215.40.0/22
Signature Algorithm: sha256WithRSAEncryption
88:be:4e:eb:64:85:36:70:b0:f3:37:2b:7e:97:96:be:a9:92:
ac:75:c6:32:8c:39:5f:87:4d:44:36:1b:d2:c4:99:26:41:63:
28:26:35:c5:71:f0:a6:a5:17:70:4f:ea:db:20:c0:dc:09:b6:
19:1e:d2:1d:06:e1:2b:a3:d6:c6:e9:67:80:9a:e3:9a:bc:7e:
85:80:3c:00:7c:5c:da:39:2c:8c:33:0b:36:6e:4f:cc:62:0e:
b1:bd:c2:ed:0f:09:c8:6b:86:de:0b:34:9d:63:6a:ce:34:f9:
94:97:3a:53:95:6c:eb:6b:8c:8d:14:49:e4:10:03:61:d9:af:
be:d7:f4:79:35:d6:ec:97:e5:3e:bd:a7:f3:41:38:af:19:c0:
b8:f7:d7:e3:9c:fa:29:9d:ea:f1:7e:11:7b:f5:d9:33:cf:57:
a6:7a:b6:0c:00:c0:71:09:b8:45:97:9e:1a:10:3e:41:08:a4:
e2:00:20:d2:ed:5b:ae:fb:f8:68:44:7a:ca:ee:2b:1a:b6:19:
df:98:4f:8e:ea:77:73:6e:b7:07:da:ee:8e:f6:2a:ba:7a:1a:
5d:f4:3c:17:a9:fb:40:f7:e0:1f:c3:9c:f9:b7:79:a8:38:23:
2b:e6:94:99:aa:c2:96:b8:10:f1:c8:e8:7b:5c:e6:3e:c6:fe:
14:a3:73:3d
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgISAYaY7rTJ+Qd2k/IecFQGYhemMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjMwMjI4MTY1MDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODFmYTIxM2UxNDcxMmQyNmFlZWJjZWM0YjcxYTU4MTk0MmFmMmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLMgp11hLGf0Y3c+hGq+F027LsY3
XeC42k1mQ+l8bvt68oZFQkBCF9FFabrOVw+xd7+CHW3ui2xN+hs9Sth8ZwbQ75W+
MZsZIBAmHLpkQ/j8rVLjPq9CKbvUtILZT6g426u9ulN937DNG2/WB9XyeVH3xWN0
pYMmSwaMjw1Twc0tEJzXYYPWeQkzR5Vj6vq+ji9dZnz21omRaA41rNDfTNElh2pg
+w3Pk/shIFDCQf8RWo936+1LFr3rkyY3lMzv8o2DDCO1iZo5c8nfy3ZmL7Yzt5Bm
yrE/DA9TNFsc68KtMILCZk56ohUrHJlilSvsK1mO5a+EaxTVhcAc9idQOQIDAQAB
o4ICazCCAmcwHQYDVR0OBBYEFFgfohPhRxLSau687EtxpYGUKvLsMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL1dCLWlFLUZIRXRKcTdyenNTM0dsZ1pRcTh1dy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwfwYIKwYBBQUHAQcBAf8EcDBuMGwEAgABMGYDBAIfDuQD
BAJWaZADBAFZI3wDBABZKEYDBAFZKN4DBABZLSMDBABZLaIDBAJZLoADBANZLugD
BABcciADBABccjYDBAFdcrADBABesRwDBAG5EuADBAC81dQDBAC81dgDBAK81ygw
DQYJKoZIhvcNAQELBQADggEBAIi+TutkhTZwsPM3K36Xlr6pkqx1xjKMOV+HTUQ2
G9LEmSZBYygmNcVx8KalF3BP6tsgwNwJthke0h0G4Suj1sbpZ4Ca45q8foWAPAB8
XNo5LIwzCzZuT8xiDrG9wu0PCchrht4LNJ1jas40+ZSXOlOVbOtrjI0USeQQA2HZ
r77X9Hk11uyX5T69p/NBOK8ZwLj31+Oc+imd6vF+EXv12TPPV6Z6tgwAwHEJuEWX
nhoQPkEIpOIAINLtW677+GhEesruKxq2Gd+YT47qd3Nutwfa7o72Krp6Gl30PBep
+0D34B/DnPm3eag4IyvmlJmqwpa4EPHI6Htc5j7G/hSjcz0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:42 2024 by rpki-client on console-fra.rpki-client.org