Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/kjOICOXQUrbBDqDoim6odEzDqSg.roa
File: kjOICOXQUrbBDqDoim6odEzDqSg.roa (raw, json)
Hash identifier: tYnzbtzMtvcVu1/D3J3lipf4V5hP+NY2UYowD1rdb9o=
Subject key identifier: 92:33:88:08:E5:D0:52:B6:C1:0E:A0:E8:8A:6E:A8:74:4C:C3:A9:28
Certificate issuer: /CN=ab54fe831b6a719f42e6c8486fd03b550be761fb
Certificate serial: 121166A9
Authority key identifier: AB:54:FE:83:1B:6A:71:9F:42:E6:C8:48:6F:D0:3B:55:0B:E7:61:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q1T-gxtqcZ9C5shIb9A7VQvnYfs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/kjOICOXQUrbBDqDoim6odEzDqSg.roa
Signing time: Mon 09 May 2022 10:39:22 +0000
ROA not before: Mon 09 May 2022 10:39:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13287
IP address blocks: 213.162.192.0/24 maxlen: 24
213.162.193.0/24 maxlen: 24
213.162.195.0/24 maxlen: 24
213.162.197.0/24 maxlen: 24
213.162.196.0/22 maxlen: 24
213.162.206.0/24 maxlen: 24
213.162.205.0/24 maxlen: 24
213.162.204.0/24 maxlen: 24
213.162.200.0/22 maxlen: 22
213.162.212.0/24 maxlen: 24
213.162.211.0/24 maxlen: 24
213.162.210.0/24 maxlen: 24
213.162.208.0/23 maxlen: 23
213.162.207.0/24 maxlen: 24
213.162.219.0/24 maxlen: 24
213.162.216.0/22 maxlen: 22
213.162.218.0/24 maxlen: 24
213.162.217.0/24 maxlen: 24
213.162.215.0/24 maxlen: 24
213.162.214.0/24 maxlen: 24
213.162.220.0/24 maxlen: 24
213.162.221.0/24 maxlen: 24
185.33.64.0/24 maxlen: 24
185.33.65.0/24 maxlen: 24
185.33.67.0/24 maxlen: 24
185.33.66.0/24 maxlen: 24
109.234.84.0/24 maxlen: 24
109.234.85.0/24 maxlen: 24
109.234.81.0/24 maxlen: 24
109.234.80.0/24 maxlen: 24
109.234.82.0/24 maxlen: 24
109.234.82.0/23 maxlen: 23
109.234.87.0/24 maxlen: 24
185.19.68.0/22 maxlen: 22
185.111.185.0/24 maxlen: 24
185.111.184.0/24 maxlen: 24
185.111.184.0/22 maxlen: 22
2a02:23a0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 303130281 (0x121166a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab54fe831b6a719f42e6c8486fd03b550be761fb
Validity
Not Before: May 9 10:39:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=92338808e5d052b6c10ea0e88a6ea8744cc3a928
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:b3:74:56:2a:c0:90:77:e1:21:04:39:fc:c5:
bf:d0:7f:51:86:63:de:53:27:0e:ba:ff:74:1a:d7:
14:6e:73:bf:a2:28:a5:be:55:78:2f:1f:0a:56:53:
29:71:e6:9c:d6:a7:b9:8f:52:f0:49:3e:5f:69:52:
b7:30:03:6a:42:a6:19:d6:50:23:24:c5:63:af:90:
7e:13:a1:62:a6:91:7d:93:bf:f4:d4:2e:9e:17:31:
be:f9:91:cc:50:9d:5e:19:16:af:c5:dd:c7:59:68:
3b:a3:9c:59:10:70:95:74:85:8c:9f:f0:17:87:82:
aa:68:aa:bf:17:30:47:f0:81:f2:9e:8d:46:a7:b9:
f9:4c:16:55:af:45:c1:12:2e:2d:eb:d7:c7:50:d4:
91:04:be:4e:0b:2d:c8:81:aa:b6:86:32:cd:0d:82:
32:33:80:11:0c:4d:70:57:55:d6:a6:e2:f7:0a:24:
3a:bd:9b:67:44:36:a0:ea:fd:66:2c:b1:09:89:5a:
14:88:1e:af:12:69:60:13:64:14:1f:cf:12:9d:9e:
31:71:10:b9:cb:15:a9:80:63:c1:7e:95:5f:81:8e:
48:30:c6:41:31:f5:35:96:74:a5:6d:95:45:b1:ab:
a4:f2:93:7c:44:f6:d4:9e:13:e2:d7:30:5b:4b:d6:
59:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:33:88:08:E5:D0:52:B6:C1:0E:A0:E8:8A:6E:A8:74:4C:C3:A9:28
X509v3 Authority Key Identifier:
keyid:AB:54:FE:83:1B:6A:71:9F:42:E6:C8:48:6F:D0:3B:55:0B:E7:61:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q1T-gxtqcZ9C5shIb9A7VQvnYfs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/kjOICOXQUrbBDqDoim6odEzDqSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/q1T-gxtqcZ9C5shIb9A7VQvnYfs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.234.80.0-109.234.85.255
109.234.87.0/24
185.19.68.0/22
185.33.64.0/22
185.111.184.0/22
213.162.192.0/23
213.162.195.0-213.162.212.255
213.162.214.0-213.162.221.255
IPv6:
2a02:23a0::/32
Signature Algorithm: sha256WithRSAEncryption
74:9b:97:e9:e9:a1:c0:b4:85:c5:ec:7c:38:ff:f2:a7:c7:2a:
ce:a4:12:fa:5a:59:06:54:ee:8f:2d:1d:fc:22:ec:a1:2d:66:
3a:99:3e:01:bc:80:d0:51:4c:2d:a5:23:e0:ec:57:1e:dd:7f:
99:37:81:67:d8:29:39:4c:46:5d:1c:24:de:fe:af:d7:de:1c:
ed:2e:a1:36:7b:ff:8a:1d:82:06:d8:3e:94:9f:70:76:77:61:
d5:d1:a7:94:40:95:f8:4d:93:72:bd:3a:41:7a:b1:44:75:77:
95:35:0f:00:77:3f:bf:32:07:5c:9e:49:08:42:20:e9:cb:20:
bf:98:53:d3:91:f0:2d:a1:9a:b8:87:d0:66:4e:8a:45:d5:c6:
47:55:43:b7:75:68:6a:f6:84:04:78:84:a8:87:e2:c1:d6:97:
74:11:1b:ce:6a:96:21:12:4d:5f:b1:ab:1a:0b:6a:98:a7:e9:
01:d2:6a:a0:89:69:60:8d:00:6a:f6:bb:17:b9:03:7d:ed:06:
d1:c1:ac:73:c7:9b:2f:90:01:a5:aa:b3:53:66:e6:81:fb:4d:
75:31:e0:99:bf:3a:69:ee:51:94:4b:07:99:3c:5b:f6:58:6b:
9a:1c:f1:cd:87:25:8a:10:53:96:65:ea:a9:c4:2e:b2:cc:e5:
f0:73:d1:06
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIEEhFmqTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YjU0ZmU4MzFiNmE3MTlmNDJlNmM4NDg2ZmQwM2I1NTBiZTc2MWZiMB4XDTIyMDUw
OTEwMzkyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTIzMzg4MDhlNWQw
NTJiNmMxMGVhMGU4OGE2ZWE4NzQ0Y2MzYTkyODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPuzdFYqwJB34SEEOfzFv9B/UYZj3lMnDrr/dBrXFG5zv6Io
pb5VeC8fClZTKXHmnNanuY9S8Ek+X2lStzADakKmGdZQIyTFY6+QfhOhYqaRfZO/
9NQunhcxvvmRzFCdXhkWr8Xdx1loO6OcWRBwlXSFjJ/wF4eCqmiqvxcwR/CB8p6N
Rqe5+UwWVa9FwRIuLevXx1DUkQS+TgstyIGqtoYyzQ2CMjOAEQxNcFdV1qbi9wok
Or2bZ0Q2oOr9ZiyxCYlaFIgerxJpYBNkFB/PEp2eMXEQucsVqYBjwX6VX4GOSDDG
QTH1NZZ0pW2VRbGrpPKTfET21J4T4tcwW0vWWbsCAwEAAaOCAlowggJWMB0GA1Ud
DgQWBBSSM4gI5dBStsEOoOiKbqh0TMOpKDAfBgNVHSMEGDAWgBSrVP6DG2pxn0Lm
yEhv0DtVC+dh+zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ExVC1neHRxY1o5QzVzaEliOUE3VlF2bllmcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGEvNWVhYWE3LTMxMDctNDI2OC1hYWQ2LTZmZDk3ODkyMDViYS8x
L2tqT0lDT1hRVXJiQkRxRG9pbTZvZEV6RHFTZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGEv
NWVhYWE3LTMxMDctNDI2OC1hYWQ2LTZmZDk3ODkyMDViYS8xL3ExVC1neHRxY1o5
QzVzaEliOUE3VlF2bllmcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBw
BggrBgEFBQcBBwEB/wRhMF8wTgQCAAEwSDAMAwQEbepQAwQBbepUAwQAbepXAwQC
uRNEAwQCuSFAAwQCuW+4AwQB1aLAMAwDBADVosMDBADVotQwDAMEAdWi1gMEAdWi
3DANBAIAAjAHAwUAKgIjoDANBgkqhkiG9w0BAQsFAAOCAQEAdJuX6emhwLSFxex8
OP/yp8cqzqQS+lpZBlTujy0d/CLsoS1mOpk+AbyA0FFMLaUj4OxXHt1/mTeBZ9gp
OUxGXRwk3v6v194c7S6hNnv/ih2CBtg+lJ9wdndh1dGnlECV+E2Tcr06QXqxRHV3
lTUPAHc/vzIHXJ5JCEIg6csgv5hT05HwLaGauIfQZk6KRdXGR1VDt3VoavaEBHiE
qIfiwdaXdBEbzmqWIRJNX7GrGgtqmKfpAdJqoIlpYI0Aava7F7kDfe0G0cGsc8eb
L5ABpaqzU2bmgftNdTHgmb86ae5RlEsHmTxb9lhrmhzxzYclihBTlmXqqcQusszl
8HPRBg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:33 2024 by rpki-client on console-ams.rpki-client.org