Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/qUY3dUH2-XG8Lvrv5KyP8pO1gtE.roa
File: qUY3dUH2-XG8Lvrv5KyP8pO1gtE.roa (raw, json)
Hash identifier: uOG3OFVYTxc7m2Sao8a+H0jX2Ks5Z7MnXCm2wpYnCQI=
Subject key identifier: A9:46:37:75:41:F6:F9:71:BC:2E:FA:EF:E4:AC:8F:F2:93:B5:82:D1
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 01870D9B2FCA78931BA54F4FD3246BB73297
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/qUY3dUH2-XG8Lvrv5KyP8pO1gtE.roa
Signing time: Thu 23 Mar 2023 08:34:46 +0000
ROA not before: Thu 23 Mar 2023 08:34:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202423
IP address blocks: 212.60.22.0/24 maxlen: 24
5.44.43.0/24 maxlen: 24
5.44.45.0/24 maxlen: 24
45.129.186.0/24 maxlen: 24
185.247.185.0/24 maxlen: 24
77.220.205.0/24 maxlen: 24
89.191.225.0/24 maxlen: 24
89.191.227.0/24 maxlen: 24
89.191.230.0/24 maxlen: 24
89.191.231.0/24 maxlen: 24
89.191.233.0/24 maxlen: 24
89.191.235.0/24 maxlen: 24
194.116.162.0/24 maxlen: 24
194.116.163.0/24 maxlen: 24
45.89.188.0/24 maxlen: 24
45.89.189.0/24 maxlen: 24
45.89.191.0/24 maxlen: 24
91.107.119.0/24 maxlen: 24
92.118.113.0/24 maxlen: 24
91.222.237.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:0d:9b:2f:ca:78:93:1b:a5:4f:4f:d3:24:6b:b7:32:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Mar 23 08:34:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a946377541f6f971bc2efaefe4ac8ff293b582d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:19:2c:9a:1b:af:13:8a:f3:35:4c:08:ed:49:
ec:00:be:ed:cc:a6:af:5e:46:8c:b0:6d:2a:5c:f0:
7b:de:74:cf:63:5e:92:5f:b6:a2:dc:3b:df:ba:67:
7d:f5:c8:6a:ae:71:6f:41:a7:69:88:e6:d3:13:9c:
72:59:56:0b:b3:ee:4b:ab:b0:e7:ab:15:8e:bb:8c:
c6:26:f7:08:8b:68:6e:e2:39:3b:98:0c:cb:e0:c5:
66:29:40:60:60:90:d6:5f:a8:6b:1a:dc:84:48:f0:
68:66:f0:ab:a2:0a:ed:fc:da:2e:5e:82:78:9d:02:
5d:49:5d:85:93:06:d9:8f:64:0a:94:9e:bc:09:f1:
eb:8b:df:d6:0f:a3:a2:22:c8:5d:19:dc:c1:f9:9d:
01:7d:7e:2f:8a:1e:c0:ad:a3:71:5a:23:ee:cb:5c:
01:cd:76:37:80:57:99:6e:82:28:1d:97:c9:c9:44:
c5:85:57:65:e2:d0:4c:d9:02:20:91:6b:25:31:00:
ad:ee:32:3c:72:cd:6e:48:e7:d7:bd:e0:1f:01:ad:
90:44:c6:1f:3c:61:77:87:02:16:bc:b6:57:ad:eb:
72:c4:b7:4b:84:3e:bc:29:8a:c4:e8:d0:b8:5a:a8:
e5:28:0b:e4:2f:e0:69:d6:d4:30:5d:11:e8:c4:de:
b7:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:46:37:75:41:F6:F9:71:BC:2E:FA:EF:E4:AC:8F:F2:93:B5:82:D1
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/qUY3dUH2-XG8Lvrv5KyP8pO1gtE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.43.0/24
5.44.45.0/24
45.89.188.0/23
45.89.191.0/24
45.129.186.0/24
77.220.205.0/24
89.191.225.0/24
89.191.227.0/24
89.191.230.0/23
89.191.233.0/24
89.191.235.0/24
91.107.119.0/24
91.222.237.0/24
92.118.113.0/24
185.247.185.0/24
194.116.162.0/23
212.60.22.0/24
Signature Algorithm: sha256WithRSAEncryption
70:bd:73:00:be:e2:d4:4a:b6:37:66:db:be:da:dd:2b:c2:50:
eb:af:77:e7:b4:7b:1a:ab:9a:79:f9:21:3d:39:88:fb:f4:71:
b3:c8:2c:d4:cf:61:ec:2a:73:04:04:bd:51:06:20:23:50:fe:
83:56:14:4f:09:61:f4:42:5b:93:39:56:6d:44:f5:e3:3d:f0:
94:e4:35:78:4c:9f:5e:d3:fb:df:bb:8b:8a:bf:68:45:e0:56:
36:e2:3e:2f:13:41:79:c6:73:44:4d:2f:4f:94:e7:bc:4d:d0:
d2:7a:da:9b:e7:57:72:b7:f6:2d:f7:cc:90:0c:de:a5:52:1c:
fb:4c:24:8f:4c:71:3e:43:8e:51:9f:2a:36:a7:93:46:9b:d6:
2e:aa:dc:b7:cd:95:e7:96:7b:ce:89:a2:9a:89:2a:dc:7f:8a:
26:9a:41:96:ea:2f:a4:4f:18:d7:c8:6c:92:db:8a:77:71:12:
da:9b:e6:e8:60:a7:ee:85:17:5e:8b:d5:6b:2f:76:0d:98:f4:
7a:65:93:2d:b0:18:e9:67:1c:56:8d:77:32:bf:b7:6c:52:58:
69:f8:1b:68:74:8e:70:d6:a3:b4:33:b2:99:b0:1d:6e:6e:3f:
42:d9:85:b6:9a:08:79:01:77:61:dd:65:df:2f:4c:93:b6:b1:
d5:96:03:e6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYcNmy/KeJMbpU9P0yRrtzKXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwMzIzMDgzNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTQ2Mzc3NTQxZjZmOTcxYmMyZWZhZWZlNGFjOGZmMjkzYjU4MmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBksmhuvE4rzNUwI7UnsAL7tzKav
XkaMsG0qXPB73nTPY16SX7ai3Dvfumd99chqrnFvQadpiObTE5xyWVYLs+5Lq7Dn
qxWOu4zGJvcIi2hu4jk7mAzL4MVmKUBgYJDWX6hrGtyESPBoZvCrogrt/NouXoJ4
nQJdSV2FkwbZj2QKlJ68CfHri9/WD6OiIshdGdzB+Z0BfX4vih7AraNxWiPuy1wB
zXY3gFeZboIoHZfJyUTFhVdl4tBM2QIgkWslMQCt7jI8cs1uSOfXveAfAa2QRMYf
PGF3hwIWvLZXretyxLdLhD68KYrE6NC4WqjlKAvkL+Bp1tQwXRHoxN63cQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFKlGN3VB9vlxvC767+Ssj/KTtYLRMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvcVVZM2RVSDItWEc4THZydjVLeVA4cE8xZ3RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQABSwrAwQA
BSwtAwQBLVm8AwQALVm/AwQALYG6AwQATdzNAwQAWb/hAwQAWb/jAwQBWb/mAwQA
Wb/pAwQAWb/rAwQAW2t3AwQAW97tAwQAXHZxAwQAufe5AwQBwnSiAwQA1DwWMA0G
CSqGSIb3DQEBCwUAA4IBAQBwvXMAvuLUSrY3Ztu+2t0rwlDrr3fntHsaq5p5+SE9
OYj79HGzyCzUz2HsKnMEBL1RBiAjUP6DVhRPCWH0QluTOVZtRPXjPfCU5DV4TJ9e
0/vfu4uKv2hF4FY24j4vE0F5xnNETS9PlOe8TdDSetqb51dyt/Yt98yQDN6lUhz7
TCSPTHE+Q45Rnyo2p5NGm9Yuqty3zZXnlnvOiaKaiSrcf4ommkGW6i+kTxjXyGyS
24p3cRLam+boYKfuhRdei9VrL3YNmPR6ZZMtsBjpZxxWjXcyv7dsUlhp+BtodI5w
1qO0M7KZsB1ubj9C2YW2mgh5AXdh3WXfL0yTtrHVlgPm
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:47 2023 by rpki-client on console-ams.rpki-client.org