Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Lnm6j_fH-4DdC25X5GYV_91OFaE.roa
File: Lnm6j_fH-4DdC25X5GYV_91OFaE.roa (raw, json)
Hash identifier: ywXIlUorIPAIFYwf6kgFYu3AnlZ6xIDMZRkxzj6HGig=
Subject key identifier: 2E:79:BA:8F:F7:C7:FB:80:DD:0B:6E:57:E4:66:15:FF:DD:4E:15:A1
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01866DDFA30D7E81EC3EE873A7D64F534655
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Lnm6j_fH-4DdC25X5GYV_91OFaE.roa
Signing time: Mon 20 Feb 2023 08:10:17 +0000
ROA not before: Mon 20 Feb 2023 08:10:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208485
IP address blocks: 81.161.231.0/24 maxlen: 24
45.81.240.0/24 maxlen: 24
45.81.242.0/24 maxlen: 24
80.76.48.0/24 maxlen: 24
45.84.90.0/24 maxlen: 24
194.55.187.0/24 maxlen: 24
92.119.198.0/24 maxlen: 24
194.31.205.0/24 maxlen: 24
92.249.50.0/24 maxlen: 24
45.91.192.0/24 maxlen: 24
83.219.96.0/24 maxlen: 24
83.219.98.0/24 maxlen: 24
83.219.99.0/24 maxlen: 24
45.139.106.0/24 maxlen: 24
85.208.137.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:6d:df:a3:0d:7e:81:ec:3e:e8:73:a7:d6:4f:53:46:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 20 08:10:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2e79ba8ff7c7fb80dd0b6e57e46615ffdd4e15a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:6e:29:91:ff:af:88:0c:83:35:a6:29:22:ef:
b6:8e:38:d0:be:a4:61:22:7d:ee:71:60:1c:1d:ac:
9f:d3:7a:a3:47:37:21:d6:ca:89:c3:30:20:48:f9:
80:78:a4:8a:f0:19:cd:81:a2:04:d5:51:8c:b7:e7:
36:b7:69:f3:28:4c:7b:c7:f9:40:ec:18:93:af:c4:
c4:29:61:56:af:cb:cc:27:ac:7d:14:4e:8b:36:d7:
ac:a7:99:d5:f7:62:52:d6:5b:00:85:da:75:26:5e:
66:dc:7b:57:b3:5f:85:8f:f8:f3:39:b4:b1:b6:62:
2a:b0:d6:3d:d8:db:bd:eb:28:4f:4d:90:33:a9:e9:
be:12:88:c8:c1:d8:d6:4e:73:42:97:50:17:ec:e8:
a3:55:94:be:96:17:24:e5:f3:d4:78:36:cc:3a:18:
65:8a:b2:f9:26:0d:65:e1:e3:41:64:df:89:5e:9b:
e9:34:bf:fe:8c:43:b4:7c:b5:f1:0e:77:ed:10:0a:
41:35:30:da:31:f2:5b:66:09:94:71:56:0a:b4:89:
ab:50:07:68:20:44:d9:e6:d7:10:18:73:50:b8:ca:
79:93:5f:2b:24:f0:4f:c8:bb:b2:0b:1e:18:a5:b2:
9b:b8:a3:fd:de:35:3a:ae:a7:f0:24:72:56:bc:3f:
0f:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:79:BA:8F:F7:C7:FB:80:DD:0B:6E:57:E4:66:15:FF:DD:4E:15:A1
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Lnm6j_fH-4DdC25X5GYV_91OFaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.240.0/24
45.81.242.0/24
45.84.90.0/24
45.91.192.0/24
45.139.106.0/24
80.76.48.0/24
81.161.231.0/24
83.219.96.0/24
83.219.98.0/23
85.208.137.0/24
92.119.198.0/24
92.249.50.0/24
194.31.205.0/24
194.55.187.0/24
Signature Algorithm: sha256WithRSAEncryption
79:b8:5c:05:ef:bc:e5:a1:8e:0a:c2:6b:9d:42:89:f1:5c:95:
f4:d7:fb:b8:7e:5e:23:15:23:ee:d1:4f:6f:e5:41:6a:1c:34:
da:fc:b5:3e:2c:6f:83:5d:c7:ab:68:62:cd:68:74:89:2d:30:
ea:8d:34:1d:a4:72:5a:76:88:65:5f:ae:2a:d5:95:07:10:18:
54:16:f1:48:21:9c:52:e8:a5:e1:16:f7:fa:10:a9:27:30:37:
92:e4:41:b7:72:24:33:39:5d:75:76:1d:0c:1d:1e:01:43:a0:
44:95:ae:61:2e:6c:f8:6b:17:04:e8:92:54:4c:7e:1d:43:d2:
fb:ae:a5:9e:3e:cb:67:32:43:cb:a1:6d:7a:e4:17:be:60:6a:
03:cd:d9:5f:5b:f4:f0:61:0d:fc:8a:2d:81:a2:a9:e7:a7:21:
e3:1b:9e:6d:53:bc:db:29:fe:c4:e6:c3:be:64:d1:4e:6f:86:
52:4a:3b:58:c2:49:b5:bf:e5:65:27:7a:2b:a0:51:ad:19:5b:
ec:3e:86:96:08:55:ec:3a:f5:9b:8d:42:e5:5d:a8:de:62:31:
aa:4e:a1:49:94:69:da:bf:32:7e:63:80:fc:79:66:17:87:82:
fa:9f:44:69:24:3f:7d:d3:da:fd:79:64:79:b3:1a:09:ea:3b:
cf:bc:77:92
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYZt36MNfoHsPuhzp9ZPU0ZVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMjIwMDgxMDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTc5YmE4ZmY3YzdmYjgwZGQwYjZlNTdlNDY2MTVmZmRkNGUxNWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgG4pkf+viAyDNaYpIu+2jjjQvqRh
In3ucWAcHayf03qjRzch1sqJwzAgSPmAeKSK8BnNgaIE1VGMt+c2t2nzKEx7x/lA
7BiTr8TEKWFWr8vMJ6x9FE6LNtesp5nV92JS1lsAhdp1Jl5m3HtXs1+Fj/jzObSx
tmIqsNY92Nu96yhPTZAzqem+EojIwdjWTnNCl1AX7OijVZS+lhck5fPUeDbMOhhl
irL5Jg1l4eNBZN+JXpvpNL/+jEO0fLXxDnftEApBNTDaMfJbZgmUcVYKtImrUAdo
IETZ5tcQGHNQuMp5k18rJPBPyLuyCx4YpbKbuKP93jU6rqfwJHJWvD8PjwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFC55uo/3x/uA3QtuV+RmFf/dThWhMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTG5tNmpfZkgtNERkQzI1WDVHWVZfOTFPRmFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQALVHwAwQA
LVHyAwQALVRaAwQALVvAAwQALYtqAwQAUEwwAwQAUaHnAwQAU9tgAwQBU9tiAwQA
VdCJAwQAXHfGAwQAXPkyAwQAwh/NAwQAwje7MA0GCSqGSIb3DQEBCwUAA4IBAQB5
uFwF77zloY4KwmudQonxXJX01/u4fl4jFSPu0U9v5UFqHDTa/LU+LG+DXceraGLN
aHSJLTDqjTQdpHJadohlX64q1ZUHEBhUFvFIIZxS6KXhFvf6EKknMDeS5EG3ciQz
OV11dh0MHR4BQ6BEla5hLmz4axcE6JJUTH4dQ9L7rqWePstnMkPLoW165Be+YGoD
zdlfW/TwYQ38ii2BoqnnpyHjG55tU7zbKf7E5sO+ZNFOb4ZSSjtYwkm1v+VlJ3or
oFGtGVvsPoaWCFXsOvWbjULlXajeYjGqTqFJlGnavzJ+Y4D8eWYXh4L6n0RpJD99
09r9eWR5sxoJ6jvPvHeS
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:30 2024 by rpki-client on console-ams.rpki-client.org