Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/ykSHKCHvE5CKTOF4xYkkErECtVY.roa
File: ykSHKCHvE5CKTOF4xYkkErECtVY.roa (raw, json)
Hash identifier: hwFvT+wNGI7VYEU5ar7b1ytWg00PJ8XSMo/QmLdgDmA=
Subject key identifier: CA:44:87:28:21:EF:13:90:8A:4C:E1:78:C5:89:24:12:B1:02:B5:56
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 09C810B5
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/ykSHKCHvE5CKTOF4xYkkErECtVY.roa
Signing time: Mon 13 Jun 2022 09:58:30 +0000
ROA not before: Mon 13 Jun 2022 09:58:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208258
IP address blocks: 45.149.90.0/24 maxlen: 24
195.88.190.0/23 maxlen: 24
195.88.210.0/23 maxlen: 24
185.243.112.0/24 maxlen: 24
185.243.113.0/24 maxlen: 24
185.228.83.0/24 maxlen: 24
185.232.86.0/23 maxlen: 24
185.227.82.0/24 maxlen: 24
45.134.178.0/23 maxlen: 24
185.208.208.0/24 maxlen: 24
185.208.209.0/24 maxlen: 24
185.208.210.0/24 maxlen: 24
194.146.48.0/24 maxlen: 24
193.57.8.0/23 maxlen: 24
45.140.10.0/24 maxlen: 24
45.151.156.0/23 maxlen: 24
45.151.158.0/24 maxlen: 24
213.185.86.0/23 maxlen: 24
45.144.244.0/23 maxlen: 24
45.152.58.0/24 maxlen: 24
45.152.59.0/24 maxlen: 24
195.26.7.0/24 maxlen: 24
45.152.8.0/24 maxlen: 24
45.152.37.0/24 maxlen: 24
45.152.36.0/24 maxlen: 24
2a0b:3c40:17::/48 maxlen: 48
2a0b:3c40:12::/48 maxlen: 48
2a0e:5540:11::/48 maxlen: 48
2a0b:3c40:fca6::/48 maxlen: 48
2a0b:3c40:21::/48 maxlen: 48
2a0b:3c40:1::/48 maxlen: 48
2a0e:5540:100::/48 maxlen: 48
2a0e:5540::/48 maxlen: 48
2a0b:3c40:20::/48 maxlen: 48
2a0b:3c40:16::/48 maxlen: 48
2a0b:3c40:11::/48 maxlen: 48
2a0e:5540:10::/48 maxlen: 48
2a0b:3c40:15::/48 maxlen: 48
2a0e:5540:12::/48 maxlen: 48
2a0b:3c40:9::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 164106421 (0x9c810b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Jun 13 09:58:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ca44872821ef13908a4ce178c5892412b102b556
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c2:ff:b8:ca:6a:14:08:12:33:1f:79:27:a7:
4e:42:d7:6e:f8:1d:48:2b:8a:65:7b:6e:9c:10:6a:
5e:9b:9c:56:6c:2e:5f:33:85:60:1b:41:45:b4:41:
74:e3:6d:39:ee:eb:c4:c3:20:b9:78:af:64:07:a0:
18:b9:9e:bb:dd:b3:c3:bc:f6:6c:13:60:1f:45:10:
7b:b6:9c:fa:a6:99:f1:61:f5:85:0f:05:6a:20:07:
e9:33:b7:5d:54:2a:e2:0f:b4:78:14:15:b7:ba:6a:
41:5d:b6:97:d7:5b:e2:15:32:88:62:5d:c9:f7:29:
ab:87:c8:46:dc:35:9e:80:02:dd:65:fa:e7:3a:2a:
d4:9c:30:b4:93:9f:78:47:33:7c:52:bd:1f:ab:69:
bd:11:cc:52:f0:6b:be:73:13:8b:c6:60:36:f2:ae:
05:a6:00:c7:e0:80:76:e3:b6:60:6c:77:25:35:30:
be:89:7e:db:fe:61:c9:80:67:c8:3e:81:2b:a2:6a:
e1:48:83:aa:71:28:3e:24:c5:97:1d:8f:d0:0c:05:
c8:f6:78:c6:5a:28:13:52:58:f5:6a:99:a1:bb:34:
6f:f6:85:84:65:14:c0:13:4f:85:9a:2a:4b:76:c0:
f0:a5:d2:8c:8f:70:ca:f0:e6:70:ba:80:60:4e:e1:
a6:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:44:87:28:21:EF:13:90:8A:4C:E1:78:C5:89:24:12:B1:02:B5:56
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/ykSHKCHvE5CKTOF4xYkkErECtVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.178.0/23
45.140.10.0/24
45.144.244.0/23
45.149.90.0/24
45.151.156.0-45.151.158.255
45.152.8.0/24
45.152.36.0/23
45.152.58.0/23
185.208.208.0-185.208.210.255
185.227.82.0/24
185.228.83.0/24
185.232.86.0/23
185.243.112.0/23
193.57.8.0/23
194.146.48.0/24
195.26.7.0/24
195.88.190.0/23
195.88.210.0/23
213.185.86.0/23
IPv6:
2a0b:3c40:1::/48
2a0b:3c40:9::/48
2a0b:3c40:11::-2a0b:3c40:12:ffff:ffff:ffff:ffff:ffff
2a0b:3c40:15::-2a0b:3c40:17:ffff:ffff:ffff:ffff:ffff
2a0b:3c40:20::/47
2a0b:3c40:fca6::/48
2a0e:5540::/48
2a0e:5540:10::-2a0e:5540:12:ffff:ffff:ffff:ffff:ffff
2a0e:5540:100::/48
Signature Algorithm: sha256WithRSAEncryption
1f:b5:5b:84:67:e8:d2:95:09:8c:3e:1c:26:0f:1b:45:f5:44:
cb:69:dd:f3:56:28:d5:8a:70:ec:f5:ca:d0:15:08:b1:58:00:
2d:a6:8e:03:03:fc:86:1d:f9:c0:21:e8:a6:fc:56:7c:f8:03:
8a:52:48:b7:6a:33:82:b8:a3:6d:9c:a7:24:d6:79:1a:d8:54:
c7:2e:eb:40:82:f5:8f:b9:1f:e3:cd:25:50:e7:b6:b5:f8:56:
56:8f:40:66:d6:80:1c:05:4d:ea:2d:ae:eb:ba:ba:ff:a1:e6:
d6:6a:3d:2a:b7:d6:63:50:0a:fe:95:9c:9a:9d:14:af:75:5e:
f1:57:e4:46:51:58:ad:4b:6c:80:35:be:6d:bc:90:4c:fb:20:
6d:a9:39:c0:6a:c1:4c:9b:b8:73:2f:e7:17:16:44:b7:bb:68:
e0:a7:f3:c6:50:fe:ce:2a:34:c1:cc:ae:4c:44:15:8f:70:e0:
f2:bd:28:1c:34:20:b2:53:99:2f:ae:8d:3c:b0:6d:95:16:df:
3f:97:1d:8f:84:c7:8a:1f:af:04:90:08:bd:c2:47:99:08:b1:
3a:97:0c:a7:23:8e:79:ba:fb:e9:42:e0:4e:2d:ca:9b:42:80:
93:87:ae:c8:45:80:88:05:f2:b7:38:3f:49:58:78:06:ad:d6:
f8:95:4f:04
-----BEGIN CERTIFICATE-----
MIIF7TCCBNWgAwIBAgIECcgQtTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NTU3Y2NkNDNhZmU4MTZlNDk1MzIyOGJmMTRhNzVkYzI5MDE0YjhkMB4XDTIyMDYx
MzA5NTgzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2E0NDg3MjgyMWVm
MTM5MDhhNGNlMTc4YzU4OTI0MTJiMTAyYjU1NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALLC/7jKahQIEjMfeSenTkLXbvgdSCuKZXtunBBqXpucVmwu
XzOFYBtBRbRBdONtOe7rxMMguXivZAegGLmeu92zw7z2bBNgH0UQe7ac+qaZ8WH1
hQ8FaiAH6TO3XVQq4g+0eBQVt7pqQV22l9db4hUyiGJdyfcpq4fIRtw1noAC3WX6
5zoq1JwwtJOfeEczfFK9H6tpvRHMUvBrvnMTi8ZgNvKuBaYAx+CAduO2YGx3JTUw
vol+2/5hyYBnyD6BK6Jq4UiDqnEoPiTFlx2P0AwFyPZ4xlooE1JY9WqZobs0b/aF
hGUUwBNPhZoqS3bA8KXSjI9wyvDmcLqAYE7hpmkCAwEAAaOCAwcwggMDMB0GA1Ud
DgQWBBTKRIcoIe8TkIpM4XjFiSQSsQK1VjAfBgNVHSMEGDAWgBS1V8zUOv6BbklT
IovxSnXcKQFLjTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RWZk0xRHItZ1c1SlV5S0w4VXAxM0NrQlM0MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGIvMTkwODQzLTE4MDMtNDQ2Mi1hNzk1LTZiYzc1NTc4YjRjMy8x
L3lrU0hLQ0h2RTVDS1RPRjR4WWtrRXJFQ3RWWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGIv
MTkwODQzLTE4MDMtNDQ2Mi1hNzk1LTZiYzc1NTc4YjRjMy8xL3RWZk0xRHItZ1c1
SlV5S0w4VXAxM0NrQlM0MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
ARsGCCsGAQUFBwEHAQH/BIIBCjCCAQYwgYkEAgABMIGCAwQBLYayAwQALYwKAwQB
LZD0AwQALZVaMAwDBAItl5wDBAAtl54DBAAtmAgDBAEtmCQDBAEtmDowDAMEBLnQ
0AMEALnQ0gMEALnjUgMEALnkUwMEAbnoVgMEAbnzcAMEAcE5CAMEAMKSMAMEAMMa
BwMEAcNYvgMEAcNY0gMEAdW5VjB4BAIAAjByAwcAKgs8QAABAwcAKgs8QAAJMBID
BwAqCzxAABEDBwAqCzxAABIwEgMHACoLPEAAFQMHAyoLPEAAEAMHASoLPEAAIAMH
ACoLPED8pgMHACoOVUAAADASAwcEKg5VQAAQAwcAKg5VQAASAwcAKg5VQAEAMA0G
CSqGSIb3DQEBCwUAA4IBAQAftVuEZ+jSlQmMPhwmDxtF9UTLad3zVijVinDs9crQ
FQixWAAtpo4DA/yGHfnAIeim/FZ8+AOKUki3ajOCuKNtnKck1nka2FTHLutAgvWP
uR/jzSVQ57a1+FZWj0Bm1oAcBU3qLa7rurr/oebWaj0qt9ZjUAr+lZyanRSvdV7x
V+RGUVitS2yANb5tvJBM+yBtqTnAasFMm7hzL+cXFkS3u2jgp/PGUP7OKjTBzK5M
RBWPcODyvSgcNCCyU5kvro08sG2VFt8/lx2PhMeKH68EkAi9wkeZCLE6lwynI455
uvvpQuBOLcqbQoCTh67IRYCIBfK3OD9JWHgGrdb4lU8E
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:17 2024 by rpki-client on console-ams.rpki-client.org