Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/8_bOW-ADRCmbfX08h_X2moZb9OA.roa
File: 8_bOW-ADRCmbfX08h_X2moZb9OA.roa (raw, json)
Hash identifier: bAM0wqN0zhc/TYfVU80ensseCI3Uz5mowybmtUcu3u8=
Subject key identifier: F3:F6:CE:5B:E0:03:44:29:9B:7D:7D:3C:87:F5:F6:9A:86:5B:F4:E0
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 0183AC295734C84BF340EB511E27D04365FC
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/8_bOW-ADRCmbfX08h_X2moZb9OA.roa
Signing time: Thu 06 Oct 2022 07:18:53 +0000
ROA not before: Thu 06 Oct 2022 07:18:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209813
IP address blocks: 91.243.42.0/24 maxlen: 24
91.243.41.0/24 maxlen: 24
185.238.152.0/24 maxlen: 24
46.161.31.0/24 maxlen: 24
5.8.66.0/24 maxlen: 24
5.8.67.0/24 maxlen: 24
185.238.153.0/24 maxlen: 24
185.238.155.0/24 maxlen: 24
185.238.154.0/24 maxlen: 24
5.188.50.0/24 maxlen: 24
5.188.194.0/24 maxlen: 24
5.188.195.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ac:29:57:34:c8:4b:f3:40:eb:51:1e:27:d0:43:65:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Oct 6 07:18:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f3f6ce5be00344299b7d7d3c87f5f69a865bf4e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:8d:92:40:c2:78:71:27:3b:7a:12:3d:cc:ff:
c0:cd:48:65:ef:08:51:42:82:a3:45:66:1e:bf:a7:
d9:0b:2d:c2:32:31:e8:d0:0e:a9:34:d7:bf:07:5b:
98:f0:d9:11:ca:40:11:1e:2d:06:06:2a:6d:12:f5:
1e:37:d1:4c:e6:4a:27:59:d2:7e:58:b5:69:ce:ca:
9d:6b:8b:4a:18:3b:7c:62:49:37:75:9d:c5:06:42:
f2:28:a8:e4:de:ce:c5:62:26:1a:db:d6:d3:6c:5c:
8f:30:5b:c8:b6:1c:b8:06:9d:73:d8:26:03:1c:8d:
53:f1:a1:e9:a8:b2:2b:33:4a:a0:a1:0f:92:7a:2f:
12:4e:0e:31:ad:60:2f:73:ef:ee:99:99:c1:17:c3:
e4:7b:f1:2f:2a:14:5d:1a:a0:f9:b7:82:9e:a8:45:
7f:cc:64:6b:39:0b:d4:ab:38:c5:b9:71:e1:d8:a9:
aa:b8:76:e5:75:89:d9:bb:c6:ea:84:d0:1b:fe:89:
37:2f:2e:72:ac:e8:a0:e6:91:24:08:46:57:4a:c8:
ef:7f:0c:53:93:ac:ad:48:a6:89:84:c3:94:e6:cb:
36:a6:61:dd:19:93:d2:56:b3:e8:9f:82:c7:cc:46:
31:9f:5c:83:37:da:26:5d:71:14:d8:13:13:5a:4f:
ab:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:F6:CE:5B:E0:03:44:29:9B:7D:7D:3C:87:F5:F6:9A:86:5B:F4:E0
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/8_bOW-ADRCmbfX08h_X2moZb9OA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.66.0/23
5.188.50.0/24
5.188.194.0/23
46.161.31.0/24
91.243.41.0-91.243.42.255
185.238.152.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:74:5d:22:e8:4a:8e:c1:c8:9b:22:4d:24:1c:56:01:cf:b7:
25:45:9b:e3:ae:38:f1:1d:f9:99:7e:7d:c0:83:67:7e:7f:d3:
13:4a:c0:25:a6:38:0f:5a:21:19:25:a0:64:89:e7:9f:69:27:
22:74:67:cd:f1:78:40:b5:90:fb:fe:30:21:b2:08:28:21:42:
a0:64:1c:ea:1d:e1:2a:46:c2:9d:7f:08:78:90:30:01:92:c4:
94:9a:3c:7f:c5:2b:52:04:bf:6d:ca:0b:5b:07:ba:e6:0e:97:
f1:6f:6c:5a:57:d1:51:33:60:13:e1:b8:12:20:57:48:a1:98:
3e:d5:de:ae:c4:60:ba:80:5c:45:e1:d0:84:d3:7b:d0:00:8a:
0f:e1:8b:24:e7:19:02:f2:8c:f5:99:c4:b8:43:ff:28:c7:60:
9e:e2:02:ab:03:47:c9:66:74:4c:a8:30:d8:f2:f2:90:10:74:
66:da:02:ea:88:2a:b0:b9:84:50:81:ec:94:d1:9d:e1:25:d4:
6e:c2:40:04:f0:61:af:e8:02:db:d1:e7:71:f4:2d:8f:2d:71:
b2:42:b7:a8:7d:98:40:3f:02:33:a3:03:7f:de:a5:52:16:e2:
27:92:6f:63:c7:59:3c:d3:58:e5:6c:ce:3a:04:74:67:54:59:
e2:42:be:b8
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYOsKVc0yEvzQOtRHifQQ2X8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjIxMDA2MDcxODUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2Y2Y2U1YmUwMDM0NDI5OWI3ZDdkM2M4N2Y1ZjY5YTg2NWJmNGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhI2SQMJ4cSc7ehI9zP/AzUhl7whR
QoKjRWYev6fZCy3CMjHo0A6pNNe/B1uY8NkRykARHi0GBiptEvUeN9FM5konWdJ+
WLVpzsqda4tKGDt8Ykk3dZ3FBkLyKKjk3s7FYiYa29bTbFyPMFvIthy4Bp1z2CYD
HI1T8aHpqLIrM0qgoQ+Sei8STg4xrWAvc+/umZnBF8Pke/EvKhRdGqD5t4KeqEV/
zGRrOQvUqzjFuXHh2KmquHbldYnZu8bqhNAb/ok3Ly5yrOig5pEkCEZXSsjvfwxT
k6ytSKaJhMOU5ss2pmHdGZPSVrPon4LHzEYxn1yDN9omXXEU2BMTWk+rxwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFPP2zlvgA0Qpm319PIf19pqGW/TgMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvOF9iT1ctQURSQ21iZlgwOGhfWDJtb1piOU9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQBBQhCAwQA
BbwyAwQBBbzCAwQALqEfMAwDBABb8ykDBABb8yoDBAK57pgwDQYJKoZIhvcNAQEL
BQADggEBAFp0XSLoSo7ByJsiTSQcVgHPtyVFm+OuOPEd+Zl+fcCDZ35/0xNKwCWm
OA9aIRkloGSJ559pJyJ0Z83xeEC1kPv+MCGyCCghQqBkHOod4SpGwp1/CHiQMAGS
xJSaPH/FK1IEv23KC1sHuuYOl/FvbFpX0VEzYBPhuBIgV0ihmD7V3q7EYLqAXEXh
0ITTe9AAig/hiyTnGQLyjPWZxLhD/yjHYJ7iAqsDR8lmdEyoMNjy8pAQdGbaAuqI
KrC5hFCB7JTRneEl1G7CQATwYa/oAtvR53H0LY8tcbJCt6h9mEA/AjOjA3/epVIW
4ieSb2PHWTzTWOVszjoEdGdUWeJCvrg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:56 2023 by rpki-client on console-fra.rpki-client.org