Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/CLMFuJ16Gj4bIuQ6173hcaOAku0.roa
File: CLMFuJ16Gj4bIuQ6173hcaOAku0.roa (raw, json)
Hash identifier: E0CZ4C5SGoVQYTE4K1pRqtunmrZr/2fzucVq7pkbrw0=
Subject key identifier: 08:B3:05:B8:9D:7A:1A:3E:1B:22:E4:3A:D7:BD:E1:71:A3:80:92:ED
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 0182C9D94708AFE67ADF6F200FC5E68CD8D1
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/CLMFuJ16Gj4bIuQ6173hcaOAku0.roa
Signing time: Tue 23 Aug 2022 08:37:15 +0000
ROA not before: Tue 23 Aug 2022 08:37:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209813
IP address blocks: 185.238.152.0/24 maxlen: 24
46.161.31.0/24 maxlen: 24
185.238.153.0/24 maxlen: 24
185.238.155.0/24 maxlen: 24
185.238.154.0/24 maxlen: 24
31.184.203.0/24 maxlen: 24
31.184.202.0/24 maxlen: 24
31.184.201.0/24 maxlen: 24
31.184.200.0/24 maxlen: 24
5.188.50.0/23 maxlen: 24
5.188.177.0/24 maxlen: 24
5.188.176.0/24 maxlen: 24
5.188.178.0/24 maxlen: 24
5.188.194.0/24 maxlen: 24
5.188.195.0/24 maxlen: 24
91.243.42.0/24 maxlen: 24
91.243.41.0/24 maxlen: 24
5.8.66.0/24 maxlen: 24
5.8.67.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:c9:d9:47:08:af:e6:7a:df:6f:20:0f:c5:e6:8c:d8:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Aug 23 08:37:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=08b305b89d7a1a3e1b22e43ad7bde171a38092ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e0:43:e8:7b:a9:6c:71:a2:6f:d6:32:b5:1a:
43:f4:d9:4b:1a:5c:3a:66:ce:5f:89:3a:97:6c:6c:
97:81:c7:1b:f5:4b:d6:72:8e:7f:be:46:86:e8:5a:
99:ae:7d:0e:07:4f:f4:d3:03:8a:bc:97:e5:60:27:
8f:3e:e4:70:98:eb:4a:29:e1:85:3b:af:91:e4:e2:
8d:80:ac:18:a0:37:bd:48:0c:dd:85:02:7e:fa:62:
9e:ce:6a:04:64:de:c1:38:0f:ff:cd:4c:1e:f0:2d:
b4:99:c8:63:88:9e:c3:6b:53:42:4c:62:3e:80:51:
12:51:59:d1:45:07:55:21:f5:fc:0c:0a:87:1a:d9:
04:d4:56:91:a8:f7:4d:68:d1:4f:09:09:7a:7e:e3:
d9:c6:be:24:20:c4:ea:80:e7:44:5e:06:2b:54:a7:
c3:7d:f0:89:98:17:f6:b9:6d:45:8c:73:b1:2e:b5:
1a:83:55:bc:fb:86:74:b2:d2:9d:b6:72:f8:82:e8:
8f:8e:8a:69:b7:42:c5:9c:f2:0c:26:5a:9c:59:ca:
d8:5d:19:58:1c:72:2e:60:7c:65:03:aa:65:e6:cc:
f1:c3:74:59:9e:77:c6:88:c1:0b:82:2a:9d:8f:6b:
0d:da:a7:4d:2c:60:ed:4a:47:46:a0:3b:28:6f:8f:
14:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:B3:05:B8:9D:7A:1A:3E:1B:22:E4:3A:D7:BD:E1:71:A3:80:92:ED
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/CLMFuJ16Gj4bIuQ6173hcaOAku0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.66.0/23
5.188.50.0/23
5.188.176.0-5.188.178.255
5.188.194.0/23
31.184.200.0/22
46.161.31.0/24
91.243.41.0-91.243.42.255
185.238.152.0/22
Signature Algorithm: sha256WithRSAEncryption
02:4e:e5:b9:58:1e:26:5b:42:62:d4:80:bd:9b:f8:3f:37:d0:
36:33:04:b3:ce:68:00:8f:b8:b6:22:22:60:43:b0:65:fc:5f:
9f:70:19:da:7f:a2:13:47:85:f9:8f:48:d8:4b:b0:4d:a5:ea:
73:ba:96:41:72:fe:ff:1b:a3:04:7c:0a:42:0e:15:5d:b7:53:
72:78:12:b0:4b:94:33:83:a5:33:22:9f:63:49:b8:e2:d9:08:
b4:57:44:40:9b:f2:8f:fb:18:a1:d7:85:03:ae:77:1d:82:fa:
f9:33:cf:ab:e0:34:65:4c:48:95:b5:20:38:93:b9:99:8f:41:
f6:4a:70:ab:1b:bc:b9:6d:e8:84:74:e2:0a:63:9e:b4:c6:bf:
8f:25:25:84:47:0e:f3:45:c9:fc:1e:9e:f0:09:97:18:e1:6b:
10:e4:11:59:4c:2b:a5:aa:2a:d1:96:5a:1d:70:25:86:1d:2d:
87:68:10:99:90:08:5f:07:30:70:63:94:c4:f2:db:e7:58:e0:
2b:8e:1f:e2:42:8d:dc:ef:ed:02:6f:5a:ad:42:bc:c5:2a:eb:
b4:0f:79:bb:d5:6c:dd:82:ef:b2:ca:2a:53:de:18:cb:7b:3c:
68:26:50:ae:58:48:a2:c1:aa:e2:02:bf:95:2b:67:74:7b:f0:
b0:5d:06:85
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYLJ2UcIr+Z6328gD8XmjNjRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjIwODIzMDgzNzE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGIzMDViODlkN2ExYTNlMWIyMmU0M2FkN2JkZTE3MWEzODA5MmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquBD6HupbHGib9YytRpD9NlLGlw6
Zs5fiTqXbGyXgccb9UvWco5/vkaG6FqZrn0OB0/00wOKvJflYCePPuRwmOtKKeGF
O6+R5OKNgKwYoDe9SAzdhQJ++mKezmoEZN7BOA//zUwe8C20mchjiJ7Da1NCTGI+
gFESUVnRRQdVIfX8DAqHGtkE1FaRqPdNaNFPCQl6fuPZxr4kIMTqgOdEXgYrVKfD
ffCJmBf2uW1FjHOxLrUag1W8+4Z0stKdtnL4guiPjoppt0LFnPIMJlqcWcrYXRlY
HHIuYHxlA6pl5szxw3RZnnfGiMELgiqdj2sN2qdNLGDtSkdGoDsob48UwwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFAizBbideho+GyLkOte94XGjgJLtMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvQ0xNRnVKMTZHajRiSXVRNjE3M2hjYU9Ba3UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQBBQhCAwQB
BbwyMAwDBAQFvLADBAAFvLIDBAEFvMIDBAIfuMgDBAAuoR8wDAMEAFvzKQMEAFvz
KgMEArnumDANBgkqhkiG9w0BAQsFAAOCAQEAAk7luVgeJltCYtSAvZv4PzfQNjME
s85oAI+4tiIiYEOwZfxfn3AZ2n+iE0eF+Y9I2EuwTaXqc7qWQXL+/xujBHwKQg4V
XbdTcngSsEuUM4OlMyKfY0m44tkItFdEQJvyj/sYodeFA653HYL6+TPPq+A0ZUxI
lbUgOJO5mY9B9kpwqxu8uW3ohHTiCmOetMa/jyUlhEcO80XJ/B6e8AmXGOFrEOQR
WUwrpaoq0ZZaHXAlhh0th2gQmZAIXwcwcGOUxPLb51jgK44f4kKN3O/tAm9arUK8
xSrrtA95u9Vs3YLvssoqU94Yy3s8aCZQrlhIosGq4gK/lStndHvwsF0GhQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:56 2023 by rpki-client on console-fra.rpki-client.org