Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/59d808-154f-42ae-af8f-790244508df4/1/hu3RmLml13NzV_fF0IWFa_SkJjI.roa
File: hu3RmLml13NzV_fF0IWFa_SkJjI.roa (raw, json)
Hash identifier: yGYc/SbB1xo08yTOOI5aeKU2bVkC9Srbsv8VriTLlsI=
Subject key identifier: 86:ED:D1:98:B9:A5:D7:73:73:57:F7:C5:D0:85:85:6B:F4:A4:26:32
Certificate issuer: /CN=27516d20ebefd12f072d413c4d2606bdb258691a
Certificate serial: 01845BA708B0927B4C1376936CBE2364B47F
Authority key identifier: 27:51:6D:20:EB:EF:D1:2F:07:2D:41:3C:4D:26:06:BD:B2:58:69:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J1FtIOvv0S8HLUE8TSYGvbJYaRo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/59d808-154f-42ae-af8f-790244508df4/1/hu3RmLml13NzV_fF0IWFa_SkJjI.roa
Signing time: Wed 09 Nov 2022 09:09:44 +0000
ROA not before: Wed 09 Nov 2022 09:09:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35575
IP address blocks: 185.190.44.0/24 maxlen: 24
185.190.46.0/24 maxlen: 24
185.190.45.0/24 maxlen: 24
185.190.47.0/24 maxlen: 24
193.238.68.0/22 maxlen: 22
195.66.24.0/24 maxlen: 24
195.66.27.0/24 maxlen: 24
195.66.26.0/24 maxlen: 24
195.66.29.0/24 maxlen: 24
195.66.28.0/24 maxlen: 24
195.66.31.0/24 maxlen: 24
195.66.25.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:5b:a7:08:b0:92:7b:4c:13:76:93:6c:be:23:64:b4:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27516d20ebefd12f072d413c4d2606bdb258691a
Validity
Not Before: Nov 9 09:09:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=86edd198b9a5d7737357f7c5d085856bf4a42632
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:99:db:90:76:c2:38:d0:e6:4c:ed:9e:b8:a7:
e4:c9:9f:2b:36:4e:db:25:2f:8a:31:f0:95:e8:9b:
2f:95:8b:81:98:29:aa:e2:d5:89:56:f4:91:2c:bd:
5d:f4:72:2a:85:de:c7:1f:b4:fd:4c:3f:ad:28:44:
15:ed:7a:d1:26:5f:3d:97:18:b8:c5:2d:a5:fc:18:
6c:66:24:14:6e:8b:20:75:d9:66:15:cd:2d:aa:45:
1d:e8:41:d2:20:8d:d9:b7:9e:0c:6b:57:dd:5b:e3:
09:c3:c8:9d:80:9f:e5:8c:dd:ce:13:92:f3:4d:cc:
69:3d:e8:7a:fe:e7:b1:3d:43:7a:37:73:3e:d4:31:
93:ec:01:db:b6:a7:f6:1d:df:1f:b4:72:09:a0:6d:
11:66:3e:ee:54:75:df:79:3b:a6:37:84:c0:45:88:
3e:df:ec:31:67:c4:e6:8a:7b:cc:d6:66:8b:6b:4c:
0b:c4:95:24:c7:3a:4d:5e:b0:1a:58:7a:c4:92:29:
70:3c:b3:d7:f2:28:33:ff:56:3b:54:16:94:74:87:
f9:13:d6:55:39:2f:18:40:9d:a2:da:00:23:35:ed:
97:a2:da:b4:ab:ba:82:88:5b:ac:fa:0a:d9:7d:e9:
45:14:ba:69:aa:eb:be:1d:be:6a:8f:d6:0b:0c:53:
85:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:ED:D1:98:B9:A5:D7:73:73:57:F7:C5:D0:85:85:6B:F4:A4:26:32
X509v3 Authority Key Identifier:
keyid:27:51:6D:20:EB:EF:D1:2F:07:2D:41:3C:4D:26:06:BD:B2:58:69:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J1FtIOvv0S8HLUE8TSYGvbJYaRo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/59d808-154f-42ae-af8f-790244508df4/1/hu3RmLml13NzV_fF0IWFa_SkJjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/59d808-154f-42ae-af8f-790244508df4/1/J1FtIOvv0S8HLUE8TSYGvbJYaRo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.190.44.0/22
193.238.68.0/22
195.66.24.0-195.66.29.255
195.66.31.0/24
Signature Algorithm: sha256WithRSAEncryption
26:b3:bd:c5:02:a9:a5:79:78:f3:83:e1:ca:12:08:e9:74:9e:
85:e1:bb:b8:b3:b2:18:bf:26:e9:30:d4:f3:65:02:02:41:bc:
ed:d9:12:98:ac:7b:45:d8:2d:97:c9:62:ac:24:6b:64:01:a9:
fe:15:65:c2:52:0e:cf:a4:bb:69:29:1d:a5:50:f9:ae:5f:68:
d1:7c:e1:90:64:90:39:8f:4a:e9:92:0c:cc:13:96:cc:03:e2:
c4:e3:af:53:02:50:8a:a4:ac:e7:5b:e4:1e:9c:d0:37:3f:ba:
c5:db:ac:5e:b3:9f:ba:9e:f7:56:9b:6d:fd:6b:6d:94:8c:ec:
0d:f3:6f:f5:57:97:21:62:09:70:e6:40:b7:6b:3e:a7:30:61:
4b:de:35:ee:3d:dd:0c:26:04:9c:17:b9:ef:ab:af:23:ec:3b:
65:f6:2f:f8:f8:6a:3a:ca:89:5e:a8:c0:d2:6d:dd:50:47:38:
a4:ea:12:bc:03:4e:a1:11:cd:57:ef:0d:42:be:b2:0c:29:d4:
4d:fd:02:19:71:f9:27:15:9a:72:92:d3:26:69:76:33:c6:fd:
76:64:d8:38:79:3e:d5:6c:c5:e6:97:08:1d:27:5e:4a:f6:60:
00:f4:99:60:b7:c6:18:1c:03:c1:83:6d:fe:c4:90:69:85:b6:
d5:2e:b7:6e
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYRbpwiwkntME3aTbL4jZLR/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3NTE2ZDIwZWJlZmQxMmYwNzJkNDEzYzRkMjYwNmJkYjI1
ODY5MWEwHhcNMjIxMTA5MDkwOTQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmVkZDE5OGI5YTVkNzczNzM1N2Y3YzVkMDg1ODU2YmY0YTQyNjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJnbkHbCONDmTO2euKfkyZ8rNk7b
JS+KMfCV6JsvlYuBmCmq4tWJVvSRLL1d9HIqhd7HH7T9TD+tKEQV7XrRJl89lxi4
xS2l/BhsZiQUbosgddlmFc0tqkUd6EHSII3Zt54Ma1fdW+MJw8idgJ/ljN3OE5Lz
TcxpPeh6/uexPUN6N3M+1DGT7AHbtqf2Hd8ftHIJoG0RZj7uVHXfeTumN4TARYg+
3+wxZ8TminvM1maLa0wLxJUkxzpNXrAaWHrEkilwPLPX8igz/1Y7VBaUdIf5E9ZV
OS8YQJ2i2gAjNe2Xotq0q7qCiFus+grZfelFFLppquu+Hb5qj9YLDFOFjQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFIbt0Zi5pddzc1f3xdCFhWv0pCYyMB8GA1UdIwQY
MBaAFCdRbSDr79EvBy1BPE0mBr2yWGkaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjFGdElPdnYwUzhITFVFOFRTWUd2YkpZYVJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy81OWQ4MDgtMTU0Zi00MmFlLWFmOGYt
NzkwMjQ0NTA4ZGY0LzEvaHUzUm1MbWwxM056Vl9mRjBJV0ZhX1NrSmpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy81OWQ4MDgtMTU0Zi00MmFlLWFmOGYtNzkwMjQ0NTA4ZGY0
LzEvSjFGdElPdnYwUzhITFVFOFRTWUd2YkpZYVJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCub4sAwQC
we5EMAwDBAPDQhgDBAHDQhwDBADDQh8wDQYJKoZIhvcNAQELBQADggEBACazvcUC
qaV5ePOD4coSCOl0noXhu7izshi/Jukw1PNlAgJBvO3ZEpise0XYLZfJYqwka2QB
qf4VZcJSDs+ku2kpHaVQ+a5faNF84ZBkkDmPSumSDMwTlswD4sTjr1MCUIqkrOdb
5B6c0Dc/usXbrF6zn7qe91abbf1rbZSM7A3zb/VXlyFiCXDmQLdrPqcwYUveNe49
3QwmBJwXue+rryPsO2X2L/j4ajrKiV6owNJt3VBHOKTqErwDTqERzVfvDUK+sgwp
1E39Ahlx+ScVmnKS0yZpdjPG/XZk2Dh5PtVsxeaXCB0nXkr2YAD0mWC3xhgcA8GD
bf7EkGmFttUut24=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:31 2024 by rpki-client on console-fra.rpki-client.org