Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/SBeRVesSX1Lwx7FRTzBHYl5XnZ8.roa
File: SBeRVesSX1Lwx7FRTzBHYl5XnZ8.roa (raw, json)
Hash identifier: w8nu+z6LR9vcIOmgBYcEhYZHvduCrdkXgRtHklUcMRw=
Subject key identifier: 48:17:91:55:EB:12:5F:52:F0:C7:B1:51:4F:30:47:62:5E:57:9D:9F
Certificate issuer: /CN=fbf62f7606273f41a6ccc8e2956076f3c0a1eb54
Certificate serial: 0B85ADB3
Authority key identifier: FB:F6:2F:76:06:27:3F:41:A6:CC:C8:E2:95:60:76:F3:C0:A1:EB:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-_YvdgYnP0GmzMjilWB288Ch61Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/SBeRVesSX1Lwx7FRTzBHYl5XnZ8.roa
Signing time: Sat 01 Jan 2022 12:57:52 +0000
ROA not before: Sat 01 Jan 2022 12:57:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48265
IP address blocks: 91.210.137.0/24 maxlen: 24
91.210.138.0/24 maxlen: 24
91.210.136.0/24 maxlen: 24
91.210.139.0/24 maxlen: 24
109.104.131.0/24 maxlen: 24
109.104.132.0/24 maxlen: 24
109.104.129.0/24 maxlen: 24
109.104.130.0/24 maxlen: 24
109.104.128.0/24 maxlen: 24
109.104.138.0/24 maxlen: 24
109.104.139.0/24 maxlen: 24
109.104.136.0/24 maxlen: 24
109.104.137.0/24 maxlen: 24
109.104.135.0/24 maxlen: 24
109.104.133.0/24 maxlen: 24
109.104.134.0/24 maxlen: 24
109.104.145.0/24 maxlen: 24
109.104.143.0/24 maxlen: 24
109.104.144.0/24 maxlen: 24
109.104.141.0/24 maxlen: 24
109.104.142.0/24 maxlen: 24
109.104.140.0/24 maxlen: 24
109.104.148.0/22 maxlen: 24
109.104.153.0/24 maxlen: 24
109.104.159.0/24 maxlen: 24
109.104.157.0/24 maxlen: 24
109.104.158.0/24 maxlen: 24
109.104.155.0/24 maxlen: 24
109.104.156.0/24 maxlen: 24
109.104.154.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 193310131 (0xb85adb3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbf62f7606273f41a6ccc8e2956076f3c0a1eb54
Validity
Not Before: Jan 1 12:57:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=48179155eb125f52f0c7b1514f3047625e579d9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:ae:76:23:cc:39:e6:b6:a3:34:a2:a3:ba:5f:
70:86:5c:a8:34:5b:fe:ef:67:0e:f7:e4:bc:cd:45:
70:25:0c:16:40:aa:18:bf:71:9c:d0:2e:c3:5b:1f:
21:06:80:6e:26:17:ee:34:3a:dd:05:3e:29:bc:2f:
46:5a:34:1e:3b:37:fd:1d:77:99:61:85:e3:83:44:
63:8e:36:10:80:1f:c5:b3:37:f7:5d:15:0e:39:27:
5c:ef:12:8b:85:70:66:88:84:ed:ea:92:4f:11:a0:
7b:99:50:ea:c7:60:d0:3f:08:4a:e8:f8:1b:dd:75:
c8:00:dd:b9:46:9e:22:5b:bf:53:57:7a:2b:47:1b:
1e:18:b4:00:15:61:f3:86:7e:ac:07:2b:8d:8f:d6:
5c:12:44:3d:d5:80:bb:85:34:79:ef:59:c8:d2:0d:
7b:a4:c0:50:f1:16:44:97:7f:a2:54:9f:29:5a:47:
f3:a9:e8:52:73:59:7a:b3:9d:02:e4:16:c3:9e:f9:
1e:a9:ee:a1:ef:24:d3:e7:4c:7d:2e:ae:9a:73:df:
c3:0a:db:40:0e:36:c3:a0:3f:52:af:f4:39:38:09:
13:6d:a4:5b:53:f8:8d:7e:1b:86:e9:13:9c:4c:2d:
ca:a7:fd:ae:d2:1b:fa:f2:d7:fb:3c:dd:cd:02:83:
4d:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:17:91:55:EB:12:5F:52:F0:C7:B1:51:4F:30:47:62:5E:57:9D:9F
X509v3 Authority Key Identifier:
keyid:FB:F6:2F:76:06:27:3F:41:A6:CC:C8:E2:95:60:76:F3:C0:A1:EB:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-_YvdgYnP0GmzMjilWB288Ch61Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/SBeRVesSX1Lwx7FRTzBHYl5XnZ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/1-_YvdgYnP0GmzMjilWB288Ch61Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.136.0/22
109.104.128.0-109.104.145.255
109.104.148.0/22
109.104.153.0-109.104.159.255
Signature Algorithm: sha256WithRSAEncryption
dd:0c:53:cb:c5:5d:3c:27:1d:05:60:07:47:12:58:8f:12:51:
a3:bb:b8:d1:32:10:67:58:dc:43:6e:50:8d:21:6c:32:b4:f2:
6f:8a:bc:eb:98:27:31:bd:0d:eb:8a:ff:a3:90:2b:07:de:42:
2a:28:06:c1:4d:77:6b:db:8d:b9:f1:5d:a9:82:ad:b8:dc:67:
e6:e0:c7:ff:eb:87:cd:c7:99:53:02:c5:25:f0:b3:29:80:be:
8c:e4:43:0f:f6:58:a4:e2:7e:e1:3e:8e:2c:fd:7f:ee:5a:2a:
21:e8:96:70:60:cb:0b:13:61:ad:aa:37:19:d0:3f:c5:0f:80:
44:3f:d2:ff:c9:49:9b:ec:26:fb:13:96:2d:31:fb:92:a8:c7:
04:d2:fc:51:49:a8:76:c8:97:e4:6b:a7:37:cb:6d:67:da:6f:
11:61:1c:99:80:46:a9:69:94:a8:e0:0a:44:18:2b:9c:28:f9:
93:7f:7f:09:e8:6e:aa:60:5b:ea:4c:56:74:89:16:24:c7:8e:
fe:94:70:d2:0b:93:36:89:48:a9:c5:2d:5c:20:f7:93:67:ab:
78:c0:f1:e0:78:0b:de:9f:30:55:c1:e8:20:a8:56:99:7e:cd:
92:6e:1b:5e:86:87:5d:6d:db:75:c6:00:a1:c3:ed:ba:fa:c5:
35:b1:74:6b
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIEC4WtszANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YmY2MmY3NjA2MjczZjQxYTZjY2M4ZTI5NTYwNzZmM2MwYTFlYjU0MB4XDTIyMDEw
MTEyNTc1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDgxNzkxNTVlYjEy
NWY1MmYwYzdiMTUxNGYzMDQ3NjI1ZTU3OWQ5ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANOudiPMOea2ozSio7pfcIZcqDRb/u9nDvfkvM1FcCUMFkCq
GL9xnNAuw1sfIQaAbiYX7jQ63QU+KbwvRlo0Hjs3/R13mWGF44NEY442EIAfxbM3
910VDjknXO8Si4VwZoiE7eqSTxGge5lQ6sdg0D8ISuj4G911yADduUaeIlu/U1d6
K0cbHhi0ABVh84Z+rAcrjY/WXBJEPdWAu4U0ee9ZyNINe6TAUPEWRJd/olSfKVpH
86noUnNZerOdAuQWw575Hqnuoe8k0+dMfS6umnPfwwrbQA42w6A/Uq/0OTgJE22k
W1P4jX4bhukTnEwtyqf9rtIb+vLX+zzdzQKDTbsCAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBRIF5FV6xJfUvDHsVFPMEdiXlednzAfBgNVHSMEGDAWgBT79i92Bic/QabM
yOKVYHbzwKHrVDAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtX1l2ZGdZblAwR216TWppbFdCMjg4Q2g2MVEuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzIzLzk1ZWViYi0wYTlkLTRmNzEtYjNmOS01NjQ5ZTFiMTkyYmIv
MS9TQmVSVmVzU1gxTHd4N0ZSVHpCSFlsNVhuWjgucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzIz
Lzk1ZWViYi0wYTlkLTRmNzEtYjNmOS01NjQ5ZTFiMTkyYmIvMS8xLV9ZdmRnWW5Q
MEdtek1qaWxXQjI4OENoNjFRLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQCW9KIMAwDBAdtaIADBAFtaJAD
BAJtaJQwDAMEAG1omQMEBW1ogDANBgkqhkiG9w0BAQsFAAOCAQEA3QxTy8VdPCcd
BWAHRxJYjxJRo7u40TIQZ1jcQ25QjSFsMrTyb4q865gnMb0N64r/o5ArB95CKigG
wU13a9uNufFdqYKtuNxn5uDH/+uHzceZUwLFJfCzKYC+jORDD/ZYpOJ+4T6OLP1/
7loqIeiWcGDLCxNhrao3GdA/xQ+ARD/S/8lJm+wm+xOWLTH7kqjHBNL8UUmodsiX
5GunN8ttZ9pvEWEcmYBGqWmUqOAKRBgrnCj5k39/CehuqmBb6kxWdIkWJMeO/pRw
0guTNolIqcUtXCD3k2ereMDx4HgL3p8wVcHoIKhWmX7Nkm4bXoaHXW3bdcYAocPt
uvrFNbF0aw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:04 2023 by rpki-client on console-ams.rpki-client.org