Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/321q_LBTypCv7Wf6pVY0D0nF16I.roa
File: 321q_LBTypCv7Wf6pVY0D0nF16I.roa (raw, json)
Hash identifier: kQL5yfffX3u7D6CFFXNk7u9c+FioUnMp1672FPdoF34=
Subject key identifier: DF:6D:6A:FC:B0:53:CA:90:AF:ED:67:FA:A5:56:34:0F:49:C5:D7:A2
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 14EE3B49
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/321q_LBTypCv7Wf6pVY0D0nF16I.roa
Signing time: Tue 03 May 2022 13:06:56 +0000
ROA not before: Tue 03 May 2022 13:06:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 194.50.206.0/23 maxlen: 23
194.50.200.0/23 maxlen: 23
195.138.96.0/19 maxlen: 24
85.159.117.0/24 maxlen: 24
45.140.32.0/22 maxlen: 22
212.90.116.0/22 maxlen: 22
194.242.22.0/23 maxlen: 23
45.151.196.0/22 maxlen: 22
194.180.238.0/24 maxlen: 24
91.242.105.0/24 maxlen: 24
91.242.100.0/23 maxlen: 23
91.242.108.0/22 maxlen: 22
91.242.120.0/21 maxlen: 21
45.143.252.0/22 maxlen: 22
45.150.180.0/22 maxlen: 22
185.173.244.0/22 maxlen: 24
185.145.80.0/22 maxlen: 22
62.182.100.0/23 maxlen: 23
91.242.64.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 351157065 (0x14ee3b49)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: May 3 13:06:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=df6d6afcb053ca90afed67faa556340f49c5d7a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:f7:0e:ef:7c:7e:1b:a4:13:f0:00:32:ad:21:
e6:59:02:18:a7:04:a0:c4:5e:23:e4:3f:13:a5:90:
35:44:51:85:f8:79:d5:e6:b9:f9:16:58:71:d1:96:
08:f5:21:30:3b:5d:53:01:ab:71:ba:51:7a:d5:2d:
e9:46:b1:b0:94:d5:7d:28:a0:be:63:9b:99:d3:f3:
06:4a:d4:70:43:dc:19:88:28:89:0b:94:a7:d4:fa:
d0:de:0a:cb:ac:0b:96:a6:e1:0a:96:ae:11:51:85:
5e:ea:e1:53:91:60:ce:5d:bb:53:7c:95:db:4b:b3:
5e:01:54:c0:f7:d1:23:e2:ba:d7:d0:2f:ae:f2:b6:
7b:b4:aa:1a:23:96:57:d8:a9:5b:1a:6f:35:cb:5d:
58:85:0d:37:55:12:56:83:b0:1c:60:5e:3d:ab:35:
46:c9:3b:25:6a:bf:93:54:8d:7b:42:90:62:80:88:
b0:b5:81:ec:f4:46:57:90:1f:ff:c0:cc:47:95:a0:
e4:61:c9:55:8b:db:6c:9e:99:3c:ec:3e:cb:31:77:
a9:f8:8d:17:08:19:33:d5:33:28:f6:07:54:8d:48:
6f:f0:51:05:17:0f:65:9c:e6:6c:a2:0b:a6:0f:3c:
76:38:62:f9:de:f2:d9:ba:38:aa:23:e6:7d:28:ff:
7c:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:6D:6A:FC:B0:53:CA:90:AF:ED:67:FA:A5:56:34:0F:49:C5:D7:A2
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/321q_LBTypCv7Wf6pVY0D0nF16I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.32.0/22
45.143.252.0/22
45.150.180.0/22
45.151.196.0/22
62.182.100.0/23
85.159.117.0/24
91.242.64.0/22
91.242.100.0/23
91.242.105.0/24
91.242.108.0/22
91.242.120.0/21
185.145.80.0/22
185.173.244.0/22
194.50.200.0/23
194.50.206.0/23
194.180.238.0/24
194.242.22.0/23
195.138.96.0/19
212.90.116.0/22
Signature Algorithm: sha256WithRSAEncryption
17:c2:30:3d:82:4c:4b:4c:3e:0f:c9:3a:9e:8b:7f:4d:2d:09:
a2:e9:7c:26:29:e0:41:49:b9:b4:43:ff:4a:ac:00:fc:43:20:
8c:70:8f:64:d6:14:ca:88:70:75:9b:24:91:29:06:a1:7d:32:
f3:9d:f5:2a:98:33:db:37:95:f8:c3:cb:81:00:7b:10:42:5b:
91:2a:6a:3e:13:dd:bf:83:6d:c4:ff:3a:19:4b:68:3b:e4:a6:
72:1e:8a:db:6b:d9:69:b1:23:20:28:f3:d5:f4:00:b7:96:62:
e8:72:79:3c:52:7d:99:74:c7:8b:ff:14:b3:88:35:f2:fc:88:
9e:41:a2:39:87:35:3d:60:0c:83:38:24:db:61:da:fb:38:99:
4a:64:d3:9a:06:00:ce:34:90:0d:79:eb:43:7a:1e:cc:7a:ce:
4c:9a:04:bf:87:21:aa:78:3c:41:20:cc:6a:69:17:3b:32:8a:
ed:c9:92:67:7e:95:0d:f0:18:74:c6:63:1e:75:a8:a9:7c:38:
8f:15:c4:3a:8b:38:65:af:aa:97:3f:42:b3:e8:2c:58:ec:d0:
64:37:28:99:74:9d:36:c8:19:d7:dc:13:0e:c8:0e:3f:37:f2:
07:cd:44:54:0d:84:1f:44:de:39:7a:03:49:d5:bf:2f:44:47:
12:b8:84:60
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgIEFO47STANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmFiMzA2ODM4NTllYzdlMDIwNmZlOTI2NTM2M2U4ZTM5NzFhOWE4MB4XDTIyMDUw
MzEzMDY1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGY2ZDZhZmNiMDUz
Y2E5MGFmZWQ2N2ZhYTU1NjM0MGY0OWM1ZDdhMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANL3Du98fhukE/AAMq0h5lkCGKcEoMReI+Q/E6WQNURRhfh5
1ea5+RZYcdGWCPUhMDtdUwGrcbpRetUt6UaxsJTVfSigvmObmdPzBkrUcEPcGYgo
iQuUp9T60N4Ky6wLlqbhCpauEVGFXurhU5Fgzl27U3yV20uzXgFUwPfRI+K619Av
rvK2e7SqGiOWV9ipWxpvNctdWIUNN1USVoOwHGBePas1Rsk7JWq/k1SNe0KQYoCI
sLWB7PRGV5Af/8DMR5Wg5GHJVYvbbJ6ZPOw+yzF3qfiNFwgZM9UzKPYHVI1Ib/BR
BRcPZZzmbKILpg88djhi+d7y2bo4qiPmfSj/fOkCAwEAAaOCAnYwggJyMB0GA1Ud
DgQWBBTfbWr8sFPKkK/tZ/qlVjQPScXXojAfBgNVHSMEGDAWgBSLqzBoOFnsfgIG
/pJlNj6OOXGpqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k2c3dhRGhaN0g0Q0J2NlNaVFktampseHFhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8x
LzMyMXFfTEJUeXBDdjdXZjZwVlkwRDBuRjE2SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
ODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8xL2k2c3dhRGhaN0g0
Q0J2NlNaVFktampseHFhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
iwYIKwYBBQUHAQcBAf8EfDB6MHgEAgABMHIDBAItjCADBAItj/wDBAItlrQDBAIt
l8QDBAE+tmQDBABVn3UDBAJb8kADBAFb8mQDBABb8mkDBAJb8mwDBANb8ngDBAK5
kVADBAK5rfQDBAHCMsgDBAHCMs4DBADCtO4DBAHC8hYDBAXDimADBALUWnQwDQYJ
KoZIhvcNAQELBQADggEBABfCMD2CTEtMPg/JOp6Lf00tCaLpfCYp4EFJubRD/0qs
APxDIIxwj2TWFMqIcHWbJJEpBqF9MvOd9SqYM9s3lfjDy4EAexBCW5Eqaj4T3b+D
bcT/OhlLaDvkpnIeittr2WmxIyAo89X0ALeWYuhyeTxSfZl0x4v/FLOINfL8iJ5B
ojmHNT1gDIM4JNth2vs4mUpk05oGAM40kA1560N6Hsx6zkyaBL+HIap4PEEgzGpp
Fzsyiu3Jkmd+lQ3wGHTGYx51qKl8OI8VxDqLOGWvqpc/QrPoLFjs0GQ3KJl0nTbI
GdfcEw7IDj838gfNRFQNhB9E3jl6A0nVvy9ERxK4hGA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:25 2024 by rpki-client on console-ams.rpki-client.org