Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/3EiVZQFyeM3pdIP-NhYMKLNNwvQ.roa
File: 3EiVZQFyeM3pdIP-NhYMKLNNwvQ.roa (raw, json)
Hash identifier: 9cNNgLmh1vkh6fdC6Zm3W0YM8xiqgg2Ft1zfdw/lWzQ=
Subject key identifier: DC:48:95:65:01:72:78:CD:E9:74:83:FE:36:16:0C:28:B3:4D:C2:F4
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 0188D9A27CAEB8012369350609EF4FD5133F
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/3EiVZQFyeM3pdIP-NhYMKLNNwvQ.roa
Signing time: Tue 20 Jun 2023 16:28:04 +0000
ROA not before: Tue 20 Jun 2023 16:28:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 89.39.242.0/24 maxlen: 24
194.56.152.0/23 maxlen: 24
94.231.198.0/24 maxlen: 24
91.242.81.0/24 maxlen: 24
185.212.11.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
91.242.107.0/24 maxlen: 24
45.89.44.0/22 maxlen: 24
185.40.105.0/24 maxlen: 24
194.242.28.0/23 maxlen: 24
86.104.19.0/24 maxlen: 24
193.46.211.0/24 maxlen: 24
193.203.127.0/24 maxlen: 24
89.40.35.0/24 maxlen: 24
91.242.70.0/23 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.74.0/24 maxlen: 24
91.242.75.0/24 maxlen: 24
89.40.161.0/24 maxlen: 24
195.138.105.0/24 maxlen: 24
195.138.103.0/24 maxlen: 24
195.138.104.0/24 maxlen: 24
86.104.192.0/24 maxlen: 24
195.138.106.0/24 maxlen: 24
45.140.32.0/22 maxlen: 22
80.94.81.0/24 maxlen: 24
80.94.80.0/24 maxlen: 24
80.94.80.0/23 maxlen: 23
45.67.117.0/24 maxlen: 24
45.15.64.0/24 maxlen: 24
91.239.59.0/24 maxlen: 24
45.15.64.0/22 maxlen: 22
45.15.66.0/24 maxlen: 24
45.15.67.0/24 maxlen: 24
45.15.65.0/24 maxlen: 24
194.213.10.0/24 maxlen: 24
185.173.247.0/24 maxlen: 24
176.126.223.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d9:a2:7c:ae:b8:01:23:69:35:06:09:ef:4f:d5:13:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jun 20 16:28:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc489565017278cde97483fe36160c28b34dc2f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a0:06:bc:9c:50:b8:d3:9e:23:e3:8b:0e:4d:
17:98:1e:92:48:66:74:fc:30:86:0d:2f:47:80:57:
10:d7:c4:d0:5b:46:e9:08:5d:29:9c:7b:1b:93:d6:
e0:08:c3:81:d3:ff:ed:cf:68:50:82:ce:10:ef:2e:
f5:6e:ba:43:6f:5c:a0:ee:e6:8d:71:2a:da:bd:e4:
7a:c1:e5:13:e5:05:48:b6:81:00:92:24:31:c9:2c:
32:32:84:6f:ab:99:13:ad:13:2b:93:50:09:01:b5:
f2:11:de:fb:05:1f:9b:32:aa:a2:3d:1c:98:76:ee:
ef:47:bc:98:d8:e3:fd:b2:70:b3:2a:e4:06:74:60:
3e:8b:b5:85:44:71:70:3b:37:88:9f:90:01:23:06:
f8:27:77:9b:2b:ba:ab:16:3e:85:49:6c:10:18:40:
05:15:2f:9f:dd:f0:c4:a0:9d:0e:ac:36:8f:f5:28:
65:77:7f:42:61:42:f6:17:59:02:91:0e:9d:4a:92:
6f:b6:04:cb:9a:1f:ad:23:3b:1e:44:39:36:e8:fd:
e7:7c:d7:b1:c3:68:85:00:13:67:a3:7d:99:1f:75:
f9:13:fc:7e:89:06:c1:78:3a:31:79:88:4a:92:51:
4e:0b:74:cb:02:03:5b:05:e0:e0:b0:4b:c5:86:96:
a1:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:48:95:65:01:72:78:CD:E9:74:83:FE:36:16:0C:28:B3:4D:C2:F4
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/3EiVZQFyeM3pdIP-NhYMKLNNwvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.64.0/22
45.67.117.0/24
45.89.44.0/22
45.140.32.0/22
80.94.80.0/23
86.104.19.0/24
86.104.192.0/24
89.39.242.0/24
89.40.35.0/24
89.40.161.0/24
91.239.59.0/24
91.242.70.0-91.242.75.255
91.242.81.0/24
91.242.103.0/24
91.242.107.0/24
94.231.198.0/24
176.126.223.0/24
185.40.105.0/24
185.173.247.0/24
185.212.11.0/24
193.46.211.0/24
193.203.127.0/24
194.56.152.0/23
194.213.10.0/24
194.242.28.0/23
195.138.103.0-195.138.106.255
Signature Algorithm: sha256WithRSAEncryption
54:d6:58:84:f3:7b:7a:ac:da:f2:27:fe:d4:c1:fb:bd:e5:78:
bc:9d:28:c8:e3:21:a7:87:2a:4d:d0:43:73:d7:be:9f:fa:3c:
05:40:2f:c2:26:17:73:55:59:7f:c5:53:b8:2b:9b:99:95:c6:
1d:34:66:f3:f6:7f:54:de:b0:72:b2:fe:78:32:f1:0f:b2:88:
ae:f5:a2:47:3c:31:d0:00:88:7d:89:ce:45:49:db:c3:81:e8:
d6:72:4f:36:64:72:a6:1c:12:d0:51:4d:86:fa:ea:dd:0b:4c:
40:c5:9e:c4:39:85:fd:fb:13:02:2b:24:74:58:3e:62:02:72:
28:9b:b7:8e:31:0d:9e:2e:21:3d:dd:bc:5d:20:ae:55:14:5f:
eb:82:24:ae:53:f1:ac:fc:fb:c8:4d:e8:03:f2:a1:6d:46:c4:
9e:17:46:66:68:a3:63:28:0c:ff:5a:40:23:6b:d7:6e:fc:95:
2e:67:e1:e9:ef:e2:1a:a5:6e:04:04:c5:3e:8f:07:f0:ec:7f:
c8:79:a5:80:d3:6d:74:56:03:eb:89:3b:29:59:0e:61:2b:e6:
2e:d1:9d:13:ec:86:4a:3a:72:6e:ed:ad:d0:3d:dc:b3:3a:36:
71:09:9b:eb:6b:4d:18:20:74:d2:0c:8a:e9:35:14:a8:ef:bb:
80:93:70:89
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAYjZonyuuAEjaTUGCe9P1RM/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwNjIwMTYyODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzQ4OTU2NTAxNzI3OGNkZTk3NDgzZmUzNjE2MGMyOGIzNGRjMmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaAGvJxQuNOeI+OLDk0XmB6SSGZ0
/DCGDS9HgFcQ18TQW0bpCF0pnHsbk9bgCMOB0//tz2hQgs4Q7y71brpDb1yg7uaN
cSraveR6weUT5QVItoEAkiQxySwyMoRvq5kTrRMrk1AJAbXyEd77BR+bMqqiPRyY
du7vR7yY2OP9snCzKuQGdGA+i7WFRHFwOzeIn5ABIwb4J3ebK7qrFj6FSWwQGEAF
FS+f3fDEoJ0OrDaP9Shld39CYUL2F1kCkQ6dSpJvtgTLmh+tIzseRDk26P3nfNex
w2iFABNno32ZH3X5E/x+iQbBeDoxeYhKklFOC3TLAgNbBeDgsEvFhpahSwIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFNxIlWUBcnjN6XSD/jYWDCizTcL0MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvM0VpVlpRRnllTTNwZElQLU5oWU1LTE5Od3ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHJBggrBgEFBQcBBwEB/wSBuTCBtjCBswQCAAEwgawDBAIt
D0ADBAAtQ3UDBAItWSwDBAItjCADBAFQXlADBABWaBMDBABWaMADBABZJ/IDBABZ
KCMDBABZKKEDBABb7zswDAMEAVvyRgMEAlvySAMEAFvyUQMEAFvyZwMEAFvyawME
AF7nxgMEALB+3wMEALkoaQMEALmt9wMEALnUCwMEAMEu0wMEAMHLfwMEAcI4mAME
AMLVCgMEAcLyHDAMAwQAw4pnAwQAw4pqMA0GCSqGSIb3DQEBCwUAA4IBAQBU1liE
83t6rNryJ/7Uwfu95Xi8nSjI4yGnhypN0ENz176f+jwFQC/CJhdzVVl/xVO4K5uZ
lcYdNGbz9n9U3rBysv54MvEPsoiu9aJHPDHQAIh9ic5FSdvDgejWck82ZHKmHBLQ
UU2G+urdC0xAxZ7EOYX9+xMCKyR0WD5iAnIom7eOMQ2eLiE93bxdIK5VFF/rgiSu
U/Gs/PvITegD8qFtRsSeF0ZmaKNjKAz/WkAja9du/JUuZ+Hp7+IapW4EBMU+jwfw
7H/IeaWA0210VgPriTspWQ5hK+Yu0Z0T7IZKOnJu7a3QPdyzOjZxCZvra00YIHTS
DIrpNRSo77uAk3CJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:41 2024 by rpki-client on console-fra.rpki-client.org