Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/3HrhCPsQly8gVOqhpF0fvJrbrMc.roa
File: 3HrhCPsQly8gVOqhpF0fvJrbrMc.roa (raw, json)
Hash identifier: jtnFCa7ssYYiQahTChZcOm/Lcw3OF4CvJ0kDcuXru0w=
Subject key identifier: DC:7A:E1:08:FB:10:97:2F:20:54:EA:A1:A4:5D:1F:BC:9A:DB:AC:C7
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018A4B6FAD9A4906ACFACA37BC2A293D94C1
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/3HrhCPsQly8gVOqhpF0fvJrbrMc.roa
Signing time: Thu 31 Aug 2023 11:52:04 +0000
ROA not before: Thu 31 Aug 2023 11:52:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 89.39.242.0/24 maxlen: 24
194.56.152.0/23 maxlen: 24
185.243.140.0/22 maxlen: 24
94.231.198.0/24 maxlen: 24
185.212.11.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
185.40.105.0/24 maxlen: 24
194.242.28.0/23 maxlen: 24
195.149.127.0/24 maxlen: 24
86.104.19.0/24 maxlen: 24
193.46.211.0/24 maxlen: 24
91.242.70.0/23 maxlen: 24
45.149.160.0/22 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.74.0/24 maxlen: 24
91.242.75.0/24 maxlen: 24
89.40.161.0/24 maxlen: 24
195.138.105.0/24 maxlen: 24
195.138.103.0/24 maxlen: 24
195.138.104.0/24 maxlen: 24
195.138.106.0/24 maxlen: 24
185.15.136.0/23 maxlen: 24
80.94.81.0/24 maxlen: 24
80.94.80.0/24 maxlen: 24
80.94.80.0/23 maxlen: 23
45.67.117.0/24 maxlen: 24
45.15.64.0/24 maxlen: 24
45.15.64.0/22 maxlen: 22
45.15.66.0/24 maxlen: 24
45.15.67.0/24 maxlen: 24
45.15.65.0/24 maxlen: 24
194.180.238.0/24 maxlen: 24
194.213.10.0/24 maxlen: 24
185.173.247.0/24 maxlen: 24
89.32.126.0/24 maxlen: 24
176.126.223.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4b:6f:ad:9a:49:06:ac:fa:ca:37:bc:2a:29:3d:94:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Aug 31 11:52:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc7ae108fb10972f2054eaa1a45d1fbc9adbacc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:39:05:da:0b:e6:77:9c:84:83:a8:9d:d9:7d:
a9:ca:a1:d0:40:73:c3:33:e5:a6:ce:a4:b8:76:c9:
23:02:85:5a:ea:91:c5:f1:c4:c8:ff:5f:8e:96:ca:
5c:34:9a:83:28:c3:82:f1:d5:88:0d:d6:b3:59:a0:
7a:15:76:75:4d:51:9c:02:6c:d1:bd:7c:cf:58:40:
7f:97:c3:06:81:de:75:c5:cf:dc:81:e2:74:64:25:
02:af:fd:99:a4:3e:33:00:77:f2:02:a0:66:c5:2a:
82:cc:7a:c0:34:df:cf:89:7d:5b:65:0d:56:4e:cf:
ae:c1:91:40:bf:f4:5b:21:bf:87:47:13:fb:4d:91:
7e:d8:f4:96:58:dd:f1:61:74:64:53:d0:fd:ca:aa:
ce:95:87:68:a1:0f:84:d1:8b:ee:e3:f8:fc:11:39:
49:e7:69:ec:54:1a:ff:0e:f8:4c:eb:a9:e0:5f:7b:
b2:dd:36:76:36:31:bd:9f:75:a5:7b:ae:85:67:43:
3d:5a:41:c6:44:bf:96:49:f3:af:d9:db:c3:eb:3e:
e0:55:f0:b7:0b:a7:33:4a:de:60:be:17:41:b0:28:
bf:57:3b:ae:0c:61:89:a3:18:cf:f7:54:76:fc:3a:
49:cc:8d:1a:e6:34:60:8c:93:10:53:4a:eb:7f:cd:
3b:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:7A:E1:08:FB:10:97:2F:20:54:EA:A1:A4:5D:1F:BC:9A:DB:AC:C7
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/3HrhCPsQly8gVOqhpF0fvJrbrMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.64.0/22
45.67.117.0/24
45.149.160.0/22
80.94.80.0/23
86.104.19.0/24
89.32.126.0/24
89.39.242.0/24
89.40.161.0/24
91.242.70.0-91.242.75.255
91.242.103.0/24
94.231.198.0/24
176.126.223.0/24
185.15.136.0/23
185.40.105.0/24
185.173.247.0/24
185.212.11.0/24
185.243.140.0/22
193.46.211.0/24
194.56.152.0/23
194.180.238.0/24
194.213.10.0/24
194.242.28.0/23
195.138.103.0-195.138.106.255
195.149.127.0/24
Signature Algorithm: sha256WithRSAEncryption
91:04:64:2b:e0:9c:73:8d:8f:0e:eb:8c:99:c4:7a:fe:bf:c6:
96:5a:9e:3a:75:ac:64:77:e0:27:83:48:97:2b:6a:75:4b:41:
1c:11:59:b4:ef:36:99:7e:f6:f8:6a:3d:bc:73:b3:e1:f5:be:
72:62:35:a2:df:7e:6f:7d:37:6a:b6:3f:15:23:7a:d6:8d:93:
4f:94:21:f5:b9:ce:8e:da:85:25:c3:b9:dd:36:c6:a9:f2:bc:
b5:2d:3e:ae:06:93:bb:c6:84:8c:da:50:54:86:ea:e1:15:53:
07:e4:d1:80:fc:ad:51:01:2b:42:25:2a:67:8b:ad:dc:d2:16:
f1:23:61:03:7f:90:df:6e:c9:1c:9e:38:32:4d:1b:3f:f6:41:
a6:6f:27:7a:9f:dd:17:b4:2f:a8:74:18:89:d5:25:d4:0c:60:
1c:32:75:9e:5f:dc:64:a5:e3:e2:1f:99:ba:ea:27:a5:8c:67:
79:49:12:47:5c:60:c6:89:3a:0e:68:2b:94:d7:f2:9c:d5:6c:
07:53:b7:7b:00:98:85:03:9f:76:da:79:c4:c5:fb:d9:eb:5d:
37:f4:41:0c:40:17:09:a8:44:58:6b:00:db:bd:47:14:c1:d1:
61:e7:70:c1:fb:27:3a:99:4b:ea:5f:b9:25:66:40:83:47:2a:
1c:00:d0:c3
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgISAYpLb62aSQas+so3vCopPZTBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwODMxMTE1MjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzdhZTEwOGZiMTA5NzJmMjA1NGVhYTFhNDVkMWZiYzlhZGJhY2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAijkF2gvmd5yEg6id2X2pyqHQQHPD
M+WmzqS4dskjAoVa6pHF8cTI/1+OlspcNJqDKMOC8dWIDdazWaB6FXZ1TVGcAmzR
vXzPWEB/l8MGgd51xc/cgeJ0ZCUCr/2ZpD4zAHfyAqBmxSqCzHrANN/PiX1bZQ1W
Ts+uwZFAv/RbIb+HRxP7TZF+2PSWWN3xYXRkU9D9yqrOlYdooQ+E0Yvu4/j8ETlJ
52nsVBr/DvhM66ngX3uy3TZ2NjG9n3Wle66FZ0M9WkHGRL+WSfOv2dvD6z7gVfC3
C6czSt5gvhdBsCi/VzuuDGGJoxjP91R2/DpJzI0a5jRgjJMQU0rrf8072QIDAQAB
o4ICqDCCAqQwHQYDVR0OBBYEFNx64Qj7EJcvIFTqoaRdH7ya26zHMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvM0hyaENQc1FseThnVk9xaHBGMGZ2SnJick1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG9BggrBgEFBQcBBwEB/wSBrTCBqjCBpwQCAAEwgaADBAIt
D0ADBAAtQ3UDBAItlaADBAFQXlADBABWaBMDBABZIH4DBABZJ/IDBABZKKEwDAME
AVvyRgMEAlvySAMEAFvyZwMEAF7nxgMEALB+3wMEAbkPiAMEALkoaQMEALmt9wME
ALnUCwMEArnzjAMEAMEu0wMEAcI4mAMEAMK07gMEAMLVCgMEAcLyHDAMAwQAw4pn
AwQAw4pqAwQAw5V/MA0GCSqGSIb3DQEBCwUAA4IBAQCRBGQr4JxzjY8O64yZxHr+
v8aWWp46daxkd+Ang0iXK2p1S0EcEVm07zaZfvb4aj28c7Ph9b5yYjWi335vfTdq
tj8VI3rWjZNPlCH1uc6O2oUlw7ndNsap8ry1LT6uBpO7xoSM2lBUhurhFVMH5NGA
/K1RAStCJSpni63c0hbxI2EDf5DfbskcnjgyTRs/9kGmbyd6n90XtC+odBiJ1SXU
DGAcMnWeX9xkpePiH5m66ieljGd5SRJHXGDGiToOaCuU1/Kc1WwHU7d7AJiFA592
2nnExfvZ61039EEMQBcJqERYawDbvUcUwdFh53DB+yc6mUvqX7klZkCDRyocANDD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:41 2024 by rpki-client on console-fra.rpki-client.org