Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/4kkXqEwYCJ6jhi5hoInKX44flLU.roa
File: 4kkXqEwYCJ6jhi5hoInKX44flLU.roa (raw, json)
Hash identifier: QEZIgoLQYRStjSrcslyBUtGUOHxc08rf0aaGD9ft+Ec=
Subject key identifier: E2:49:17:A8:4C:18:08:9E:A3:86:2E:61:A0:89:CA:5F:8E:1F:94:B5
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 0181F5C1D5CADE8CF287DF2DC9CCAE185C9B
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/4kkXqEwYCJ6jhi5hoInKX44flLU.roa
Signing time: Wed 13 Jul 2022 04:12:10 +0000
ROA not before: Wed 13 Jul 2022 04:12:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 185.115.92.0/22 maxlen: 22
2.59.204.0/22 maxlen: 22
91.214.200.0/22 maxlen: 22
91.242.81.0/24 maxlen: 24
194.35.52.0/22 maxlen: 22
91.242.105.0/24 maxlen: 24
91.242.100.0/23 maxlen: 23
91.242.108.0/22 maxlen: 22
91.242.107.0/24 maxlen: 24
91.242.120.0/21 maxlen: 21
193.46.211.0/24 maxlen: 24
91.242.64.0/22 maxlen: 22
194.50.188.0/23 maxlen: 23
194.50.206.0/23 maxlen: 23
195.138.96.0/19 maxlen: 24
194.50.200.0/23 maxlen: 23
2.57.152.0/22 maxlen: 22
45.140.32.0/22 maxlen: 22
45.128.20.0/22 maxlen: 22
194.50.184.0/23 maxlen: 23
95.214.152.0/22 maxlen: 22
45.150.168.0/22 maxlen: 22
45.15.244.0/22 maxlen: 22
45.150.180.0/22 maxlen: 22
2.56.0.0/22 maxlen: 22
185.173.244.0/22 maxlen: 24
2.57.212.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:f5:c1:d5:ca:de:8c:f2:87:df:2d:c9:cc:ae:18:5c:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jul 13 04:12:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e24917a84c18089ea3862e61a089ca5f8e1f94b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f6:45:1a:21:fe:1b:02:f0:f3:ca:3d:19:4a:
58:aa:3c:c8:c2:d6:03:7e:5f:da:99:19:00:29:77:
0a:19:1c:98:d3:50:1e:c9:80:0a:ab:97:1c:a2:ae:
2d:00:88:fa:6a:e3:ff:ee:e6:ab:0f:1d:f8:2a:59:
5f:08:ba:ee:23:fa:a4:51:46:52:fd:d0:61:77:47:
11:ae:92:5b:88:d2:f7:00:ad:fd:e5:f1:b4:f4:56:
02:c7:ec:6f:f0:3d:db:1b:4b:3d:86:57:e2:e8:34:
33:72:01:84:99:9c:43:e5:2f:27:a1:7d:fc:36:07:
98:3f:1d:7d:45:c0:0a:33:6a:2e:1a:00:41:6b:ef:
a9:37:b6:ab:5c:bf:c7:e0:d0:ea:82:df:ce:7f:04:
38:87:39:6c:6b:d9:85:0c:e4:17:84:50:30:60:76:
a1:a2:4f:63:e3:ff:e1:b2:5e:78:77:5d:99:af:16:
e9:49:e3:01:47:e6:6e:32:1e:4b:7d:27:ae:b7:2b:
5a:6f:ab:40:e6:2d:ec:29:1c:90:72:2a:12:6e:79:
25:53:c3:88:6c:be:d6:e2:97:1f:93:87:dd:1f:10:
35:8e:80:13:54:69:7b:52:a8:bd:21:e5:bb:bc:92:
3e:53:ab:21:44:5b:d9:42:12:4e:1e:5a:3b:6c:ff:
62:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:49:17:A8:4C:18:08:9E:A3:86:2E:61:A0:89:CA:5F:8E:1F:94:B5
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/4kkXqEwYCJ6jhi5hoInKX44flLU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.0.0/22
2.57.152.0/22
2.57.212.0/22
2.59.204.0/22
45.15.244.0/22
45.128.20.0/22
45.140.32.0/22
45.150.168.0/22
45.150.180.0/22
91.214.200.0/22
91.242.64.0/22
91.242.81.0/24
91.242.100.0/23
91.242.105.0/24
91.242.107.0-91.242.111.255
91.242.120.0/21
95.214.152.0/22
185.115.92.0/22
185.173.244.0/22
193.46.211.0/24
194.35.52.0/22
194.50.184.0/23
194.50.188.0/23
194.50.200.0/23
194.50.206.0/23
195.138.96.0/19
Signature Algorithm: sha256WithRSAEncryption
b3:46:21:2c:5f:61:1e:bf:68:cd:1e:99:ef:d3:85:81:f6:e3:
6c:f8:54:01:24:05:cb:08:3f:17:7f:0f:4a:65:bc:23:4c:fd:
22:52:37:8e:d9:22:50:d8:84:23:02:e1:3f:00:da:06:0c:dc:
74:d4:c5:0e:42:e7:88:b4:51:06:07:04:f5:07:5f:47:a8:0d:
b5:61:74:9b:90:a7:0e:d6:9f:bc:1e:88:84:d2:e2:0b:90:c5:
16:46:0e:a2:df:f8:8f:74:ee:0f:45:5a:5a:b9:37:41:d4:13:
40:11:66:f1:df:4d:2d:5f:0e:3a:fc:83:3d:bd:ce:26:92:9f:
1c:d0:c0:c9:6f:77:26:ea:90:0f:ff:bf:fd:03:7f:60:7b:ec:
ed:8f:35:c4:e5:55:9b:ea:01:62:48:06:d9:20:be:b4:2d:28:
ba:83:85:f7:ae:a5:0a:e7:f5:dd:c3:19:bc:5f:e5:54:6b:8b:
41:58:7e:0f:de:3f:10:26:35:6c:19:d5:b2:dc:ff:e3:0e:3c:
37:57:00:f4:bb:ac:fb:2a:04:4e:a5:09:92:a8:12:dd:c4:58:
b9:bf:9a:b2:06:28:33:82:66:ba:b6:81:35:ad:e5:59:6d:a4:
8f:97:bc:6d:be:c1:52:18:0d:84:e7:7d:00:b6:bb:c2:8a:50:
91:d8:4c:c4
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAYH1wdXK3ozyh98tycyuGFybMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjIwNzEzMDQxMjEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjQ5MTdhODRjMTgwODllYTM4NjJlNjFhMDg5Y2E1ZjhlMWY5NGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPZFGiH+GwLw88o9GUpYqjzIwtYD
fl/amRkAKXcKGRyY01AeyYAKq5ccoq4tAIj6auP/7uarDx34KllfCLruI/qkUUZS
/dBhd0cRrpJbiNL3AK395fG09FYCx+xv8D3bG0s9hlfi6DQzcgGEmZxD5S8noX38
NgeYPx19RcAKM2ouGgBBa++pN7arXL/H4NDqgt/OfwQ4hzlsa9mFDOQXhFAwYHah
ok9j4//hsl54d12ZrxbpSeMBR+ZuMh5LfSeutytab6tA5i3sKRyQcioSbnklU8OI
bL7W4pcfk4fdHxA1joATVGl7Uqi9IeW7vJI+U6shRFvZQhJOHlo7bP9iUQIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFOJJF6hMGAieo4YuYaCJyl+OH5S1MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvNGtrWHFFd1lDSjZqaGk1aG9JbktYNDRmbExVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHBBggrBgEFBQcBBwEB/wSBsTCBrjCBqwQCAAEwgaQDBAIC
OAADBAICOZgDBAICOdQDBAICO8wDBAItD/QDBAItgBQDBAItjCADBAItlqgDBAIt
lrQDBAJb1sgDBAJb8kADBABb8lEDBAFb8mQDBABb8mkwDAMEAFvyawMEBFvyYAME
A1vyeAMEAl/WmAMEArlzXAMEArmt9AMEAMEu0wMEAsIjNAMEAcIyuAMEAcIyvAME
AcIyyAMEAcIyzgMEBcOKYDANBgkqhkiG9w0BAQsFAAOCAQEAs0YhLF9hHr9ozR6Z
79OFgfbjbPhUASQFywg/F38PSmW8I0z9IlI3jtkiUNiEIwLhPwDaBgzcdNTFDkLn
iLRRBgcE9QdfR6gNtWF0m5CnDtafvB6IhNLiC5DFFkYOot/4j3TuD0VaWrk3QdQT
QBFm8d9NLV8OOvyDPb3OJpKfHNDAyW93JuqQD/+//QN/YHvs7Y81xOVVm+oBYkgG
2SC+tC0ouoOF966lCuf13cMZvF/lVGuLQVh+D94/ECY1bBnVstz/4w48N1cA9Lus
+yoETqUJkqgS3cRYub+asgYoM4JmuraBNa3lWW2kj5e8bb7BUhgNhOd9ALa7wopQ
kdhMxA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:25 2024 by rpki-client on console-ams.rpki-client.org