Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/4wfao007gb0zt3w1dcyVoLXSCwc.roa
File: 4wfao007gb0zt3w1dcyVoLXSCwc.roa (raw, json)
Hash identifier: LCtaWq0MgPQbWqlqioTdcYOsEHkKZaUTowUegspTBOA=
Subject key identifier: E3:07:DA:A3:4D:3B:81:BD:33:B7:7C:35:75:CC:95:A0:B5:D2:0B:07
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018C44EAD65F763F063D7B9370A64770A0F5
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/4wfao007gb0zt3w1dcyVoLXSCwc.roa
Signing time: Thu 07 Dec 2023 15:34:50 +0000
ROA not before: Thu 07 Dec 2023 15:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 185.255.99.0/24 maxlen: 24
185.15.136.0/23 maxlen: 24
45.67.117.0/24 maxlen: 24
94.231.198.0/24 maxlen: 24
194.56.153.0/24 maxlen: 24
185.212.11.0/24 maxlen: 24
194.180.238.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
185.40.105.0/24 maxlen: 24
194.213.10.0/24 maxlen: 24
194.242.28.0/23 maxlen: 24
185.173.247.0/24 maxlen: 24
89.32.126.0/24 maxlen: 24
92.118.108.0/24 maxlen: 24
176.126.223.0/24 maxlen: 24
91.242.71.0/24 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.75.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:44:ea:d6:5f:76:3f:06:3d:7b:93:70:a6:47:70:a0:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Dec 7 15:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e307daa34d3b81bd33b77c3575cc95a0b5d20b07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:2c:65:df:22:50:1f:e6:2a:72:fd:15:b7:a7:
91:a6:53:de:08:4e:9f:87:9d:8a:2c:df:9c:2d:a9:
45:be:ec:2b:52:7a:24:99:dc:b3:b9:30:c1:dd:5a:
df:09:0b:09:72:96:69:07:ec:36:63:17:43:52:76:
b9:78:13:9c:87:d2:20:11:44:c8:2a:6f:f3:44:6e:
85:d1:98:0f:0e:f9:06:70:13:78:17:72:49:e1:7a:
b9:88:e7:b6:d6:a3:f5:ec:c7:8f:7e:05:c3:8e:ed:
5e:8d:20:08:c4:6a:22:05:de:4d:8b:ea:bc:93:4b:
23:fc:d6:1c:59:75:d3:c9:e5:87:b5:fd:d3:c9:05:
96:a5:27:a6:bc:f9:dd:35:3d:3b:ea:9f:4a:24:71:
fd:0b:5d:d0:4c:75:05:43:5d:58:5e:d1:53:42:21:
95:7a:41:e9:84:ed:8b:39:ed:86:37:7b:a1:15:bb:
cf:84:3a:76:f5:28:4c:09:da:94:cf:56:e0:c1:dd:
b8:ce:7e:bd:bd:9d:f2:21:aa:2e:eb:2c:fb:c6:1e:
f8:0d:f3:cc:e2:6c:37:84:3a:23:ae:a2:d8:b4:93:
9c:32:f9:21:6f:a2:e3:6f:26:f8:6e:9c:45:f4:24:
8f:11:7d:a6:7b:83:3b:e1:56:0b:b7:f4:11:4e:3f:
07:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:07:DA:A3:4D:3B:81:BD:33:B7:7C:35:75:CC:95:A0:B5:D2:0B:07
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/4wfao007gb0zt3w1dcyVoLXSCwc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.117.0/24
89.32.126.0/24
91.242.71.0-91.242.73.255
91.242.75.0/24
91.242.103.0/24
92.118.108.0/24
94.231.198.0/24
176.126.223.0/24
185.15.136.0/23
185.40.105.0/24
185.173.247.0/24
185.212.11.0/24
185.255.99.0/24
194.56.153.0/24
194.180.238.0/24
194.213.10.0/24
194.242.28.0/23
Signature Algorithm: sha256WithRSAEncryption
49:04:67:6b:94:14:df:11:3e:72:09:ec:76:96:91:e0:e6:9d:
eb:ab:fa:2f:ea:08:5a:9d:03:03:51:ff:fd:18:54:6b:9a:56:
2d:88:59:c0:46:09:7a:91:20:bf:ab:33:e4:6e:5c:9f:8a:cb:
b2:fd:a8:16:e7:36:ef:33:04:74:1d:e2:a6:61:6b:56:9f:c9:
68:ce:44:69:b1:a2:34:bc:b0:80:3f:97:1b:1e:ab:7b:58:9c:
37:58:73:e2:92:80:1c:c2:16:35:39:b1:5d:97:9f:a2:25:b2:
47:f4:3c:c5:35:7e:fd:f6:d5:33:9a:12:8d:0d:03:fd:58:78:
aa:64:6b:2d:50:e1:c4:81:74:a6:e8:b0:45:18:3d:c9:e4:e4:
ae:06:dd:63:f9:84:14:c5:be:b8:20:2d:d2:82:45:d2:cd:53:
ef:db:ed:b7:2f:af:28:9d:f2:07:71:16:16:e1:8b:18:10:ce:
32:b9:8c:f5:55:f1:ef:fc:ad:e0:b4:80:5c:0e:2b:44:3c:8f:
51:e2:76:63:03:10:77:44:ac:36:9c:97:ca:32:d8:22:27:b5:
c8:d3:b2:63:69:03:93:0d:f1:71:55:9c:0e:a0:73:36:dd:a9:
56:7c:1b:cd:34:d8:45:3c:41:8d:1b:bf:28:81:fe:40:20:c4:
b9:04:ac:50
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAYxE6tZfdj8GPXuTcKZHcKD1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMxMjA3MTUzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzA3ZGFhMzRkM2I4MWJkMzNiNzdjMzU3NWNjOTVhMGI1ZDIwYjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCxl3yJQH+Yqcv0Vt6eRplPeCE6f
h52KLN+cLalFvuwrUnokmdyzuTDB3VrfCQsJcpZpB+w2YxdDUna5eBOch9IgEUTI
Km/zRG6F0ZgPDvkGcBN4F3JJ4Xq5iOe21qP17MePfgXDju1ejSAIxGoiBd5Ni+q8
k0sj/NYcWXXTyeWHtf3TyQWWpSemvPndNT076p9KJHH9C13QTHUFQ11YXtFTQiGV
ekHphO2LOe2GN3uhFbvPhDp29ShMCdqUz1bgwd24zn69vZ3yIaou6yz7xh74DfPM
4mw3hDojrqLYtJOcMvkhb6Ljbyb4bpxF9CSPEX2me4M74VYLt/QRTj8HlQIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFOMH2qNNO4G9M7d8NXXMlaC10gsHMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvNHdmYW8wMDdnYjB6dDN3MWRjeVZvTFhTQ3djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAEwbgMEAC1DdQME
AFkgfjAMAwQAW/JHAwQBW/JIAwQAW/JLAwQAW/JnAwQAXHZsAwQAXufGAwQAsH7f
AwQBuQ+IAwQAuShpAwQAua33AwQAudQLAwQAuf9jAwQAwjiZAwQAwrTuAwQAwtUK
AwQBwvIcMA0GCSqGSIb3DQEBCwUAA4IBAQBJBGdrlBTfET5yCex2lpHg5p3rq/ov
6ghanQMDUf/9GFRrmlYtiFnARgl6kSC/qzPkblyfisuy/agW5zbvMwR0HeKmYWtW
n8lozkRpsaI0vLCAP5cbHqt7WJw3WHPikoAcwhY1ObFdl5+iJbJH9DzFNX799tUz
mhKNDQP9WHiqZGstUOHEgXSm6LBFGD3J5OSuBt1j+YQUxb64IC3SgkXSzVPv2+23
L68onfIHcRYW4YsYEM4yuYz1VfHv/K3gtIBcDitEPI9R4nZjAxB3RKw2nJfKMtgi
J7XI07JjaQOTDfFxVZwOoHM23alWfBvNNNhFPEGNG78ogf5AIMS5BKxQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:25 2024 by rpki-client on console-ams.rpki-client.org