Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/4xgVNPaM_O1DLcQ2YLhGbrZ8yqI.roa
File: 4xgVNPaM_O1DLcQ2YLhGbrZ8yqI.roa (raw, json)
Hash identifier: 0XLcL1P7VPjX3+N/7ykcSd5Rje9gcDNvSTbbO2i5jtc=
Subject key identifier: E3:18:15:34:F6:8C:FC:ED:43:2D:C4:36:60:B8:46:6E:B6:7C:CA:A2
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018B0135CA49D0DBD4F257332F3FDF8E6F79
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/4xgVNPaM_O1DLcQ2YLhGbrZ8yqI.roa
Signing time: Thu 05 Oct 2023 18:59:44 +0000
ROA not before: Thu 05 Oct 2023 18:59:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 185.255.99.0/24 maxlen: 24
89.39.242.0/24 maxlen: 24
194.56.152.0/23 maxlen: 24
185.243.140.0/22 maxlen: 24
94.231.198.0/24 maxlen: 24
194.56.153.0/24 maxlen: 24
185.212.11.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
185.40.105.0/24 maxlen: 24
194.242.28.0/23 maxlen: 24
195.149.127.0/24 maxlen: 24
193.46.211.0/24 maxlen: 24
91.242.71.0/24 maxlen: 24
45.149.160.0/22 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.75.0/24 maxlen: 24
89.40.161.0/24 maxlen: 24
195.138.103.0/24 maxlen: 24
195.138.104.0/24 maxlen: 24
185.15.136.0/23 maxlen: 24
80.94.80.0/23 maxlen: 24
45.67.117.0/24 maxlen: 24
45.15.64.0/22 maxlen: 24
194.180.238.0/24 maxlen: 24
194.213.10.0/24 maxlen: 24
185.173.247.0/24 maxlen: 24
89.32.126.0/24 maxlen: 24
92.118.108.0/24 maxlen: 24
176.126.223.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:01:35:ca:49:d0:db:d4:f2:57:33:2f:3f:df:8e:6f:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Oct 5 18:59:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e3181534f68cfced432dc43660b8466eb67ccaa2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:7d:96:e4:3d:60:cc:db:ad:7d:18:53:2e:dc:
fc:b2:91:a5:eb:f9:18:df:bf:ac:72:39:eb:59:ac:
23:d8:00:8d:28:1b:df:77:b8:75:bb:29:22:c0:9c:
1d:13:91:ba:10:bd:b7:a5:b1:f6:b9:58:c9:62:35:
ad:97:f8:05:29:06:f0:25:3d:2d:01:81:3b:cf:c1:
cc:dc:01:e5:49:13:fe:f8:44:51:6e:1f:bb:ac:da:
c6:bf:82:34:0f:37:de:86:df:ab:70:ff:c7:1b:de:
d5:4b:75:18:b0:91:9a:15:f2:84:04:2e:42:a2:3d:
ea:f9:36:db:50:6e:de:9c:be:28:76:54:1d:41:e5:
70:cb:a6:7e:61:0c:95:a4:3d:29:ab:bb:f0:8c:27:
9f:e6:d1:37:eb:45:fe:54:0c:73:de:5f:5d:78:1a:
f6:04:e4:e3:b6:0f:b3:b8:96:58:8f:74:59:b8:6a:
40:df:ad:04:28:c9:89:74:ad:00:5e:2b:19:c6:6f:
82:95:07:d2:a7:8f:94:1a:6b:11:e9:da:a9:fb:fa:
5a:30:a4:81:9d:5c:ba:35:a4:21:31:99:5d:f4:e6:
86:b8:2e:9c:f9:b4:ae:57:b8:78:96:47:45:24:39:
44:49:98:16:42:33:e5:24:6c:2b:8e:3d:27:84:97:
f6:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:18:15:34:F6:8C:FC:ED:43:2D:C4:36:60:B8:46:6E:B6:7C:CA:A2
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/4xgVNPaM_O1DLcQ2YLhGbrZ8yqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.64.0/22
45.67.117.0/24
45.149.160.0/22
80.94.80.0/23
89.32.126.0/24
89.39.242.0/24
89.40.161.0/24
91.242.71.0-91.242.73.255
91.242.75.0/24
91.242.103.0/24
92.118.108.0/24
94.231.198.0/24
176.126.223.0/24
185.15.136.0/23
185.40.105.0/24
185.173.247.0/24
185.212.11.0/24
185.243.140.0/22
185.255.99.0/24
193.46.211.0/24
194.56.152.0/23
194.180.238.0/24
194.213.10.0/24
194.242.28.0/23
195.138.103.0-195.138.104.255
195.149.127.0/24
Signature Algorithm: sha256WithRSAEncryption
91:e0:1c:bc:cd:67:63:99:ed:19:48:9f:13:8f:e0:fa:27:e6:
2e:46:39:32:2b:44:41:73:1e:ae:88:c3:ab:57:c1:b0:a8:bf:
85:f1:83:b7:b0:55:9f:ee:ea:2e:76:9b:d1:64:b8:04:98:88:
eb:aa:f0:f4:9f:f2:a4:07:c6:b6:ac:c3:44:95:f7:5d:7c:2a:
e6:05:70:28:77:ef:6b:fc:e1:38:dc:49:cf:fa:c1:c0:c0:0b:
25:cc:e9:08:ba:8a:4a:cd:d7:65:32:40:f5:bc:1f:72:e5:81:
3b:2c:5f:3a:29:44:7b:06:2f:d4:12:96:f4:b4:f9:58:8f:66:
63:19:e1:37:86:a1:08:76:52:93:66:04:87:18:eb:69:3c:a7:
2d:d4:fa:20:97:19:18:50:4d:40:9f:5f:f3:4c:2f:ab:31:2b:
00:dd:00:8e:b6:07:46:4e:1e:1c:bd:77:c1:fd:cf:f9:6b:5f:
2b:d6:9b:17:d4:1e:c8:78:d4:67:30:83:3a:b1:25:4d:00:d7:
ad:d4:9f:57:22:1d:cb:0f:2d:c3:39:90:d6:d4:b2:ac:80:79:
10:98:e6:c9:ae:be:60:b9:b9:4f:2c:75:63:88:69:24:15:47:
d4:1e:a2:c9:8a:0c:87:83:d5:be:33:b7:04:12:55:fb:9c:ef:
c3:26:29:6b
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAYsBNcpJ0NvU8lczLz/fjm95MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMxMDA1MTg1OTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzE4MTUzNGY2OGNmY2VkNDMyZGM0MzY2MGI4NDY2ZWI2N2NjYWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnX2W5D1gzNutfRhTLtz8spGl6/kY
37+scjnrWawj2ACNKBvfd7h1uykiwJwdE5G6EL23pbH2uVjJYjWtl/gFKQbwJT0t
AYE7z8HM3AHlSRP++ERRbh+7rNrGv4I0Dzfeht+rcP/HG97VS3UYsJGaFfKEBC5C
oj3q+TbbUG7enL4odlQdQeVwy6Z+YQyVpD0pq7vwjCef5tE360X+VAxz3l9deBr2
BOTjtg+zuJZYj3RZuGpA360EKMmJdK0AXisZxm+ClQfSp4+UGmsR6dqp+/paMKSB
nVy6NaQhMZld9OaGuC6c+bSuV7h4lkdFJDlESZgWQjPlJGwrjj0nhJf2UQIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFOMYFTT2jPztQy3ENmC4Rm62fMqiMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvNHhnVk5QYU1fTzFETGNRMllMaEdiclo4eXFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHJBggrBgEFBQcBBwEB/wSBuTCBtjCBswQCAAEwgawDBAIt
D0ADBAAtQ3UDBAItlaADBAFQXlADBABZIH4DBABZJ/IDBABZKKEwDAMEAFvyRwME
AVvySAMEAFvySwMEAFvyZwMEAFx2bAMEAF7nxgMEALB+3wMEAbkPiAMEALkoaQME
ALmt9wMEALnUCwMEArnzjAMEALn/YwMEAMEu0wMEAcI4mAMEAMK07gMEAMLVCgME
AcLyHDAMAwQAw4pnAwQAw4poAwQAw5V/MA0GCSqGSIb3DQEBCwUAA4IBAQCR4By8
zWdjme0ZSJ8Tj+D6J+YuRjkyK0RBcx6uiMOrV8GwqL+F8YO3sFWf7uoudpvRZLgE
mIjrqvD0n/KkB8a2rMNElfddfCrmBXAod+9r/OE43EnP+sHAwAslzOkIuopKzddl
MkD1vB9y5YE7LF86KUR7Bi/UEpb0tPlYj2ZjGeE3hqEIdlKTZgSHGOtpPKct1Pog
lxkYUE1An1/zTC+rMSsA3QCOtgdGTh4cvXfB/c/5a18r1psX1B7IeNRnMIM6sSVN
ANet1J9XIh3LDy3DOZDW1LKsgHkQmObJrr5gublPLHVjiGkkFUfUHqLJigyHg9W+
M7cEElX7nO/DJilr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:41 2024 by rpki-client on console-fra.rpki-client.org