Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/618y_PXTLP0tUhE3ZbGN2kXs7kw.roa
File: 618y_PXTLP0tUhE3ZbGN2kXs7kw.roa (raw, json)
Hash identifier: LjBULSfHvWY+TrTGotPVtpv9gRfqdDZ1xmUxOSq3yeo=
Subject key identifier: EB:5F:32:FC:F5:D3:2C:FD:2D:52:11:37:65:B1:8D:DA:45:EC:EE:4C
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018562F688506AADC6A92ECC98F9BDE33A46
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/618y_PXTLP0tUhE3ZbGN2kXs7kw.roa
Signing time: Fri 30 Dec 2022 12:16:41 +0000
ROA not before: Fri 30 Dec 2022 12:16:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 45.88.124.0/22 maxlen: 22
194.56.152.0/23 maxlen: 24
94.231.198.0/24 maxlen: 24
91.242.81.0/24 maxlen: 24
185.212.11.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
91.242.107.0/24 maxlen: 24
45.89.44.0/22 maxlen: 24
194.242.28.0/23 maxlen: 24
86.104.19.0/24 maxlen: 24
193.46.211.0/24 maxlen: 24
91.242.70.0/23 maxlen: 24
91.242.74.0/24 maxlen: 24
91.242.75.0/24 maxlen: 24
91.242.72.0/23 maxlen: 24
5.182.28.0/22 maxlen: 22
86.104.192.0/24 maxlen: 24
45.140.32.0/22 maxlen: 22
80.94.81.0/24 maxlen: 24
80.94.80.0/23 maxlen: 23
80.94.80.0/24 maxlen: 24
91.239.59.0/24 maxlen: 24
45.67.117.0/24 maxlen: 24
45.15.64.0/24 maxlen: 24
45.15.64.0/22 maxlen: 22
45.15.66.0/24 maxlen: 24
45.15.67.0/24 maxlen: 24
45.15.65.0/24 maxlen: 24
45.150.180.0/22 maxlen: 22
194.213.10.0/24 maxlen: 24
185.173.247.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:62:f6:88:50:6a:ad:c6:a9:2e:cc:98:f9:bd:e3:3a:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Dec 30 12:16:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=eb5f32fcf5d32cfd2d52113765b18dda45ecee4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:0c:e5:51:df:be:3b:ee:48:37:63:a2:53:91:
50:7d:b6:87:f9:f1:ad:96:e9:4e:97:a8:d7:1e:18:
5d:e2:f0:66:3f:69:34:f4:57:b3:0e:dc:47:b6:65:
a5:23:b4:19:83:ac:44:95:9b:7b:1a:a8:fe:e3:a5:
c4:b5:9a:91:e4:e8:f8:5c:55:d3:66:31:f0:23:c6:
56:40:c4:cf:93:72:f7:46:1d:74:fe:46:34:2f:87:
b3:9c:f7:c3:40:b4:f5:81:e7:07:05:b9:80:4e:f1:
de:6d:77:49:66:66:c5:c5:8a:4d:e0:aa:8a:6f:77:
4e:3e:5d:6f:5f:3b:8c:0a:33:40:a0:c8:5b:56:97:
86:35:41:70:30:e6:78:c1:75:21:3a:00:36:08:2e:
e8:81:d6:95:86:87:c3:2d:bd:e3:b6:a1:5a:53:0f:
37:11:b1:a4:f7:e7:c6:38:fb:be:92:3e:fc:79:b5:
3a:ed:a6:ec:aa:eb:5e:bc:c1:e0:dc:60:7c:17:34:
81:16:03:55:51:d4:17:45:be:ff:eb:5c:8a:39:d8:
e2:14:35:b8:09:82:bf:fb:36:68:8a:84:8e:29:f1:
3c:d5:8b:a3:24:97:3f:31:1b:12:6d:2e:c1:95:33:
43:8a:06:f7:32:b2:00:23:52:af:34:2f:a7:73:90:
d7:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:5F:32:FC:F5:D3:2C:FD:2D:52:11:37:65:B1:8D:DA:45:EC:EE:4C
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/618y_PXTLP0tUhE3ZbGN2kXs7kw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.28.0/22
45.15.64.0/22
45.67.117.0/24
45.88.124.0/22
45.89.44.0/22
45.140.32.0/22
45.150.180.0/22
80.94.80.0/23
86.104.19.0/24
86.104.192.0/24
91.239.59.0/24
91.242.70.0-91.242.75.255
91.242.81.0/24
91.242.103.0/24
91.242.107.0/24
94.231.198.0/24
185.173.247.0/24
185.212.11.0/24
193.46.211.0/24
194.56.152.0/23
194.213.10.0/24
194.242.28.0/23
Signature Algorithm: sha256WithRSAEncryption
34:5a:7d:d4:e2:91:32:c0:34:73:ac:94:85:92:50:63:36:fd:
e2:28:85:85:56:ff:d0:2b:20:e8:7e:9c:13:0c:6b:d6:4e:8f:
26:ad:8b:b0:01:56:8a:7e:5e:5c:2b:55:5a:bf:2c:31:ff:d0:
53:02:f4:c3:4f:46:1a:b1:e0:0b:71:66:f2:50:c7:16:2e:af:
fa:49:91:f2:af:4e:ed:3e:b2:b3:a6:4a:f4:bd:92:e2:a2:77:
bf:2c:47:e1:4e:71:f2:fc:dd:05:a0:42:96:0c:65:df:8c:56:
dd:f7:fe:ea:97:c8:04:83:d3:6b:d7:e5:80:ed:af:05:e0:db:
dc:12:71:93:e9:56:35:69:6f:cc:f3:5c:07:84:5f:d3:e5:0c:
a9:e0:5c:c2:73:ed:5b:85:0a:0c:b7:7c:e9:eb:eb:27:42:e7:
fd:8b:a8:45:3f:d4:18:87:dc:33:50:6f:36:2d:1a:9e:98:ad:
b5:98:93:26:d5:8d:3c:a0:fc:eb:a0:43:32:c5:26:e8:fe:a7:
b6:d9:a8:47:57:5d:0d:40:8e:62:4a:ee:7d:dc:d1:94:44:95:
74:d4:9b:ec:41:06:ca:95:ef:89:f6:3e:f6:70:74:f1:0f:26:
eb:08:bd:7c:1e:b0:1c:4c:ea:be:b5:de:c6:f5:a4:17:5c:5e:
30:8c:5e:3b
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAYVi9ohQaq3GqS7MmPm94zpGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjIxMjMwMTIxNjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjVmMzJmY2Y1ZDMyY2ZkMmQ1MjExMzc2NWIxOGRkYTQ1ZWNlZTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAzlUd++O+5IN2OiU5FQfbaH+fGt
lulOl6jXHhhd4vBmP2k09FezDtxHtmWlI7QZg6xElZt7Gqj+46XEtZqR5Oj4XFXT
ZjHwI8ZWQMTPk3L3Rh10/kY0L4eznPfDQLT1gecHBbmATvHebXdJZmbFxYpN4KqK
b3dOPl1vXzuMCjNAoMhbVpeGNUFwMOZ4wXUhOgA2CC7ogdaVhofDLb3jtqFaUw83
EbGk9+fGOPu+kj78ebU67absqutevMHg3GB8FzSBFgNVUdQXRb7/61yKOdjiFDW4
CYK/+zZoioSOKfE81YujJJc/MRsSbS7BlTNDigb3MrIAI1KvNC+nc5DXFwIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFOtfMvz10yz9LVIRN2WxjdpF7O5MMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvNjE4eV9QWFRMUDB0VWhFM1piR04ya1hzN2t3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAEwgYwDBAIF
thwDBAItD0ADBAAtQ3UDBAItWHwDBAItWSwDBAItjCADBAItlrQDBAFQXlADBABW
aBMDBABWaMADBABb7zswDAMEAVvyRgMEAlvySAMEAFvyUQMEAFvyZwMEAFvyawME
AF7nxgMEALmt9wMEALnUCwMEAMEu0wMEAcI4mAMEAMLVCgMEAcLyHDANBgkqhkiG
9w0BAQsFAAOCAQEANFp91OKRMsA0c6yUhZJQYzb94iiFhVb/0Csg6H6cEwxr1k6P
Jq2LsAFWin5eXCtVWr8sMf/QUwL0w09GGrHgC3Fm8lDHFi6v+kmR8q9O7T6ys6ZK
9L2S4qJ3vyxH4U5x8vzdBaBClgxl34xW3ff+6pfIBIPTa9flgO2vBeDb3BJxk+lW
NWlvzPNcB4Rf0+UMqeBcwnPtW4UKDLd86evrJ0Ln/YuoRT/UGIfcM1BvNi0anpit
tZiTJtWNPKD866BDMsUm6P6nttmoR1ddDUCOYkrufdzRlESVdNSb7EEGypXvifY+
9nB08Q8m6wi9fB6wHEzqvrXexvWkF1xeMIxeOw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:41 2024 by rpki-client on console-fra.rpki-client.org