Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/6gYUquB1FqFU0mD8MjY-vy73SAI.roa
File: 6gYUquB1FqFU0mD8MjY-vy73SAI.roa (raw, json)
Hash identifier: IFWxDgzwHsXGeteU2fJHwsqWv6I+4MCFupHZvannrz0=
Subject key identifier: EA:06:14:AA:E0:75:16:A1:54:D2:60:FC:32:36:3E:BF:2E:F7:48:02
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 14BBF992
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/6gYUquB1FqFU0mD8MjY-vy73SAI.roa
Signing time: Wed 20 Apr 2022 09:55:21 +0000
ROA not before: Wed 20 Apr 2022 09:55:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 193.31.104.0/22 maxlen: 22
194.50.206.0/23 maxlen: 23
194.50.200.0/23 maxlen: 23
195.138.96.0/19 maxlen: 24
45.150.44.0/22 maxlen: 22
85.159.117.0/24 maxlen: 24
45.140.32.0/22 maxlen: 22
212.90.116.0/22 maxlen: 22
45.91.84.0/22 maxlen: 22
45.143.44.0/22 maxlen: 22
45.95.88.0/22 maxlen: 22
195.216.156.0/22 maxlen: 22
45.151.196.0/22 maxlen: 22
91.242.105.0/24 maxlen: 24
91.242.100.0/23 maxlen: 23
91.242.108.0/22 maxlen: 22
193.37.200.0/22 maxlen: 22
91.242.120.0/21 maxlen: 21
45.143.252.0/22 maxlen: 22
185.173.244.0/22 maxlen: 24
185.145.80.0/22 maxlen: 22
62.182.100.0/23 maxlen: 23
45.83.12.0/22 maxlen: 22
91.242.64.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 347863442 (0x14bbf992)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Apr 20 09:55:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ea0614aae07516a154d260fc32363ebf2ef74802
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:bd:b3:17:37:12:49:6f:17:e8:80:67:20:5e:
1d:c5:39:1d:d4:2f:6c:56:4e:23:89:65:db:b3:1c:
d0:f2:42:a8:11:24:5e:c7:f0:50:56:9d:ad:b9:48:
3a:8f:47:d8:49:4b:c3:09:4e:7a:a6:d4:dd:65:c1:
23:e5:a5:7e:63:9d:bb:f4:ba:53:e8:d5:8b:a4:ec:
f7:a6:57:c8:99:c0:27:e6:ad:cf:f9:e8:38:4f:53:
76:0d:b2:2e:1b:16:0f:2b:ae:3e:6a:6f:ad:3f:d5:
02:e7:e6:b8:cc:ec:73:e5:8f:f3:f5:ea:5e:95:72:
fc:5b:b3:7e:ea:ad:73:61:8a:3e:89:61:6b:8d:e3:
32:8c:a4:25:b0:20:11:62:25:55:98:80:68:a6:9b:
39:f3:a2:cc:5c:38:9d:09:f4:86:a8:4d:21:b7:c6:
c4:73:72:34:8c:e0:e2:7f:37:11:20:ca:a7:a0:3c:
09:10:ff:cd:f3:17:2e:ce:0a:d0:c0:f1:ff:35:de:
97:47:e0:bc:7d:d0:63:2b:a5:10:b2:06:30:6c:7f:
10:1d:83:fe:6d:79:93:a1:20:44:10:1a:bb:69:39:
f2:6d:6f:0f:ba:6b:5c:ec:6b:73:a0:a8:ef:0d:56:
35:28:30:00:b2:90:04:04:a5:d4:ed:13:dd:66:0d:
f5:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:06:14:AA:E0:75:16:A1:54:D2:60:FC:32:36:3E:BF:2E:F7:48:02
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/6gYUquB1FqFU0mD8MjY-vy73SAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.12.0/22
45.91.84.0/22
45.95.88.0/22
45.140.32.0/22
45.143.44.0/22
45.143.252.0/22
45.150.44.0/22
45.151.196.0/22
62.182.100.0/23
85.159.117.0/24
91.242.64.0/22
91.242.100.0/23
91.242.105.0/24
91.242.108.0/22
91.242.120.0/21
185.145.80.0/22
185.173.244.0/22
193.31.104.0/22
193.37.200.0/22
194.50.200.0/23
194.50.206.0/23
195.138.96.0/19
195.216.156.0/22
212.90.116.0/22
Signature Algorithm: sha256WithRSAEncryption
53:42:36:1d:f7:f0:49:2a:af:1c:38:24:b6:83:1c:d3:53:c8:
c6:fc:89:9f:32:2b:4b:82:f1:a1:87:4c:1d:55:2b:49:2e:cf:
0b:36:50:51:91:8a:52:e3:0f:38:63:c2:88:d5:86:43:4b:bd:
aa:e5:c1:a5:cf:db:19:13:f8:a0:56:fa:0e:eb:76:d4:ae:3a:
a2:d1:5d:48:de:59:0b:6c:80:dd:3f:c2:65:f1:ed:ce:51:30:
c5:8c:5a:18:a7:92:08:c8:8e:79:cc:57:04:8a:09:4c:60:c4:
8b:b8:ad:7b:16:9e:c9:4d:1c:b1:96:55:a0:4d:89:43:0d:18:
a0:0e:19:93:e2:1c:a9:85:a9:f1:57:05:1d:48:ac:1f:ca:42:
4a:27:3f:53:7d:1b:c7:a2:d4:5d:33:f9:53:1e:4d:36:b2:1d:
b2:10:39:2d:c3:4d:f7:2e:c3:51:1f:aa:85:4f:3a:62:03:1d:
73:5b:0c:a1:43:f1:cb:8d:30:8e:8d:5b:5d:7a:a5:54:dc:0e:
55:17:bd:e2:31:51:cd:91:ac:cd:1d:5d:67:35:8a:72:69:32:
e9:92:b6:37:0f:cc:64:3a:39:62:6c:67:40:fc:bd:09:47:96:
35:fe:c3:ba:9c:ec:d1:67:aa:7c:21:15:c5:ca:52:39:0a:ca:
81:55:37:29
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgIEFLv5kjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmFiMzA2ODM4NTllYzdlMDIwNmZlOTI2NTM2M2U4ZTM5NzFhOWE4MB4XDTIyMDQy
MDA5NTUyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWEwNjE0YWFlMDc1
MTZhMTU0ZDI2MGZjMzIzNjNlYmYyZWY3NDgwMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMW9sxc3EklvF+iAZyBeHcU5HdQvbFZOI4ll27Mc0PJCqBEk
XsfwUFadrblIOo9H2ElLwwlOeqbU3WXBI+WlfmOdu/S6U+jVi6Ts96ZXyJnAJ+at
z/noOE9Tdg2yLhsWDyuuPmpvrT/VAufmuMzsc+WP8/XqXpVy/Fuzfuqtc2GKPolh
a43jMoykJbAgEWIlVZiAaKabOfOizFw4nQn0hqhNIbfGxHNyNIzg4n83ESDKp6A8
CRD/zfMXLs4K0MDx/zXel0fgvH3QYyulELIGMGx/EB2D/m15k6EgRBAau2k58m1v
D7prXOxrc6Co7w1WNSgwALKQBASl1O0T3WYN9SMCAwEAAaOCApgwggKUMB0GA1Ud
DgQWBBTqBhSq4HUWoVTSYPwyNj6/LvdIAjAfBgNVHSMEGDAWgBSLqzBoOFnsfgIG
/pJlNj6OOXGpqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k2c3dhRGhaN0g0Q0J2NlNaVFktampseHFhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8x
LzZnWVVxdUIxRnFGVTBtRDhNalktdnk3M1NBSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
ODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8xL2k2c3dhRGhaN0g0
Q0J2NlNaVFktampseHFhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
rQYIKwYBBQUHAQcBAf8EgZ0wgZowgZcEAgABMIGQAwQCLVMMAwQCLVtUAwQCLV9Y
AwQCLYwgAwQCLY8sAwQCLY/8AwQCLZYsAwQCLZfEAwQBPrZkAwQAVZ91AwQCW/JA
AwQBW/JkAwQAW/JpAwQCW/JsAwQDW/J4AwQCuZFQAwQCua30AwQCwR9oAwQCwSXI
AwQBwjLIAwQBwjLOAwQFw4pgAwQCw9icAwQC1Fp0MA0GCSqGSIb3DQEBCwUAA4IB
AQBTQjYd9/BJKq8cOCS2gxzTU8jG/ImfMitLgvGhh0wdVStJLs8LNlBRkYpS4w84
Y8KI1YZDS72q5cGlz9sZE/igVvoO63bUrjqi0V1I3lkLbIDdP8Jl8e3OUTDFjFoY
p5IIyI55zFcEiglMYMSLuK17Fp7JTRyxllWgTYlDDRigDhmT4hyphanxVwUdSKwf
ykJKJz9TfRvHotRdM/lTHk02sh2yEDktw033LsNRH6qFTzpiAx1zWwyhQ/HLjTCO
jVtdeqVU3A5VF73iMVHNkazNHV1nNYpyaTLpkrY3D8xkOjlibGdA/L0JR5Y1/sO6
nOzRZ6p8IRXFylI5CsqBVTcp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:26 2024 by rpki-client on console-ams.rpki-client.org