Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/7XfVJV2X6JcLFMpUFf9zNUNC1mk.roa
File: 7XfVJV2X6JcLFMpUFf9zNUNC1mk.roa (raw, json)
Hash identifier: 8v5875WMVjv0GHDlmY9oNuoX4ecKqGCRnbhv7E47RGI=
Subject key identifier: ED:77:D5:25:5D:97:E8:97:0B:14:CA:54:15:FF:73:35:43:42:D6:69
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018AD5EA280EC7ABAF182010BBD6D0D43D58
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/7XfVJV2X6JcLFMpUFf9zNUNC1mk.roa
Signing time: Wed 27 Sep 2023 09:13:27 +0000
ROA not before: Wed 27 Sep 2023 09:13:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 185.255.99.0/24 maxlen: 24
89.39.242.0/24 maxlen: 24
194.56.152.0/23 maxlen: 24
185.243.140.0/22 maxlen: 24
94.231.198.0/24 maxlen: 24
185.212.11.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
185.40.105.0/24 maxlen: 24
194.242.28.0/23 maxlen: 24
195.149.127.0/24 maxlen: 24
193.46.211.0/24 maxlen: 24
91.242.70.0/23 maxlen: 24
45.149.160.0/22 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.75.0/24 maxlen: 24
89.40.161.0/24 maxlen: 24
195.138.105.0/24 maxlen: 24
195.138.103.0/24 maxlen: 24
195.138.104.0/24 maxlen: 24
195.138.106.0/24 maxlen: 24
185.15.136.0/23 maxlen: 24
80.94.81.0/24 maxlen: 24
80.94.80.0/24 maxlen: 24
80.94.80.0/23 maxlen: 23
193.163.101.0/24 maxlen: 24
45.67.117.0/24 maxlen: 24
45.15.64.0/24 maxlen: 24
45.15.64.0/22 maxlen: 22
45.15.66.0/24 maxlen: 24
45.15.67.0/24 maxlen: 24
45.15.65.0/24 maxlen: 24
194.180.238.0/24 maxlen: 24
194.213.10.0/24 maxlen: 24
185.173.247.0/24 maxlen: 24
89.32.126.0/24 maxlen: 24
92.118.108.0/24 maxlen: 24
176.126.223.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d5:ea:28:0e:c7:ab:af:18:20:10:bb:d6:d0:d4:3d:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Sep 27 09:13:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ed77d5255d97e8970b14ca5415ff73354342d669
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:e0:24:16:28:49:bf:2d:b0:cc:cf:98:b4:8e:
15:aa:6b:8b:e7:cc:c9:28:e8:4f:9a:7a:9e:d8:68:
32:cc:96:f2:2e:0e:e2:80:cf:3c:d5:81:1d:71:1f:
62:e7:af:5b:b4:79:89:b5:d0:6a:1c:be:3a:c9:9c:
16:57:53:92:09:01:2f:de:58:c6:e7:94:da:7d:aa:
81:2d:9e:ff:94:3d:66:51:ed:cd:28:b3:3e:b0:f1:
36:34:39:d8:dd:f2:5c:3a:82:bb:17:f2:e8:e2:0d:
1b:35:fb:b9:9d:4b:da:8f:6a:54:05:45:b8:6b:99:
f5:af:5e:08:84:d5:e8:a7:ba:27:b0:32:26:ea:6d:
9b:d0:96:0a:84:20:92:45:e4:e1:7c:c2:69:4b:e8:
10:0e:23:bb:1d:e3:7a:2d:6c:9b:ff:c2:6f:6c:86:
dd:d7:48:25:2f:34:f0:13:cd:f9:bc:d1:37:66:fe:
85:8d:fc:9f:48:05:43:d7:38:5c:67:22:5d:32:3b:
5f:fd:5c:b4:b2:7a:94:69:28:65:e8:5c:17:48:f2:
f1:a2:60:0b:c1:fe:83:9d:30:6a:f8:d0:1b:d2:2b:
54:27:8e:69:6f:9c:1e:87:5e:d6:53:8e:51:99:fa:
0d:58:e9:2e:ff:29:5c:3e:2f:8a:ae:a1:1a:9d:25:
f4:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:77:D5:25:5D:97:E8:97:0B:14:CA:54:15:FF:73:35:43:42:D6:69
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/7XfVJV2X6JcLFMpUFf9zNUNC1mk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.64.0/22
45.67.117.0/24
45.149.160.0/22
80.94.80.0/23
89.32.126.0/24
89.39.242.0/24
89.40.161.0/24
91.242.70.0-91.242.73.255
91.242.75.0/24
91.242.103.0/24
92.118.108.0/24
94.231.198.0/24
176.126.223.0/24
185.15.136.0/23
185.40.105.0/24
185.173.247.0/24
185.212.11.0/24
185.243.140.0/22
185.255.99.0/24
193.46.211.0/24
193.163.101.0/24
194.56.152.0/23
194.180.238.0/24
194.213.10.0/24
194.242.28.0/23
195.138.103.0-195.138.106.255
195.149.127.0/24
Signature Algorithm: sha256WithRSAEncryption
36:cd:30:ec:e5:50:86:84:51:39:4d:82:30:43:c2:63:24:cf:
48:44:3d:d0:1e:d5:92:be:92:5c:1e:97:5e:80:28:11:15:27:
3b:83:1e:f6:af:fe:f1:ca:f6:46:5e:93:5f:96:bb:2f:b6:80:
54:fe:ab:62:af:4c:7e:6b:e8:98:3f:e5:25:62:3a:2f:fd:28:
c1:2f:d1:fb:39:6c:41:be:72:ed:f3:ee:ee:e2:e9:d0:4a:b8:
12:f5:65:b1:b2:47:2d:e5:02:6f:42:30:8c:b2:c4:4a:df:9f:
3f:4c:59:51:b8:1a:c3:c2:4b:a0:cb:27:5d:0b:84:1f:63:46:
41:5a:52:7b:a3:e3:7a:f3:35:97:b5:61:ac:d0:bc:da:3d:71:
41:bf:c1:65:74:ee:6a:0b:da:7f:d8:d6:76:16:d0:77:e2:ef:
89:74:cf:62:53:b5:f7:d9:89:06:92:73:9c:3c:b7:55:7c:4c:
f7:35:f9:91:a1:24:ec:63:15:53:a1:db:e3:ff:a0:0b:9f:20:
d4:99:66:2a:5b:28:de:8b:46:a5:27:27:15:e0:38:55:fd:90:
ea:9c:b0:fb:3d:2d:15:83:dd:82:1b:38:bd:4a:65:21:d0:6b:
24:c1:94:83:6c:3b:f7:cb:37:35:65:cb:76:dd:76:60:48:40:
b5:66:c3:28
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgISAYrV6igOx6uvGCAQu9bQ1D1YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwOTI3MDkxMzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDc3ZDUyNTVkOTdlODk3MGIxNGNhNTQxNWZmNzMzNTQzNDJkNjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2eAkFihJvy2wzM+YtI4VqmuL58zJ
KOhPmnqe2GgyzJbyLg7igM881YEdcR9i569btHmJtdBqHL46yZwWV1OSCQEv3ljG
55TafaqBLZ7/lD1mUe3NKLM+sPE2NDnY3fJcOoK7F/Lo4g0bNfu5nUvaj2pUBUW4
a5n1r14IhNXop7onsDIm6m2b0JYKhCCSReThfMJpS+gQDiO7HeN6LWyb/8JvbIbd
10glLzTwE835vNE3Zv6FjfyfSAVD1zhcZyJdMjtf/Vy0snqUaShl6FwXSPLxomAL
wf6DnTBq+NAb0itUJ45pb5weh17WU45RmfoNWOku/ylcPi+KrqEanSX0xwIDAQAB
o4ICujCCArYwHQYDVR0OBBYEFO131SVdl+iXCxTKVBX/czVDQtZpMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvN1hmVkpWMlg2SmNMRk1wVUZmOXpOVU5DMW1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHPBggrBgEFBQcBBwEB/wSBvzCBvDCBuQQCAAEwgbIDBAIt
D0ADBAAtQ3UDBAItlaADBAFQXlADBABZIH4DBABZJ/IDBABZKKEwDAMEAVvyRgME
AVvySAMEAFvySwMEAFvyZwMEAFx2bAMEAF7nxgMEALB+3wMEAbkPiAMEALkoaQME
ALmt9wMEALnUCwMEArnzjAMEALn/YwMEAMEu0wMEAMGjZQMEAcI4mAMEAMK07gME
AMLVCgMEAcLyHDAMAwQAw4pnAwQAw4pqAwQAw5V/MA0GCSqGSIb3DQEBCwUAA4IB
AQA2zTDs5VCGhFE5TYIwQ8JjJM9IRD3QHtWSvpJcHpdegCgRFSc7gx72r/7xyvZG
XpNflrsvtoBU/qtir0x+a+iYP+UlYjov/SjBL9H7OWxBvnLt8+7u4unQSrgS9WWx
skct5QJvQjCMssRK358/TFlRuBrDwkugyyddC4QfY0ZBWlJ7o+N68zWXtWGs0Lza
PXFBv8FldO5qC9p/2NZ2FtB34u+JdM9iU7X32YkGknOcPLdVfEz3NfmRoSTsYxVT
odvj/6ALnyDUmWYqWyjei0alJycV4DhV/ZDqnLD7PS0Vg92CGzi9SmUh0GskwZSD
bDv3yzc1Zct23XZgSEC1ZsMo
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:26 2024 by rpki-client on console-ams.rpki-client.org