Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/HTbGJWVrEZRM2Z49-VGKHvt1JWM.roa
File: HTbGJWVrEZRM2Z49-VGKHvt1JWM.roa (raw, json)
Hash identifier: pASrf7fMY8GzXumtPyruHvhzcMazBIJeU3ZOI9kSKEg=
Subject key identifier: 1D:36:C6:25:65:6B:11:94:4C:D9:9E:3D:F9:51:8A:1E:FB:75:25:63
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018A93F76E5750D99DE0AE17F21B3F30630C
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/HTbGJWVrEZRM2Z49-VGKHvt1JWM.roa
Signing time: Thu 14 Sep 2023 13:53:00 +0000
ROA not before: Thu 14 Sep 2023 13:53:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 185.255.99.0/24 maxlen: 24
89.39.242.0/24 maxlen: 24
194.56.152.0/23 maxlen: 24
185.243.140.0/22 maxlen: 24
94.231.198.0/24 maxlen: 24
185.212.11.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
185.40.105.0/24 maxlen: 24
194.242.28.0/23 maxlen: 24
195.149.127.0/24 maxlen: 24
193.46.211.0/24 maxlen: 24
91.242.70.0/23 maxlen: 24
45.149.160.0/22 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.75.0/24 maxlen: 24
89.40.161.0/24 maxlen: 24
195.138.105.0/24 maxlen: 24
195.138.103.0/24 maxlen: 24
195.138.104.0/24 maxlen: 24
195.138.106.0/24 maxlen: 24
185.15.136.0/23 maxlen: 24
80.94.81.0/24 maxlen: 24
80.94.80.0/24 maxlen: 24
80.94.80.0/23 maxlen: 23
45.67.117.0/24 maxlen: 24
45.15.64.0/24 maxlen: 24
45.15.64.0/22 maxlen: 22
45.15.66.0/24 maxlen: 24
45.15.67.0/24 maxlen: 24
45.15.65.0/24 maxlen: 24
194.180.238.0/24 maxlen: 24
194.213.10.0/24 maxlen: 24
185.173.247.0/24 maxlen: 24
89.32.126.0/24 maxlen: 24
92.118.108.0/24 maxlen: 24
176.126.223.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:93:f7:6e:57:50:d9:9d:e0:ae:17:f2:1b:3f:30:63:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Sep 14 13:53:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d36c625656b11944cd99e3df9518a1efb752563
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:75:f5:b5:14:3c:4e:9b:f7:5c:af:ae:fc:9d:
0c:41:87:49:bf:d1:1a:eb:1a:c5:08:af:21:03:9e:
00:d8:35:d4:8e:6e:69:28:58:36:10:1d:17:ae:55:
fa:a8:75:4f:92:1f:6b:0c:f2:04:b2:11:af:63:73:
83:12:22:04:53:54:22:a0:4b:8d:f2:08:a9:f2:23:
f9:7b:4f:3d:c8:74:d4:93:25:b0:06:72:72:e9:15:
db:df:b8:f2:4e:63:f9:a6:3a:0e:99:61:d2:db:81:
5a:d5:ce:84:2e:68:35:40:96:0e:98:58:ba:4e:c5:
cf:63:cc:29:5a:90:b9:79:78:f8:b5:43:26:fc:c3:
e4:af:d1:73:ad:c3:26:bc:f3:03:d1:05:68:93:76:
1e:45:c5:8a:0d:b4:e1:bf:aa:8b:97:d8:7a:b6:f7:
1c:b5:65:b9:93:0b:09:17:e5:31:dd:3a:7c:7b:72:
88:5d:09:da:ae:14:b0:e5:5e:e9:e7:98:b2:31:64:
3a:ca:1f:44:df:d0:3c:14:b9:a4:68:f8:81:fa:f8:
20:79:3e:8e:1e:48:88:c2:a3:f6:63:6f:23:3f:9f:
63:80:2d:bf:67:0b:ee:3c:05:26:05:96:4b:c9:27:
f6:8a:24:6e:a2:37:7b:ac:53:4f:88:91:ff:aa:b8:
a5:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:36:C6:25:65:6B:11:94:4C:D9:9E:3D:F9:51:8A:1E:FB:75:25:63
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/HTbGJWVrEZRM2Z49-VGKHvt1JWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.64.0/22
45.67.117.0/24
45.149.160.0/22
80.94.80.0/23
89.32.126.0/24
89.39.242.0/24
89.40.161.0/24
91.242.70.0-91.242.73.255
91.242.75.0/24
91.242.103.0/24
92.118.108.0/24
94.231.198.0/24
176.126.223.0/24
185.15.136.0/23
185.40.105.0/24
185.173.247.0/24
185.212.11.0/24
185.243.140.0/22
185.255.99.0/24
193.46.211.0/24
194.56.152.0/23
194.180.238.0/24
194.213.10.0/24
194.242.28.0/23
195.138.103.0-195.138.106.255
195.149.127.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:a2:5e:f3:3e:92:26:ae:de:3d:51:86:f5:4d:23:bc:21:74:
e0:f2:be:01:7b:05:92:65:3b:03:5c:19:64:8b:dd:79:de:79:
39:46:0f:5e:6e:d8:53:b0:de:cc:f6:76:51:ec:81:ef:b1:de:
d7:33:ef:34:06:28:26:37:a4:44:99:90:7e:99:02:f7:8a:1a:
4d:d1:0b:cf:23:d4:bc:d5:d7:29:38:d2:09:ee:44:ab:48:51:
64:f4:7d:33:6e:7b:ba:33:39:14:87:c8:93:f4:3b:6e:87:a5:
40:08:8d:de:95:01:f7:f5:0b:d1:f9:99:37:de:c4:08:dc:26:
64:ee:e1:d5:24:50:c3:b0:31:96:16:78:c6:85:67:8a:d7:d1:
95:c3:17:b6:71:36:ed:c5:f0:b2:cc:82:03:e1:ee:b4:d1:b7:
86:15:29:77:84:ea:d2:8f:ab:35:20:e8:06:cb:3e:29:20:93:
cb:4b:cb:61:df:23:b9:dc:5a:a4:17:cc:7f:58:0f:46:43:20:
b3:48:16:5f:37:6e:b9:05:43:14:16:26:c1:45:9a:fd:68:a1:
cb:17:ac:31:d3:c0:3b:82:b6:14:e3:ee:ac:75:fd:fc:a1:27:
2a:45:88:76:14:4a:d0:80:9f:90:1c:37:83:20:99:63:cb:eb:
dc:93:93:6f
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAYqT925XUNmd4K4X8hs/MGMMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwOTE0MTM1MzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDM2YzYyNTY1NmIxMTk0NGNkOTllM2RmOTUxOGExZWZiNzUyNTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXX1tRQ8Tpv3XK+u/J0MQYdJv9Ea
6xrFCK8hA54A2DXUjm5pKFg2EB0XrlX6qHVPkh9rDPIEshGvY3ODEiIEU1QioEuN
8gip8iP5e089yHTUkyWwBnJy6RXb37jyTmP5pjoOmWHS24Fa1c6ELmg1QJYOmFi6
TsXPY8wpWpC5eXj4tUMm/MPkr9FzrcMmvPMD0QVok3YeRcWKDbThv6qLl9h6tvcc
tWW5kwsJF+Ux3Tp8e3KIXQnarhSw5V7p55iyMWQ6yh9E39A8FLmkaPiB+vggeT6O
HkiIwqP2Y28jP59jgC2/ZwvuPAUmBZZLySf2iiRuojd7rFNPiJH/qrilJwIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFB02xiVlaxGUTNmePflRih77dSVjMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvSFRiR0pXVnJFWlJNMlo0OS1WR0tIdnQxSldNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHJBggrBgEFBQcBBwEB/wSBuTCBtjCBswQCAAEwgawDBAIt
D0ADBAAtQ3UDBAItlaADBAFQXlADBABZIH4DBABZJ/IDBABZKKEwDAMEAVvyRgME
AVvySAMEAFvySwMEAFvyZwMEAFx2bAMEAF7nxgMEALB+3wMEAbkPiAMEALkoaQME
ALmt9wMEALnUCwMEArnzjAMEALn/YwMEAMEu0wMEAcI4mAMEAMK07gMEAMLVCgME
AcLyHDAMAwQAw4pnAwQAw4pqAwQAw5V/MA0GCSqGSIb3DQEBCwUAA4IBAQBaol7z
PpImrt49UYb1TSO8IXTg8r4BewWSZTsDXBlki9153nk5Rg9ebthTsN7M9nZR7IHv
sd7XM+80BigmN6REmZB+mQL3ihpN0QvPI9S81dcpONIJ7kSrSFFk9H0zbnu6MzkU
h8iT9Dtuh6VACI3elQH39QvR+Zk33sQI3CZk7uHVJFDDsDGWFnjGhWeK19GVwxe2
cTbtxfCyzIID4e600beGFSl3hOrSj6s1IOgGyz4pIJPLS8th3yO53FqkF8x/WA9G
QyCzSBZfN265BUMUFibBRZr9aKHLF6wx08A7grYU4+6sdf38oScqRYh2FErQgJ+Q
HDeDIJljy+vck5Nv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:26 2024 by rpki-client on console-ams.rpki-client.org