Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/J6bcCDWhD8QmzALBzUcyhuw2gWI.roa
File: J6bcCDWhD8QmzALBzUcyhuw2gWI.roa (raw, json)
Hash identifier: 3wEQjhti3SoOYEyC8hpcIlriC2V9yW/5aQoM5B/EoDc=
Subject key identifier: 27:A6:DC:08:35:A1:0F:C4:26:CC:02:C1:CD:47:32:86:EC:36:81:62
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 0192964EB084A5122522E37C72CCF737B656
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/J6bcCDWhD8QmzALBzUcyhuw2gWI.roa
Signing time: Wed 16 Oct 2024 17:09:52 +0000
ROA not before: Wed 16 Oct 2024 17:09:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 2.56.0.0/22 maxlen: 22
45.67.117.0/24 maxlen: 24
45.150.168.0/22 maxlen: 22
45.151.196.0/22 maxlen: 22
89.40.161.0/24 maxlen: 24
91.242.70.0/24 maxlen: 24
91.242.71.0/24 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.75.0/24 maxlen: 24
91.242.105.0/24 maxlen: 24
91.242.123.0/24 maxlen: 24
91.242.124.0/24 maxlen: 24
91.242.125.0/24 maxlen: 24
91.242.126.0/24 maxlen: 24
91.242.127.0/24 maxlen: 24
185.40.105.0/24 maxlen: 24
185.173.244.0/24 maxlen: 24
193.31.104.0/22 maxlen: 22
194.50.200.0/24 maxlen: 24
194.50.201.0/24 maxlen: 24
194.180.238.0/24 maxlen: 24
195.138.104.0/22 maxlen: 24
195.138.104.0/24 maxlen: 24
195.138.107.0/24 maxlen: 24
195.138.109.0/24 maxlen: 24
195.138.110.0/24 maxlen: 24
195.138.111.0/24 maxlen: 24
195.138.113.0/24 maxlen: 24
195.138.114.0/24 maxlen: 24
195.138.115.0/24 maxlen: 24
195.138.118.0/24 maxlen: 24
195.138.124.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:96:4e:b0:84:a5:12:25:22:e3:7c:72:cc:f7:37:b6:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Oct 16 17:09:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=27a6dc0835a10fc426cc02c1cd473286ec368162
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:b6:8f:d0:f5:cd:a4:b3:43:a4:6c:0e:5a:56:
d6:84:09:55:ae:61:43:24:a1:d6:02:4f:48:8b:ce:
f3:34:7c:37:6c:58:59:18:c0:3d:f0:3a:87:a9:75:
50:6b:cd:07:ff:65:0f:21:f1:30:d7:9f:e2:7f:e7:
dd:08:8d:78:c6:e4:9c:7e:d2:ba:0e:00:dd:3c:bf:
d9:02:64:6a:c0:5a:1a:06:e5:26:3c:d2:3d:d1:c8:
96:74:1b:2a:e8:64:55:f0:32:f6:03:c7:00:cf:04:
58:03:df:fe:e3:c3:bc:53:cf:3a:3c:7e:8c:5f:38:
3f:bd:fa:37:df:0d:b2:eb:05:27:a0:1d:10:bf:82:
96:e7:71:68:5d:89:0b:02:0c:e1:8c:ff:c9:aa:15:
5c:ac:94:22:b1:e0:51:a4:42:4c:6f:08:7e:51:4c:
b7:ab:bf:4a:23:a5:01:44:5f:bf:02:db:79:c7:bf:
07:41:1a:5b:96:e6:72:0f:86:74:df:b1:67:75:c9:
b1:33:cc:82:18:82:38:21:94:cc:08:7e:6a:88:ec:
4e:98:f7:46:86:c1:bd:cd:e1:2e:a5:2a:f4:c5:b9:
76:69:cf:ce:96:df:38:76:19:a3:3f:fd:06:dc:8b:
10:97:6a:57:58:6c:83:53:1e:57:96:71:db:79:3d:
65:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:A6:DC:08:35:A1:0F:C4:26:CC:02:C1:CD:47:32:86:EC:36:81:62
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/J6bcCDWhD8QmzALBzUcyhuw2gWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.0.0/22
45.67.117.0/24
45.150.168.0/22
45.151.196.0/22
89.40.161.0/24
91.242.70.0-91.242.73.255
91.242.75.0/24
91.242.105.0/24
91.242.123.0-91.242.127.255
185.40.105.0/24
185.173.244.0/24
193.31.104.0/22
194.50.200.0/23
194.180.238.0/24
195.138.104.0/22
195.138.109.0-195.138.111.255
195.138.113.0-195.138.115.255
195.138.118.0/24
195.138.124.0/22
Signature Algorithm: sha256WithRSAEncryption
6d:9d:fe:10:24:0d:f9:4c:34:af:47:3d:10:41:f2:0c:3f:aa:
80:3d:66:e3:a8:b9:f2:d8:c1:54:d1:91:c2:73:c9:9b:04:c5:
83:5f:c7:07:34:0b:a2:18:92:de:08:54:e0:75:43:5d:f2:9d:
f0:1a:06:6f:72:4f:84:ad:aa:25:ca:68:7e:5f:2a:59:b1:30:
38:88:ba:35:ad:86:da:da:37:57:d5:54:31:c4:0d:ef:7f:79:
32:8c:d7:95:ec:19:8b:3b:ba:2f:66:63:c2:e5:33:79:f7:78:
cd:fd:6a:ea:dd:76:a3:af:94:d2:b8:cf:1e:4f:d9:d3:c8:67:
ea:40:eb:99:fc:8f:ec:4e:bf:75:2d:4c:e8:b7:19:83:1d:32:
70:47:69:6b:48:84:75:46:00:ca:f9:7b:0b:da:2e:65:ff:b5:
18:80:f9:5e:ac:34:dc:01:1c:2e:f1:6f:f5:a8:65:1d:3c:f3:
1b:9b:b3:75:a2:d1:a9:6f:28:01:1f:17:a7:cb:ae:67:77:b8:
1c:a5:28:37:b3:a1:48:b0:14:b8:07:05:42:e6:96:e1:a9:17:
53:9c:90:54:e7:f8:5d:57:f4:e9:6c:99:8f:a8:ed:71:aa:ab:
e1:b1:c3:9a:13:ac:54:08:5c:57:cd:e5:62:a7:85:6a:d2:f0:
67:c9:1c:fd
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgISAZKWTrCEpRIlIuN8csz3N7ZWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQxMDE2MTcwOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2E2ZGMwODM1YTEwZmM0MjZjYzAyYzFjZDQ3MzI4NmVjMzY4MTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLaP0PXNpLNDpGwOWlbWhAlVrmFD
JKHWAk9Ii87zNHw3bFhZGMA98DqHqXVQa80H/2UPIfEw15/if+fdCI14xuScftK6
DgDdPL/ZAmRqwFoaBuUmPNI90ciWdBsq6GRV8DL2A8cAzwRYA9/+48O8U886PH6M
Xzg/vfo33w2y6wUnoB0Qv4KW53FoXYkLAgzhjP/JqhVcrJQiseBRpEJMbwh+UUy3
q79KI6UBRF+/Att5x78HQRpbluZyD4Z037FndcmxM8yCGII4IZTMCH5qiOxOmPdG
hsG9zeEupSr0xbl2ac/Olt84dhmjP/0G3IsQl2pXWGyDUx5XlnHbeT1lSQIDAQAB
o4ICmjCCApYwHQYDVR0OBBYEFCem3Ag1oQ/EJswCwc1HMobsNoFiMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvSjZiY0NEV2hEOFFtekFMQnpVY3lodXcyZ1dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGvBggrBgEFBQcBBwEB/wSBnzCBnDCBmQQCAAEwgZIDBAIC
OAADBAAtQ3UDBAItlqgDBAItl8QDBABZKKEwDAMEAVvyRgMEAVvySAMEAFvySwME
AFvyaTAMAwQAW/J7AwQHW/IAAwQAuShpAwQAua30AwQCwR9oAwQBwjLIAwQAwrTu
AwQCw4poMAwDBADDim0DBATDimAwDAMEAMOKcQMEAsOKcAMEAMOKdgMEAsOKfDAN
BgkqhkiG9w0BAQsFAAOCAQEAbZ3+ECQN+Uw0r0c9EEHyDD+qgD1m46i58tjBVNGR
wnPJmwTFg1/HBzQLohiS3ghU4HVDXfKd8BoGb3JPhK2qJcpofl8qWbEwOIi6Na2G
2to3V9VUMcQN7395MozXlewZizu6L2ZjwuUzefd4zf1q6t12o6+U0rjPHk/Z08hn
6kDrmfyP7E6/dS1M6LcZgx0ycEdpa0iEdUYAyvl7C9ouZf+1GID5Xqw03AEcLvFv
9ahlHTzzG5uzdaLRqW8oAR8Xp8uuZ3e4HKUoN7OhSLAUuAcFQuaW4akXU5yQVOf4
XVf06WyZj6jtcaqr4bHDmhOsVAhcV83lYqeFatLwZ8kc/Q==
-----END CERTIFICATE-----
Generated at Tue Nov 19 16:31:00 2024 by rpki-client on console-ams.rpki-client.org