Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/K3Je-cdkBXnGS1v7vnueVgvFvLk.roa
File: K3Je-cdkBXnGS1v7vnueVgvFvLk.roa (raw, json)
Hash identifier: tKlQyxA3GE7+ELTD79nbffbUB9CE8Hr3JHZ9YSyzmfI=
Subject key identifier: 2B:72:5E:F9:C7:64:05:79:C6:4B:5B:FB:BE:7B:9E:56:0B:C5:BC:B9
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 0181EDE581E2F87CD5ECD62A4123DC6344C0
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/K3Je-cdkBXnGS1v7vnueVgvFvLk.roa
Signing time: Mon 11 Jul 2022 15:34:10 +0000
ROA not before: Mon 11 Jul 2022 15:34:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 185.115.92.0/22 maxlen: 22
2.59.204.0/22 maxlen: 22
91.214.200.0/22 maxlen: 22
91.242.81.0/24 maxlen: 24
194.35.52.0/22 maxlen: 22
91.242.105.0/24 maxlen: 24
91.242.100.0/23 maxlen: 23
91.242.108.0/22 maxlen: 22
91.242.107.0/24 maxlen: 24
91.242.120.0/21 maxlen: 21
91.242.64.0/22 maxlen: 22
194.50.188.0/23 maxlen: 23
194.50.206.0/23 maxlen: 23
195.138.96.0/19 maxlen: 24
194.50.200.0/23 maxlen: 23
2.57.152.0/22 maxlen: 22
45.140.32.0/22 maxlen: 22
45.128.20.0/22 maxlen: 22
194.50.184.0/23 maxlen: 23
95.214.152.0/22 maxlen: 22
45.150.168.0/22 maxlen: 22
45.15.244.0/22 maxlen: 22
45.150.180.0/22 maxlen: 22
2.56.0.0/22 maxlen: 22
185.173.244.0/22 maxlen: 24
2.57.212.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:ed:e5:81:e2:f8:7c:d5:ec:d6:2a:41:23:dc:63:44:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jul 11 15:34:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2b725ef9c7640579c64b5bfbbe7b9e560bc5bcb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:f7:9e:aa:ea:37:8d:86:dc:7f:03:2c:8a:49:
4b:8a:5b:19:19:4f:39:8d:90:87:60:09:a2:45:06:
25:8d:a7:47:f7:ba:61:4c:16:05:ca:37:79:30:ed:
b5:31:68:4d:db:39:a1:58:91:50:84:81:85:de:06:
d8:86:69:3f:d7:fc:01:db:53:4d:8f:56:49:a7:42:
df:c0:17:37:11:a2:a7:dd:bc:a3:74:20:fc:e0:15:
8f:d0:7b:77:cd:f5:dc:e0:d3:ba:75:f2:1d:6b:83:
ad:ea:49:fc:17:b6:c0:34:65:96:2c:b6:59:22:79:
33:ee:8c:14:54:9e:69:98:e9:82:d0:78:f6:5f:4b:
e9:6b:22:ed:c3:d5:4e:37:fe:59:3b:f3:bb:20:58:
e2:15:d7:06:36:8d:20:a9:2d:ab:4e:b1:e0:85:62:
ed:a1:3b:ef:fc:b0:ff:f2:5b:f7:9f:ef:58:be:1d:
89:e7:97:b8:bf:b0:7a:f6:9b:bd:95:71:3c:4f:b1:
5d:c0:3f:cf:c3:c3:56:59:48:ec:f9:cb:25:01:01:
67:b4:c8:98:9c:8b:19:48:43:79:09:85:cf:c5:5c:
35:74:66:4d:2f:2a:d4:8b:a3:e0:28:7c:d1:ac:e4:
b0:f6:de:a7:4b:0d:d0:9e:ed:18:50:74:cb:30:c3:
0d:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:72:5E:F9:C7:64:05:79:C6:4B:5B:FB:BE:7B:9E:56:0B:C5:BC:B9
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/K3Je-cdkBXnGS1v7vnueVgvFvLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.0.0/22
2.57.152.0/22
2.57.212.0/22
2.59.204.0/22
45.15.244.0/22
45.128.20.0/22
45.140.32.0/22
45.150.168.0/22
45.150.180.0/22
91.214.200.0/22
91.242.64.0/22
91.242.81.0/24
91.242.100.0/23
91.242.105.0/24
91.242.107.0-91.242.111.255
91.242.120.0/21
95.214.152.0/22
185.115.92.0/22
185.173.244.0/22
194.35.52.0/22
194.50.184.0/23
194.50.188.0/23
194.50.200.0/23
194.50.206.0/23
195.138.96.0/19
Signature Algorithm: sha256WithRSAEncryption
1d:81:c1:93:a9:ad:c5:ab:67:b3:48:61:0d:ab:72:6c:92:51:
38:7e:22:76:98:3b:64:6b:e8:88:e1:ed:65:b0:e4:59:4b:d7:
41:78:e1:4e:8c:3e:f2:4d:b7:41:41:45:61:90:42:6e:01:9f:
a6:23:3b:b1:4e:cc:70:5d:12:53:01:00:26:53:8a:a5:b4:e5:
1f:3c:01:4a:fe:44:35:b6:af:02:70:6c:8a:91:6d:00:37:b8:
4a:80:e1:d2:8c:d5:3f:36:9d:db:a9:37:fc:c6:15:a4:64:40:
04:c2:27:c9:93:d3:fd:1b:39:87:ca:46:23:45:35:6e:cc:ce:
bc:80:34:0b:35:1c:36:65:9b:59:21:11:97:0c:0c:98:c4:46:
1e:8b:4d:a5:11:41:4d:27:f9:bf:f3:8a:6a:86:d5:ce:1c:79:
ca:b6:31:fe:48:4d:42:33:b4:44:cb:e6:c2:c8:1e:35:cf:4d:
2e:19:22:9c:b0:f0:d8:6e:c2:cc:58:73:65:b3:7d:af:69:52:
24:19:4c:00:98:ba:80:5c:09:e3:dd:70:89:f6:85:0c:a6:7e:
b7:17:5c:ee:73:97:2d:ff:88:1b:dd:9f:3e:aa:26:c9:99:bf:
85:95:70:8c:a2:c6:6b:b5:ab:8e:ed:0c:55:d8:9c:7d:73:a0:
07:f9:3b:e9
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAYHt5YHi+HzV7NYqQSPcY0TAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjIwNzExMTUzNDEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjcyNWVmOWM3NjQwNTc5YzY0YjViZmJiZTdiOWU1NjBiYzViY2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgveequo3jYbcfwMsiklLilsZGU85
jZCHYAmiRQYljadH97phTBYFyjd5MO21MWhN2zmhWJFQhIGF3gbYhmk/1/wB21NN
j1ZJp0LfwBc3EaKn3byjdCD84BWP0Ht3zfXc4NO6dfIda4Ot6kn8F7bANGWWLLZZ
Inkz7owUVJ5pmOmC0Hj2X0vpayLtw9VON/5ZO/O7IFjiFdcGNo0gqS2rTrHghWLt
oTvv/LD/8lv3n+9Yvh2J55e4v7B69pu9lXE8T7FdwD/Pw8NWWUjs+cslAQFntMiY
nIsZSEN5CYXPxVw1dGZNLyrUi6PgKHzRrOSw9t6nSw3Qnu0YUHTLMMMNjwIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFCtyXvnHZAV5xktb+757nlYLxby5MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvSzNKZS1jZGtCWG5HUzF2N3ZudWVWZ3ZGdkxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBpQQCAAEwgZ4DBAIC
OAADBAICOZgDBAICOdQDBAICO8wDBAItD/QDBAItgBQDBAItjCADBAItlqgDBAIt
lrQDBAJb1sgDBAJb8kADBABb8lEDBAFb8mQDBABb8mkwDAMEAFvyawMEBFvyYAME
A1vyeAMEAl/WmAMEArlzXAMEArmt9AMEAsIjNAMEAcIyuAMEAcIyvAMEAcIyyAME
AcIyzgMEBcOKYDANBgkqhkiG9w0BAQsFAAOCAQEAHYHBk6mtxatns0hhDatybJJR
OH4idpg7ZGvoiOHtZbDkWUvXQXjhTow+8k23QUFFYZBCbgGfpiM7sU7McF0SUwEA
JlOKpbTlHzwBSv5ENbavAnBsipFtADe4SoDh0ozVPzad26k3/MYVpGRABMInyZPT
/Rs5h8pGI0U1bszOvIA0CzUcNmWbWSERlwwMmMRGHotNpRFBTSf5v/OKaobVzhx5
yrYx/khNQjO0RMvmwsgeNc9NLhkinLDw2G7CzFhzZbN9r2lSJBlMAJi6gFwJ491w
ifaFDKZ+txdc7nOXLf+IG92fPqomyZm/hZVwjKLGa7Wrju0MVdicfXOgB/k76Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:41 2024 by rpki-client on console-fra.rpki-client.org