Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/L23eUYRza8sRZ4mcUFgUwUJAmPY.roa
File: L23eUYRza8sRZ4mcUFgUwUJAmPY.roa (raw, json)
Hash identifier: YaNIP7UA1+YEJcdT0901HInXza2bfG6E9FcjqakfMpk=
Subject key identifier: 2F:6D:DE:51:84:73:6B:CB:11:67:89:9C:50:58:14:C1:42:40:98:F6
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 0186FE4431F9EA43FFA13682CB6F68F33959
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/L23eUYRza8sRZ4mcUFgUwUJAmPY.roa
Signing time: Mon 20 Mar 2023 09:05:27 +0000
ROA not before: Mon 20 Mar 2023 09:05:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 89.39.242.0/24 maxlen: 24
194.56.152.0/23 maxlen: 24
94.231.198.0/24 maxlen: 24
91.242.81.0/24 maxlen: 24
185.212.11.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
91.242.107.0/24 maxlen: 24
45.89.44.0/22 maxlen: 24
185.40.105.0/24 maxlen: 24
194.242.28.0/23 maxlen: 24
86.104.19.0/24 maxlen: 24
193.46.211.0/24 maxlen: 24
193.203.127.0/24 maxlen: 24
89.40.35.0/24 maxlen: 24
91.242.70.0/23 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.74.0/24 maxlen: 24
91.242.75.0/24 maxlen: 24
89.40.161.0/24 maxlen: 24
195.138.105.0/24 maxlen: 24
195.138.103.0/24 maxlen: 24
195.138.104.0/24 maxlen: 24
86.104.192.0/24 maxlen: 24
195.138.106.0/24 maxlen: 24
45.140.32.0/22 maxlen: 22
80.94.81.0/24 maxlen: 24
80.94.80.0/24 maxlen: 24
80.94.80.0/23 maxlen: 23
45.67.117.0/24 maxlen: 24
45.15.64.0/24 maxlen: 24
91.239.59.0/24 maxlen: 24
45.15.64.0/22 maxlen: 22
45.15.66.0/24 maxlen: 24
45.15.67.0/24 maxlen: 24
45.15.65.0/24 maxlen: 24
45.150.180.0/22 maxlen: 22
194.213.10.0/24 maxlen: 24
185.173.247.0/24 maxlen: 24
176.126.223.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:fe:44:31:f9:ea:43:ff:a1:36:82:cb:6f:68:f3:39:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Mar 20 09:05:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2f6dde5184736bcb1167899c505814c1424098f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:85:bd:fe:fa:d4:78:c2:69:49:4a:16:53:d0:
58:d7:ad:98:4a:2c:b9:b6:ed:52:db:82:4e:06:1c:
eb:5e:dc:34:61:0d:16:9e:2d:77:17:a8:58:89:8a:
34:0c:96:93:1b:1b:ce:10:33:ba:a2:bb:d2:d2:d4:
99:38:f1:eb:fb:b1:9e:7c:56:68:47:46:a5:1c:d7:
a2:7a:b5:c4:a9:98:c1:e4:12:3f:eb:72:11:4e:48:
8e:4a:c7:fa:ee:7c:33:fb:dd:37:65:99:30:4c:d1:
de:2c:d4:1e:11:ca:a4:ac:78:c2:60:d4:2d:2e:d1:
d9:66:bb:aa:82:75:21:58:eb:31:33:89:b2:e2:d9:
e4:37:7a:88:35:97:50:c9:82:13:44:1c:16:8c:14:
0a:22:20:79:a7:bb:7d:a2:7d:f1:9e:7f:f6:75:08:
e9:9f:68:70:66:c5:76:4b:01:5c:8c:03:b1:c6:fe:
f0:c4:6d:45:c0:6d:98:e4:6a:c6:21:76:06:d8:32:
e1:16:90:40:a7:9c:b3:32:96:23:55:f0:16:e7:79:
cc:7e:52:58:4b:8d:3f:32:ff:d7:8a:7f:4c:65:74:
47:bd:7d:fd:29:82:f5:85:09:19:af:02:6a:b1:8c:
7a:2f:62:9c:ad:a6:8e:98:6d:51:96:77:75:35:25:
19:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:6D:DE:51:84:73:6B:CB:11:67:89:9C:50:58:14:C1:42:40:98:F6
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/L23eUYRza8sRZ4mcUFgUwUJAmPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.64.0/22
45.67.117.0/24
45.89.44.0/22
45.140.32.0/22
45.150.180.0/22
80.94.80.0/23
86.104.19.0/24
86.104.192.0/24
89.39.242.0/24
89.40.35.0/24
89.40.161.0/24
91.239.59.0/24
91.242.70.0-91.242.75.255
91.242.81.0/24
91.242.103.0/24
91.242.107.0/24
94.231.198.0/24
176.126.223.0/24
185.40.105.0/24
185.173.247.0/24
185.212.11.0/24
193.46.211.0/24
193.203.127.0/24
194.56.152.0/23
194.213.10.0/24
194.242.28.0/23
195.138.103.0-195.138.106.255
Signature Algorithm: sha256WithRSAEncryption
4a:48:63:93:97:29:f0:51:6a:af:cc:84:55:99:47:43:39:f7:
4c:44:54:17:6c:ca:f5:52:e3:52:0b:82:16:40:0f:48:a9:2b:
72:c1:8a:7d:8e:5e:8b:a6:9d:c3:69:73:48:1c:14:4c:ac:49:
a3:63:e4:db:87:f7:ae:50:7e:f8:8d:87:08:df:0c:ef:5d:03:
73:62:15:de:95:d6:ba:c6:63:1c:ba:bd:d2:3b:79:5d:c3:42:
49:19:b2:bc:17:db:6a:05:18:2f:e8:02:52:13:33:da:13:96:
94:b9:8f:54:c0:7c:91:82:bf:e3:67:03:3a:9d:b7:6b:41:a6:
4f:ca:c6:b5:4a:e2:7c:17:5e:7b:8e:56:38:8a:c6:3f:6c:64:
12:af:cb:50:cb:81:c3:d6:6e:40:ba:86:3a:7f:74:d4:78:f1:
b9:85:ea:b2:f2:23:cc:2d:15:24:fa:12:e3:46:d1:07:0c:10:
fc:80:27:30:d3:65:89:df:d8:46:33:fa:82:f3:5e:65:40:4e:
cd:81:57:99:b3:6b:7d:a4:22:45:99:89:b6:33:cc:bc:1a:48:
80:18:65:af:cb:b2:9b:5e:fa:47:a0:33:63:1c:f5:e5:86:ac:
c8:a8:65:13:64:2e:8a:5f:b7:39:58:b4:83:b2:32:e3:69:aa:
ff:1e:09:b9
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgISAYb+RDH56kP/oTaCy29o8zlZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwMzIwMDkwNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjZkZGU1MTg0NzM2YmNiMTE2Nzg5OWM1MDU4MTRjMTQyNDA5OGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAioW9/vrUeMJpSUoWU9BY162YSiy5
tu1S24JOBhzrXtw0YQ0Wni13F6hYiYo0DJaTGxvOEDO6orvS0tSZOPHr+7GefFZo
R0alHNeierXEqZjB5BI/63IRTkiOSsf67nwz+903ZZkwTNHeLNQeEcqkrHjCYNQt
LtHZZruqgnUhWOsxM4my4tnkN3qINZdQyYITRBwWjBQKIiB5p7t9on3xnn/2dQjp
n2hwZsV2SwFcjAOxxv7wxG1FwG2Y5GrGIXYG2DLhFpBAp5yzMpYjVfAW53nMflJY
S40/Mv/Xin9MZXRHvX39KYL1hQkZrwJqsYx6L2KcraaOmG1Rlnd1NSUZNwIDAQAB
o4ICujCCArYwHQYDVR0OBBYEFC9t3lGEc2vLEWeJnFBYFMFCQJj2MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvTDIzZVVZUnphOHNSWjRtY1VGZ1V3VUpBbVBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHPBggrBgEFBQcBBwEB/wSBvzCBvDCBuQQCAAEwgbIDBAIt
D0ADBAAtQ3UDBAItWSwDBAItjCADBAItlrQDBAFQXlADBABWaBMDBABWaMADBABZ
J/IDBABZKCMDBABZKKEDBABb7zswDAMEAVvyRgMEAlvySAMEAFvyUQMEAFvyZwME
AFvyawMEAF7nxgMEALB+3wMEALkoaQMEALmt9wMEALnUCwMEAMEu0wMEAMHLfwME
AcI4mAMEAMLVCgMEAcLyHDAMAwQAw4pnAwQAw4pqMA0GCSqGSIb3DQEBCwUAA4IB
AQBKSGOTlynwUWqvzIRVmUdDOfdMRFQXbMr1UuNSC4IWQA9IqStywYp9jl6Lpp3D
aXNIHBRMrEmjY+Tbh/euUH74jYcI3wzvXQNzYhXelda6xmMcur3SO3ldw0JJGbK8
F9tqBRgv6AJSEzPaE5aUuY9UwHyRgr/jZwM6nbdrQaZPysa1SuJ8F157jlY4isY/
bGQSr8tQy4HD1m5AuoY6f3TUePG5heqy8iPMLRUk+hLjRtEHDBD8gCcw02WJ39hG
M/qC815lQE7NgVeZs2t9pCJFmYm2M8y8GkiAGGWvy7KbXvpHoDNjHPXlhqzIqGUT
ZC6KX7c5WLSDsjLjaar/Hgm5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:26 2024 by rpki-client on console-ams.rpki-client.org