Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/P1mchJhJqQ9X0q0Hdylviz2sIXs.roa
File: P1mchJhJqQ9X0q0Hdylviz2sIXs.roa (raw, json)
Hash identifier: +53owxFFcJoyxBoQZSfSkC4fEYaEoEoJTogTTBsPvAc=
Subject key identifier: 3F:59:9C:84:98:49:A9:0F:57:D2:AD:07:77:29:6F:8B:3D:AC:21:7B
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 14AEE886
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/P1mchJhJqQ9X0q0Hdylviz2sIXs.roa
Signing time: Thu 14 Apr 2022 14:55:48 +0000
ROA not before: Thu 14 Apr 2022 14:55:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 193.31.104.0/22 maxlen: 22
85.159.117.0/24 maxlen: 24
212.90.116.0/22 maxlen: 22
45.95.88.0/22 maxlen: 22
195.216.156.0/22 maxlen: 22
91.242.105.0/24 maxlen: 24
91.242.100.0/23 maxlen: 23
91.242.108.0/22 maxlen: 22
91.242.120.0/21 maxlen: 21
91.242.64.0/22 maxlen: 22
194.50.206.0/23 maxlen: 23
194.50.200.0/23 maxlen: 23
195.138.96.0/19 maxlen: 24
45.150.44.0/22 maxlen: 22
45.140.32.0/22 maxlen: 22
45.91.84.0/22 maxlen: 22
45.143.44.0/22 maxlen: 22
45.86.16.0/22 maxlen: 22
45.151.196.0/22 maxlen: 22
193.37.200.0/22 maxlen: 22
45.143.252.0/22 maxlen: 22
185.173.244.0/22 maxlen: 24
185.145.80.0/22 maxlen: 22
62.182.100.0/23 maxlen: 23
45.83.12.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 347007110 (0x14aee886)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Apr 14 14:55:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3f599c849849a90f57d2ad0777296f8b3dac217b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:93:af:32:e7:88:06:18:f5:98:92:82:9d:57:
08:2c:ca:d9:09:d3:8b:c5:de:0d:b8:d3:c0:a9:1d:
9b:24:b8:7d:e1:7f:92:f3:25:41:92:61:e0:a1:77:
a4:96:2b:f6:2b:77:67:a6:69:98:ca:a2:ee:34:7c:
69:6c:56:fa:4c:de:8b:10:5f:d4:9f:6d:00:c4:b8:
fe:51:7c:61:99:76:14:59:6a:33:cb:35:f4:bd:72:
bd:81:35:49:76:cc:f9:5b:2c:2d:9d:3e:a6:06:ec:
27:8a:dd:46:d5:61:b3:ea:5b:ad:7c:b6:35:9d:83:
5c:61:1d:18:a0:0f:d5:1c:b5:70:75:bf:fb:dd:8e:
86:78:4e:1a:e1:83:67:d9:d3:ef:b3:1c:29:3d:b8:
eb:bb:c2:8a:fe:df:c8:9e:0b:f6:9c:d2:12:57:e7:
9d:03:43:fe:c9:47:3f:fc:7f:80:ac:f2:8b:2a:8c:
59:7b:c8:71:6a:3f:85:74:21:73:04:11:68:da:30:
e8:9e:33:ff:24:de:2b:ce:f4:71:82:96:40:48:ca:
16:10:dc:d6:7a:ba:c4:d4:32:85:fd:93:48:72:f7:
7a:99:ce:4d:ae:d8:04:67:86:ab:b7:24:73:52:a5:
a4:b1:b9:26:8c:84:13:c3:9e:09:77:3e:bd:f7:4b:
c3:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:59:9C:84:98:49:A9:0F:57:D2:AD:07:77:29:6F:8B:3D:AC:21:7B
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/P1mchJhJqQ9X0q0Hdylviz2sIXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.12.0/22
45.86.16.0/22
45.91.84.0/22
45.95.88.0/22
45.140.32.0/22
45.143.44.0/22
45.143.252.0/22
45.150.44.0/22
45.151.196.0/22
62.182.100.0/23
85.159.117.0/24
91.242.64.0/22
91.242.100.0/23
91.242.105.0/24
91.242.108.0/22
91.242.120.0/21
185.145.80.0/22
185.173.244.0/22
193.31.104.0/22
193.37.200.0/22
194.50.200.0/23
194.50.206.0/23
195.138.96.0/19
195.216.156.0/22
212.90.116.0/22
Signature Algorithm: sha256WithRSAEncryption
a4:f6:f7:03:cf:bb:01:00:e9:7f:8e:08:35:e2:08:b7:5a:9c:
30:89:45:a6:04:51:fa:6d:42:b9:4f:4c:e3:27:5e:29:99:8a:
33:d5:31:5b:75:62:94:5d:20:bc:d3:f8:18:85:d5:80:94:e8:
bb:28:3b:94:1d:1f:ff:81:02:09:dd:1b:2a:ba:b1:c5:88:c4:
be:da:67:79:36:7f:98:0e:5f:4f:80:88:45:b7:93:c2:f1:24:
a2:50:65:65:df:6a:4c:45:6f:ca:eb:6d:80:df:7e:1f:2f:01:
49:a1:da:cb:55:8c:b8:d6:33:cf:92:bc:d0:d3:0f:b0:0b:57:
d4:eb:3d:76:32:14:26:52:98:c8:72:bd:a3:94:9b:da:b8:41:
fb:75:5b:15:82:85:af:91:ef:5f:83:36:3b:ce:f9:25:78:81:
dc:00:94:5b:fb:dc:e2:4c:5a:98:26:3b:f8:14:32:29:4b:96:
73:96:a9:6a:b4:92:f5:f2:d7:93:4d:c6:9d:61:6b:38:b4:6b:
37:ee:cd:58:a5:36:ac:b1:52:9f:9a:3b:cc:1e:ee:e9:c6:12:
c1:29:9c:a0:17:98:80:c0:20:ff:65:ce:69:37:20:39:64:50:
36:cb:69:58:8b:25:df:f8:b0:aa:45:6e:32:c6:74:6f:d9:bb:
42:e9:5f:e3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIEFK7ohjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmFiMzA2ODM4NTllYzdlMDIwNmZlOTI2NTM2M2U4ZTM5NzFhOWE4MB4XDTIyMDQx
NDE0NTU0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2Y1OTljODQ5ODQ5
YTkwZjU3ZDJhZDA3NzcyOTZmOGIzZGFjMjE3YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOOTrzLniAYY9ZiSgp1XCCzK2QnTi8XeDbjTwKkdmyS4feF/
kvMlQZJh4KF3pJYr9it3Z6ZpmMqi7jR8aWxW+kzeixBf1J9tAMS4/lF8YZl2FFlq
M8s19L1yvYE1SXbM+VssLZ0+pgbsJ4rdRtVhs+pbrXy2NZ2DXGEdGKAP1Ry1cHW/
+92OhnhOGuGDZ9nT77McKT2467vCiv7fyJ4L9pzSElfnnQND/slHP/x/gKzyiyqM
WXvIcWo/hXQhcwQRaNow6J4z/yTeK870cYKWQEjKFhDc1nq6xNQyhf2TSHL3epnO
Ta7YBGeGq7ckc1KlpLG5JoyEE8OeCXc+vfdLw7sCAwEAAaOCAp4wggKaMB0GA1Ud
DgQWBBQ/WZyEmEmpD1fSrQd3KW+LPawhezAfBgNVHSMEGDAWgBSLqzBoOFnsfgIG
/pJlNj6OOXGpqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k2c3dhRGhaN0g0Q0J2NlNaVFktampseHFhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8x
L1AxbWNoSmhKcVE5WDBxMEhkeWx2aXoyc0lYcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
ODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8xL2k2c3dhRGhaN0g0
Q0J2NlNaVFktampseHFhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
swYIKwYBBQUHAQcBAf8EgaMwgaAwgZ0EAgABMIGWAwQCLVMMAwQCLVYQAwQCLVtU
AwQCLV9YAwQCLYwgAwQCLY8sAwQCLY/8AwQCLZYsAwQCLZfEAwQBPrZkAwQAVZ91
AwQCW/JAAwQBW/JkAwQAW/JpAwQCW/JsAwQDW/J4AwQCuZFQAwQCua30AwQCwR9o
AwQCwSXIAwQBwjLIAwQBwjLOAwQFw4pgAwQCw9icAwQC1Fp0MA0GCSqGSIb3DQEB
CwUAA4IBAQCk9vcDz7sBAOl/jgg14gi3WpwwiUWmBFH6bUK5T0zjJ14pmYoz1TFb
dWKUXSC80/gYhdWAlOi7KDuUHR//gQIJ3RsqurHFiMS+2md5Nn+YDl9PgIhFt5PC
8SSiUGVl32pMRW/K622A334fLwFJodrLVYy41jPPkrzQ0w+wC1fU6z12MhQmUpjI
cr2jlJvauEH7dVsVgoWvke9fgzY7zvkleIHcAJRb+9ziTFqYJjv4FDIpS5Zzlqlq
tJL18teTTcadYWs4tGs37s1YpTassVKfmjvMHu7pxhLBKZygF5iAwCD/Zc5pNyA5
ZFA2y2lYiyXf+LCqRW4yxnRv2btC6V/j
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:26 2024 by rpki-client on console-ams.rpki-client.org