Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/PYphB0yWo8UwUi-TDdPq1px9nyY.roa
File: PYphB0yWo8UwUi-TDdPq1px9nyY.roa (raw, json)
Hash identifier: V6+8EWOYp1PtUNFC3SSNqid1hlZfiZjRihvKL6SfFVg=
Subject key identifier: 3D:8A:61:07:4C:96:A3:C5:30:52:2F:93:0D:D3:EA:D6:9C:7D:9F:26
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 0183B849696446431B42AF4BBC0D1881B153
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/PYphB0yWo8UwUi-TDdPq1px9nyY.roa
Signing time: Sat 08 Oct 2022 15:49:22 +0000
ROA not before: Sat 08 Oct 2022 15:49:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 5.182.28.0/22 maxlen: 22
45.140.32.0/22 maxlen: 22
45.88.124.0/22 maxlen: 22
194.56.152.0/23 maxlen: 24
91.242.81.0/24 maxlen: 24
185.212.11.0/24 maxlen: 24
91.242.105.0/24 maxlen: 24
91.242.107.0/24 maxlen: 24
45.150.180.0/22 maxlen: 22
194.242.28.0/23 maxlen: 24
185.173.247.0/24 maxlen: 24
193.46.211.0/24 maxlen: 24
91.242.64.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:b8:49:69:64:46:43:1b:42:af:4b:bc:0d:18:81:b1:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Oct 8 15:49:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3d8a61074c96a3c530522f930dd3ead69c7d9f26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:b4:62:ad:25:82:5c:bf:ae:88:e6:0e:26:a9:
5f:35:5c:82:b2:13:82:91:d5:24:75:71:b4:bb:50:
71:7c:27:f3:a7:84:af:e0:43:e6:1f:08:75:51:1a:
ff:d3:c9:61:a3:ce:08:bf:1f:2b:14:46:b4:f3:fd:
3d:20:98:5d:c0:5f:fd:4e:bf:19:5b:af:b9:a0:47:
fd:c6:d0:1a:63:61:a3:47:0a:96:07:56:71:94:17:
de:f4:68:42:03:15:a4:ca:fd:e9:28:8c:ba:84:18:
d6:1d:46:64:8a:18:3e:8e:24:25:52:4d:e5:56:00:
f1:92:fe:26:e8:5a:21:b6:51:9d:d9:8e:d6:fc:3a:
6e:50:42:18:f8:8a:d4:e4:0a:56:da:e1:ca:1c:ee:
0a:b2:54:53:4f:88:d1:4a:05:b6:92:ab:a8:92:cc:
cf:c8:b3:51:56:d4:ff:a8:d1:ab:d4:7a:5c:63:83:
1a:5c:75:e7:a0:65:61:c6:e8:ae:96:37:49:6d:c4:
d9:e6:4b:44:ee:ba:a7:c1:31:17:4f:5c:05:d6:90:
b9:fc:85:71:1b:4e:bf:62:1c:a5:cf:12:c4:09:0b:
5a:3d:66:98:1d:a7:ff:08:9e:1c:f9:00:16:e9:5d:
1d:eb:63:49:db:b4:62:6c:56:fa:0a:08:51:1a:a2:
98:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:8A:61:07:4C:96:A3:C5:30:52:2F:93:0D:D3:EA:D6:9C:7D:9F:26
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/PYphB0yWo8UwUi-TDdPq1px9nyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.28.0/22
45.88.124.0/22
45.140.32.0/22
45.150.180.0/22
91.242.64.0/22
91.242.81.0/24
91.242.105.0/24
91.242.107.0/24
185.173.247.0/24
185.212.11.0/24
193.46.211.0/24
194.56.152.0/23
194.242.28.0/23
Signature Algorithm: sha256WithRSAEncryption
36:e9:57:c3:9b:de:ed:11:61:07:e1:71:ad:f0:46:06:e7:3d:
bf:f3:85:15:96:8c:e6:a1:15:4b:09:0a:27:e0:9a:b5:f7:03:
51:c5:a4:e4:99:89:c9:10:40:9b:f3:ec:e3:45:c4:a8:94:ff:
f8:8e:9f:e3:d9:03:21:38:63:58:ac:b1:e9:21:11:45:88:f3:
e5:01:ea:f2:52:70:66:a0:16:f2:f4:27:0e:16:fc:25:c4:6e:
27:21:b1:38:57:85:80:a0:19:e8:a1:4c:0e:19:c1:ac:52:9a:
5d:22:09:33:d3:cc:6e:14:f2:20:73:8a:3c:27:07:5a:70:1d:
4c:31:dc:34:85:b4:6d:39:6a:25:be:62:08:c6:b2:f8:68:0d:
70:cd:5c:2a:4c:62:83:a9:05:60:11:1b:78:4b:c1:2b:21:8a:
b8:3e:97:29:72:6b:fc:6f:6e:b7:fa:60:51:51:75:ed:aa:9e:
60:a2:28:1f:ef:44:48:f9:f1:b1:91:b6:e9:72:50:80:30:fd:
70:d3:54:bf:34:e1:3e:d9:fa:06:18:7b:b6:7e:02:6a:a2:26:
06:e4:8e:1f:52:b4:59:72:55:8b:d8:b6:10:40:1b:df:62:28:
24:24:a6:1b:86:67:6f:2b:6b:54:a0:f5:3f:33:e3:1d:53:3d:
96:63:b7:50
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYO4SWlkRkMbQq9LvA0YgbFTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjIxMDA4MTU0OTIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDhhNjEwNzRjOTZhM2M1MzA1MjJmOTMwZGQzZWFkNjljN2Q5ZjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh7RirSWCXL+uiOYOJqlfNVyCshOC
kdUkdXG0u1BxfCfzp4Sv4EPmHwh1URr/08lho84Ivx8rFEa08/09IJhdwF/9Tr8Z
W6+5oEf9xtAaY2GjRwqWB1ZxlBfe9GhCAxWkyv3pKIy6hBjWHUZkihg+jiQlUk3l
VgDxkv4m6FohtlGd2Y7W/DpuUEIY+IrU5ApW2uHKHO4KslRTT4jRSgW2kquokszP
yLNRVtT/qNGr1HpcY4MaXHXnoGVhxuiuljdJbcTZ5ktE7rqnwTEXT1wF1pC5/IVx
G06/YhylzxLECQtaPWaYHaf/CJ4c+QAW6V0d62NJ27RibFb6CghRGqKYPwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFD2KYQdMlqPFMFIvkw3T6tacfZ8mMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvUFlwaEIweVdvOFV3VWktVERkUHExcHg5bnlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQCBbYcAwQC
LVh8AwQCLYwgAwQCLZa0AwQCW/JAAwQAW/JRAwQAW/JpAwQAW/JrAwQAua33AwQA
udQLAwQAwS7TAwQBwjiYAwQBwvIcMA0GCSqGSIb3DQEBCwUAA4IBAQA26VfDm97t
EWEH4XGt8EYG5z2/84UVlozmoRVLCQon4Jq19wNRxaTkmYnJEECb8+zjRcSolP/4
jp/j2QMhOGNYrLHpIRFFiPPlAeryUnBmoBby9CcOFvwlxG4nIbE4V4WAoBnooUwO
GcGsUppdIgkz08xuFPIgc4o8JwdacB1MMdw0hbRtOWolvmIIxrL4aA1wzVwqTGKD
qQVgERt4S8ErIYq4Ppcpcmv8b263+mBRUXXtqp5goigf70RI+fGxkbbpclCAMP1w
01S/NOE+2foGGHu2fgJqoiYG5I4fUrRZclWL2LYQQBvfYigkJKYbhmdvK2tUoPU/
M+MdUz2WY7dQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:41 2024 by rpki-client on console-fra.rpki-client.org