Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/VCmNdx1hVFDXjMup3I2PAXOA0tE.roa
File: VCmNdx1hVFDXjMup3I2PAXOA0tE.roa (raw, json)
Hash identifier: fL63UofxXc21TXkeD7vEx/clxpMpEWgGdgKLVaYQAec=
Subject key identifier: 54:29:8D:77:1D:61:54:50:D7:8C:CB:A9:DC:8D:8F:01:73:80:D2:D1
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018A6658C3E3BDEEBC347DC91E3F4F952541
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/VCmNdx1hVFDXjMup3I2PAXOA0tE.roa
Signing time: Tue 05 Sep 2023 17:16:47 +0000
ROA not before: Tue 05 Sep 2023 17:16:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 185.255.99.0/24 maxlen: 24
89.39.242.0/24 maxlen: 24
194.56.152.0/23 maxlen: 24
185.243.140.0/22 maxlen: 24
94.231.198.0/24 maxlen: 24
185.212.11.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
185.40.105.0/24 maxlen: 24
194.242.28.0/23 maxlen: 24
195.149.127.0/24 maxlen: 24
86.104.19.0/24 maxlen: 24
193.46.211.0/24 maxlen: 24
91.242.70.0/23 maxlen: 24
45.149.160.0/22 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.74.0/24 maxlen: 24
91.242.75.0/24 maxlen: 24
89.40.161.0/24 maxlen: 24
195.138.105.0/24 maxlen: 24
195.138.103.0/24 maxlen: 24
195.138.104.0/24 maxlen: 24
195.138.106.0/24 maxlen: 24
185.15.136.0/23 maxlen: 24
80.94.81.0/24 maxlen: 24
80.94.80.0/24 maxlen: 24
80.94.80.0/23 maxlen: 23
45.67.117.0/24 maxlen: 24
45.15.64.0/24 maxlen: 24
45.15.64.0/22 maxlen: 22
45.15.66.0/24 maxlen: 24
45.15.67.0/24 maxlen: 24
45.15.65.0/24 maxlen: 24
194.180.238.0/24 maxlen: 24
194.213.10.0/24 maxlen: 24
185.173.247.0/24 maxlen: 24
89.32.126.0/24 maxlen: 24
92.118.108.0/24 maxlen: 24
176.126.223.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:66:58:c3:e3:bd:ee:bc:34:7d:c9:1e:3f:4f:95:25:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Sep 5 17:16:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=54298d771d615450d78ccba9dc8d8f017380d2d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a7:8f:b3:6e:e9:51:0c:94:f2:3f:3b:97:91:
1a:26:d6:0e:43:55:65:36:1e:91:26:81:c3:09:8a:
b3:d6:d0:21:0e:1c:7d:b8:07:ac:da:23:d6:44:89:
ad:69:05:6b:d4:8c:b5:77:c6:ef:97:c4:8e:dc:7a:
09:b6:5a:32:db:95:40:04:eb:f2:5f:f2:b3:5f:f9:
94:f4:7f:07:76:78:29:70:32:70:4a:1b:0c:13:6e:
25:f1:31:3d:c7:93:6a:05:0e:fd:2c:4b:cc:f4:0a:
89:85:21:31:84:41:5a:17:29:0d:6c:73:92:2c:5b:
97:d0:8b:39:1a:dc:4a:9d:72:52:ee:e0:3b:71:78:
d1:0e:4e:75:c8:4a:1c:94:d3:98:50:e3:46:88:90:
51:cf:62:c3:97:4f:cd:dc:4a:49:32:98:4c:1a:22:
d0:66:ed:be:e2:f0:62:0a:ba:db:b4:8f:06:b6:ed:
5f:61:2d:a7:5e:07:0c:d5:cd:9f:5b:81:3b:bb:c1:
93:cb:86:3b:63:ac:a7:79:70:1b:83:c4:be:fa:6c:
25:68:31:44:f1:0c:d2:4e:9d:b0:38:26:90:3c:e4:
f7:54:ef:ce:0a:ef:9c:ed:35:d2:32:e6:74:70:72:
0c:62:e5:e1:8a:49:66:ff:80:ae:11:cf:c4:ce:86:
75:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:29:8D:77:1D:61:54:50:D7:8C:CB:A9:DC:8D:8F:01:73:80:D2:D1
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/VCmNdx1hVFDXjMup3I2PAXOA0tE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.64.0/22
45.67.117.0/24
45.149.160.0/22
80.94.80.0/23
86.104.19.0/24
89.32.126.0/24
89.39.242.0/24
89.40.161.0/24
91.242.70.0-91.242.75.255
91.242.103.0/24
92.118.108.0/24
94.231.198.0/24
176.126.223.0/24
185.15.136.0/23
185.40.105.0/24
185.173.247.0/24
185.212.11.0/24
185.243.140.0/22
185.255.99.0/24
193.46.211.0/24
194.56.152.0/23
194.180.238.0/24
194.213.10.0/24
194.242.28.0/23
195.138.103.0-195.138.106.255
195.149.127.0/24
Signature Algorithm: sha256WithRSAEncryption
30:e1:1e:29:38:6c:ad:7e:2b:ae:3a:c2:3e:89:b6:ae:30:65:
02:71:f9:a5:80:47:d0:0a:4b:8e:de:77:51:e0:53:1f:4c:85:
cd:30:c8:2f:99:22:a2:e1:c1:61:59:97:da:0a:c1:a1:c3:fa:
ed:bf:6c:24:63:2f:57:b7:9b:75:da:55:30:83:1e:3d:82:a0:
d7:62:ea:60:84:c6:34:99:1c:59:63:6b:a7:0c:f4:5f:cb:60:
9f:c8:a2:2f:03:4f:d7:48:cd:62:ce:0f:56:c2:06:dc:7d:c7:
2b:14:26:0a:fb:ec:9d:9f:4d:d1:55:e7:8a:96:19:1d:f6:78:
24:92:a5:30:55:40:88:76:ac:3e:d0:92:7c:7a:d8:7d:6a:e1:
10:d9:1b:6f:65:5a:4d:bc:91:30:31:bb:c1:1d:75:83:77:ad:
ed:5a:31:89:57:61:49:49:31:dc:15:e4:31:81:39:3e:81:8f:
d9:ae:06:c5:3d:5c:47:c5:ad:11:b7:22:cb:e6:79:32:20:53:
a4:e9:d5:e6:ed:1b:36:ea:62:cb:c2:e8:9d:15:0e:19:27:dd:
90:12:60:38:96:43:80:20:53:b5:57:c8:2d:b0:b6:e7:19:a9:
d3:03:6c:bf:c5:79:d3:e5:74:9f:47:70:d4:7d:e9:0e:0e:0d:
15:fd:61:e2
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAYpmWMPjve68NH3JHj9PlSVBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwOTA1MTcxNjQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDI5OGQ3NzFkNjE1NDUwZDc4Y2NiYTlkYzhkOGYwMTczODBkMmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaePs27pUQyU8j87l5EaJtYOQ1Vl
Nh6RJoHDCYqz1tAhDhx9uAes2iPWRImtaQVr1Iy1d8bvl8SO3HoJtloy25VABOvy
X/KzX/mU9H8HdngpcDJwShsME24l8TE9x5NqBQ79LEvM9AqJhSExhEFaFykNbHOS
LFuX0Is5GtxKnXJS7uA7cXjRDk51yEoclNOYUONGiJBRz2LDl0/N3EpJMphMGiLQ
Zu2+4vBiCrrbtI8Gtu1fYS2nXgcM1c2fW4E7u8GTy4Y7Y6yneXAbg8S++mwlaDFE
8QzSTp2wOCaQPOT3VO/OCu+c7TXSMuZ0cHIMYuXhiklm/4CuEc/EzoZ1RwIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFFQpjXcdYVRQ14zLqdyNjwFzgNLRMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvVkNtTmR4MWhWRkRYak11cDNJMlBBWE9BMHRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHJBggrBgEFBQcBBwEB/wSBuTCBtjCBswQCAAEwgawDBAIt
D0ADBAAtQ3UDBAItlaADBAFQXlADBABWaBMDBABZIH4DBABZJ/IDBABZKKEwDAME
AVvyRgMEAlvySAMEAFvyZwMEAFx2bAMEAF7nxgMEALB+3wMEAbkPiAMEALkoaQME
ALmt9wMEALnUCwMEArnzjAMEALn/YwMEAMEu0wMEAcI4mAMEAMK07gMEAMLVCgME
AcLyHDAMAwQAw4pnAwQAw4pqAwQAw5V/MA0GCSqGSIb3DQEBCwUAA4IBAQAw4R4p
OGytfiuuOsI+ibauMGUCcfmlgEfQCkuO3ndR4FMfTIXNMMgvmSKi4cFhWZfaCsGh
w/rtv2wkYy9Xt5t12lUwgx49gqDXYupghMY0mRxZY2unDPRfy2CfyKIvA0/XSM1i
zg9WwgbcfccrFCYK++ydn03RVeeKlhkd9ngkkqUwVUCIdqw+0JJ8eth9auEQ2Rtv
ZVpNvJEwMbvBHXWDd63tWjGJV2FJSTHcFeQxgTk+gY/ZrgbFPVxHxa0RtyLL5nky
IFOk6dXm7Rs26mLLwuidFQ4ZJ92QEmA4lkOAIFO1V8gtsLbnGanTA2y/xXnT5XSf
R3DUfekODg0V/WHi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:41 2024 by rpki-client on console-fra.rpki-client.org