Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/_QLI3yGVU3YGfLR6H_hrUHWJiY8.roa
File: _QLI3yGVU3YGfLR6H_hrUHWJiY8.roa (raw, json)
Hash identifier: uTNRGxGvgTXm23hfDY5a+ZxYhn6APbcdjuTywN/7NKw=
Subject key identifier: FD:02:C8:DF:21:95:53:76:06:7C:B4:7A:1F:F8:6B:50:75:89:89:8F
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 0183B351FA29F0B30781E8DD90FCEEB6ADC9
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/_QLI3yGVU3YGfLR6H_hrUHWJiY8.roa
Signing time: Fri 07 Oct 2022 16:40:37 +0000
ROA not before: Fri 07 Oct 2022 16:40:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 5.182.28.0/22 maxlen: 22
45.140.32.0/22 maxlen: 22
45.88.124.0/22 maxlen: 22
194.56.152.0/23 maxlen: 24
91.242.81.0/24 maxlen: 24
185.212.11.0/24 maxlen: 24
91.242.105.0/24 maxlen: 24
91.242.108.0/22 maxlen: 22
91.242.107.0/24 maxlen: 24
91.242.120.0/21 maxlen: 21
45.150.180.0/22 maxlen: 22
194.242.28.0/23 maxlen: 24
185.173.247.0/24 maxlen: 24
193.46.211.0/24 maxlen: 24
91.242.64.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:b3:51:fa:29:f0:b3:07:81:e8:dd:90:fc:ee:b6:ad:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Oct 7 16:40:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fd02c8df21955376067cb47a1ff86b507589898f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:dc:d5:25:75:8c:16:7f:23:29:18:ee:b4:59:
f3:e9:63:73:a5:53:89:f3:80:d0:c6:59:83:e2:68:
24:27:29:d6:40:d5:21:ae:1e:0d:2d:9e:0a:56:ef:
73:14:31:2c:b0:aa:79:2e:3c:91:de:a3:7c:01:fe:
57:e9:2e:59:9d:33:ac:40:07:b0:60:67:a3:48:24:
80:ab:35:c8:8e:c6:09:33:f6:17:e2:14:e9:e4:4b:
4f:20:8a:35:16:41:83:96:ba:c7:a6:0c:3b:5a:69:
cb:4e:33:f1:ea:32:6f:70:81:35:a9:b7:9e:22:d5:
ca:73:32:61:03:d1:50:db:20:5e:08:45:78:9e:ba:
be:15:81:c1:46:23:c0:d0:f2:53:2e:1e:7d:3e:a2:
13:9a:d9:6a:05:0d:ce:cb:32:91:93:e3:a0:39:9e:
ab:5e:e5:bd:9f:55:36:cd:b8:18:fd:4f:2f:f5:dd:
f1:62:f9:4d:23:d0:b4:e3:c1:b7:74:85:e4:21:c1:
9a:98:0d:88:5f:0c:ee:94:8b:dc:1a:81:77:74:52:
82:e6:89:e8:c4:8c:c4:7b:e5:c6:6a:98:ae:58:6e:
8e:f2:d2:14:ef:66:5c:00:fe:70:67:3a:10:ae:72:
f0:f4:f8:41:a1:3f:e0:83:02:6c:dc:89:19:8b:f9:
e3:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:02:C8:DF:21:95:53:76:06:7C:B4:7A:1F:F8:6B:50:75:89:89:8F
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/_QLI3yGVU3YGfLR6H_hrUHWJiY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.28.0/22
45.88.124.0/22
45.140.32.0/22
45.150.180.0/22
91.242.64.0/22
91.242.81.0/24
91.242.105.0/24
91.242.107.0-91.242.111.255
91.242.120.0/21
185.173.247.0/24
185.212.11.0/24
193.46.211.0/24
194.56.152.0/23
194.242.28.0/23
Signature Algorithm: sha256WithRSAEncryption
7a:6b:f9:3f:ee:d6:b8:46:e6:2c:cf:61:87:49:38:10:0d:ad:
a4:67:53:d0:0f:7b:f3:30:07:91:fd:4c:c6:f7:62:c2:98:9d:
09:9c:32:90:be:2c:d6:b6:0d:39:55:15:c4:3f:53:80:ec:65:
ba:bf:fa:85:83:e2:e4:d0:60:dd:bc:8d:b7:59:a6:53:1b:dc:
e8:1b:35:0b:a0:de:ec:b9:0e:8f:c4:2f:74:9a:59:36:dd:5e:
0a:6b:6b:b0:fa:e2:ff:ad:a4:c4:c5:4d:e7:55:c6:61:b9:6a:
b8:da:42:2a:a6:6d:fd:a5:ba:9b:6f:67:6c:bb:9f:1f:02:81:
e4:0e:b3:10:cb:91:79:f6:f9:08:4c:72:75:98:b4:ff:27:2b:
71:33:40:d3:d0:8e:ce:21:f7:cf:5b:bd:22:fa:81:78:ec:bb:
3c:b2:c1:5e:80:fe:01:40:02:8a:d5:f4:23:75:15:d2:95:9d:
70:ca:70:c2:a8:53:76:e0:2f:2c:81:a6:5e:1d:88:f7:2d:51:
8f:5f:3d:ca:53:17:53:69:3c:50:46:ec:22:22:91:41:23:04:
b0:8a:b6:a9:f3:58:2d:8c:f0:92:cb:42:30:84:ca:b1:80:cb:
00:94:da:b0:42:af:33:41:b2:6c:56:12:a4:68:c7:a1:e7:3f:
05:a4:e7:01
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAYOzUfop8LMHgejdkPzutq3JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjIxMDA3MTY0MDM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDAyYzhkZjIxOTU1Mzc2MDY3Y2I0N2ExZmY4NmI1MDc1ODk4OThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidzVJXWMFn8jKRjutFnz6WNzpVOJ
84DQxlmD4mgkJynWQNUhrh4NLZ4KVu9zFDEssKp5LjyR3qN8Af5X6S5ZnTOsQAew
YGejSCSAqzXIjsYJM/YX4hTp5EtPIIo1FkGDlrrHpgw7WmnLTjPx6jJvcIE1qbee
ItXKczJhA9FQ2yBeCEV4nrq+FYHBRiPA0PJTLh59PqITmtlqBQ3OyzKRk+OgOZ6r
XuW9n1U2zbgY/U8v9d3xYvlNI9C048G3dIXkIcGamA2IXwzulIvcGoF3dFKC5ono
xIzEe+XGapiuWG6O8tIU72ZcAP5wZzoQrnLw9PhBoT/ggwJs3IkZi/njGwIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFP0CyN8hlVN2Bny0eh/4a1B1iYmPMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvX1FMSTN5R1ZVM1lHZkxSNkhfaHJVSFdKaVk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQCBbYcAwQC
LVh8AwQCLYwgAwQCLZa0AwQCW/JAAwQAW/JRAwQAW/JpMAwDBABb8msDBARb8mAD
BANb8ngDBAC5rfcDBAC51AsDBADBLtMDBAHCOJgDBAHC8hwwDQYJKoZIhvcNAQEL
BQADggEBAHpr+T/u1rhG5izPYYdJOBANraRnU9APe/MwB5H9TMb3YsKYnQmcMpC+
LNa2DTlVFcQ/U4DsZbq/+oWD4uTQYN28jbdZplMb3OgbNQug3uy5Do/EL3SaWTbd
Xgpra7D64v+tpMTFTedVxmG5arjaQiqmbf2luptvZ2y7nx8CgeQOsxDLkXn2+QhM
cnWYtP8nK3EzQNPQjs4h989bvSL6gXjsuzyywV6A/gFAAorV9CN1FdKVnXDKcMKo
U3bgLyyBpl4diPctUY9fPcpTF1NpPFBG7CIikUEjBLCKtqnzWC2M8JLLQjCEyrGA
ywCU2rBCrzNBsmxWEqRox6HnPwWk5wE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:41 2024 by rpki-client on console-fra.rpki-client.org