Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/_vUf-K8KZ-r-AcQrXcNp1PNy2M4.roa
File: _vUf-K8KZ-r-AcQrXcNp1PNy2M4.roa (raw, json)
Hash identifier: 5rePXMm6H6nN/e4h7cyI7hwMz7o9qB3QEFdNVDYBcjA=
Subject key identifier: FE:F5:1F:F8:AF:0A:67:EA:FE:01:C4:2B:5D:C3:69:D4:F3:72:D8:CE
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018CC2DB25335F9493091ECD7C09C3195232
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/_vUf-K8KZ-r-AcQrXcNp1PNy2M4.roa
Signing time: Mon 01 Jan 2024 02:29:50 +0000
ROA not before: Mon 01 Jan 2024 02:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 194.180.238.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
185.40.105.0/24 maxlen: 24
194.213.10.0/24 maxlen: 24
194.242.28.0/23 maxlen: 24
185.173.247.0/24 maxlen: 24
45.67.117.0/24 maxlen: 24
91.242.71.0/24 maxlen: 24
91.242.72.0/23 maxlen: 24
94.231.198.0/24 maxlen: 24
194.56.153.0/24 maxlen: 24
91.242.75.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:25:33:5f:94:93:09:1e:cd:7c:09:c3:19:52:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 1 02:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fef51ff8af0a67eafe01c42b5dc369d4f372d8ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:2a:1c:d6:7e:e4:be:89:30:78:2b:f2:13:c5:
95:57:47:14:cd:5e:31:d3:59:13:63:3a:d9:39:0c:
5d:5d:3c:07:3c:65:57:2d:a6:dd:c5:7d:3c:53:5d:
58:c3:3a:7e:cb:88:6e:dd:5c:b6:5d:a0:09:75:69:
29:0b:c9:86:eb:27:74:0d:eb:b0:55:7f:2c:17:b5:
36:09:b2:f6:08:e8:8e:7a:cf:54:b9:54:1b:c3:d5:
6f:6e:5d:4b:bf:fb:4a:d0:90:f9:32:e1:47:e1:2a:
fc:7f:ed:79:d3:45:4e:de:b8:07:55:5d:37:5a:e9:
ae:f6:ae:c4:d8:02:f7:b1:b4:91:78:73:6c:e5:9e:
b4:73:a2:c6:2d:46:74:1c:9e:02:98:2d:53:46:4f:
90:3b:24:d2:64:49:8f:a5:2d:14:d8:51:78:3c:9b:
38:6a:bd:4f:7f:7f:9f:a7:92:14:3f:8e:15:46:51:
4e:0f:30:c8:0c:ab:ab:ff:64:99:a0:77:32:b0:e8:
f1:4d:28:07:7c:c3:80:38:b0:a9:9d:19:6e:95:4f:
7a:fb:f2:fa:ea:d6:25:d7:52:ab:c9:22:f0:a4:e3:
f3:2d:95:62:b4:b2:69:82:77:8d:62:06:11:88:e0:
03:b1:32:23:f7:a4:f5:64:39:a6:19:e7:0b:30:02:
9c:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:F5:1F:F8:AF:0A:67:EA:FE:01:C4:2B:5D:C3:69:D4:F3:72:D8:CE
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/_vUf-K8KZ-r-AcQrXcNp1PNy2M4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.117.0/24
91.242.71.0-91.242.73.255
91.242.75.0/24
91.242.103.0/24
94.231.198.0/24
185.40.105.0/24
185.173.247.0/24
194.56.153.0/24
194.180.238.0/24
194.213.10.0/24
194.242.28.0/23
Signature Algorithm: sha256WithRSAEncryption
b1:63:73:19:cd:01:1d:e6:a3:18:ce:f3:f9:3d:88:68:20:6b:
01:c3:77:70:f3:89:63:4f:93:92:8d:87:61:94:b6:97:be:a9:
8e:8f:43:25:9f:47:9a:a0:60:43:5e:db:c4:1c:cc:2a:1d:25:
31:82:6f:46:3c:a2:7b:f4:d8:e1:4a:46:43:68:ab:5c:60:29:
b8:51:37:93:b6:f2:6e:a7:14:2d:7c:d0:25:47:a5:48:78:37:
d1:23:bc:4c:3a:9d:c5:3f:4a:a3:00:15:50:9b:ce:03:bf:b5:
82:44:ca:60:76:b8:02:a6:93:b9:d7:1c:91:f6:1a:cf:bf:1a:
79:9c:ca:8a:48:af:40:8b:89:2a:b4:3a:5a:f3:0f:65:f4:f5:
33:df:79:97:ae:3b:32:cd:67:3c:50:bb:7b:8f:a3:a2:c6:d2:
00:e5:c3:a0:c7:73:36:fd:d3:82:09:f3:29:1e:a0:7e:92:0b:
57:6e:03:53:89:a0:30:1d:54:92:7e:e4:a8:5f:93:d9:47:0b:
74:92:de:90:8a:49:e9:a5:51:9c:51:d7:3e:fd:c6:54:bf:ed:
ba:43:ac:fd:56:33:b6:46:d9:b3:17:bf:b3:7a:87:4d:68:c8:
18:de:9c:1a:38:7b:42:07:2a:b7:e2:9a:7c:ef:69:26:bc:ce:
54:d8:29:ce
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYzC2yUzX5STCR7NfAnDGVIyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwMTAxMDIyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWY1MWZmOGFmMGE2N2VhZmUwMWM0MmI1ZGMzNjlkNGYzNzJkOGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Coc1n7kvokweCvyE8WVV0cUzV4x
01kTYzrZOQxdXTwHPGVXLabdxX08U11Ywzp+y4hu3Vy2XaAJdWkpC8mG6yd0Deuw
VX8sF7U2CbL2COiOes9UuVQbw9Vvbl1Lv/tK0JD5MuFH4Sr8f+1500VO3rgHVV03
Wumu9q7E2AL3sbSReHNs5Z60c6LGLUZ0HJ4CmC1TRk+QOyTSZEmPpS0U2FF4PJs4
ar1Pf3+fp5IUP44VRlFODzDIDKur/2SZoHcysOjxTSgHfMOAOLCpnRlulU96+/L6
6tYl11KrySLwpOPzLZVitLJpgneNYgYRiOADsTIj96T1ZDmmGecLMAKczwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFP71H/ivCmfq/gHEK13DadTzctjOMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvX3ZVZi1LOEtaLXItQWNRclhjTnAxUE55Mk00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQALUN1MAwD
BABb8kcDBAFb8kgDBABb8ksDBABb8mcDBABe58YDBAC5KGkDBAC5rfcDBADCOJkD
BADCtO4DBADC1QoDBAHC8hwwDQYJKoZIhvcNAQELBQADggEBALFjcxnNAR3moxjO
8/k9iGggawHDd3DziWNPk5KNh2GUtpe+qY6PQyWfR5qgYENe28QczCodJTGCb0Y8
onv02OFKRkNoq1xgKbhRN5O28m6nFC180CVHpUh4N9EjvEw6ncU/SqMAFVCbzgO/
tYJEymB2uAKmk7nXHJH2Gs+/GnmcyopIr0CLiSq0OlrzD2X09TPfeZeuOzLNZzxQ
u3uPo6LG0gDlw6DHczb904IJ8ykeoH6SC1duA1OJoDAdVJJ+5Khfk9lHC3SS3pCK
SemlUZxR1z79xlS/7bpDrP1WM7ZG2bMXv7N6h01oyBjenBo4e0IHKrfimnzvaSa8
zlTYKc4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:41 2024 by rpki-client on console-fra.rpki-client.org