Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/dyKml4QBqlCeP7lp-o3JOJxMBMs.roa
File: dyKml4QBqlCeP7lp-o3JOJxMBMs.roa (raw, json)
Hash identifier: rhkOfZ9aOYiR3oW1+rl0GxmPYYpwdmMA0kChXTA51+o=
Subject key identifier: 77:22:A6:97:84:01:AA:50:9E:3F:B9:69:FA:8D:C9:38:9C:4C:04:CB
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 01848AC018A6C74FFAC546659E8E517A2305
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/dyKml4QBqlCeP7lp-o3JOJxMBMs.roa
Signing time: Fri 18 Nov 2022 12:39:15 +0000
ROA not before: Fri 18 Nov 2022 12:39:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 5.182.28.0/22 maxlen: 22
45.140.32.0/22 maxlen: 22
45.88.124.0/22 maxlen: 22
194.56.152.0/23 maxlen: 24
91.242.81.0/24 maxlen: 24
185.212.11.0/24 maxlen: 24
91.242.107.0/24 maxlen: 24
45.150.180.0/22 maxlen: 22
194.242.28.0/23 maxlen: 24
185.173.247.0/24 maxlen: 24
193.46.211.0/24 maxlen: 24
91.242.70.0/23 maxlen: 24
91.242.74.0/24 maxlen: 24
91.242.72.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:8a:c0:18:a6:c7:4f:fa:c5:46:65:9e:8e:51:7a:23:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Nov 18 12:39:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7722a6978401aa509e3fb969fa8dc9389c4c04cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:bb:19:ca:69:cc:ec:15:d1:98:1b:c6:f2:43:
48:77:78:4e:ac:51:b0:f7:4c:f2:c1:86:69:a7:76:
76:6f:9e:c7:c6:40:99:b0:25:4a:d0:73:f1:3e:e6:
3f:02:a1:7e:37:96:c6:b4:4e:78:a8:97:d0:e2:3d:
b4:46:d8:d2:64:b3:80:c9:91:a9:3b:83:37:03:81:
c1:06:01:b9:1d:31:f7:1d:6a:ad:b8:bd:fd:62:61:
24:3e:d0:9a:2e:07:34:4c:6f:79:e1:c0:5f:53:c3:
ec:5f:af:3b:ed:76:a4:87:d7:fd:f3:f6:d8:72:50:
0f:86:ef:e0:60:38:2b:ed:28:68:b2:c8:31:5f:8a:
2c:e5:45:d2:b8:b4:15:1a:0c:eb:e9:6a:b1:13:7e:
aa:ae:7c:be:de:5b:9b:bb:5b:a8:f6:74:f8:94:97:
2b:e7:c4:bf:ae:d1:02:b5:ff:03:e0:56:f1:b2:f6:
7e:d1:2b:eb:04:a1:d8:03:e0:f0:3b:6c:b5:f9:14:
a2:37:0a:99:a6:9e:08:7b:4f:b8:e2:a4:9c:61:0c:
a2:c3:3d:b7:df:e9:64:e9:22:84:3f:b1:0a:5d:9a:
49:c1:5e:c7:08:06:5c:dc:2c:ab:5f:d1:8d:34:b7:
68:14:1e:d1:4d:17:e5:8e:05:63:5b:d7:69:6e:dd:
75:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:22:A6:97:84:01:AA:50:9E:3F:B9:69:FA:8D:C9:38:9C:4C:04:CB
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/dyKml4QBqlCeP7lp-o3JOJxMBMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.28.0/22
45.88.124.0/22
45.140.32.0/22
45.150.180.0/22
91.242.70.0-91.242.74.255
91.242.81.0/24
91.242.107.0/24
185.173.247.0/24
185.212.11.0/24
193.46.211.0/24
194.56.152.0/23
194.242.28.0/23
Signature Algorithm: sha256WithRSAEncryption
8c:1f:37:13:ff:ce:c7:d8:25:ca:e1:25:b6:82:63:88:ec:ba:
6e:44:22:2a:ef:a7:91:e9:dd:59:59:2e:c9:06:9c:f9:2e:6e:
56:96:65:43:2d:44:84:75:54:60:99:bf:a0:2d:92:48:34:83:
8a:37:f4:18:80:2a:a8:fc:36:1e:7e:86:a3:e6:20:10:86:b6:
b1:e5:59:10:aa:0f:68:ef:30:9d:ef:44:63:c9:71:2f:b3:45:
37:bc:1d:f6:6b:8a:ab:35:40:ab:8c:1e:bb:2e:1b:69:af:e0:
f7:a0:cf:9a:ba:52:c5:c7:75:13:9a:2b:96:7a:d3:fc:56:03:
47:d1:04:3c:ca:e0:e0:9a:33:1d:2a:f4:57:6d:33:f9:e3:ac:
94:cd:b2:88:89:99:f1:e8:73:20:74:67:2f:8f:91:d8:f5:a8:
81:1b:17:0d:47:79:d9:e7:9c:88:56:13:42:28:0b:26:e2:08:
b9:4a:c1:93:08:77:5b:79:1c:bf:46:80:a0:8c:70:43:55:c2:
89:38:79:9b:81:40:fe:7d:9a:8f:79:c1:2b:0b:09:f9:2f:29:
52:e6:64:e4:b3:97:df:d6:d8:f9:01:13:cd:37:d7:65:cd:04:
32:0b:1e:58:0c:8a:58:4c:16:b4:44:78:93:6b:a0:d0:dd:41:
1c:77:32:b2
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYSKwBimx0/6xUZlno5ReiMFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjIxMTE4MTIzOTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzIyYTY5Nzg0MDFhYTUwOWUzZmI5NjlmYThkYzkzODljNGMwNGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLsZymnM7BXRmBvG8kNId3hOrFGw
90zywYZpp3Z2b57HxkCZsCVK0HPxPuY/AqF+N5bGtE54qJfQ4j20RtjSZLOAyZGp
O4M3A4HBBgG5HTH3HWqtuL39YmEkPtCaLgc0TG954cBfU8PsX6877Xakh9f98/bY
clAPhu/gYDgr7ShossgxX4os5UXSuLQVGgzr6WqxE36qrny+3lubu1uo9nT4lJcr
58S/rtECtf8D4FbxsvZ+0SvrBKHYA+DwO2y1+RSiNwqZpp4Ie0+44qScYQyiwz23
3+lk6SKEP7EKXZpJwV7HCAZc3CyrX9GNNLdoFB7RTRfljgVjW9dpbt11nQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFHcippeEAapQnj+5afqNyTicTATLMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvZHlLbWw0UUJxbENlUDdscC1vM0pPSnhNQk1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQCBbYcAwQC
LVh8AwQCLYwgAwQCLZa0MAwDBAFb8kYDBABb8koDBABb8lEDBABb8msDBAC5rfcD
BAC51AsDBADBLtMDBAHCOJgDBAHC8hwwDQYJKoZIhvcNAQELBQADggEBAIwfNxP/
zsfYJcrhJbaCY4jsum5EIirvp5Hp3VlZLskGnPkublaWZUMtRIR1VGCZv6Atkkg0
g4o39BiAKqj8Nh5+hqPmIBCGtrHlWRCqD2jvMJ3vRGPJcS+zRTe8HfZriqs1QKuM
HrsuG2mv4Pegz5q6UsXHdROaK5Z60/xWA0fRBDzK4OCaMx0q9FdtM/njrJTNsoiJ
mfHocyB0Zy+Pkdj1qIEbFw1HednnnIhWE0IoCybiCLlKwZMId1t5HL9GgKCMcENV
wok4eZuBQP59mo95wSsLCfkvKVLmZOSzl9/W2PkBE80312XNBDILHlgMilhMFrRE
eJNroNDdQRx3MrI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:26 2024 by rpki-client on console-ams.rpki-client.org