Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/e3eXMrKC7U-crT5Zn6m5da9NltM.roa
File: e3eXMrKC7U-crT5Zn6m5da9NltM.roa (raw, json)
Hash identifier: 946VT+v74vz8z4OWs0mbcRCrv0837w2WwcceAD6Ts8E=
Subject key identifier: 7B:77:97:32:B2:82:ED:4F:9C:AD:3E:59:9F:A9:B9:75:AF:4D:96:D3
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 01827E497E4EB995ECC9379D6B29AACF50A8
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/e3eXMrKC7U-crT5Zn6m5da9NltM.roa
Signing time: Mon 08 Aug 2022 16:28:41 +0000
ROA not before: Mon 08 Aug 2022 16:28:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 91.214.200.0/22 maxlen: 22
45.88.124.0/22 maxlen: 22
91.242.81.0/24 maxlen: 24
5.180.4.0/22 maxlen: 22
194.35.52.0/22 maxlen: 22
91.242.105.0/24 maxlen: 24
91.242.108.0/22 maxlen: 22
91.242.107.0/24 maxlen: 24
91.242.120.0/21 maxlen: 21
193.46.211.0/24 maxlen: 24
91.242.64.0/22 maxlen: 22
5.182.28.0/22 maxlen: 22
194.50.188.0/23 maxlen: 23
194.50.206.0/23 maxlen: 23
195.138.96.0/19 maxlen: 24
194.50.200.0/23 maxlen: 23
2.57.152.0/22 maxlen: 22
45.140.32.0/22 maxlen: 22
45.128.20.0/22 maxlen: 22
194.50.184.0/23 maxlen: 23
95.214.152.0/22 maxlen: 22
45.150.168.0/22 maxlen: 22
45.150.180.0/22 maxlen: 22
2.56.0.0/22 maxlen: 22
185.173.244.0/22 maxlen: 24
2.57.212.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:7e:49:7e:4e:b9:95:ec:c9:37:9d:6b:29:aa:cf:50:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Aug 8 16:28:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7b779732b282ed4f9cad3e599fa9b975af4d96d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b8:5f:6b:22:38:86:6e:68:d7:7d:34:13:8e:
c5:31:2e:f6:2c:43:87:a9:65:03:7d:9e:d3:6b:ba:
1e:ba:a5:82:7e:7a:67:b6:6e:a2:77:1f:5c:8a:93:
ef:49:4b:f4:07:76:f3:7d:5c:8c:a1:88:f6:73:9f:
cf:f5:0a:41:7e:5c:4e:c9:a4:8e:b8:f5:b4:b6:30:
e2:2a:88:52:ce:a5:6b:1b:d8:bf:de:95:78:4d:f4:
f5:a5:d1:13:4f:42:11:50:90:d3:0e:e6:b9:58:7a:
46:0a:a2:36:97:88:ed:eb:71:e2:f3:14:9a:c3:59:
ad:d1:93:09:a8:86:47:40:e8:88:4f:0a:45:c0:db:
e2:51:ae:9e:ed:f8:ab:7c:8b:da:04:78:ea:63:fe:
4b:c8:0e:f7:8f:d7:ab:ce:6c:78:e0:7f:d6:a3:8a:
d1:29:80:35:f2:63:85:00:67:e3:ac:f8:6e:27:9f:
e9:61:ff:04:a5:90:e9:1c:79:15:c4:e8:65:36:2d:
27:a2:f3:fb:5e:90:a0:a4:28:fa:24:35:b2:6e:27:
f5:a9:30:15:50:f6:2b:a1:f5:27:66:70:5a:92:4f:
3b:60:be:50:a2:e7:9c:79:84:ba:26:69:f9:12:52:
c8:58:0d:b9:92:c2:45:7c:e7:ce:f4:a5:28:be:e9:
1f:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:77:97:32:B2:82:ED:4F:9C:AD:3E:59:9F:A9:B9:75:AF:4D:96:D3
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/e3eXMrKC7U-crT5Zn6m5da9NltM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.0.0/22
2.57.152.0/22
2.57.212.0/22
5.180.4.0/22
5.182.28.0/22
45.88.124.0/22
45.128.20.0/22
45.140.32.0/22
45.150.168.0/22
45.150.180.0/22
91.214.200.0/22
91.242.64.0/22
91.242.81.0/24
91.242.105.0/24
91.242.107.0-91.242.111.255
91.242.120.0/21
95.214.152.0/22
185.173.244.0/22
193.46.211.0/24
194.35.52.0/22
194.50.184.0/23
194.50.188.0/23
194.50.200.0/23
194.50.206.0/23
195.138.96.0/19
Signature Algorithm: sha256WithRSAEncryption
9c:2c:44:74:48:ea:7e:7f:c1:74:9e:cb:32:b3:eb:2d:61:26:
f2:e3:8b:cc:b6:0a:3b:1d:f7:64:d5:f0:8e:85:6a:2f:53:2d:
96:b6:42:a0:7c:c6:39:09:f5:dd:0c:2c:f8:4a:0e:0e:03:1b:
0f:a2:33:a9:ad:51:a1:18:33:84:93:ca:95:ae:5f:02:f3:bf:
26:ee:36:3f:b5:72:c7:ef:56:74:ba:3c:f8:06:ea:09:f7:fc:
d8:dd:2c:a9:ff:45:7a:a9:ee:d5:93:ce:b0:0c:3a:fc:4e:ad:
36:e3:ed:04:08:1b:d3:27:99:05:02:68:59:2a:29:80:c2:73:
71:a6:1c:87:02:c4:35:79:dd:9f:1d:57:86:13:84:94:6a:79:
1a:69:00:72:c2:d9:f1:d3:41:8f:30:2b:39:10:91:b0:56:18:
07:9a:04:dd:12:6a:6f:0a:34:6b:b0:0b:63:9c:3c:f4:fb:e3:
e0:35:70:04:cf:dc:1e:50:85:32:45:56:c9:45:d9:a0:91:12:
42:b3:8a:59:7b:1a:57:9a:60:64:6d:1a:11:30:aa:e9:17:67:
f7:69:73:04:64:a2:49:1f:f8:ea:4e:4e:a4:bd:a9:68:30:09:
90:ff:89:9b:88:9c:fb:76:7f:9a:30:3d:b3:f9:e8:78:e2:3e:
5a:4c:64:8e
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAYJ+SX5OuZXsyTedaymqz1CoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjIwODA4MTYyODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Yjc3OTczMmIyODJlZDRmOWNhZDNlNTk5ZmE5Yjk3NWFmNGQ5NmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7hfayI4hm5o1300E47FMS72LEOH
qWUDfZ7Ta7oeuqWCfnpntm6idx9cipPvSUv0B3bzfVyMoYj2c5/P9QpBflxOyaSO
uPW0tjDiKohSzqVrG9i/3pV4TfT1pdETT0IRUJDTDua5WHpGCqI2l4jt63Hi8xSa
w1mt0ZMJqIZHQOiITwpFwNviUa6e7firfIvaBHjqY/5LyA73j9erzmx44H/Wo4rR
KYA18mOFAGfjrPhuJ5/pYf8EpZDpHHkVxOhlNi0novP7XpCgpCj6JDWybif1qTAV
UPYrofUnZnBakk87YL5QoueceYS6Jmn5ElLIWA25ksJFfOfO9KUovukffQIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFHt3lzKygu1PnK0+WZ+puXWvTZbTMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvZTNlWE1yS0M3VS1jclQ1Wm42bTVkYTlObHRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBpQQCAAEwgZ4DBAIC
OAADBAICOZgDBAICOdQDBAIFtAQDBAIFthwDBAItWHwDBAItgBQDBAItjCADBAIt
lqgDBAItlrQDBAJb1sgDBAJb8kADBABb8lEDBABb8mkwDAMEAFvyawMEBFvyYAME
A1vyeAMEAl/WmAMEArmt9AMEAMEu0wMEAsIjNAMEAcIyuAMEAcIyvAMEAcIyyAME
AcIyzgMEBcOKYDANBgkqhkiG9w0BAQsFAAOCAQEAnCxEdEjqfn/BdJ7LMrPrLWEm
8uOLzLYKOx33ZNXwjoVqL1MtlrZCoHzGOQn13Qws+EoODgMbD6Izqa1RoRgzhJPK
la5fAvO/Ju42P7Vyx+9WdLo8+AbqCff82N0sqf9Feqnu1ZPOsAw6/E6tNuPtBAgb
0yeZBQJoWSopgMJzcaYchwLENXndnx1XhhOElGp5GmkAcsLZ8dNBjzArORCRsFYY
B5oE3RJqbwo0a7ALY5w89Pvj4DVwBM/cHlCFMkVWyUXZoJESQrOKWXsaV5pgZG0a
ETCq6Rdn92lzBGSiSR/46k5OpL2paDAJkP+Jm4ic+3Z/mjA9s/noeOI+Wkxkjg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:26 2024 by rpki-client on console-ams.rpki-client.org