Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/ggOsdcFv2INFDJHYrxYkrBBH12g.roa
File: ggOsdcFv2INFDJHYrxYkrBBH12g.roa (raw, json)
Hash identifier: UGOqwgwwFI+sfEOvNqX1/d99zpT3lV6NPjbcD11FtBs=
Subject key identifier: 82:03:AC:75:C1:6F:D8:83:45:0C:91:D8:AF:16:24:AC:10:47:D7:68
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018226FE1A608F15E65427BD5545CB1819C9
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/ggOsdcFv2INFDJHYrxYkrBBH12g.roa
Signing time: Fri 22 Jul 2022 17:39:23 +0000
ROA not before: Fri 22 Jul 2022 17:39:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 194.50.206.0/23 maxlen: 23
194.50.200.0/23 maxlen: 23
195.138.96.0/19 maxlen: 24
45.140.32.0/22 maxlen: 22
194.242.22.0/23 maxlen: 23
45.151.196.0/22 maxlen: 22
194.180.238.0/24 maxlen: 24
91.242.105.0/24 maxlen: 24
91.242.108.0/22 maxlen: 22
91.242.120.0/21 maxlen: 21
45.143.252.0/22 maxlen: 22
45.150.180.0/22 maxlen: 22
185.173.244.0/22 maxlen: 24
185.145.80.0/22 maxlen: 22
62.182.100.0/23 maxlen: 23
91.242.64.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:26:fe:1a:60:8f:15:e6:54:27:bd:55:45:cb:18:19:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jul 22 17:39:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8203ac75c16fd883450c91d8af1624ac1047d768
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:70:06:d6:64:d6:7c:d9:70:cb:ca:87:dc:c7:
d6:e3:85:56:f2:89:0a:aa:18:8f:e9:08:e0:a5:ae:
44:96:e8:dc:b1:91:a7:1d:82:83:ff:bd:ba:3e:97:
d9:9a:ed:e9:6f:c3:18:05:1b:4a:52:f2:f3:1e:80:
e8:2a:95:64:15:71:12:bf:41:e8:4d:b0:c0:1b:ea:
27:61:4d:77:1b:96:45:8e:e2:7c:f0:d6:8e:aa:1d:
3f:5b:2f:27:5d:c4:ea:99:53:94:80:ec:ab:00:c5:
f2:07:ba:de:c1:63:4a:27:71:f1:59:54:a2:79:60:
8e:8f:e9:dd:de:70:17:95:06:62:57:38:0f:4e:40:
b8:cb:e3:12:55:e6:8f:50:a9:d4:29:46:fa:59:2d:
05:7e:18:d7:e4:3d:47:9c:0d:11:b4:d2:8c:dc:2c:
01:5e:fd:f6:2e:c5:13:e9:d3:02:19:39:28:ed:fd:
65:1a:0c:5a:62:cf:15:b1:ef:4f:4f:8c:f3:dd:a5:
62:99:92:ce:da:05:b9:4c:fe:2e:77:ee:aa:e8:5c:
29:8a:cc:96:a1:20:53:1a:79:f3:17:7a:b5:e0:49:
2c:fb:3b:f5:53:b8:8f:59:d4:fb:b7:3c:4c:a5:d8:
ce:27:1e:02:75:89:63:44:9e:6d:1e:56:1c:63:81:
5e:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:03:AC:75:C1:6F:D8:83:45:0C:91:D8:AF:16:24:AC:10:47:D7:68
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/ggOsdcFv2INFDJHYrxYkrBBH12g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.32.0/22
45.143.252.0/22
45.150.180.0/22
45.151.196.0/22
62.182.100.0/23
91.242.64.0/22
91.242.105.0/24
91.242.108.0/22
91.242.120.0/21
185.145.80.0/22
185.173.244.0/22
194.50.200.0/23
194.50.206.0/23
194.180.238.0/24
194.242.22.0/23
195.138.96.0/19
Signature Algorithm: sha256WithRSAEncryption
b2:83:32:3c:e5:52:13:0d:1c:63:74:63:c5:cb:7e:2f:ae:9a:
04:30:b2:23:43:1c:d1:18:4d:6e:49:6a:34:87:e1:58:6b:e5:
97:89:b7:cb:3c:05:f5:07:25:c0:76:3e:8b:48:f5:b9:0d:7e:
81:4e:c6:fd:79:f0:52:5c:7a:e5:a4:ed:01:17:75:e7:34:39:
f3:82:fa:a6:8a:c5:11:23:57:16:7b:95:e0:77:6c:b1:a0:99:
e7:49:c2:b9:be:fd:4b:28:7e:d6:94:82:d3:ee:4c:cf:c9:82:
39:5b:6c:02:b6:a6:0b:f2:be:73:f8:60:a8:c3:c5:c2:7e:22:
89:e3:4a:75:f3:79:1d:0a:ef:5c:08:d6:94:fd:32:e7:bd:f7:
4c:ac:c1:e5:a9:c8:c0:d8:a8:95:19:72:4a:9e:19:11:71:7f:
67:34:6b:ba:2e:0a:cf:30:b5:0f:85:5f:f2:c4:b2:17:89:fc:
fd:17:09:00:de:7e:81:3c:22:89:62:c4:2e:99:7e:79:f5:5a:
4a:ad:55:ff:ee:45:30:b8:94:71:25:6d:ad:e6:99:73:ed:21:
31:2d:5f:11:71:6a:0e:c2:68:63:60:a1:c9:b8:d0:f5:1f:73:
e2:dc:8a:a2:e9:9b:04:b2:0a:0c:15:c3:b7:19:46:e9:ac:c8:
ed:99:26:91
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYIm/hpgjxXmVCe9VUXLGBnJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjIwNzIyMTczOTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjAzYWM3NWMxNmZkODgzNDUwYzkxZDhhZjE2MjRhYzEwNDdkNzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHAG1mTWfNlwy8qH3MfW44VW8okK
qhiP6Qjgpa5ElujcsZGnHYKD/726PpfZmu3pb8MYBRtKUvLzHoDoKpVkFXESv0Ho
TbDAG+onYU13G5ZFjuJ88NaOqh0/Wy8nXcTqmVOUgOyrAMXyB7rewWNKJ3HxWVSi
eWCOj+nd3nAXlQZiVzgPTkC4y+MSVeaPUKnUKUb6WS0FfhjX5D1HnA0RtNKM3CwB
Xv32LsUT6dMCGTko7f1lGgxaYs8Vse9PT4zz3aVimZLO2gW5TP4ud+6q6FwpisyW
oSBTGnnzF3q14Eks+zv1U7iPWdT7tzxMpdjOJx4CdYljRJ5tHlYcY4FeMQIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFIIDrHXBb9iDRQyR2K8WJKwQR9doMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvZ2dPc2RjRnYySU5GREpIWXJ4WWtyQkJIMTJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQCLYwgAwQC
LY/8AwQCLZa0AwQCLZfEAwQBPrZkAwQCW/JAAwQAW/JpAwQCW/JsAwQDW/J4AwQC
uZFQAwQCua30AwQBwjLIAwQBwjLOAwQAwrTuAwQBwvIWAwQFw4pgMA0GCSqGSIb3
DQEBCwUAA4IBAQCygzI85VITDRxjdGPFy34vrpoEMLIjQxzRGE1uSWo0h+FYa+WX
ibfLPAX1ByXAdj6LSPW5DX6BTsb9efBSXHrlpO0BF3XnNDnzgvqmisURI1cWe5Xg
d2yxoJnnScK5vv1LKH7WlILT7kzPyYI5W2wCtqYL8r5z+GCow8XCfiKJ40p183kd
Cu9cCNaU/TLnvfdMrMHlqcjA2KiVGXJKnhkRcX9nNGu6LgrPMLUPhV/yxLIXifz9
FwkA3n6BPCKJYsQumX559VpKrVX/7kUwuJRxJW2t5plz7SExLV8RcWoOwmhjYKHJ
uND1H3Pi3Iqi6ZsEsgoMFcO3GUbprMjtmSaR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:26 2024 by rpki-client on console-ams.rpki-client.org