Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/hPcqElAeJ2kLwpi9uSzs-kwLudE.roa
File: hPcqElAeJ2kLwpi9uSzs-kwLudE.roa (raw, json)
Hash identifier: BVzOS/DXazM63JbGNEH4yRrpRw0DrMCe1Zyx3BhYbyw=
Subject key identifier: 84:F7:2A:12:50:1E:27:69:0B:C2:98:BD:B9:2C:EC:FA:4C:0B:B9:D1
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018977A0FDAFBE020C2352A5F76084FD37B1
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/hPcqElAeJ2kLwpi9uSzs-kwLudE.roa
Signing time: Fri 21 Jul 2023 08:46:26 +0000
ROA not before: Fri 21 Jul 2023 08:46:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 89.39.242.0/24 maxlen: 24
194.56.152.0/23 maxlen: 24
94.231.198.0/24 maxlen: 24
185.212.11.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
185.40.105.0/24 maxlen: 24
194.242.28.0/23 maxlen: 24
86.104.19.0/24 maxlen: 24
193.46.211.0/24 maxlen: 24
193.203.127.0/24 maxlen: 24
91.242.70.0/23 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.74.0/24 maxlen: 24
91.242.75.0/24 maxlen: 24
89.40.161.0/24 maxlen: 24
195.138.105.0/24 maxlen: 24
195.138.103.0/24 maxlen: 24
195.138.104.0/24 maxlen: 24
195.138.106.0/24 maxlen: 24
80.94.81.0/24 maxlen: 24
80.94.80.0/24 maxlen: 24
80.94.80.0/23 maxlen: 23
45.67.117.0/24 maxlen: 24
45.15.64.0/24 maxlen: 24
91.239.59.0/24 maxlen: 24
45.15.64.0/22 maxlen: 22
45.15.66.0/24 maxlen: 24
45.15.67.0/24 maxlen: 24
45.15.65.0/24 maxlen: 24
194.213.10.0/24 maxlen: 24
185.173.247.0/24 maxlen: 24
176.126.223.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:77:a0:fd:af:be:02:0c:23:52:a5:f7:60:84:fd:37:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jul 21 08:46:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84f72a12501e27690bc298bdb92cecfa4c0bb9d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:24:ed:49:b7:34:4e:45:7c:ce:17:68:75:f6:
bb:31:2b:8b:31:3b:0d:10:b7:13:ba:ee:0d:d9:a3:
f5:ba:59:75:38:39:3c:be:07:13:34:cf:cf:ff:6d:
ee:33:22:ff:91:a5:53:51:77:70:d7:c9:af:1c:6e:
76:76:dc:bf:b1:da:5f:03:50:f1:40:2f:38:e7:0c:
c3:1e:46:87:35:73:aa:74:36:50:fb:aa:7c:8b:9f:
45:d5:3f:af:de:68:c7:6b:5a:ac:d6:1f:21:30:e2:
94:7e:e8:94:fe:91:58:bc:20:31:5e:b6:d1:ff:aa:
6b:0d:71:96:8e:23:3e:ee:03:ee:42:69:d3:91:75:
3b:5a:b7:27:95:08:85:c4:e8:60:79:41:b2:9b:26:
34:61:da:c9:bf:e2:eb:69:0d:3b:6c:16:01:1b:5c:
e6:8c:5a:a6:ba:d3:7f:38:86:11:99:d0:e0:1e:5b:
ac:86:4f:9b:06:87:e4:c6:cb:0d:09:c7:2e:23:05:
be:f4:0d:2a:a1:00:20:31:d2:53:9c:a2:86:2d:be:
0d:6d:d9:92:6e:76:7b:ae:e5:a7:e8:cb:08:4d:bd:
ef:02:39:42:51:a4:e1:0c:a1:8f:00:57:61:a5:ab:
10:9d:31:0f:05:d4:1f:ac:d8:49:52:20:a9:d7:a5:
28:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:F7:2A:12:50:1E:27:69:0B:C2:98:BD:B9:2C:EC:FA:4C:0B:B9:D1
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/hPcqElAeJ2kLwpi9uSzs-kwLudE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.64.0/22
45.67.117.0/24
80.94.80.0/23
86.104.19.0/24
89.39.242.0/24
89.40.161.0/24
91.239.59.0/24
91.242.70.0-91.242.75.255
91.242.103.0/24
94.231.198.0/24
176.126.223.0/24
185.40.105.0/24
185.173.247.0/24
185.212.11.0/24
193.46.211.0/24
193.203.127.0/24
194.56.152.0/23
194.213.10.0/24
194.242.28.0/23
195.138.103.0-195.138.106.255
Signature Algorithm: sha256WithRSAEncryption
6a:7e:f9:39:f0:58:ae:d2:00:f5:e8:0e:18:c6:bc:79:38:04:
d9:3a:c5:90:51:fd:36:40:89:79:9e:8d:da:7a:78:10:97:d3:
a1:0c:f3:62:73:4f:1c:36:bd:14:ce:bc:69:bf:72:49:aa:e8:
da:64:f7:e4:4f:74:23:cd:f5:8e:f9:1a:bd:a0:12:43:65:2b:
72:bd:63:a8:ba:05:6c:fd:21:af:51:99:7d:4f:6e:e5:1e:86:
be:2e:ed:1a:d2:dc:1d:05:37:40:58:a9:3d:79:33:8c:d1:dc:
b0:5c:f9:f0:94:0d:df:8a:11:b7:d6:4a:21:dc:b9:2a:94:43:
64:d5:14:4f:62:d7:b7:7b:d7:07:68:02:e7:1f:0b:2c:cc:de:
81:18:88:ca:c1:bc:d5:31:5a:b0:f6:5c:f9:c4:e0:2e:fe:14:
dc:5a:94:c6:9a:67:d8:a3:1d:c7:df:8f:c9:35:a9:bc:90:5f:
27:00:17:9d:98:04:98:9d:e0:3b:86:b7:53:a0:f7:15:37:6c:
d2:c8:ba:87:fe:9e:2a:5a:6d:b4:8a:f5:d3:17:0a:6b:ca:48:
fd:fd:b1:0b:24:b9:a2:5c:9e:65:34:36:21:86:2b:08:5e:9d:
53:25:68:8c:62:e0:c2:36:0f:14:73:e2:09:f8:cc:6f:11:d3:
b0:b6:db:68
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAYl3oP2vvgIMI1Kl92CE/TexMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwNzIxMDg0NjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGY3MmExMjUwMWUyNzY5MGJjMjk4YmRiOTJjZWNmYTRjMGJiOWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgyTtSbc0TkV8zhdodfa7MSuLMTsN
ELcTuu4N2aP1ull1ODk8vgcTNM/P/23uMyL/kaVTUXdw18mvHG52dty/sdpfA1Dx
QC845wzDHkaHNXOqdDZQ+6p8i59F1T+v3mjHa1qs1h8hMOKUfuiU/pFYvCAxXrbR
/6prDXGWjiM+7gPuQmnTkXU7WrcnlQiFxOhgeUGymyY0YdrJv+LraQ07bBYBG1zm
jFqmutN/OIYRmdDgHlushk+bBofkxssNCccuIwW+9A0qoQAgMdJTnKKGLb4NbdmS
bnZ7ruWn6MsITb3vAjlCUaThDKGPAFdhpasQnTEPBdQfrNhJUiCp16UocwIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFIT3KhJQHidpC8KYvbks7PpMC7nRMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvaFBjcUVsQWVKMmtMd3BpOXVTenMta3dMdWRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBjwQCAAEwgYgDBAIt
D0ADBAAtQ3UDBAFQXlADBABWaBMDBABZJ/IDBABZKKEDBABb7zswDAMEAVvyRgME
AlvySAMEAFvyZwMEAF7nxgMEALB+3wMEALkoaQMEALmt9wMEALnUCwMEAMEu0wME
AMHLfwMEAcI4mAMEAMLVCgMEAcLyHDAMAwQAw4pnAwQAw4pqMA0GCSqGSIb3DQEB
CwUAA4IBAQBqfvk58Fiu0gD16A4Yxrx5OATZOsWQUf02QIl5no3aengQl9OhDPNi
c08cNr0Uzrxpv3JJqujaZPfkT3QjzfWO+Rq9oBJDZStyvWOougVs/SGvUZl9T27l
Hoa+Lu0a0twdBTdAWKk9eTOM0dywXPnwlA3fihG31koh3LkqlENk1RRPYte3e9cH
aALnHwsszN6BGIjKwbzVMVqw9lz5xOAu/hTcWpTGmmfYox3H34/JNam8kF8nABed
mASYneA7hrdToPcVN2zSyLqH/p4qWm20ivXTFwprykj9/bELJLmiXJ5lNDYhhisI
Xp1TJWiMYuDCNg8Uc+IJ+MxvEdOwttto
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:26 2024 by rpki-client on console-ams.rpki-client.org