Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/lhMZn2BBVHqBvQRsacVebRkkIx4.roa
File: lhMZn2BBVHqBvQRsacVebRkkIx4.roa (raw, json)
Hash identifier: upvzuGZRmLNXz2d58A1x7quJjc60PVDuJdJaLANIHOI=
Subject key identifier: 96:13:19:9F:60:41:54:7A:81:BD:04:6C:69:C5:5E:6D:19:24:23:1E
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018AFBB50186FB2001B09F6A8AF0E5A301D2
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/lhMZn2BBVHqBvQRsacVebRkkIx4.roa
Signing time: Wed 04 Oct 2023 17:20:58 +0000
ROA not before: Wed 04 Oct 2023 17:20:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 185.255.99.0/24 maxlen: 24
89.39.242.0/24 maxlen: 24
185.243.140.0/22 maxlen: 24
185.212.11.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
185.40.105.0/24 maxlen: 24
194.242.28.0/23 maxlen: 24
195.149.127.0/24 maxlen: 24
193.46.211.0/24 maxlen: 24
91.242.71.0/24 maxlen: 24
45.149.160.0/22 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.75.0/24 maxlen: 24
89.40.161.0/24 maxlen: 24
195.138.103.0/24 maxlen: 24
195.138.104.0/24 maxlen: 24
185.15.136.0/23 maxlen: 24
80.94.81.0/24 maxlen: 24
80.94.80.0/24 maxlen: 24
80.94.80.0/23 maxlen: 23
194.180.238.0/24 maxlen: 24
194.213.10.0/24 maxlen: 24
185.173.247.0/24 maxlen: 24
89.32.126.0/24 maxlen: 24
92.118.108.0/24 maxlen: 24
176.126.223.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fb:b5:01:86:fb:20:01:b0:9f:6a:8a:f0:e5:a3:01:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Oct 4 17:20:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9613199f6041547a81bd046c69c55e6d1924231e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:96:7d:14:50:9e:13:9b:63:fe:1a:66:2f:40:
ff:02:dc:b7:ba:bc:8a:4b:1b:28:78:02:b4:c5:6f:
01:6f:56:24:24:90:87:0c:07:39:90:ba:49:65:1a:
81:66:c9:f7:88:52:14:71:e9:69:e4:bf:a1:3b:e6:
83:71:77:2c:0d:d1:be:9f:5f:cd:1e:d5:21:58:26:
97:bc:c9:3f:5a:9a:8e:a1:29:af:36:48:b5:fe:3d:
06:b3:6e:1f:13:a6:d6:ca:67:4d:d6:14:d2:57:cb:
35:ec:8c:6c:3d:a6:f0:32:54:65:58:42:0c:b1:a1:
19:53:95:eb:cc:13:9d:b4:59:25:cc:d4:4f:9b:88:
e6:4a:53:4d:60:2c:fb:eb:cf:e9:d0:df:20:0e:a0:
eb:90:d9:dc:70:87:9a:47:7f:58:c2:2c:4f:0c:1b:
df:7d:fb:af:2e:8f:8b:fc:04:74:8e:ca:af:ca:9d:
f4:61:d1:2a:7f:d0:1a:6c:86:ac:40:4c:5f:1c:f7:
a5:00:ed:f3:7f:e7:d5:40:7f:d6:fe:f0:21:00:50:
9c:90:10:8c:6b:79:6d:e5:5b:ce:dd:ba:50:97:b8:
86:70:2e:d5:bf:de:46:8b:18:dc:1c:76:2d:b9:e5:
d6:ec:56:82:e4:1e:3c:0b:fa:39:1c:be:c2:e2:bf:
f5:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:13:19:9F:60:41:54:7A:81:BD:04:6C:69:C5:5E:6D:19:24:23:1E
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/lhMZn2BBVHqBvQRsacVebRkkIx4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.160.0/22
80.94.80.0/23
89.32.126.0/24
89.39.242.0/24
89.40.161.0/24
91.242.71.0-91.242.73.255
91.242.75.0/24
91.242.103.0/24
92.118.108.0/24
176.126.223.0/24
185.15.136.0/23
185.40.105.0/24
185.173.247.0/24
185.212.11.0/24
185.243.140.0/22
185.255.99.0/24
193.46.211.0/24
194.180.238.0/24
194.213.10.0/24
194.242.28.0/23
195.138.103.0-195.138.104.255
195.149.127.0/24
Signature Algorithm: sha256WithRSAEncryption
15:b5:7f:e5:55:80:08:26:1a:3d:29:f2:4b:6c:e9:9e:b1:78:
c2:a4:5a:52:41:e5:95:d8:e4:e3:65:38:a2:53:54:69:53:5d:
d6:4d:50:87:99:70:48:57:39:ec:19:54:1f:f7:b3:d3:34:1b:
09:fd:41:bc:ae:f4:07:39:c2:d4:6d:23:ce:55:d9:df:1e:58:
c9:57:f5:e2:c9:74:f4:c9:72:a4:76:63:6a:3e:bd:90:3e:6e:
1b:41:93:ea:98:bf:97:e3:a1:7e:2a:30:f7:c6:e6:97:08:9c:
c9:86:f8:48:41:95:6c:ad:4f:bd:b5:0b:92:15:8a:38:b9:c5:
ff:d0:0e:4a:ba:15:06:95:26:94:66:1c:02:b8:0e:9c:4e:cb:
6e:cf:d2:a6:cb:82:09:5f:98:19:17:68:c9:c0:32:4e:e2:74:
a5:fd:9d:05:f0:a3:39:8c:68:46:b3:e5:d5:8b:13:1b:73:12:
73:87:7e:df:4d:c2:80:1a:fe:27:63:fd:bd:1e:64:67:8b:87:
14:47:a8:93:aa:15:6b:31:fd:be:b5:86:b3:00:5f:74:4d:2f:
64:20:6f:3c:79:06:59:9a:fa:de:b1:42:0b:ef:ea:19:a7:29:
45:0d:c6:f5:3e:a5:8b:aa:cf:07:dd:2b:33:65:88:3f:ef:bf:
e0:73:74:94
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAYr7tQGG+yABsJ9qivDlowHSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMxMDA0MTcyMDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjEzMTk5ZjYwNDE1NDdhODFiZDA0NmM2OWM1NWU2ZDE5MjQyMzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZZ9FFCeE5tj/hpmL0D/Aty3uryK
SxsoeAK0xW8Bb1YkJJCHDAc5kLpJZRqBZsn3iFIUcelp5L+hO+aDcXcsDdG+n1/N
HtUhWCaXvMk/WpqOoSmvNki1/j0Gs24fE6bWymdN1hTSV8s17IxsPabwMlRlWEIM
saEZU5XrzBOdtFklzNRPm4jmSlNNYCz768/p0N8gDqDrkNnccIeaR39YwixPDBvf
ffuvLo+L/AR0jsqvyp30YdEqf9AabIasQExfHPelAO3zf+fVQH/W/vAhAFCckBCM
a3lt5VvO3bpQl7iGcC7Vv95GixjcHHYtueXW7FaC5B48C/o5HL7C4r/1bwIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFJYTGZ9gQVR6gb0EbGnFXm0ZJCMeMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvbGhNWm4yQkJWSHFCdlFSc2FjVmViUmtrSXg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjCBmwQCAAEwgZQDBAIt
laADBAFQXlADBABZIH4DBABZJ/IDBABZKKEwDAMEAFvyRwMEAVvySAMEAFvySwME
AFvyZwMEAFx2bAMEALB+3wMEAbkPiAMEALkoaQMEALmt9wMEALnUCwMEArnzjAME
ALn/YwMEAMEu0wMEAMK07gMEAMLVCgMEAcLyHDAMAwQAw4pnAwQAw4poAwQAw5V/
MA0GCSqGSIb3DQEBCwUAA4IBAQAVtX/lVYAIJho9KfJLbOmesXjCpFpSQeWV2OTj
ZTiiU1RpU13WTVCHmXBIVznsGVQf97PTNBsJ/UG8rvQHOcLUbSPOVdnfHljJV/Xi
yXT0yXKkdmNqPr2QPm4bQZPqmL+X46F+KjD3xuaXCJzJhvhIQZVsrU+9tQuSFYo4
ucX/0A5KuhUGlSaUZhwCuA6cTstuz9Kmy4IJX5gZF2jJwDJO4nSl/Z0F8KM5jGhG
s+XVixMbcxJzh37fTcKAGv4nY/29HmRni4cUR6iTqhVrMf2+tYazAF90TS9kIG88
eQZZmvresUIL7+oZpylFDcb1PqWLqs8H3SszZYg/77/gc3SU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:27 2024 by rpki-client on console-ams.rpki-client.org