Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/m1QFcpgqm9b7FDDtFSUmGUUiCkQ.roa
File: m1QFcpgqm9b7FDDtFSUmGUUiCkQ.roa (raw, json)
Hash identifier: o0cxytd5X9oeGlCVil85TUXGO8w3VshI6v6b08n4gQI=
Subject key identifier: 9B:54:05:72:98:2A:9B:D6:FB:14:30:ED:15:25:26:19:45:22:0A:44
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 0182122D887D7B14E8695C117FB5D9D16DFB
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/m1QFcpgqm9b7FDDtFSUmGUUiCkQ.roa
Signing time: Mon 18 Jul 2022 16:39:10 +0000
ROA not before: Mon 18 Jul 2022 16:39:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 185.115.92.0/22 maxlen: 22
2.59.204.0/22 maxlen: 22
91.214.200.0/22 maxlen: 22
91.242.81.0/24 maxlen: 24
194.35.52.0/22 maxlen: 22
91.242.105.0/24 maxlen: 24
91.242.100.0/23 maxlen: 23
91.242.108.0/22 maxlen: 22
91.242.107.0/24 maxlen: 24
91.242.120.0/21 maxlen: 21
193.46.211.0/24 maxlen: 24
91.242.64.0/22 maxlen: 22
194.50.188.0/23 maxlen: 23
194.50.206.0/23 maxlen: 23
195.138.96.0/19 maxlen: 24
194.50.200.0/23 maxlen: 23
2.57.152.0/22 maxlen: 22
45.145.40.0/22 maxlen: 22
45.140.32.0/22 maxlen: 22
45.128.20.0/22 maxlen: 22
194.50.184.0/23 maxlen: 23
45.86.20.0/22 maxlen: 22
95.214.152.0/22 maxlen: 22
45.150.168.0/22 maxlen: 22
45.15.244.0/22 maxlen: 22
45.150.180.0/22 maxlen: 22
2.56.0.0/22 maxlen: 22
185.173.244.0/22 maxlen: 24
2.57.212.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:12:2d:88:7d:7b:14:e8:69:5c:11:7f:b5:d9:d1:6d:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jul 18 16:39:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9b540572982a9bd6fb1430ed1525261945220a44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:a4:fa:8f:93:81:9c:f9:f9:0b:c6:c2:f6:5b:
12:18:6d:2d:c0:12:d5:6d:36:9b:6b:30:ec:fb:a2:
0c:15:24:93:5c:59:77:d2:75:4c:53:90:e0:2d:a6:
b6:d5:f7:19:a2:41:12:5f:63:58:06:a6:74:3a:3a:
e6:3a:db:3d:78:7b:0a:b5:d6:d6:74:a5:5d:c0:cc:
ff:99:72:b2:f4:e8:dc:c4:c7:72:c8:ed:67:b4:38:
52:30:35:82:03:21:c1:12:f1:ba:96:09:b3:92:c3:
bf:3b:ea:89:05:8e:a6:a4:28:12:db:22:0d:8e:1b:
20:6a:01:35:6c:9d:e1:84:99:b5:f0:9d:70:a4:c6:
1d:7f:c9:c8:40:7a:8e:e0:9b:98:e6:ea:ee:02:1b:
16:f0:5b:05:1f:4d:93:95:36:09:20:cb:b3:c8:72:
c5:68:32:10:23:dc:f5:0e:c7:c8:ef:4f:36:bf:4a:
16:df:8b:72:41:fb:43:0f:60:1c:e3:e0:11:36:22:
1e:cc:c8:22:a9:9e:93:6f:30:07:43:d9:0d:f4:0c:
37:a3:a4:dd:8c:0f:78:19:04:32:0e:a4:19:04:c7:
3f:a3:b3:18:ee:3f:ca:54:2c:44:31:0c:4d:d3:44:
6c:cc:c1:da:da:7c:74:06:3b:55:db:56:62:f3:ff:
74:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:54:05:72:98:2A:9B:D6:FB:14:30:ED:15:25:26:19:45:22:0A:44
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/m1QFcpgqm9b7FDDtFSUmGUUiCkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.0.0/22
2.57.152.0/22
2.57.212.0/22
2.59.204.0/22
45.15.244.0/22
45.86.20.0/22
45.128.20.0/22
45.140.32.0/22
45.145.40.0/22
45.150.168.0/22
45.150.180.0/22
91.214.200.0/22
91.242.64.0/22
91.242.81.0/24
91.242.100.0/23
91.242.105.0/24
91.242.107.0-91.242.111.255
91.242.120.0/21
95.214.152.0/22
185.115.92.0/22
185.173.244.0/22
193.46.211.0/24
194.35.52.0/22
194.50.184.0/23
194.50.188.0/23
194.50.200.0/23
194.50.206.0/23
195.138.96.0/19
Signature Algorithm: sha256WithRSAEncryption
1c:fe:70:2c:7c:4b:12:ba:29:ea:2a:f5:f8:89:3e:61:7a:09:
4a:b8:dd:62:ef:03:11:2d:9b:20:9c:bb:e5:ac:19:c0:69:cf:
59:2c:da:aa:a4:c1:af:b1:f0:9a:9e:34:20:83:6f:9a:f6:50:
48:12:1a:89:1f:1e:ca:25:42:79:43:8e:b8:42:6f:2d:a3:e6:
7a:d9:3c:89:fc:b6:de:40:e0:da:9e:9c:d0:3c:3f:f9:d2:f9:
e7:b8:c4:e1:5c:8a:85:01:7a:a2:3d:8f:40:78:de:9e:12:84:
26:45:80:0c:ff:7d:06:e0:24:80:35:00:84:13:38:56:66:60:
06:e9:fd:57:a9:5e:1e:1e:15:09:97:25:c3:e3:4f:2b:4d:ed:
42:0a:46:c8:2d:9d:cf:30:f0:d2:17:58:b9:19:ea:b4:7b:a6:
c9:73:3e:82:1c:c6:a6:17:f6:2c:cf:a5:ef:47:08:8f:2a:5a:
4d:5e:bb:52:fe:53:80:6c:3b:93:5f:c3:cb:f8:07:38:7d:27:
d6:98:7c:33:e4:af:d2:87:3e:85:4e:e8:12:fc:02:c0:02:98:
90:e6:7c:68:3b:78:0b:67:c0:2f:5f:0a:49:20:87:8d:a4:ef:
04:f3:20:f2:56:1d:76:ad:a0:3c:5e:4a:b0:00:6c:4a:97:3d:
72:3c:9a:45
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgISAYISLYh9exToaVwRf7XZ0W37MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjIwNzE4MTYzOTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjU0MDU3Mjk4MmE5YmQ2ZmIxNDMwZWQxNTI1MjYxOTQ1MjIwYTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqT6j5OBnPn5C8bC9lsSGG0twBLV
bTabazDs+6IMFSSTXFl30nVMU5DgLaa21fcZokESX2NYBqZ0OjrmOts9eHsKtdbW
dKVdwMz/mXKy9OjcxMdyyO1ntDhSMDWCAyHBEvG6lgmzksO/O+qJBY6mpCgS2yIN
jhsgagE1bJ3hhJm18J1wpMYdf8nIQHqO4JuY5uruAhsW8FsFH02TlTYJIMuzyHLF
aDIQI9z1DsfI7082v0oW34tyQftDD2Ac4+ARNiIezMgiqZ6TbzAHQ9kN9Aw3o6Td
jA94GQQyDqQZBMc/o7MY7j/KVCxEMQxN00RszMHa2nx0BjtV21Zi8/906QIDAQAB
o4ICuDCCArQwHQYDVR0OBBYEFJtUBXKYKpvW+xQw7RUlJhlFIgpEMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvbTFRRmNwZ3FtOWI3RkREdEZTVW1HVVVpQ2tRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujCBtwQCAAEwgbADBAIC
OAADBAICOZgDBAICOdQDBAICO8wDBAItD/QDBAItVhQDBAItgBQDBAItjCADBAIt
kSgDBAItlqgDBAItlrQDBAJb1sgDBAJb8kADBABb8lEDBAFb8mQDBABb8mkwDAME
AFvyawMEBFvyYAMEA1vyeAMEAl/WmAMEArlzXAMEArmt9AMEAMEu0wMEAsIjNAME
AcIyuAMEAcIyvAMEAcIyyAMEAcIyzgMEBcOKYDANBgkqhkiG9w0BAQsFAAOCAQEA
HP5wLHxLErop6ir1+Ik+YXoJSrjdYu8DES2bIJy75awZwGnPWSzaqqTBr7Hwmp40
IINvmvZQSBIaiR8eyiVCeUOOuEJvLaPmetk8ify23kDg2p6c0Dw/+dL557jE4VyK
hQF6oj2PQHjenhKEJkWADP99BuAkgDUAhBM4VmZgBun9V6leHh4VCZclw+NPK03t
QgpGyC2dzzDw0hdYuRnqtHumyXM+ghzGphf2LM+l70cIjypaTV67Uv5TgGw7k1/D
y/gHOH0n1ph8M+Sv0oc+hU7oEvwCwAKYkOZ8aDt4C2fAL18KSSCHjaTvBPMg8lYd
dq2gPF5KsABsSpc9cjyaRQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:42 2024 by rpki-client on console-fra.rpki-client.org