Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/n_oobj1k04dxZOfAulgafD8-SLs.roa
File: n_oobj1k04dxZOfAulgafD8-SLs.roa (raw, json)
Hash identifier: CgqajSgc31VC/PaRY+bo8s1tbXTDec1H9MI1fGdj/Ls=
Subject key identifier: 9F:FA:28:6E:3D:64:D3:87:71:64:E7:C0:BA:58:1A:7C:3F:3E:48:BB
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 01836A02BF60B036B886E2775A745293D954
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/n_oobj1k04dxZOfAulgafD8-SLs.roa
Signing time: Fri 23 Sep 2022 11:01:48 +0000
ROA not before: Fri 23 Sep 2022 11:01:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 91.214.200.0/22 maxlen: 22
45.88.124.0/22 maxlen: 22
194.56.152.0/23 maxlen: 24
91.242.81.0/24 maxlen: 24
5.180.4.0/22 maxlen: 22
185.212.11.0/24 maxlen: 24
194.35.52.0/22 maxlen: 22
91.242.105.0/24 maxlen: 24
91.242.108.0/22 maxlen: 22
91.242.107.0/24 maxlen: 24
91.242.120.0/21 maxlen: 21
194.242.28.0/23 maxlen: 24
193.46.211.0/24 maxlen: 24
91.242.64.0/22 maxlen: 22
5.182.28.0/22 maxlen: 22
194.50.188.0/23 maxlen: 23
194.50.206.0/23 maxlen: 23
195.138.96.0/19 maxlen: 24
194.50.200.0/23 maxlen: 23
2.57.152.0/22 maxlen: 22
45.140.32.0/22 maxlen: 22
45.128.20.0/22 maxlen: 22
194.50.184.0/23 maxlen: 23
95.214.152.0/22 maxlen: 22
45.150.168.0/22 maxlen: 22
45.150.180.0/22 maxlen: 22
2.56.0.0/22 maxlen: 22
185.173.244.0/22 maxlen: 24
185.173.247.0/24 maxlen: 24
2.57.212.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:6a:02:bf:60:b0:36:b8:86:e2:77:5a:74:52:93:d9:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Sep 23 11:01:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9ffa286e3d64d3877164e7c0ba581a7c3f3e48bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:39:4c:3f:1e:1c:d8:14:00:d8:78:e3:96:6f:
79:2e:6e:55:ec:5b:06:9c:ce:76:85:07:35:04:ac:
35:d5:c3:e1:32:8f:87:8f:22:a2:1f:ab:23:5b:54:
aa:81:47:a5:44:28:00:c2:c6:81:df:ce:41:e0:d7:
91:5a:a7:b1:54:93:c5:56:77:37:92:2e:83:48:39:
67:40:eb:d3:7c:86:22:43:06:34:41:b5:cd:4a:67:
8e:bd:39:a5:99:f4:c6:8d:c5:f5:9d:7b:0f:46:3c:
09:c4:48:f8:a3:29:71:db:03:a7:f1:13:60:1d:99:
02:d2:92:42:4e:e5:fe:62:48:34:a1:09:d1:67:12:
c2:56:95:ec:f5:49:67:9d:97:bc:cd:df:0d:38:45:
1c:2b:11:1c:cf:d2:b0:4d:b1:ca:1d:8c:76:8e:6f:
ea:00:5c:87:a8:a1:a3:e3:1f:a7:99:f9:73:ba:a6:
38:21:4a:a8:14:d2:01:ec:dc:2f:e1:bf:19:e7:19:
c8:3a:4a:fa:65:4a:ba:0f:38:df:02:ee:da:95:30:
d4:14:93:fd:fc:7a:bf:2e:6f:83:02:6b:79:da:ea:
4e:f0:d5:ee:a5:52:44:50:38:b0:26:c7:96:6c:5b:
59:07:91:20:d1:d2:51:40:60:1d:3e:8a:21:b9:f8:
51:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:FA:28:6E:3D:64:D3:87:71:64:E7:C0:BA:58:1A:7C:3F:3E:48:BB
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/n_oobj1k04dxZOfAulgafD8-SLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.0.0/22
2.57.152.0/22
2.57.212.0/22
5.180.4.0/22
5.182.28.0/22
45.88.124.0/22
45.128.20.0/22
45.140.32.0/22
45.150.168.0/22
45.150.180.0/22
91.214.200.0/22
91.242.64.0/22
91.242.81.0/24
91.242.105.0/24
91.242.107.0-91.242.111.255
91.242.120.0/21
95.214.152.0/22
185.173.244.0/22
185.212.11.0/24
193.46.211.0/24
194.35.52.0/22
194.50.184.0/23
194.50.188.0/23
194.50.200.0/23
194.50.206.0/23
194.56.152.0/23
194.242.28.0/23
195.138.96.0/19
Signature Algorithm: sha256WithRSAEncryption
60:80:26:1d:b6:fa:8a:ff:02:d0:45:02:e5:50:ac:c4:31:7f:
b1:b1:17:27:f3:ed:e0:aa:c6:de:6d:79:6f:45:54:d4:42:18:
17:7b:cf:e7:96:08:e7:20:6b:d9:da:5b:73:fc:5e:74:db:4c:
b4:3d:f7:bf:0b:1c:35:39:02:92:76:e4:3f:c8:02:90:82:87:
ba:5b:6d:e4:49:3a:5a:5f:1d:3e:91:1d:cd:d2:d6:45:56:08:
fb:8e:8e:cd:b0:db:7a:34:f6:eb:bb:f7:e3:04:56:af:38:f0:
65:23:ed:5d:82:82:3b:52:34:88:34:21:24:bf:a5:8e:0b:9b:
7d:d3:bd:ec:7f:3f:49:2d:ae:c7:d9:2a:2a:b0:bf:45:d7:c9:
eb:e0:53:eb:01:d0:90:b6:73:ec:87:55:f3:9e:95:56:07:3c:
1d:81:f2:94:a3:07:02:69:eb:6c:f1:fa:74:36:9c:9b:ff:b1:
6e:08:5f:ac:d1:f7:6e:53:ab:8a:87:90:d6:c6:a8:70:48:74:
63:9a:86:a0:d4:c5:7d:49:50:ec:31:ff:26:dc:3a:08:3b:fa:
5a:65:64:ea:82:21:ef:17:84:e3:11:3c:1b:e7:e4:da:98:3b:
c0:9f:8c:13:0d:c4:d0:22:b2:c5:3e:a4:d9:f3:6e:84:9d:63:
eb:7d:56:11
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgISAYNqAr9gsDa4huJ3WnRSk9lUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjIwOTIzMTEwMTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmZhMjg2ZTNkNjRkMzg3NzE2NGU3YzBiYTU4MWE3YzNmM2U0OGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTlMPx4c2BQA2Hjjlm95Lm5V7FsG
nM52hQc1BKw11cPhMo+HjyKiH6sjW1SqgUelRCgAwsaB385B4NeRWqexVJPFVnc3
ki6DSDlnQOvTfIYiQwY0QbXNSmeOvTmlmfTGjcX1nXsPRjwJxEj4oylx2wOn8RNg
HZkC0pJCTuX+Ykg0oQnRZxLCVpXs9UlnnZe8zd8NOEUcKxEcz9KwTbHKHYx2jm/q
AFyHqKGj4x+nmflzuqY4IUqoFNIB7Nwv4b8Z5xnIOkr6ZUq6DzjfAu7alTDUFJP9
/Hq/Lm+DAmt52upO8NXupVJEUDiwJseWbFtZB5Eg0dJRQGAdPoohufhRMQIDAQAB
o4ICuDCCArQwHQYDVR0OBBYEFJ/6KG49ZNOHcWTnwLpYGnw/Pki7MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvbl9vb2JqMWswNGR4Wk9mQXVsZ2FmRDgtU0xzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujCBtwQCAAEwgbADBAIC
OAADBAICOZgDBAICOdQDBAIFtAQDBAIFthwDBAItWHwDBAItgBQDBAItjCADBAIt
lqgDBAItlrQDBAJb1sgDBAJb8kADBABb8lEDBABb8mkwDAMEAFvyawMEBFvyYAME
A1vyeAMEAl/WmAMEArmt9AMEALnUCwMEAMEu0wMEAsIjNAMEAcIyuAMEAcIyvAME
AcIyyAMEAcIyzgMEAcI4mAMEAcLyHAMEBcOKYDANBgkqhkiG9w0BAQsFAAOCAQEA
YIAmHbb6iv8C0EUC5VCsxDF/sbEXJ/Pt4KrG3m15b0VU1EIYF3vP55YI5yBr2dpb
c/xedNtMtD33vwscNTkCknbkP8gCkIKHultt5Ek6Wl8dPpEdzdLWRVYI+46OzbDb
ejT267v34wRWrzjwZSPtXYKCO1I0iDQhJL+ljgubfdO97H8/SS2ux9kqKrC/RdfJ
6+BT6wHQkLZz7IdV856VVgc8HYHylKMHAmnrbPH6dDacm/+xbghfrNH3blOrioeQ
1saocEh0Y5qGoNTFfUlQ7DH/Jtw6CDv6WmVk6oIh7xeE4xE8G+fk2pg7wJ+MEw3E
0CKyxT6k2fNuhJ1j631WEQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:42 2024 by rpki-client on console-fra.rpki-client.org