Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/o5zeSAtBurkBdSbVOEZLVR4VoTs.roa
File: o5zeSAtBurkBdSbVOEZLVR4VoTs.roa (raw, json)
Hash identifier: ncHzw8uRthX6HXrr0Z+WtH8/rF61tpjN+KAFmYFVYr8=
Subject key identifier: A3:9C:DE:48:0B:41:BA:B9:01:75:26:D5:38:46:4B:55:1E:15:A1:3B
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018969A19EE2F5D95D3C7E0860E6632949AD
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/o5zeSAtBurkBdSbVOEZLVR4VoTs.roa
Signing time: Tue 18 Jul 2023 15:32:26 +0000
ROA not before: Tue 18 Jul 2023 15:32:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 89.39.242.0/24 maxlen: 24
194.56.152.0/23 maxlen: 24
94.231.198.0/24 maxlen: 24
185.212.11.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
45.89.44.0/22 maxlen: 24
185.40.105.0/24 maxlen: 24
194.242.28.0/23 maxlen: 24
86.104.19.0/24 maxlen: 24
193.46.211.0/24 maxlen: 24
193.203.127.0/24 maxlen: 24
91.242.70.0/23 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.74.0/24 maxlen: 24
91.242.75.0/24 maxlen: 24
89.40.161.0/24 maxlen: 24
195.138.105.0/24 maxlen: 24
195.138.103.0/24 maxlen: 24
195.138.104.0/24 maxlen: 24
195.138.106.0/24 maxlen: 24
45.140.32.0/22 maxlen: 22
80.94.81.0/24 maxlen: 24
80.94.80.0/24 maxlen: 24
80.94.80.0/23 maxlen: 23
45.67.117.0/24 maxlen: 24
45.15.64.0/24 maxlen: 24
91.239.59.0/24 maxlen: 24
45.15.64.0/22 maxlen: 22
45.15.66.0/24 maxlen: 24
45.15.67.0/24 maxlen: 24
45.15.65.0/24 maxlen: 24
194.213.10.0/24 maxlen: 24
185.173.247.0/24 maxlen: 24
176.126.223.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:69:a1:9e:e2:f5:d9:5d:3c:7e:08:60:e6:63:29:49:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jul 18 15:32:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a39cde480b41bab9017526d538464b551e15a13b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:56:af:f4:cb:29:34:1e:72:de:3a:00:9c:a5:
12:0b:f9:73:a7:12:91:c0:8f:d2:ad:c0:c4:6e:de:
f3:42:fa:a2:34:96:b9:83:5d:26:e6:c5:8f:fe:bc:
3f:a4:ea:3c:19:cf:d2:ba:fc:9c:b0:7a:da:81:6c:
2f:20:76:c5:88:a7:26:ea:9b:ef:01:4e:1c:01:f1:
e0:c1:e8:b2:4e:88:5b:f0:85:c4:98:ed:71:90:d4:
33:56:b1:77:cd:33:2d:b8:6c:a3:37:5f:c5:84:1d:
a3:8f:35:a1:c6:cc:60:6e:d4:a4:e2:9d:ea:cd:fe:
bb:2e:d3:8b:da:49:48:d5:33:04:1c:87:43:38:6f:
c1:6f:e1:7d:07:0b:49:60:0f:3d:85:f4:05:bb:6c:
6e:af:b7:3e:3a:a7:dd:bb:93:7d:ba:c2:96:63:78:
bb:e2:ad:c0:b2:b2:c1:92:6a:22:f4:19:31:33:a2:
2d:df:69:3c:07:94:f7:59:39:ae:73:f6:ad:1b:aa:
11:42:5b:df:d9:9b:e0:33:c1:a3:0e:53:42:00:ca:
e3:32:ee:44:57:fd:87:64:f1:e9:55:ce:b0:2d:78:
ad:1e:ae:58:b0:78:1f:d8:8b:42:7f:b6:d7:08:74:
ed:eb:24:ca:76:7f:07:03:d0:cd:06:a3:cb:29:40:
85:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:9C:DE:48:0B:41:BA:B9:01:75:26:D5:38:46:4B:55:1E:15:A1:3B
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/o5zeSAtBurkBdSbVOEZLVR4VoTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.64.0/22
45.67.117.0/24
45.89.44.0/22
45.140.32.0/22
80.94.80.0/23
86.104.19.0/24
89.39.242.0/24
89.40.161.0/24
91.239.59.0/24
91.242.70.0-91.242.75.255
91.242.103.0/24
94.231.198.0/24
176.126.223.0/24
185.40.105.0/24
185.173.247.0/24
185.212.11.0/24
193.46.211.0/24
193.203.127.0/24
194.56.152.0/23
194.213.10.0/24
194.242.28.0/23
195.138.103.0-195.138.106.255
Signature Algorithm: sha256WithRSAEncryption
10:d7:3f:fa:47:9d:74:89:75:12:40:3d:ef:fa:16:ca:69:aa:
93:15:00:84:f3:81:db:cc:ea:8c:47:54:b4:0b:4d:72:2d:81:
ef:3f:4f:25:9c:2e:34:a8:6c:44:ce:de:80:83:0c:c3:d3:86:
eb:de:27:e3:35:af:c3:27:07:8f:86:cc:85:73:86:21:59:96:
a9:a8:14:8c:21:aa:e9:7a:c8:2a:78:35:b9:5f:b8:19:70:40:
5d:6e:35:90:3b:e0:c9:0f:ef:cf:a3:b6:da:16:42:8e:c5:3e:
38:90:49:ba:70:78:eb:30:78:d9:c1:bd:d3:f2:0b:ad:50:fd:
30:5b:05:44:6c:c0:f9:00:15:61:6e:e6:5b:5f:98:1e:df:ff:
49:5d:e0:48:fe:7f:43:e7:91:b9:13:28:cc:c3:37:c5:ae:8d:
1b:df:5b:57:25:dd:ab:9a:3a:9c:fc:1b:3e:fa:4d:33:b0:9d:
49:01:88:ad:2e:46:07:14:70:1f:a4:da:be:85:ea:e6:70:c2:
2a:11:d1:61:84:ef:64:e2:5b:8c:3e:6f:4a:06:6c:10:67:a4:
9c:56:e9:63:41:ec:42:f1:ac:5c:96:06:f7:50:ad:18:b8:bc:
14:72:c9:47:df:04:d3:80:e3:58:41:6b:7e:d9:93:b4:85:78:
60:43:01:f9
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAYlpoZ7i9dldPH4IYOZjKUmtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwNzE4MTUzMjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzljZGU0ODBiNDFiYWI5MDE3NTI2ZDUzODQ2NGI1NTFlMTVhMTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVav9MspNB5y3joAnKUSC/lzpxKR
wI/SrcDEbt7zQvqiNJa5g10m5sWP/rw/pOo8Gc/SuvycsHragWwvIHbFiKcm6pvv
AU4cAfHgweiyTohb8IXEmO1xkNQzVrF3zTMtuGyjN1/FhB2jjzWhxsxgbtSk4p3q
zf67LtOL2klI1TMEHIdDOG/Bb+F9BwtJYA89hfQFu2xur7c+Oqfdu5N9usKWY3i7
4q3AsrLBkmoi9BkxM6It32k8B5T3WTmuc/atG6oRQlvf2ZvgM8GjDlNCAMrjMu5E
V/2HZPHpVc6wLXitHq5YsHgf2ItCf7bXCHTt6yTKdn8HA9DNBqPLKUCFTwIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFKOc3kgLQbq5AXUm1ThGS1UeFaE7MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvbzV6ZVNBdEJ1cmtCZFNiVk9FWkxWUjRWb1RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjCBmwQCAAEwgZQDBAIt
D0ADBAAtQ3UDBAItWSwDBAItjCADBAFQXlADBABWaBMDBABZJ/IDBABZKKEDBABb
7zswDAMEAVvyRgMEAlvySAMEAFvyZwMEAF7nxgMEALB+3wMEALkoaQMEALmt9wME
ALnUCwMEAMEu0wMEAMHLfwMEAcI4mAMEAMLVCgMEAcLyHDAMAwQAw4pnAwQAw4pq
MA0GCSqGSIb3DQEBCwUAA4IBAQAQ1z/6R510iXUSQD3v+hbKaaqTFQCE84HbzOqM
R1S0C01yLYHvP08lnC40qGxEzt6AgwzD04br3ifjNa/DJwePhsyFc4YhWZapqBSM
IarpesgqeDW5X7gZcEBdbjWQO+DJD+/Po7baFkKOxT44kEm6cHjrMHjZwb3T8gut
UP0wWwVEbMD5ABVhbuZbX5ge3/9JXeBI/n9D55G5EyjMwzfFro0b31tXJd2rmjqc
/Bs++k0zsJ1JAYitLkYHFHAfpNq+hermcMIqEdFhhO9k4luMPm9KBmwQZ6ScVulj
QexC8axclgb3UK0YuLwUcslH3wTTgONYQWt+2ZO0hXhgQwH5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:27 2024 by rpki-client on console-ams.rpki-client.org