Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/p58pNv4U2jN2G5V7C5ElTXthJz4.roa
File: p58pNv4U2jN2G5V7C5ElTXthJz4.roa (raw, json)
Hash identifier: bvkOvWZmyDy6qGXYSXAZH5KKxXX2sR+PbtK1TnWD1ts=
Subject key identifier: A7:9F:29:36:FE:14:DA:33:76:1B:95:7B:0B:91:25:4D:7B:61:27:3E
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018A6658C439B15684128379EBF848CF0C71
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/p58pNv4U2jN2G5V7C5ElTXthJz4.roa
Signing time: Tue 05 Sep 2023 17:16:47 +0000
ROA not before: Tue 05 Sep 2023 17:16:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7029
IP address blocks: 185.255.99.0/24 maxlen: 24
195.138.108.0/24 maxlen: 24
195.138.107.0/24 maxlen: 24
195.138.111.0/24 maxlen: 24
195.138.112.0/24 maxlen: 24
195.138.114.0/24 maxlen: 24
195.138.118.0/24 maxlen: 24
185.180.145.0/24 maxlen: 24
195.138.120.0/24 maxlen: 24
185.15.136.0/23 maxlen: 24
91.201.107.0/24 maxlen: 24
185.243.140.0/22 maxlen: 24
193.30.30.0/24 maxlen: 24
194.180.238.0/24 maxlen: 24
195.149.127.0/24 maxlen: 24
89.32.126.0/24 maxlen: 24
92.118.108.0/24 maxlen: 24
193.46.220.0/24 maxlen: 24
45.149.160.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:66:58:c4:39:b1:56:84:12:83:79:eb:f8:48:cf:0c:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Sep 5 17:16:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a79f2936fe14da33761b957b0b91254d7b61273e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:5e:26:c8:d7:fc:5e:c1:a6:f6:3a:8b:e2:69:
41:b5:6c:99:d5:a3:16:8c:a6:17:ca:73:37:1c:a4:
e1:fc:66:fd:02:66:2e:00:83:1c:19:e2:ce:4b:14:
24:18:03:3c:bc:63:63:c0:eb:36:f6:8e:32:d4:dc:
b3:72:6e:18:25:5e:54:a7:0c:87:c9:30:4c:a1:bd:
10:78:b4:69:d0:1a:ef:fc:19:1b:07:17:b8:8d:02:
47:84:53:96:9d:7d:60:c0:0c:d2:83:52:41:a3:f0:
2a:0d:9d:ea:8c:ab:79:4f:b2:37:ca:da:d6:d5:c6:
8e:ab:76:34:5b:9e:80:c4:cb:c6:c8:1d:28:11:6a:
72:11:4c:56:e2:54:5f:db:fb:82:23:27:ee:81:9d:
6d:99:a8:99:87:e9:b9:30:9a:8a:11:c1:3f:68:fd:
9f:50:06:cf:31:d9:5c:72:85:4a:c4:27:36:ea:86:
e9:e3:fa:a4:ee:05:84:eb:b9:d6:44:49:9f:af:4c:
fc:a1:35:31:c4:4a:37:32:01:ce:88:1d:fd:40:ae:
dd:77:d6:8a:75:a3:6d:bb:e6:7c:a1:6a:bf:2a:61:
1b:2e:78:77:8e:74:0e:e5:d2:91:66:91:c9:30:b1:
7d:81:9f:b2:de:8a:db:bd:39:8b:d2:95:70:b1:64:
4b:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:9F:29:36:FE:14:DA:33:76:1B:95:7B:0B:91:25:4D:7B:61:27:3E
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/p58pNv4U2jN2G5V7C5ElTXthJz4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.160.0/22
89.32.126.0/24
91.201.107.0/24
92.118.108.0/24
185.15.136.0/23
185.180.145.0/24
185.243.140.0/22
185.255.99.0/24
193.30.30.0/24
193.46.220.0/24
194.180.238.0/24
195.138.107.0-195.138.108.255
195.138.111.0-195.138.112.255
195.138.114.0/24
195.138.118.0/24
195.138.120.0/24
195.149.127.0/24
Signature Algorithm: sha256WithRSAEncryption
52:6c:95:a8:bf:8d:cb:ed:e5:05:c7:c0:92:65:a1:e5:b4:94:
9f:6a:6f:6e:04:75:ad:43:64:55:50:1f:79:1f:a9:cb:80:0a:
01:f5:35:93:fd:cb:ca:12:ad:24:00:27:51:ce:42:f0:79:e9:
3c:ff:af:f4:b9:00:a7:6b:6a:41:24:50:bd:16:0e:25:dd:6a:
5e:6b:6f:05:87:a9:16:85:4f:66:da:e8:2b:a5:da:9b:68:8a:
d9:49:95:29:27:49:29:72:35:1e:eb:20:a6:be:3d:fe:54:d7:
13:e1:01:7e:d4:e3:fc:19:4b:15:74:1a:c9:4e:aa:a2:fb:0b:
59:a6:3f:f4:11:c1:d0:05:00:f6:02:df:24:b3:19:9e:e3:fd:
41:8a:75:6c:40:02:c5:a7:f9:62:13:82:b0:8e:2e:ec:bc:37:
66:51:ac:9d:aa:8b:5e:aa:ca:3f:0e:12:51:5b:49:9b:e4:1a:
a1:ec:6a:d2:3d:dd:76:87:43:f1:b1:73:d7:b9:6b:97:9e:22:
ff:d6:92:d0:bf:15:50:82:01:00:48:66:23:76:f9:26:43:65:
fa:3d:3d:f8:bb:b0:1f:7b:1d:46:85:f8:70:fb:3f:7f:4f:f6:
b9:3f:6b:b2:f7:2e:f6:b2:0c:e4:c5:1a:61:9f:82:e7:d4:66:
36:56:a0:1a
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAYpmWMQ5sVaEEoN56/hIzwxxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwOTA1MTcxNjQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzlmMjkzNmZlMTRkYTMzNzYxYjk1N2IwYjkxMjU0ZDdiNjEyNzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhl4myNf8XsGm9jqL4mlBtWyZ1aMW
jKYXynM3HKTh/Gb9AmYuAIMcGeLOSxQkGAM8vGNjwOs29o4y1Nyzcm4YJV5UpwyH
yTBMob0QeLRp0Brv/BkbBxe4jQJHhFOWnX1gwAzSg1JBo/AqDZ3qjKt5T7I3ytrW
1caOq3Y0W56AxMvGyB0oEWpyEUxW4lRf2/uCIyfugZ1tmaiZh+m5MJqKEcE/aP2f
UAbPMdlccoVKxCc26obp4/qk7gWE67nWREmfr0z8oTUxxEo3MgHOiB39QK7dd9aK
daNtu+Z8oWq/KmEbLnh3jnQO5dKRZpHJMLF9gZ+y3orbvTmL0pVwsWRLJQIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFKefKTb+FNozdhuVewuRJU17YSc+MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvcDU4cE52NFUyak4yRzVWN0M1RWxUWHRoSno0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MHwEAgABMHYDBAItlaAD
BABZIH4DBABbyWsDBABcdmwDBAG5D4gDBAC5tJEDBAK584wDBAC5/2MDBADBHh4D
BADBLtwDBADCtO4wDAMEAMOKawMEAMOKbDAMAwQAw4pvAwQAw4pwAwQAw4pyAwQA
w4p2AwQAw4p4AwQAw5V/MA0GCSqGSIb3DQEBCwUAA4IBAQBSbJWov43L7eUFx8CS
ZaHltJSfam9uBHWtQ2RVUB95H6nLgAoB9TWT/cvKEq0kACdRzkLweek8/6/0uQCn
a2pBJFC9Fg4l3Wpea28Fh6kWhU9m2ugrpdqbaIrZSZUpJ0kpcjUe6yCmvj3+VNcT
4QF+1OP8GUsVdBrJTqqi+wtZpj/0EcHQBQD2At8ksxme4/1BinVsQALFp/liE4Kw
ji7svDdmUaydqoteqso/DhJRW0mb5Bqh7GrSPd12h0PxsXPXuWuXniL/1pLQvxVQ
ggEASGYjdvkmQ2X6PT34u7Afex1Ghfhw+z9/T/a5P2uy9y72sgzkxRphn4Ln1GY2
VqAa
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:27 2024 by rpki-client on console-ams.rpki-client.org