Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/sAVFFAsm_o1fbDBBaMwAvMjZ-7s.roa
File: sAVFFAsm_o1fbDBBaMwAvMjZ-7s.roa (raw, json)
Hash identifier: eyKagWRhCjayeBgTJUn00voNytvNbobmPSYT7CfAkj8=
Subject key identifier: B0:05:45:14:0B:26:FE:8D:5F:6C:30:41:68:CC:00:BC:C8:D9:FB:BB
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018226FE1B6DDC0F97468CA4DEF7301D0694
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/sAVFFAsm_o1fbDBBaMwAvMjZ-7s.roa
Signing time: Fri 22 Jul 2022 17:39:23 +0000
ROA not before: Fri 22 Jul 2022 17:39:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 194.50.188.0/23 maxlen: 23
194.50.206.0/23 maxlen: 23
195.138.96.0/19 maxlen: 24
194.50.200.0/23 maxlen: 23
2.57.152.0/22 maxlen: 22
45.140.32.0/22 maxlen: 22
91.214.200.0/22 maxlen: 22
45.128.20.0/22 maxlen: 22
194.50.184.0/23 maxlen: 23
91.242.81.0/24 maxlen: 24
194.35.52.0/22 maxlen: 22
95.214.152.0/22 maxlen: 22
91.242.105.0/24 maxlen: 24
91.242.108.0/22 maxlen: 22
91.242.107.0/24 maxlen: 24
45.150.168.0/22 maxlen: 22
91.242.120.0/21 maxlen: 21
45.150.180.0/22 maxlen: 22
2.56.0.0/22 maxlen: 22
185.173.244.0/22 maxlen: 24
193.46.211.0/24 maxlen: 24
91.242.64.0/22 maxlen: 22
2.57.212.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:26:fe:1b:6d:dc:0f:97:46:8c:a4:de:f7:30:1d:06:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jul 22 17:39:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b00545140b26fe8d5f6c304168cc00bcc8d9fbbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:e2:90:44:f0:51:e2:83:70:ad:23:30:9e:d2:
35:49:b4:4a:a5:71:cd:39:87:67:da:cd:02:ab:58:
69:f1:b5:73:bb:5b:1a:17:b1:27:fa:ee:c1:b3:ce:
48:04:92:79:d5:ed:2c:49:61:1d:4d:f1:fe:25:1d:
53:db:68:4c:77:96:ec:e0:f4:e4:b0:0a:2e:41:e5:
88:93:fc:38:c3:39:82:c8:04:be:ad:9f:29:93:e1:
f0:04:0e:dd:da:6b:8f:ef:5c:eb:cf:8a:cd:7d:6e:
9b:51:2c:d3:29:fb:15:21:17:bb:94:18:12:41:6c:
da:ef:a8:b3:59:4a:75:c3:96:d3:68:c1:81:a2:b6:
89:57:7c:d6:18:4b:7b:9f:4a:b0:d1:8b:58:69:f7:
d5:f9:05:7c:40:69:c9:32:3c:61:17:ac:01:b2:8f:
1b:1d:e9:a3:e4:2c:ee:c7:7f:47:f7:a9:4c:c4:29:
b4:ce:22:42:86:a1:37:64:86:3c:45:38:52:dc:ad:
95:95:43:fd:0d:78:4f:37:8f:2c:eb:4d:8c:e0:5b:
a7:bf:3a:48:26:c5:25:86:7f:92:6f:40:ac:bb:30:
60:36:a1:50:af:49:68:e2:d3:f7:6c:6f:a3:50:53:
f8:be:2f:36:97:ad:73:bf:0a:3b:7c:41:50:be:13:
e3:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:05:45:14:0B:26:FE:8D:5F:6C:30:41:68:CC:00:BC:C8:D9:FB:BB
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/sAVFFAsm_o1fbDBBaMwAvMjZ-7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.0.0/22
2.57.152.0/22
2.57.212.0/22
45.128.20.0/22
45.140.32.0/22
45.150.168.0/22
45.150.180.0/22
91.214.200.0/22
91.242.64.0/22
91.242.81.0/24
91.242.105.0/24
91.242.107.0-91.242.111.255
91.242.120.0/21
95.214.152.0/22
185.173.244.0/22
193.46.211.0/24
194.35.52.0/22
194.50.184.0/23
194.50.188.0/23
194.50.200.0/23
194.50.206.0/23
195.138.96.0/19
Signature Algorithm: sha256WithRSAEncryption
38:70:5c:67:d8:7c:65:79:6f:50:d3:6d:8f:fe:98:79:a6:c5:
01:d3:69:71:7d:ee:3d:55:09:0e:36:bd:ea:ca:99:55:e2:53:
c1:94:18:1b:22:c0:ef:db:b4:0a:24:0a:62:60:fc:a4:ff:2b:
c8:c0:f9:88:cb:d5:2a:1b:32:d1:c7:40:c5:b5:a8:04:5f:06:
43:cf:b5:0e:a1:14:1f:a2:2b:c3:4b:55:e3:45:9b:12:f7:b2:
ab:fe:3a:c6:e4:37:68:f7:b5:50:7f:6d:87:8c:88:c5:fe:c4:
02:5c:bd:22:39:9a:cf:c5:0e:e8:e3:45:d3:7b:d1:26:07:e6:
92:02:51:96:d2:57:19:75:e0:50:e9:9f:1c:b4:9c:b9:4c:f9:
1b:b1:c5:a0:fe:ff:37:92:87:7c:c1:83:a5:77:38:8f:2c:48:
9f:6a:af:ba:25:05:d0:02:d2:d1:94:cd:86:70:07:5f:f2:c6:
92:af:97:f3:7b:9c:9e:f5:0c:d9:fd:1a:be:54:c2:a9:30:c7:
72:f7:82:69:f2:31:1a:36:16:5e:b4:de:c4:71:f8:00:8a:6d:
83:cc:c0:2c:34:77:5e:a9:1d:97:c2:68:f1:2e:1b:31:a7:0f:
bd:ac:89:f7:7b:1d:94:27:17:dd:92:2a:91:4e:8e:39:32:63:
0b:69:04:ce
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAYIm/htt3A+XRoyk3vcwHQaUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjIwNzIyMTczOTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDA1NDUxNDBiMjZmZThkNWY2YzMwNDE2OGNjMDBiY2M4ZDlmYmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoeKQRPBR4oNwrSMwntI1SbRKpXHN
OYdn2s0Cq1hp8bVzu1saF7En+u7Bs85IBJJ51e0sSWEdTfH+JR1T22hMd5bs4PTk
sAouQeWIk/w4wzmCyAS+rZ8pk+HwBA7d2muP71zrz4rNfW6bUSzTKfsVIRe7lBgS
QWza76izWUp1w5bTaMGBoraJV3zWGEt7n0qw0YtYaffV+QV8QGnJMjxhF6wBso8b
Hemj5Czux39H96lMxCm0ziJChqE3ZIY8RThS3K2VlUP9DXhPN48s602M4FunvzpI
JsUlhn+Sb0CsuzBgNqFQr0lo4tP3bG+jUFP4vi82l61zvwo7fEFQvhPjIQIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFLAFRRQLJv6NX2wwQWjMALzI2fu7MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvc0FWRkZBc21fbzFmYkRCQmFNd0F2TWpaLTdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAEwgYwDBAIC
OAADBAICOZgDBAICOdQDBAItgBQDBAItjCADBAItlqgDBAItlrQDBAJb1sgDBAJb
8kADBABb8lEDBABb8mkwDAMEAFvyawMEBFvyYAMEA1vyeAMEAl/WmAMEArmt9AME
AMEu0wMEAsIjNAMEAcIyuAMEAcIyvAMEAcIyyAMEAcIyzgMEBcOKYDANBgkqhkiG
9w0BAQsFAAOCAQEAOHBcZ9h8ZXlvUNNtj/6YeabFAdNpcX3uPVUJDja96sqZVeJT
wZQYGyLA79u0CiQKYmD8pP8ryMD5iMvVKhsy0cdAxbWoBF8GQ8+1DqEUH6Irw0tV
40WbEveyq/46xuQ3aPe1UH9th4yIxf7EAly9Ijmaz8UO6ONF03vRJgfmkgJRltJX
GXXgUOmfHLScuUz5G7HFoP7/N5KHfMGDpXc4jyxIn2qvuiUF0ALS0ZTNhnAHX/LG
kq+X83ucnvUM2f0avlTCqTDHcveCafIxGjYWXrTexHH4AIptg8zALDR3Xqkdl8Jo
8S4bMacPvayJ93sdlCcX3ZIqkU6OOTJjC2kEzg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:27 2024 by rpki-client on console-ams.rpki-client.org