Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/tDz9lDmM-0M_GEY53Z52ml6XnB4.roa
File: tDz9lDmM-0M_GEY53Z52ml6XnB4.roa (raw, json)
Hash identifier: TvxJlVXWsH9ugr2wUT2ExCtmyKq5kHm0tkO3qJxsS8k=
Subject key identifier: B4:3C:FD:94:39:8C:FB:43:3F:18:46:39:DD:9E:76:9A:5E:97:9C:1E
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 01837A8FCFD89EA1BA72345DEBC7C51DD88D
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/tDz9lDmM-0M_GEY53Z52ml6XnB4.roa
Signing time: Mon 26 Sep 2022 16:09:48 +0000
ROA not before: Mon 26 Sep 2022 16:09:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 5.182.28.0/22 maxlen: 22
194.50.206.0/23 maxlen: 23
195.138.96.0/19 maxlen: 24
194.50.200.0/23 maxlen: 23
45.140.32.0/22 maxlen: 22
45.88.124.0/22 maxlen: 22
194.56.152.0/23 maxlen: 24
91.242.81.0/24 maxlen: 24
185.212.11.0/24 maxlen: 24
91.242.105.0/24 maxlen: 24
91.242.108.0/22 maxlen: 22
91.242.107.0/24 maxlen: 24
91.242.120.0/21 maxlen: 21
45.150.180.0/22 maxlen: 22
194.242.28.0/23 maxlen: 24
185.173.244.0/22 maxlen: 24
185.173.247.0/24 maxlen: 24
193.46.211.0/24 maxlen: 24
91.242.64.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:7a:8f:cf:d8:9e:a1:ba:72:34:5d:eb:c7:c5:1d:d8:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Sep 26 16:09:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b43cfd94398cfb433f184639dd9e769a5e979c1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:4f:04:ad:d9:c9:b2:b7:6c:90:eb:1b:ab:0a:
9f:00:2e:e2:4b:a7:c2:5a:fa:6f:8a:c7:be:61:9f:
5e:1a:bc:54:09:2e:b9:61:e1:5a:7f:a6:42:e8:65:
13:cc:63:80:f5:83:5e:c5:00:11:59:aa:d7:e5:64:
09:29:75:42:29:03:e4:9d:72:38:84:94:1a:54:fe:
3d:45:d4:3d:df:a0:0f:c5:5e:da:07:24:27:01:75:
0e:df:c0:89:9e:49:6c:33:f1:05:b3:da:46:38:5e:
1f:43:7d:22:52:3d:29:a2:4d:d6:d9:fa:e4:47:ab:
2e:0c:e1:88:df:c5:8c:59:53:09:d2:36:cf:f6:d5:
c7:00:20:9f:78:c5:8f:24:1f:aa:e7:58:6d:6a:12:
27:00:52:13:c5:e1:c4:e1:48:30:3d:74:84:70:b3:
c1:6d:ec:3f:8c:ad:1c:00:23:bf:dc:ea:85:da:a8:
1e:93:3a:d2:92:ad:3c:7b:0f:9a:4e:8d:1a:0b:e6:
1e:a2:07:7e:9d:52:1b:bf:8b:8c:96:a7:6d:9f:ed:
39:0f:a9:5a:3d:46:ac:27:e4:83:27:b4:a1:70:b6:
87:43:9d:7e:26:30:89:d9:c6:1f:29:a2:fe:6a:4c:
ce:55:bb:c4:0f:01:56:d3:3e:7f:c3:52:d0:ae:21:
4b:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:3C:FD:94:39:8C:FB:43:3F:18:46:39:DD:9E:76:9A:5E:97:9C:1E
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/tDz9lDmM-0M_GEY53Z52ml6XnB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.28.0/22
45.88.124.0/22
45.140.32.0/22
45.150.180.0/22
91.242.64.0/22
91.242.81.0/24
91.242.105.0/24
91.242.107.0-91.242.111.255
91.242.120.0/21
185.173.244.0/22
185.212.11.0/24
193.46.211.0/24
194.50.200.0/23
194.50.206.0/23
194.56.152.0/23
194.242.28.0/23
195.138.96.0/19
Signature Algorithm: sha256WithRSAEncryption
93:75:ea:c2:d6:52:d8:9c:8a:d6:8f:11:45:3a:a3:36:1c:a7:
03:61:9d:e1:a1:cb:4e:f4:58:fb:55:b8:bf:b6:1c:f7:26:b6:
b3:ad:6d:14:cb:56:42:ca:1a:3f:ae:25:45:5e:a9:81:4b:99:
90:50:a5:a5:be:d9:60:44:3d:bb:68:dc:63:3f:26:0b:87:bd:
ea:a1:43:af:65:f5:08:cf:66:e3:76:d7:91:76:90:4a:03:08:
ff:11:8b:44:14:86:27:7d:80:cd:f5:53:5e:49:5d:9a:12:4d:
79:08:9a:00:b9:77:7c:9f:c6:13:dc:11:c5:15:35:57:66:14:
f3:2e:0c:30:69:76:ec:6d:6e:db:ba:18:67:02:7f:55:97:a9:
0c:39:c5:8f:3d:9f:50:2c:4d:2f:92:25:1f:3a:12:92:90:c3:
d7:9b:55:a8:c6:8e:6b:2f:63:c0:57:12:9a:a0:25:24:c0:8c:
79:b6:83:ce:a2:f2:ef:cf:41:f4:e0:49:7e:0b:c1:bf:f0:08:
f6:41:56:77:4b:c4:5f:2e:29:9e:93:61:3c:83:96:cf:a8:c7:
02:82:26:03:9c:87:24:c8:68:3f:71:54:c4:06:97:01:51:33:
de:cf:4b:7a:fb:d5:29:27:c4:a0:d2:e4:6e:51:6d:3c:a5:d0:
07:da:70:c0
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAYN6j8/YnqG6cjRd68fFHdiNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjIwOTI2MTYwOTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDNjZmQ5NDM5OGNmYjQzM2YxODQ2MzlkZDllNzY5YTVlOTc5YzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA308ErdnJsrdskOsbqwqfAC7iS6fC
Wvpvise+YZ9eGrxUCS65YeFaf6ZC6GUTzGOA9YNexQARWarX5WQJKXVCKQPknXI4
hJQaVP49RdQ936APxV7aByQnAXUO38CJnklsM/EFs9pGOF4fQ30iUj0pok3W2frk
R6suDOGI38WMWVMJ0jbP9tXHACCfeMWPJB+q51htahInAFITxeHE4UgwPXSEcLPB
bew/jK0cACO/3OqF2qgekzrSkq08ew+aTo0aC+Yeogd+nVIbv4uMlqdtn+05D6la
PUasJ+SDJ7ShcLaHQ51+JjCJ2cYfKaL+akzOVbvEDwFW0z5/w1LQriFLKQIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFLQ8/ZQ5jPtDPxhGOd2edppel5weMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvdER6OWxEbU0tME1fR0VZNTNaNTJtbDZYbkI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAEwbgMEAgW2HAME
Ai1YfAMEAi2MIAMEAi2WtAMEAlvyQAMEAFvyUQMEAFvyaTAMAwQAW/JrAwQEW/Jg
AwQDW/J4AwQCua30AwQAudQLAwQAwS7TAwQBwjLIAwQBwjLOAwQBwjiYAwQBwvIc
AwQFw4pgMA0GCSqGSIb3DQEBCwUAA4IBAQCTderC1lLYnIrWjxFFOqM2HKcDYZ3h
octO9Fj7Vbi/thz3JrazrW0Uy1ZCyho/riVFXqmBS5mQUKWlvtlgRD27aNxjPyYL
h73qoUOvZfUIz2bjdteRdpBKAwj/EYtEFIYnfYDN9VNeSV2aEk15CJoAuXd8n8YT
3BHFFTVXZhTzLgwwaXbsbW7buhhnAn9Vl6kMOcWPPZ9QLE0vkiUfOhKSkMPXm1Wo
xo5rL2PAVxKaoCUkwIx5toPOovLvz0H04El+C8G/8Aj2QVZ3S8RfLimek2E8g5bP
qMcCgiYDnIckyGg/cVTEBpcBUTPez0t6+9UpJ8Sg0uRuUW08pdAH2nDA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:42 2024 by rpki-client on console-fra.rpki-client.org