Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/x7tpJULVf-6p57na7yuRpg7zdjw.roa
File: x7tpJULVf-6p57na7yuRpg7zdjw.roa (raw, json)
Hash identifier: c/Vn7yU4HKgR8Qg7EvyLBUoctztoABs04oy3/qfhM3c=
Subject key identifier: C7:BB:69:25:42:D5:7F:EE:A9:E7:B9:DA:EF:2B:91:A6:0E:F3:76:3C
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018B29A7A9F8F9BA984DC832BEF3A2934B94
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/x7tpJULVf-6p57na7yuRpg7zdjw.roa
Signing time: Fri 13 Oct 2023 15:28:55 +0000
ROA not before: Fri 13 Oct 2023 15:28:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 185.255.99.0/24 maxlen: 24
194.56.152.0/23 maxlen: 24
185.243.140.0/22 maxlen: 24
94.231.198.0/24 maxlen: 24
194.56.153.0/24 maxlen: 24
185.212.11.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
185.40.105.0/24 maxlen: 24
194.242.28.0/23 maxlen: 24
195.149.127.0/24 maxlen: 24
193.46.211.0/24 maxlen: 24
91.242.71.0/24 maxlen: 24
45.149.160.0/22 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.75.0/24 maxlen: 24
89.40.161.0/24 maxlen: 24
195.138.103.0/24 maxlen: 24
195.138.104.0/24 maxlen: 24
185.15.136.0/23 maxlen: 24
80.94.80.0/23 maxlen: 24
45.67.117.0/24 maxlen: 24
45.15.64.0/22 maxlen: 24
194.180.238.0/24 maxlen: 24
194.213.10.0/24 maxlen: 24
185.173.247.0/24 maxlen: 24
89.32.126.0/24 maxlen: 24
92.118.108.0/24 maxlen: 24
176.126.223.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:29:a7:a9:f8:f9:ba:98:4d:c8:32:be:f3:a2:93:4b:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Oct 13 15:28:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c7bb692542d57feea9e7b9daef2b91a60ef3763c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:39:a5:3e:d6:e5:51:ba:b3:9e:53:fe:19:c2:
5a:28:01:bc:5e:5e:29:fb:4f:ab:2f:7f:7e:87:b8:
b6:f8:25:98:8d:64:74:0f:f8:17:31:36:01:e3:af:
06:e8:50:9a:d5:9b:6b:5f:d6:1e:87:74:23:9c:c4:
5d:91:96:23:aa:8d:15:64:32:fb:19:cb:3c:c7:b4:
29:97:0d:f0:a8:db:92:70:5e:f1:54:c4:f6:57:8b:
f1:b6:36:5d:6e:1f:9f:0f:ac:9c:63:dc:19:e6:7d:
ef:d7:84:b7:ac:09:f7:4d:f3:1c:63:7e:c4:39:85:
17:ff:7f:3e:12:9d:87:d9:d2:b3:64:9f:60:6a:f6:
de:5e:e2:80:4b:6e:b4:2c:ba:59:22:3b:71:c3:21:
2e:e6:78:50:a2:87:5d:27:81:21:06:2b:36:f5:06:
00:cf:87:fa:d7:87:df:e4:bf:0c:c9:fd:35:17:8f:
ec:e8:4a:f6:d1:b9:27:0e:6d:e4:b2:b3:f7:e3:2f:
27:0f:f1:b3:94:48:f0:6c:77:a1:52:0b:e9:12:4d:
97:a1:44:97:eb:e1:56:29:ec:c0:d6:09:65:15:a4:
1b:b9:a1:2a:1f:75:38:dd:fe:12:7d:91:e6:94:95:
70:8b:8f:a0:2d:ac:07:b1:2a:f9:78:76:a0:5d:22:
d5:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:BB:69:25:42:D5:7F:EE:A9:E7:B9:DA:EF:2B:91:A6:0E:F3:76:3C
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/x7tpJULVf-6p57na7yuRpg7zdjw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.64.0/22
45.67.117.0/24
45.149.160.0/22
80.94.80.0/23
89.32.126.0/24
89.40.161.0/24
91.242.71.0-91.242.73.255
91.242.75.0/24
91.242.103.0/24
92.118.108.0/24
94.231.198.0/24
176.126.223.0/24
185.15.136.0/23
185.40.105.0/24
185.173.247.0/24
185.212.11.0/24
185.243.140.0/22
185.255.99.0/24
193.46.211.0/24
194.56.152.0/23
194.180.238.0/24
194.213.10.0/24
194.242.28.0/23
195.138.103.0-195.138.104.255
195.149.127.0/24
Signature Algorithm: sha256WithRSAEncryption
28:7c:d9:14:c6:a8:2d:d8:d5:20:5e:40:1a:a1:99:9b:0e:69:
8c:a8:e6:5a:00:b8:fb:8a:e3:a0:e9:b5:4b:ae:ef:50:4c:7e:
47:04:6b:44:45:c0:ef:81:c2:81:5a:a6:c3:77:01:bf:a5:02:
d0:54:ce:e1:b6:d6:1f:a4:62:48:1c:d3:2a:96:94:f8:f0:e8:
eb:3e:c6:fd:46:5a:7b:ee:32:90:10:02:fb:30:9e:6b:d7:7b:
76:86:f9:9d:0f:72:4b:70:08:11:f8:2e:82:b1:ea:fe:e5:38:
61:f3:b4:8e:82:7e:84:4f:02:b2:6a:5e:9f:4c:e5:83:29:42:
9c:50:db:30:ed:76:20:b8:0a:81:d2:4d:6a:c4:c1:ea:14:6f:
72:1c:4c:c9:46:de:1d:a8:da:56:12:cb:3a:1b:f5:b5:09:c1:
fc:c8:2e:ac:4b:f7:ea:d3:51:7d:b7:c9:9c:37:63:fd:79:b3:
ef:e4:c1:9e:10:b8:c1:3b:03:7f:25:31:03:b4:bd:cf:3d:a0:
3a:e7:82:43:58:fe:b4:33:ec:c1:ee:08:48:5b:dc:88:d4:1e:
88:3a:76:aa:e4:91:6d:ec:a3:de:b6:34:40:1d:20:52:0f:6a:
55:0d:3c:35:11:11:de:e7:2b:fe:fa:fd:b5:d9:e7:50:ad:51:
b0:76:af:be
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgISAYspp6n4+bqYTcgyvvOik0uUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMxMDEzMTUyODU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2JiNjkyNTQyZDU3ZmVlYTllN2I5ZGFlZjJiOTFhNjBlZjM3NjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTmlPtblUbqznlP+GcJaKAG8Xl4p
+0+rL39+h7i2+CWYjWR0D/gXMTYB468G6FCa1ZtrX9Yeh3QjnMRdkZYjqo0VZDL7
Gcs8x7Qplw3wqNuScF7xVMT2V4vxtjZdbh+fD6ycY9wZ5n3v14S3rAn3TfMcY37E
OYUX/38+Ep2H2dKzZJ9gavbeXuKAS260LLpZIjtxwyEu5nhQooddJ4EhBis29QYA
z4f614ff5L8Myf01F4/s6Er20bknDm3ksrP34y8nD/GzlEjwbHehUgvpEk2XoUSX
6+FWKezA1gllFaQbuaEqH3U43f4SfZHmlJVwi4+gLawHsSr5eHagXSLV0wIDAQAB
o4ICrjCCAqowHQYDVR0OBBYEFMe7aSVC1X/uqee52u8rkaYO83Y8MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEveDd0cEpVTFZmLTZwNTduYTd5dVJwZzd6ZGp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHDBggrBgEFBQcBBwEB/wSBszCBsDCBrQQCAAEwgaYDBAIt
D0ADBAAtQ3UDBAItlaADBAFQXlADBABZIH4DBABZKKEwDAMEAFvyRwMEAVvySAME
AFvySwMEAFvyZwMEAFx2bAMEAF7nxgMEALB+3wMEAbkPiAMEALkoaQMEALmt9wME
ALnUCwMEArnzjAMEALn/YwMEAMEu0wMEAcI4mAMEAMK07gMEAMLVCgMEAcLyHDAM
AwQAw4pnAwQAw4poAwQAw5V/MA0GCSqGSIb3DQEBCwUAA4IBAQAofNkUxqgt2NUg
XkAaoZmbDmmMqOZaALj7iuOg6bVLru9QTH5HBGtERcDvgcKBWqbDdwG/pQLQVM7h
ttYfpGJIHNMqlpT48OjrPsb9Rlp77jKQEAL7MJ5r13t2hvmdD3JLcAgR+C6Cser+
5Thh87SOgn6ETwKyal6fTOWDKUKcUNsw7XYguAqB0k1qxMHqFG9yHEzJRt4dqNpW
Ess6G/W1CcH8yC6sS/fq01F9t8mcN2P9ebPv5MGeELjBOwN/JTEDtL3PPaA654JD
WP60M+zB7ghIW9yI1B6IOnaq5JFt7KPetjRAHSBSD2pVDTw1ERHe5yv++v212edQ
rVGwdq++
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:42 2024 by rpki-client on console-fra.rpki-client.org