Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/xK0c0-PfLpsjU6YUucdG1Beloog.roa
File: xK0c0-PfLpsjU6YUucdG1Beloog.roa (raw, json)
Hash identifier: 0lU6Pxl47fNhCMkxYUQcdjSAEsiFsRSrcfC3U8y9za8=
Subject key identifier: C4:AD:1C:D3:E3:DF:2E:9B:23:53:A6:14:B9:C7:46:D4:17:A5:A2:88
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 14D483EE
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/xK0c0-PfLpsjU6YUucdG1Beloog.roa
Signing time: Tue 26 Apr 2022 15:59:51 +0000
ROA not before: Tue 26 Apr 2022 15:59:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 193.31.104.0/22 maxlen: 22
85.159.117.0/24 maxlen: 24
212.90.116.0/22 maxlen: 22
194.242.22.0/23 maxlen: 23
45.95.88.0/22 maxlen: 22
195.216.156.0/22 maxlen: 22
91.242.105.0/24 maxlen: 24
91.242.100.0/23 maxlen: 23
91.242.108.0/22 maxlen: 22
91.242.120.0/21 maxlen: 21
91.242.64.0/22 maxlen: 22
194.50.206.0/23 maxlen: 23
194.50.200.0/23 maxlen: 23
195.138.96.0/19 maxlen: 24
45.150.44.0/22 maxlen: 22
45.140.32.0/22 maxlen: 22
45.91.84.0/22 maxlen: 22
45.143.44.0/22 maxlen: 22
45.151.196.0/22 maxlen: 22
194.180.238.0/24 maxlen: 24
193.37.200.0/22 maxlen: 22
45.143.252.0/22 maxlen: 22
45.150.180.0/22 maxlen: 22
185.173.244.0/22 maxlen: 24
185.145.80.0/22 maxlen: 22
62.182.100.0/23 maxlen: 23
45.83.12.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 349471726 (0x14d483ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Apr 26 15:59:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c4ad1cd3e3df2e9b2353a614b9c746d417a5a288
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:9b:d2:76:1e:03:cd:37:b7:2c:5b:2f:e4:b9:
e1:68:93:7e:b9:be:ae:35:b8:68:1e:78:15:e9:b2:
ff:52:93:a2:2e:eb:8a:5b:4b:c5:ca:60:21:bf:f6:
c6:af:4e:7e:27:31:00:36:c2:5c:9e:1e:04:e8:d9:
66:e3:d9:1d:54:5e:e3:33:96:f8:0c:c8:ff:cb:29:
b6:1c:ec:50:ad:10:8f:74:dd:23:cb:5d:72:48:d3:
96:0c:39:b3:7c:9d:07:9e:95:49:82:6b:17:e7:91:
16:d5:12:c9:d1:54:c7:b4:b7:99:0e:73:b9:50:c9:
17:1e:da:bb:08:40:d3:e9:6e:61:cb:ff:ac:fd:da:
34:9e:bd:51:3b:85:16:02:b8:74:cf:29:51:9c:7c:
35:bd:2d:61:eb:a0:c1:e1:3e:2f:85:71:1a:6c:d3:
7f:9f:2d:49:94:7f:d3:72:74:b7:a0:7a:6e:73:f6:
b4:68:6c:f8:f9:d6:90:70:0a:bc:b7:66:c7:df:c3:
8b:95:5f:ab:a1:bf:9f:30:ae:be:8e:ab:3d:e9:66:
11:79:32:e5:b9:2e:00:2b:9d:cd:df:12:cc:b8:40:
f9:98:49:46:3e:e2:ae:1e:be:0c:5f:38:60:c4:1a:
97:9a:c1:92:55:17:b0:ba:75:5e:fd:4e:ea:8e:ba:
9a:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:AD:1C:D3:E3:DF:2E:9B:23:53:A6:14:B9:C7:46:D4:17:A5:A2:88
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/xK0c0-PfLpsjU6YUucdG1Beloog.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.12.0/22
45.91.84.0/22
45.95.88.0/22
45.140.32.0/22
45.143.44.0/22
45.143.252.0/22
45.150.44.0/22
45.150.180.0/22
45.151.196.0/22
62.182.100.0/23
85.159.117.0/24
91.242.64.0/22
91.242.100.0/23
91.242.105.0/24
91.242.108.0/22
91.242.120.0/21
185.145.80.0/22
185.173.244.0/22
193.31.104.0/22
193.37.200.0/22
194.50.200.0/23
194.50.206.0/23
194.180.238.0/24
194.242.22.0/23
195.138.96.0/19
195.216.156.0/22
212.90.116.0/22
Signature Algorithm: sha256WithRSAEncryption
14:54:31:8a:cb:ff:44:53:02:b1:7a:79:46:bb:17:e4:d1:5f:
ae:80:7d:3a:32:61:3d:ec:4c:73:56:38:a3:69:99:1e:33:36:
5a:58:6b:9e:c5:18:22:51:bf:ec:60:66:8e:b9:d6:20:89:66:
9d:9c:f3:44:b7:88:1e:6d:0b:2b:4d:3e:e2:5a:d3:98:aa:69:
a9:4e:e3:8e:53:d9:ec:76:41:84:2d:74:3d:bb:fc:4f:fe:12:
c7:6e:20:df:79:9e:92:7a:aa:1b:f0:50:2f:42:c1:6f:4e:13:
89:7c:0e:97:a5:71:01:7d:72:53:db:5e:8d:8b:42:5c:fc:35:
51:64:d0:e8:35:0f:c4:12:a0:3e:67:63:7f:bb:03:be:e1:b6:
3c:84:ae:19:8a:c9:eb:d4:1c:f9:d2:3f:32:95:61:ac:c8:3f:
ea:45:db:b0:96:69:c4:2e:d8:bd:3b:bc:ee:15:8e:5f:44:06:
e7:60:54:26:50:6d:a5:7d:9d:b7:2a:4a:64:55:c7:cf:1a:4f:
cd:3c:b2:36:03:fd:7b:bd:76:c6:18:45:f7:b0:13:3f:b8:14:
5c:84:f7:4b:87:a4:32:b0:09:a7:0e:30:fc:1d:6c:95:f2:66:
86:0d:77:9b:cf:a2:5b:0b:75:85:0f:7f:6c:e0:22:f1:9b:88:
f9:a4:e9:82
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIEFNSD7jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmFiMzA2ODM4NTllYzdlMDIwNmZlOTI2NTM2M2U4ZTM5NzFhOWE4MB4XDTIyMDQy
NjE1NTk1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzRhZDFjZDNlM2Rm
MmU5YjIzNTNhNjE0YjljNzQ2ZDQxN2E1YTI4ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKCb0nYeA803tyxbL+S54WiTfrm+rjW4aB54Femy/1KToi7r
iltLxcpgIb/2xq9OficxADbCXJ4eBOjZZuPZHVRe4zOW+AzI/8spthzsUK0Qj3Td
I8tdckjTlgw5s3ydB56VSYJrF+eRFtUSydFUx7S3mQ5zuVDJFx7auwhA0+luYcv/
rP3aNJ69UTuFFgK4dM8pUZx8Nb0tYeugweE+L4VxGmzTf58tSZR/03J0t6B6bnP2
tGhs+PnWkHAKvLdmx9/Di5Vfq6G/nzCuvo6rPelmEXky5bkuACudzd8SzLhA+ZhJ
Rj7irh6+DF84YMQal5rBklUXsLp1Xv1O6o66mmECAwEAAaOCAqowggKmMB0GA1Ud
DgQWBBTErRzT498umyNTphS5x0bUF6WiiDAfBgNVHSMEGDAWgBSLqzBoOFnsfgIG
/pJlNj6OOXGpqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k2c3dhRGhaN0g0Q0J2NlNaVFktampseHFhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8x
L3hLMGMwLVBmTHBzalU2WVV1Y2RHMUJlbG9vZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
ODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8xL2k2c3dhRGhaN0g0
Q0J2NlNaVFktampseHFhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
vwYIKwYBBQUHAQcBAf8Ega8wgawwgakEAgABMIGiAwQCLVMMAwQCLVtUAwQCLV9Y
AwQCLYwgAwQCLY8sAwQCLY/8AwQCLZYsAwQCLZa0AwQCLZfEAwQBPrZkAwQAVZ91
AwQCW/JAAwQBW/JkAwQAW/JpAwQCW/JsAwQDW/J4AwQCuZFQAwQCua30AwQCwR9o
AwQCwSXIAwQBwjLIAwQBwjLOAwQAwrTuAwQBwvIWAwQFw4pgAwQCw9icAwQC1Fp0
MA0GCSqGSIb3DQEBCwUAA4IBAQAUVDGKy/9EUwKxenlGuxfk0V+ugH06MmE97Exz
VjijaZkeMzZaWGuexRgiUb/sYGaOudYgiWadnPNEt4gebQsrTT7iWtOYqmmpTuOO
U9nsdkGELXQ9u/xP/hLHbiDfeZ6Seqob8FAvQsFvThOJfA6XpXEBfXJT216Ni0Jc
/DVRZNDoNQ/EEqA+Z2N/uwO+4bY8hK4Zisnr1Bz50j8ylWGsyD/qRduwlmnELti9
O7zuFY5fRAbnYFQmUG2lfZ23KkpkVcfPGk/NPLI2A/17vXbGGEX3sBM/uBRchPdL
h6QysAmnDjD8HWyV8maGDXebz6JbC3WFD39s4CLxm4j5pOmC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:42 2024 by rpki-client on console-fra.rpki-client.org