Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/yGhivc3oyyaP4r6HBq_rSEgH0OE.roa
File: yGhivc3oyyaP4r6HBq_rSEgH0OE.roa (raw, json)
Hash identifier: X4Tv5LBhU7kjYoMkB/SCv6A9hBJrHHnLl8qcPo7cGCM=
Subject key identifier: C8:68:62:BD:CD:E8:CB:26:8F:E2:BE:87:06:AF:EB:48:48:07:D0:E1
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018571A79F6C20491D171B5BCFD4F42AB128
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/yGhivc3oyyaP4r6HBq_rSEgH0OE.roa
Signing time: Mon 02 Jan 2023 08:44:48 +0000
ROA not before: Mon 02 Jan 2023 08:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 89.39.242.0/24 maxlen: 24
45.88.124.0/22 maxlen: 22
194.56.152.0/23 maxlen: 24
94.231.198.0/24 maxlen: 24
91.242.81.0/24 maxlen: 24
185.212.11.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
91.242.107.0/24 maxlen: 24
45.89.44.0/22 maxlen: 24
185.40.105.0/24 maxlen: 24
194.242.28.0/23 maxlen: 24
86.104.19.0/24 maxlen: 24
193.46.211.0/24 maxlen: 24
193.203.127.0/24 maxlen: 24
89.40.35.0/24 maxlen: 24
91.242.70.0/23 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.74.0/24 maxlen: 24
91.242.75.0/24 maxlen: 24
5.182.28.0/22 maxlen: 22
89.40.161.0/24 maxlen: 24
86.104.192.0/24 maxlen: 24
45.140.32.0/22 maxlen: 22
80.94.81.0/24 maxlen: 24
80.94.80.0/24 maxlen: 24
80.94.80.0/23 maxlen: 23
45.67.117.0/24 maxlen: 24
45.15.64.0/24 maxlen: 24
91.239.59.0/24 maxlen: 24
45.15.64.0/22 maxlen: 22
45.15.66.0/24 maxlen: 24
45.15.67.0/24 maxlen: 24
45.15.65.0/24 maxlen: 24
45.150.180.0/22 maxlen: 22
194.213.10.0/24 maxlen: 24
185.173.247.0/24 maxlen: 24
176.126.223.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:a7:9f:6c:20:49:1d:17:1b:5b:cf:d4:f4:2a:b1:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 2 08:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c86862bdcde8cb268fe2be8706afeb484807d0e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:78:23:9f:23:92:c4:81:c0:c1:9e:9d:18:52:
d1:97:8a:c9:e5:c5:8a:9c:f8:97:5b:be:63:a6:e0:
9f:91:bd:31:05:86:72:e9:34:63:bd:e1:dd:f7:c2:
c9:01:63:3a:59:c6:9c:7c:1b:b7:94:97:43:3e:c0:
35:9b:04:81:26:d6:00:36:89:0a:65:7d:87:81:c1:
06:d1:d0:dd:4b:5c:77:8e:75:59:8b:c0:00:aa:53:
b2:9a:3c:fc:65:a2:26:cb:64:a6:89:95:92:ba:f6:
2d:ab:9d:4c:91:5e:58:4d:a0:72:9c:47:fd:18:fb:
de:67:6c:11:ef:9f:84:f5:46:ab:f2:61:49:19:a9:
9b:18:33:97:64:23:98:35:14:41:83:e9:61:59:84:
04:46:f3:f7:e2:3d:b7:7a:25:3a:95:bf:ba:98:16:
20:5e:82:b5:d4:2a:78:aa:d2:a6:cb:42:28:ce:3e:
e8:bc:a9:0c:91:61:68:d6:95:04:b1:2e:e8:ab:d3:
f2:85:4c:bf:22:f6:e5:28:85:b7:02:59:5c:85:3e:
41:4b:43:2c:2a:42:0c:d0:ad:b1:63:73:c4:43:d8:
0d:83:e3:d8:60:b6:64:45:4d:0a:a1:20:31:66:1b:
10:f9:ce:70:fa:ed:50:75:e5:d9:f2:d7:50:33:04:
4c:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:68:62:BD:CD:E8:CB:26:8F:E2:BE:87:06:AF:EB:48:48:07:D0:E1
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/yGhivc3oyyaP4r6HBq_rSEgH0OE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.28.0/22
45.15.64.0/22
45.67.117.0/24
45.88.124.0/22
45.89.44.0/22
45.140.32.0/22
45.150.180.0/22
80.94.80.0/23
86.104.19.0/24
86.104.192.0/24
89.39.242.0/24
89.40.35.0/24
89.40.161.0/24
91.239.59.0/24
91.242.70.0-91.242.75.255
91.242.81.0/24
91.242.103.0/24
91.242.107.0/24
94.231.198.0/24
176.126.223.0/24
185.40.105.0/24
185.173.247.0/24
185.212.11.0/24
193.46.211.0/24
193.203.127.0/24
194.56.152.0/23
194.213.10.0/24
194.242.28.0/23
Signature Algorithm: sha256WithRSAEncryption
02:ef:01:2e:d2:b2:52:67:db:82:00:24:3f:47:5f:91:13:20:
93:f5:59:57:4d:63:59:b1:77:02:0d:a7:82:6d:1f:45:8a:f7:
75:3b:dc:97:92:11:14:d1:79:ed:f4:95:0f:ec:3d:27:2d:c9:
aa:ae:3d:f9:d4:b1:bc:9c:b6:08:d7:56:b7:80:5c:26:62:5f:
f4:21:1c:16:42:4b:1c:74:11:ca:a0:7a:76:8d:59:a0:de:be:
0c:4b:23:24:26:52:ce:00:24:3f:22:28:7b:60:d1:48:02:c3:
39:cf:47:8d:56:be:4f:15:4d:ff:ed:9d:49:8b:b9:04:1f:43:
5b:09:5d:ba:b0:66:8a:95:5e:47:15:85:4e:a4:45:b9:43:4b:
da:c2:ea:04:a1:38:6f:4e:00:da:cb:09:2a:80:f2:c2:fd:55:
0a:e1:31:9d:df:3e:96:65:ba:ab:b0:bf:3a:75:df:25:b8:79:
b2:aa:45:8b:7b:e1:4d:2a:26:1a:0d:43:78:27:f8:61:ab:2f:
bc:da:e4:4e:1d:4f:cc:4e:94:ae:53:cc:e4:b6:e7:ca:16:aa:
64:97:ae:00:e0:6d:45:33:8b:56:a0:eb:ac:0d:f8:00:66:34:
4c:c9:46:2f:d2:0c:23:b5:f3:b4:d1:2c:df:e8:14:0d:d6:bb:
07:af:fd:c7
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgISAYVxp59sIEkdFxtbz9T0KrEoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwMTAyMDg0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODY4NjJiZGNkZThjYjI2OGZlMmJlODcwNmFmZWI0ODQ4MDdkMGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAongjnyOSxIHAwZ6dGFLRl4rJ5cWK
nPiXW75jpuCfkb0xBYZy6TRjveHd98LJAWM6WcacfBu3lJdDPsA1mwSBJtYANokK
ZX2HgcEG0dDdS1x3jnVZi8AAqlOymjz8ZaImy2SmiZWSuvYtq51MkV5YTaBynEf9
GPveZ2wR75+E9Uar8mFJGambGDOXZCOYNRRBg+lhWYQERvP34j23eiU6lb+6mBYg
XoK11Cp4qtKmy0Iozj7ovKkMkWFo1pUEsS7oq9PyhUy/IvblKIW3AllchT5BS0Ms
KkIM0K2xY3PEQ9gNg+PYYLZkRU0KoSAxZhsQ+c5w+u1QdeXZ8tdQMwRMWwIDAQAB
o4ICuDCCArQwHQYDVR0OBBYEFMhoYr3N6Msmj+K+hwav60hIB9DhMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEveUdoaXZjM295eWFQNHI2SEJxX3JTRWdIME9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujCBtwQCAAEwgbADBAIF
thwDBAItD0ADBAAtQ3UDBAItWHwDBAItWSwDBAItjCADBAItlrQDBAFQXlADBABW
aBMDBABWaMADBABZJ/IDBABZKCMDBABZKKEDBABb7zswDAMEAVvyRgMEAlvySAME
AFvyUQMEAFvyZwMEAFvyawMEAF7nxgMEALB+3wMEALkoaQMEALmt9wMEALnUCwME
AMEu0wMEAMHLfwMEAcI4mAMEAMLVCgMEAcLyHDANBgkqhkiG9w0BAQsFAAOCAQEA
Au8BLtKyUmfbggAkP0dfkRMgk/VZV01jWbF3Ag2ngm0fRYr3dTvcl5IRFNF57fSV
D+w9Jy3Jqq49+dSxvJy2CNdWt4BcJmJf9CEcFkJLHHQRyqB6do1ZoN6+DEsjJCZS
zgAkPyIoe2DRSALDOc9HjVa+TxVN/+2dSYu5BB9DWwldurBmipVeRxWFTqRFuUNL
2sLqBKE4b04A2ssJKoDywv1VCuExnd8+lmW6q7C/OnXfJbh5sqpFi3vhTSomGg1D
eCf4YasvvNrkTh1PzE6UrlPM5LbnyhaqZJeuAOBtRTOLVqDrrA34AGY0TMlGL9IM
I7XztNEs3+gUDda7B6/9xw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:42 2024 by rpki-client on console-fra.rpki-client.org