Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/zSK8N-0hz0AX6CFJG_R48wP4b1I.roa
File: zSK8N-0hz0AX6CFJG_R48wP4b1I.roa (raw, json)
Hash identifier: Z5un8N5GAVp257kA2mO48bOUEl2aA/pw81vy7US7Yr4=
Subject key identifier: CD:22:BC:37:ED:21:CF:40:17:E8:21:49:1B:F4:78:F3:03:F8:6F:52
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 13C801FC
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/zSK8N-0hz0AX6CFJG_R48wP4b1I.roa
Signing time: Wed 19 Jan 2022 09:35:02 +0000
ROA not before: Wed 19 Jan 2022 09:35:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 193.31.104.0/22 maxlen: 22
85.159.117.0/24 maxlen: 24
212.90.116.0/22 maxlen: 22
45.95.88.0/22 maxlen: 22
195.216.156.0/22 maxlen: 22
91.242.105.0/24 maxlen: 24
91.242.100.0/23 maxlen: 23
91.242.108.0/22 maxlen: 22
91.242.120.0/21 maxlen: 21
45.10.12.0/22 maxlen: 22
5.253.228.0/22 maxlen: 22
91.242.64.0/22 maxlen: 22
194.50.206.0/23 maxlen: 23
194.50.200.0/23 maxlen: 23
195.138.96.0/19 maxlen: 24
45.150.44.0/22 maxlen: 22
171.22.52.0/22 maxlen: 22
45.91.84.0/22 maxlen: 22
45.143.44.0/22 maxlen: 22
45.86.16.0/22 maxlen: 22
45.151.196.0/22 maxlen: 22
193.37.200.0/22 maxlen: 22
45.143.252.0/22 maxlen: 22
185.173.244.0/22 maxlen: 24
185.145.80.0/22 maxlen: 22
62.182.100.0/23 maxlen: 23
45.83.12.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 331874812 (0x13c801fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 19 09:35:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cd22bc37ed21cf4017e821491bf478f303f86f52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:3c:d5:83:57:b0:09:40:0d:e8:f0:cd:59:89:
73:6f:db:94:ec:04:06:8a:9d:54:d4:a7:0d:b7:f7:
11:ff:95:f0:3d:d9:6a:59:e1:c6:3a:10:bf:fa:cf:
40:6a:9a:7c:b2:84:ef:eb:ac:48:9b:fd:09:b9:06:
48:66:2f:06:55:fc:e9:02:c8:91:9d:7e:03:0a:eb:
de:3f:6c:93:82:0b:c3:ff:7c:e4:ed:5b:6d:12:52:
49:e6:bd:da:e5:87:19:c7:95:e2:b1:f3:cd:51:0b:
de:75:d5:12:95:ba:0a:3a:4f:e7:0d:61:d8:be:dd:
a3:87:e6:77:0b:ba:2b:ad:76:f5:54:db:c9:9e:37:
2f:c2:d3:15:29:f2:ff:83:a1:cc:94:49:22:f5:ee:
73:e9:54:4b:db:f3:b7:64:06:8c:0c:74:22:7e:00:
76:70:2f:f5:54:2a:a3:4c:5c:b7:4f:21:b5:e2:dc:
ba:7a:d4:da:d2:48:eb:96:c8:9e:e3:30:9a:21:ac:
91:7c:cc:64:25:b0:54:d0:d5:26:ed:b3:e7:ac:b6:
f0:a1:83:25:a3:8d:d4:19:49:8e:70:c6:1a:65:7a:
fc:80:0e:5e:82:d5:db:1c:55:09:c4:90:b3:80:fa:
1e:b2:3a:f1:25:63:40:c8:e7:0b:16:9a:39:16:78:
c2:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:22:BC:37:ED:21:CF:40:17:E8:21:49:1B:F4:78:F3:03:F8:6F:52
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/zSK8N-0hz0AX6CFJG_R48wP4b1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.228.0/22
45.10.12.0/22
45.83.12.0/22
45.86.16.0/22
45.91.84.0/22
45.95.88.0/22
45.143.44.0/22
45.143.252.0/22
45.150.44.0/22
45.151.196.0/22
62.182.100.0/23
85.159.117.0/24
91.242.64.0/22
91.242.100.0/23
91.242.105.0/24
91.242.108.0/22
91.242.120.0/21
171.22.52.0/22
185.145.80.0/22
185.173.244.0/22
193.31.104.0/22
193.37.200.0/22
194.50.200.0/23
194.50.206.0/23
195.138.96.0/19
195.216.156.0/22
212.90.116.0/22
Signature Algorithm: sha256WithRSAEncryption
ad:97:f8:44:95:cc:e2:4a:c1:4b:00:93:d1:ea:f6:72:18:a2:
63:40:2f:35:6d:6f:5f:24:94:e4:ef:a9:10:c4:eb:b4:01:f6:
6b:ec:87:46:fe:cf:4f:35:44:fa:7c:3c:d0:4f:09:60:49:e0:
1a:4b:a9:7a:b3:1a:88:4e:a7:0c:7c:a9:e5:c4:c2:b8:ed:58:
3d:97:de:c4:8c:33:12:42:53:82:b2:87:02:ea:23:9e:0d:72:
ed:eb:4f:69:01:39:e3:7e:b2:10:86:9e:5b:c9:34:bd:3f:a5:
27:cd:ca:cd:ae:e7:5a:22:c4:cc:e7:88:16:65:4c:0d:15:a0:
4b:5b:ab:06:44:4c:db:33:c5:6d:68:25:ad:bf:1d:10:dc:8c:
d1:29:19:3a:f6:01:d7:66:c1:c1:2e:84:51:73:20:59:0c:2a:
83:77:e5:aa:9f:6c:65:c5:e7:d5:b7:4c:6f:2b:0e:eb:4b:69:
63:fc:9d:a3:ac:fa:30:1c:7b:0c:90:ab:38:6f:1e:53:da:05:
3f:22:d2:39:9c:e3:1d:b6:ff:59:a2:72:0e:3c:54:05:f4:ba:
99:01:d6:8c:28:db:00:97:3b:06:4b:b3:03:a5:ca:a7:5f:d0:
b1:f2:c9:0b:a6:36:e9:60:b9:21:c6:eb:19:c6:02:3c:75:9b:
c2:c5:5f:2f
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIEE8gB/DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmFiMzA2ODM4NTllYzdlMDIwNmZlOTI2NTM2M2U4ZTM5NzFhOWE4MB4XDTIyMDEx
OTA5MzUwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2QyMmJjMzdlZDIx
Y2Y0MDE3ZTgyMTQ5MWJmNDc4ZjMwM2Y4NmY1MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANY81YNXsAlADejwzVmJc2/blOwEBoqdVNSnDbf3Ef+V8D3Z
alnhxjoQv/rPQGqafLKE7+usSJv9CbkGSGYvBlX86QLIkZ1+Awrr3j9sk4ILw/98
5O1bbRJSSea92uWHGceV4rHzzVEL3nXVEpW6CjpP5w1h2L7do4fmdwu6K6129VTb
yZ43L8LTFSny/4OhzJRJIvXuc+lUS9vzt2QGjAx0In4AdnAv9VQqo0xct08hteLc
unrU2tJI65bInuMwmiGskXzMZCWwVNDVJu2z56y28KGDJaON1BlJjnDGGmV6/IAO
XoLV2xxVCcSQs4D6HrI68SVjQMjnCxaaORZ4wp8CAwEAAaOCAqowggKmMB0GA1Ud
DgQWBBTNIrw37SHPQBfoIUkb9HjzA/hvUjAfBgNVHSMEGDAWgBSLqzBoOFnsfgIG
/pJlNj6OOXGpqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k2c3dhRGhaN0g0Q0J2NlNaVFktampseHFhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8x
L3pTSzhOLTBoejBBWDZDRkpHX1I0OHdQNGIxSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
ODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8xL2k2c3dhRGhaN0g0
Q0J2NlNaVFktampseHFhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
vwYIKwYBBQUHAQcBAf8Ega8wgawwgakEAgABMIGiAwQCBf3kAwQCLQoMAwQCLVMM
AwQCLVYQAwQCLVtUAwQCLV9YAwQCLY8sAwQCLY/8AwQCLZYsAwQCLZfEAwQBPrZk
AwQAVZ91AwQCW/JAAwQBW/JkAwQAW/JpAwQCW/JsAwQDW/J4AwQCqxY0AwQCuZFQ
AwQCua30AwQCwR9oAwQCwSXIAwQBwjLIAwQBwjLOAwQFw4pgAwQCw9icAwQC1Fp0
MA0GCSqGSIb3DQEBCwUAA4IBAQCtl/hElcziSsFLAJPR6vZyGKJjQC81bW9fJJTk
76kQxOu0AfZr7IdG/s9PNUT6fDzQTwlgSeAaS6l6sxqITqcMfKnlxMK47Vg9l97E
jDMSQlOCsocC6iOeDXLt609pATnjfrIQhp5byTS9P6UnzcrNrudaIsTM54gWZUwN
FaBLW6sGREzbM8VtaCWtvx0Q3IzRKRk69gHXZsHBLoRRcyBZDCqDd+Wqn2xlxefV
t0xvKw7rS2lj/J2jrPowHHsMkKs4bx5T2gU/ItI5nOMdtv9ZonIOPFQF9LqZAdaM
KNsAlzsGS7MDpcqnX9Cx8skLpjbpYLkhxusZxgI8dZvCxV8v
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:27 2024 by rpki-client on console-ams.rpki-client.org