Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/ILmN47KiCPczXpt80usXDxkJvbs.roa
File: ILmN47KiCPczXpt80usXDxkJvbs.roa (raw, json)
Hash identifier: aE9lgxvJ5hp3EQM9B8A4nP/jGj486NJxuxRKmr8GGOE=
Subject key identifier: 20:B9:8D:E3:B2:A2:08:F7:33:5E:9B:7C:D2:EB:17:0F:19:09:BD:BB
Certificate issuer: /CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Certificate serial: 0183E80AE7B6910EFE85A4C503441AB80703
Authority key identifier: A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/ILmN47KiCPczXpt80usXDxkJvbs.roa
Signing time: Mon 17 Oct 2022 22:22:52 +0000
ROA not before: Mon 17 Oct 2022 22:22:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9105
IP address blocks: 213.208.64.0/18 maxlen: 24
193.218.99.0/24 maxlen: 24
212.159.128.0/18 maxlen: 24
81.178.0.0/15 maxlen: 24
85.210.0.0/15 maxlen: 24
195.112.0.0/18 maxlen: 24
212.139.0.0/16 maxlen: 24
80.225.0.0/16 maxlen: 24
79.72.0.0/13 maxlen: 24
80.40.0.0/13 maxlen: 24
88.104.0.0/13 maxlen: 24
212.1.128.0/19 maxlen: 24
81.170.0.0/17 maxlen: 24
82.133.0.0/17 maxlen: 24
81.1.64.0/18 maxlen: 24
89.168.0.0/16 maxlen: 24
83.67.0.0/16 maxlen: 24
84.12.0.0/16 maxlen: 24
212.74.96.0/19 maxlen: 24
194.247.224.0/19 maxlen: 24
79.66.0.0/15 maxlen: 24
62.3.192.0/18 maxlen: 24
185.175.144.0/22 maxlen: 24
194.106.32.0/19 maxlen: 24
81.6.192.0/18 maxlen: 24
81.86.0.0/16 maxlen: 24
79.68.0.0/14 maxlen: 24
195.149.0.0/18 maxlen: 24
195.137.0.0/17 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e8:0a:e7:b6:91:0e:fe:85:a4:c5:03:44:1a:b8:07:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Validity
Not Before: Oct 17 22:22:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=20b98de3b2a208f7335e9b7cd2eb170f1909bdbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:ba:6d:68:77:4b:01:c6:fd:26:61:e4:56:d5:
30:13:6e:a9:4c:e6:62:6c:ee:7d:6e:49:33:86:43:
aa:e5:d3:1d:ad:f2:b7:c5:b6:74:11:b4:c3:45:0c:
b4:bc:3e:a2:21:3a:fe:ec:4f:22:0b:89:a9:e7:44:
d4:f4:8d:2f:39:5b:03:65:17:6d:5a:07:a2:af:25:
2c:58:6e:cc:d1:01:c0:18:79:e8:18:8e:8f:10:1f:
16:9c:a7:0d:3a:be:7c:b6:d9:f8:4f:b7:7b:38:6f:
61:61:23:91:d4:9a:a5:4e:b4:20:7d:c7:21:b0:dd:
e5:c6:87:24:45:c4:01:0c:0f:aa:87:3e:86:69:90:
34:fa:e2:00:6c:45:60:df:d5:07:dc:0b:1d:ce:58:
98:cc:9b:c6:af:94:6b:29:62:f6:f8:6d:c8:11:d1:
9c:f6:dc:10:e6:ce:de:45:e4:44:37:ab:02:71:33:
c6:6e:6e:b5:89:fb:4d:ba:e2:bd:fc:05:28:77:f7:
74:5f:96:f7:fc:a5:92:3e:7e:2b:dd:50:bc:11:53:
2d:0c:89:00:be:40:9b:d9:ad:59:ee:69:8c:c9:30:
5f:28:e5:e6:ce:de:a3:7a:d6:8c:a0:89:cd:8b:84:
61:96:81:d3:4c:f9:38:74:ce:75:e9:81:41:1c:07:
ae:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:B9:8D:E3:B2:A2:08:F7:33:5E:9B:7C:D2:EB:17:0F:19:09:BD:BB
X509v3 Authority Key Identifier:
keyid:A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/ILmN47KiCPczXpt80usXDxkJvbs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/qYB_bVDZfZcdzy4uUGTpuQets-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.3.192.0/18
79.66.0.0-79.79.255.255
80.40.0.0/13
80.225.0.0/16
81.1.64.0/18
81.6.192.0/18
81.86.0.0/16
81.170.0.0/17
81.178.0.0/15
82.133.0.0/17
83.67.0.0/16
84.12.0.0/16
85.210.0.0/15
88.104.0.0/13
89.168.0.0/16
185.175.144.0/22
193.218.99.0/24
194.106.32.0/19
194.247.224.0/19
195.112.0.0/18
195.137.0.0/17
195.149.0.0/18
212.1.128.0/19
212.74.96.0/19
212.139.0.0/16
212.159.128.0/18
213.208.64.0/18
Signature Algorithm: sha256WithRSAEncryption
5f:fe:e5:c6:23:70:ee:38:a7:e4:bb:f8:32:c5:ee:cc:ea:83:
3d:29:fd:f7:87:51:f2:ec:13:dd:03:e1:20:44:8d:ff:10:24:
a0:6b:6f:bb:dc:f3:fb:48:6d:63:1c:ed:92:6b:03:a2:5e:ed:
ff:44:98:2f:a7:f5:01:33:1c:10:c5:61:3f:01:c0:fc:72:96:
d8:7e:19:14:2d:b2:48:f5:1f:97:69:12:b1:77:56:4a:fb:9f:
3a:9a:cd:1e:93:63:5e:5e:bb:85:d2:26:0e:13:f4:34:af:46:
43:2a:a9:66:52:7f:51:21:b5:c4:14:f7:84:65:98:e1:79:51:
02:66:2b:84:d9:44:41:5c:41:e5:b3:75:6e:ec:e3:3b:96:74:
8c:d6:d6:29:31:11:71:e4:03:11:d0:19:05:8b:1b:2d:19:2f:
ce:82:5d:b4:08:17:dd:d0:c8:35:69:10:f1:29:d3:b2:d9:6c:
8c:ff:7a:26:5c:a1:65:bc:95:c9:db:b6:42:27:d8:1b:8a:f2:
3b:ce:92:b7:c8:13:66:7e:f8:fd:21:71:8b:c2:c9:92:bd:6e:
03:79:a0:ad:e7:3f:72:c7:8c:dd:90:a2:aa:a8:27:6c:f7:82:
9b:87:b6:e9:7f:5c:6b:0e:61:d8:af:ba:19:51:a7:f2:62:92:
bc:5c:ea:bd
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAYPoCue2kQ7+haTFA0QauAcDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ODA3ZjZkNTBkOTdkOTcxZGNmMmUyZTUwNjRlOWI5MDdh
ZGIzZWMwHhcNMjIxMDE3MjIyMjUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGI5OGRlM2IyYTIwOGY3MzM1ZTliN2NkMmViMTcwZjE5MDliZGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7ptaHdLAcb9JmHkVtUwE26pTOZi
bO59bkkzhkOq5dMdrfK3xbZ0EbTDRQy0vD6iITr+7E8iC4mp50TU9I0vOVsDZRdt
WgeiryUsWG7M0QHAGHnoGI6PEB8WnKcNOr58ttn4T7d7OG9hYSOR1JqlTrQgfcch
sN3lxockRcQBDA+qhz6GaZA0+uIAbEVg39UH3AsdzliYzJvGr5RrKWL2+G3IEdGc
9twQ5s7eReREN6sCcTPGbm61iftNuuK9/AUod/d0X5b3/KWSPn4r3VC8EVMtDIkA
vkCb2a1Z7mmMyTBfKOXmzt6jetaMoInNi4RhloHTTPk4dM516YFBHAeu/QIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFCC5jeOyogj3M16bfNLrFw8ZCb27MB8GA1UdIwQY
MBaAFKmAf21Q2X2XHc8uLlBk6bkHrbPsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzIt
MGQ4ZjdkZDhjY2U2LzEvSUxtTjQ3S2lDUGN6WHB0ODB1c1hEeGtKdmJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzItMGQ4ZjdkZDhjY2U2
LzEvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBpQQCAAEwgZ4DBAY+
A8AwCgMDAU9CAwMET0ADAwNQKAMDAFDhAwQGUQFAAwQGUQbAAwMAUVYDBAdRqgAD
AwFRsgMEB1KFAAMDAFNDAwMAVAwDAwFV0gMDA1hoAwMAWagDBAK5r5ADBADB2mMD
BAXCaiADBAXC9+ADBAbDcAADBAfDiQADBAbDlQADBAXUAYADBAXUSmADAwDUiwME
BtSfgAMEBtXQQDANBgkqhkiG9w0BAQsFAAOCAQEAX/7lxiNw7jin5Lv4MsXuzOqD
PSn994dR8uwT3QPhIESN/xAkoGtvu9zz+0htYxztkmsDol7t/0SYL6f1ATMcEMVh
PwHA/HKW2H4ZFC2ySPUfl2kSsXdWSvufOprNHpNjXl67hdImDhP0NK9GQyqpZlJ/
USG1xBT3hGWY4XlRAmYrhNlEQVxB5bN1buzjO5Z0jNbWKTERceQDEdAZBYsbLRkv
zoJdtAgX3dDINWkQ8SnTstlsjP96JlyhZbyVydu2QifYG4ryO86St8gTZn74/SFx
i8LJkr1uA3mgrec/cseM3ZCiqqgnbPeCm4e26X9caw5h2K+6GVGn8mKSvFzqvQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:52 2025 by rpki-client