Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/jSdiHFEmqPB_qXpJNmQ8yiEG6QA.roa
File: jSdiHFEmqPB_qXpJNmQ8yiEG6QA.roa (raw, json)
Hash identifier: C7o9YlE/yhvKk5aNFSXSbqZEfZ8bcS+hPyOoYlqoXhQ=
Subject key identifier: 8D:27:62:1C:51:26:A8:F0:7F:A9:7A:49:36:64:3C:CA:21:06:E9:00
Certificate issuer: /CN=b6c167dfa9882b2aa8f84595f58a97c305ca43c5
Certificate serial: 01856ECBA9A7514472642C77061EDD68F666
Authority key identifier: B6:C1:67:DF:A9:88:2B:2A:A8:F8:45:95:F5:8A:97:C3:05:CA:43:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tsFn36mIKyqo-EWV9YqXwwXKQ8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/jSdiHFEmqPB_qXpJNmQ8yiEG6QA.roa
Signing time: Sun 01 Jan 2023 19:25:19 +0000
ROA not before: Sun 01 Jan 2023 19:25:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57497
IP address blocks: 195.226.223.0/24 maxlen: 24
45.135.240.0/24 maxlen: 24
45.135.243.0/24 maxlen: 24
45.135.241.0/24 maxlen: 24
45.135.242.0/24 maxlen: 24
45.93.168.0/24 maxlen: 24
45.93.171.0/24 maxlen: 24
45.93.169.0/24 maxlen: 24
45.93.170.0/24 maxlen: 24
158.58.191.0/24 maxlen: 24
158.58.190.0/23 maxlen: 23
158.58.189.0/24 maxlen: 24
158.58.190.0/24 maxlen: 24
158.58.188.0/24 maxlen: 24
158.58.188.0/23 maxlen: 23
158.58.187.0/24 maxlen: 24
158.58.184.0/24 maxlen: 24
158.58.185.0/24 maxlen: 24
158.58.184.0/22 maxlen: 22
158.58.186.0/24 maxlen: 24
185.2.14.0/23 maxlen: 24
185.2.12.0/22 maxlen: 22
185.2.12.0/23 maxlen: 24
5.63.10.0/24 maxlen: 24
5.63.11.0/24 maxlen: 24
5.63.8.0/24 maxlen: 24
5.63.10.0/23 maxlen: 23
5.63.9.0/24 maxlen: 24
5.63.13.0/24 maxlen: 24
5.63.14.0/24 maxlen: 24
5.63.14.0/23 maxlen: 23
5.63.12.0/24 maxlen: 24
185.229.204.0/24 maxlen: 24
2a01:4ac0:3::/48 maxlen: 48
2a01:4ac0:2::/48 maxlen: 48
2a01:4ac0::/48 maxlen: 48
2a01:4ac0:1::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:a9:a7:51:44:72:64:2c:77:06:1e:dd:68:f6:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6c167dfa9882b2aa8f84595f58a97c305ca43c5
Validity
Not Before: Jan 1 19:25:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d27621c5126a8f07fa97a4936643cca2106e900
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:50:14:7e:04:ff:fa:2b:bd:8d:a0:1a:98:84:
1b:4f:20:22:87:99:b8:62:87:f7:c5:6d:d7:31:27:
24:6c:ba:25:98:a5:ac:7d:94:60:70:69:68:fe:56:
d6:9a:ff:29:79:99:d4:bd:17:a0:c6:06:5a:7a:16:
f9:f1:13:d9:74:f2:61:88:92:ec:9b:34:86:c5:1b:
0c:1b:03:61:f8:a4:a4:36:4e:eb:2e:8b:48:dc:0f:
09:1c:94:94:d0:af:03:a5:d9:4f:b9:f7:9e:33:2c:
19:69:be:2c:18:52:7b:84:45:65:f9:df:2c:9f:8f:
2b:70:b3:f7:9a:f0:1b:ea:4d:fc:c5:2d:d2:2d:59:
33:53:a4:12:82:14:fd:96:f9:18:ae:24:b5:cc:97:
5e:32:c6:07:75:2c:6a:20:c0:ae:13:c3:17:ef:7e:
fd:2d:10:5b:fc:10:11:d5:d9:f0:cf:96:9b:70:9d:
df:41:ba:cb:c4:f1:07:a2:c4:8a:df:c4:65:a0:68:
44:3c:fd:99:4f:12:7e:dc:7d:15:1a:ec:52:67:7b:
ea:93:8f:40:b5:e8:03:cd:6d:88:cb:f8:ef:ad:a7:
de:9d:bc:64:8b:fd:21:6f:99:5f:cc:e5:f5:27:b3:
de:27:62:40:28:74:98:e7:d7:4f:ce:29:be:a8:12:
0b:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:27:62:1C:51:26:A8:F0:7F:A9:7A:49:36:64:3C:CA:21:06:E9:00
X509v3 Authority Key Identifier:
keyid:B6:C1:67:DF:A9:88:2B:2A:A8:F8:45:95:F5:8A:97:C3:05:CA:43:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tsFn36mIKyqo-EWV9YqXwwXKQ8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/jSdiHFEmqPB_qXpJNmQ8yiEG6QA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/tsFn36mIKyqo-EWV9YqXwwXKQ8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.8.0/21
45.93.168.0/22
45.135.240.0/22
158.58.184.0/21
185.2.12.0/22
185.229.204.0/24
195.226.223.0/24
IPv6:
2a01:4ac0::/46
Signature Algorithm: sha256WithRSAEncryption
23:18:58:6a:95:7c:86:4e:e7:42:5a:dd:91:f5:ad:dc:b7:aa:
63:69:45:7d:1d:16:ad:98:07:f9:38:9d:4f:a3:5f:0e:e5:3a:
51:5c:74:be:6b:76:0e:bc:07:06:fd:b1:85:2d:fc:b8:60:5e:
83:f7:49:15:67:47:ed:a7:cc:6c:0d:62:ca:71:17:3d:91:aa:
c5:00:b2:e8:77:a7:6a:a4:6d:12:09:e3:88:c4:e8:da:ab:02:
ec:2e:61:cc:9b:b0:7d:ef:56:5e:af:a0:d2:54:50:5e:27:93:
69:63:00:98:75:0c:23:74:17:0c:d2:6d:4b:7e:95:c5:92:de:
81:b2:f8:17:ce:21:90:c0:5d:ed:2c:3b:a2:14:ab:17:c9:ec:
d6:b1:93:bb:e8:dd:95:e6:5b:a3:de:48:f7:e4:3e:c8:ba:ab:
13:e6:f4:ad:ec:0d:fc:fc:0e:92:1a:2f:cb:58:b1:9a:e0:6e:
50:10:dd:77:23:a2:24:5d:e6:19:7f:ff:d3:1c:8d:4d:49:7a:
30:34:a8:72:36:f3:9e:5e:af:3f:bc:84:4a:66:cb:d0:03:40:
0c:2e:44:7a:fe:e8:ed:97:c5:bb:97:05:09:e2:e4:d5:2b:9d:
e8:42:e6:cc:46:65:e3:46:f8:c7:23:97:23:d7:01:2d:d3:85:
34:a2:c3:8b
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYVuy6mnUURyZCx3Bh7daPZmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2YzE2N2RmYTk4ODJiMmFhOGY4NDU5NWY1OGE5N2MzMDVj
YTQzYzUwHhcNMjMwMTAxMTkyNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDI3NjIxYzUxMjZhOGYwN2ZhOTdhNDkzNjY0M2NjYTIxMDZlOTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3lAUfgT/+iu9jaAamIQbTyAih5m4
Yof3xW3XMSckbLolmKWsfZRgcGlo/lbWmv8peZnUvRegxgZaehb58RPZdPJhiJLs
mzSGxRsMGwNh+KSkNk7rLotI3A8JHJSU0K8DpdlPufeeMywZab4sGFJ7hEVl+d8s
n48rcLP3mvAb6k38xS3SLVkzU6QSghT9lvkYriS1zJdeMsYHdSxqIMCuE8MX7379
LRBb/BAR1dnwz5abcJ3fQbrLxPEHosSK38RloGhEPP2ZTxJ+3H0VGuxSZ3vqk49A
tegDzW2Iy/jvrafenbxki/0hb5lfzOX1J7PeJ2JAKHSY59dPzim+qBILuwIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFI0nYhxRJqjwf6l6STZkPMohBukAMB8GA1UdIwQY
MBaAFLbBZ9+piCsqqPhFlfWKl8MFykPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHNGbjM2bUlLeXFvLUVXVjlZcVh3d1hLUThVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy83M2JlZWItNmEwNS00Y2NhLTg2YmUt
YWNmYzNkMmMyNTIyLzEvalNkaUhGRW1xUEJfcVhwSk5tUTh5aUVHNlFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy83M2JlZWItNmEwNS00Y2NhLTg2YmUtYWNmYzNkMmMyNTIy
LzEvdHNGbjM2bUlLeXFvLUVXVjlZcVh3d1hLUThVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAwBAIAATAqAwQDBT8IAwQC
LV2oAwQCLYfwAwQDnjq4AwQCuQIMAwQAueXMAwQAw+LfMA8EAgACMAkDBwIqAUrA
AAAwDQYJKoZIhvcNAQELBQADggEBACMYWGqVfIZO50Ja3ZH1rdy3qmNpRX0dFq2Y
B/k4nU+jXw7lOlFcdL5rdg68Bwb9sYUt/LhgXoP3SRVnR+2nzGwNYspxFz2RqsUA
suh3p2qkbRIJ44jE6NqrAuwuYcybsH3vVl6voNJUUF4nk2ljAJh1DCN0FwzSbUt+
lcWS3oGy+BfOIZDAXe0sO6IUqxfJ7Naxk7vo3ZXmW6PeSPfkPsi6qxPm9K3sDfz8
DpIaL8tYsZrgblAQ3XcjoiRd5hl//9McjU1JejA0qHI2855erz+8hEpmy9ADQAwu
RHr+6O2XxbuXBQni5NUrnehC5sxGZeNG+McjlyPXAS3ThTSiw4s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:36 2024 by rpki-client on console-ams.rpki-client.org