Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/tbvyPwMfX1SVmBsI9QHkjL6H4-Y.roa
File: tbvyPwMfX1SVmBsI9QHkjL6H4-Y.roa (raw, json)
Hash identifier: Ts0/43K7PkCtVGE352DMrCQmtBY71kXxLVPtOwVluKk=
Subject key identifier: B5:BB:F2:3F:03:1F:5F:54:95:98:1B:08:F5:01:E4:8C:BE:87:E3:E6
Certificate issuer: /CN=b6c167dfa9882b2aa8f84595f58a97c305ca43c5
Certificate serial: 0182150475BB91F551F58B6E8363E99A4C62
Authority key identifier: B6:C1:67:DF:A9:88:2B:2A:A8:F8:45:95:F5:8A:97:C3:05:CA:43:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tsFn36mIKyqo-EWV9YqXwwXKQ8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/tbvyPwMfX1SVmBsI9QHkjL6H4-Y.roa
Signing time: Tue 19 Jul 2022 05:53:09 +0000
ROA not before: Tue 19 Jul 2022 05:53:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57497
IP address blocks: 45.135.240.0/24 maxlen: 24
45.135.243.0/24 maxlen: 24
45.135.241.0/24 maxlen: 24
45.135.242.0/24 maxlen: 24
45.93.168.0/24 maxlen: 24
45.93.171.0/24 maxlen: 24
45.93.169.0/24 maxlen: 24
45.93.170.0/24 maxlen: 24
158.58.191.0/24 maxlen: 24
158.58.190.0/23 maxlen: 23
158.58.189.0/24 maxlen: 24
158.58.190.0/24 maxlen: 24
158.58.188.0/24 maxlen: 24
158.58.188.0/23 maxlen: 23
158.58.187.0/24 maxlen: 24
158.58.184.0/24 maxlen: 24
158.58.185.0/24 maxlen: 24
158.58.184.0/22 maxlen: 22
158.58.186.0/24 maxlen: 24
185.2.14.0/23 maxlen: 24
185.2.12.0/22 maxlen: 22
185.2.12.0/23 maxlen: 24
5.63.10.0/24 maxlen: 24
5.63.11.0/24 maxlen: 24
5.63.8.0/24 maxlen: 24
5.63.10.0/23 maxlen: 23
5.63.9.0/24 maxlen: 24
5.63.13.0/24 maxlen: 24
5.63.14.0/24 maxlen: 24
5.63.14.0/23 maxlen: 23
5.63.12.0/24 maxlen: 24
2a01:4ac0:3::/48 maxlen: 48
2a01:4ac0:2::/48 maxlen: 48
2a01:4ac0::/48 maxlen: 48
2a01:4ac0:1::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:15:04:75:bb:91:f5:51:f5:8b:6e:83:63:e9:9a:4c:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6c167dfa9882b2aa8f84595f58a97c305ca43c5
Validity
Not Before: Jul 19 05:53:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b5bbf23f031f5f5495981b08f501e48cbe87e3e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:04:7b:8d:10:fa:ee:72:79:ba:54:04:b6:5a:
76:39:f1:49:26:3d:7a:8c:94:42:0c:dc:44:46:03:
f5:85:10:63:d3:1f:8f:5f:31:fd:2f:7b:e8:63:24:
ff:c1:b5:7d:f7:72:1c:1b:77:cf:5e:87:b4:bf:34:
3a:c7:a4:9b:23:69:f1:0e:93:e8:8d:c3:d2:67:bd:
9f:54:35:f9:6f:87:bd:29:91:f9:da:03:c0:3d:a3:
56:3f:f2:5c:82:f2:e5:c8:dc:06:97:80:56:49:c0:
b0:ca:c9:26:eb:28:99:10:63:7c:c1:4a:6d:44:21:
c9:f2:6d:92:94:f9:d3:cc:02:68:2a:d1:21:5c:50:
62:78:44:1f:0c:42:9f:0a:24:42:e8:ab:5a:0a:90:
fd:ed:d1:21:65:dd:0a:07:35:4c:cd:94:a3:9e:30:
5f:19:e5:8d:62:4b:1f:6a:36:17:71:4b:8f:a0:26:
b4:e1:a6:60:b6:e5:5f:f8:6a:8e:7f:8d:9d:38:12:
9f:da:1b:b7:42:c3:f1:f6:a0:5c:d7:21:d0:d5:4f:
1d:cd:22:05:2a:a5:42:d7:11:c6:c9:9e:60:2d:ce:
a2:78:8c:f0:dc:32:1e:9c:e0:e4:21:38:22:00:31:
25:69:ce:c3:c4:a7:21:53:2d:97:a1:9e:45:45:e0:
27:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:BB:F2:3F:03:1F:5F:54:95:98:1B:08:F5:01:E4:8C:BE:87:E3:E6
X509v3 Authority Key Identifier:
keyid:B6:C1:67:DF:A9:88:2B:2A:A8:F8:45:95:F5:8A:97:C3:05:CA:43:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tsFn36mIKyqo-EWV9YqXwwXKQ8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/tbvyPwMfX1SVmBsI9QHkjL6H4-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/tsFn36mIKyqo-EWV9YqXwwXKQ8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.8.0/21
45.93.168.0/22
45.135.240.0/22
158.58.184.0/21
185.2.12.0/22
IPv6:
2a01:4ac0::/46
Signature Algorithm: sha256WithRSAEncryption
7b:9b:65:ed:36:ad:b8:b7:9c:8d:d6:34:ff:bc:95:b7:1d:ef:
15:af:1c:f4:c1:88:a7:0c:fc:2b:78:f6:d4:d0:9f:cd:3a:75:
2a:1d:e4:db:b4:f4:56:ed:6f:b8:53:cf:50:3c:de:36:7f:f3:
44:98:64:4a:10:e0:6d:3a:a8:43:12:d2:0c:f5:3c:6a:1d:40:
ee:81:95:bd:0d:d3:72:59:4a:c6:09:9a:9d:be:6b:85:7d:6b:
42:be:0d:1d:49:96:18:9d:73:2d:d3:63:09:d1:b3:f7:e0:fc:
7c:06:20:1e:53:dd:f6:b6:05:1e:b1:ce:96:23:85:f3:37:fb:
84:63:e3:68:db:4b:91:bc:13:89:6d:22:6c:03:db:1b:a6:78:
9b:4f:cc:64:45:4e:59:51:28:f6:47:88:74:84:3b:7c:a7:14:
2a:31:c4:11:40:3b:10:ce:d3:b5:04:32:d6:ed:f7:02:c2:53:
f8:84:cb:08:26:19:6d:a1:67:14:cb:8c:48:c2:0c:0e:f0:23:
09:fd:39:be:b7:cd:e5:45:c9:49:a4:84:3f:29:34:9f:e9:fc:
ff:9c:87:5d:3d:db:0c:c9:12:ad:53:63:b6:98:fe:13:ce:f9:
45:e8:56:f4:c8:1a:78:f0:f4:cf:c7:30:a7:70:3a:ea:31:03:
a5:37:f9:40
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYIVBHW7kfVR9Ytug2PpmkxiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2YzE2N2RmYTk4ODJiMmFhOGY4NDU5NWY1OGE5N2MzMDVj
YTQzYzUwHhcNMjIwNzE5MDU1MzA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWJiZjIzZjAzMWY1ZjU0OTU5ODFiMDhmNTAxZTQ4Y2JlODdlM2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAR7jRD67nJ5ulQEtlp2OfFJJj16
jJRCDNxERgP1hRBj0x+PXzH9L3voYyT/wbV993IcG3fPXoe0vzQ6x6SbI2nxDpPo
jcPSZ72fVDX5b4e9KZH52gPAPaNWP/JcgvLlyNwGl4BWScCwyskm6yiZEGN8wUpt
RCHJ8m2SlPnTzAJoKtEhXFBieEQfDEKfCiRC6KtaCpD97dEhZd0KBzVMzZSjnjBf
GeWNYksfajYXcUuPoCa04aZgtuVf+GqOf42dOBKf2hu3QsPx9qBc1yHQ1U8dzSIF
KqVC1xHGyZ5gLc6ieIzw3DIenODkITgiADElac7DxKchUy2XoZ5FReAnowIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFLW78j8DH19UlZgbCPUB5Iy+h+PmMB8GA1UdIwQY
MBaAFLbBZ9+piCsqqPhFlfWKl8MFykPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHNGbjM2bUlLeXFvLUVXVjlZcVh3d1hLUThVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy83M2JlZWItNmEwNS00Y2NhLTg2YmUt
YWNmYzNkMmMyNTIyLzEvdGJ2eVB3TWZYMVNWbUJzSTlRSGtqTDZINC1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy83M2JlZWItNmEwNS00Y2NhLTg2YmUtYWNmYzNkMmMyNTIy
LzEvdHNGbjM2bUlLeXFvLUVXVjlZcVh3d1hLUThVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQDBT8IAwQC
LV2oAwQCLYfwAwQDnjq4AwQCuQIMMA8EAgACMAkDBwIqAUrAAAAwDQYJKoZIhvcN
AQELBQADggEBAHubZe02rbi3nI3WNP+8lbcd7xWvHPTBiKcM/Ct49tTQn806dSod
5Nu09Fbtb7hTz1A83jZ/80SYZEoQ4G06qEMS0gz1PGodQO6Blb0N03JZSsYJmp2+
a4V9a0K+DR1Jlhidcy3TYwnRs/fg/HwGIB5T3fa2BR6xzpYjhfM3+4Rj42jbS5G8
E4ltImwD2xumeJtPzGRFTllRKPZHiHSEO3ynFCoxxBFAOxDO07UEMtbt9wLCU/iE
ywgmGW2hZxTLjEjCDA7wIwn9Ob63zeVFyUmkhD8pNJ/p/P+ch1092wzJEq1TY7aY
/hPO+UXoVvTIGnjw9M/HMKdwOuoxA6U3+UA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:52 2023 by rpki-client on console-fra.rpki-client.org