Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/2b6iLNf1FqBW9p5tX87d1-UavMg.roa
File: 2b6iLNf1FqBW9p5tX87d1-UavMg.roa (raw, json)
Hash identifier: 97zdOUp8f7Pabow1VuUZtJc0yI7NjsKO5hArrSXCqMM=
Subject key identifier: D9:BE:A2:2C:D7:F5:16:A0:56:F6:9E:6D:5F:CE:DD:D7:E5:1A:BC:C8
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0183E588CE3D9D339B1F642B558929306A24
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/2b6iLNf1FqBW9p5tX87d1-UavMg.roa
Signing time: Mon 17 Oct 2022 10:41:31 +0000
ROA not before: Mon 17 Oct 2022 10:41:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197518
IP address blocks: 185.225.20.0/22 maxlen: 22
185.199.212.0/22 maxlen: 24
45.157.208.0/22 maxlen: 22
185.251.228.0/22 maxlen: 24
185.108.204.0/22 maxlen: 22
194.5.64.0/22 maxlen: 22
45.155.252.0/22 maxlen: 24
185.255.200.0/22 maxlen: 22
194.146.92.0/23 maxlen: 23
45.90.16.0/22 maxlen: 22
185.250.24.0/22 maxlen: 24
188.95.248.0/21 maxlen: 21
185.221.24.0/22 maxlen: 22
193.58.144.0/22 maxlen: 22
176.125.248.0/22 maxlen: 22
45.147.224.0/22 maxlen: 22
194.147.16.0/23 maxlen: 23
185.214.108.0/22 maxlen: 22
130.193.104.0/21 maxlen: 21
2a03:680::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e5:88:ce:3d:9d:33:9b:1f:64:2b:55:89:29:30:6a:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Oct 17 10:41:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d9bea22cd7f516a056f69e6d5fceddd7e51abcc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:b9:0c:4a:7c:e3:56:c5:d3:71:c5:27:92:b0:
b4:ab:35:89:e2:4d:70:63:f2:ba:3b:6f:d4:d5:39:
40:28:11:bc:32:12:b5:9c:14:db:ce:a8:b6:2e:67:
b2:8e:cd:94:05:97:7f:3c:c7:13:f0:43:44:aa:ca:
0a:1c:19:24:52:d4:89:26:fc:73:14:d5:72:2b:d9:
85:a0:30:12:da:02:8d:1a:0b:0d:94:3d:d8:43:57:
09:4d:1f:26:db:66:aa:c2:33:09:16:19:43:6d:e1:
eb:ad:e1:bc:a4:b3:96:1a:5f:36:12:71:6e:64:60:
ec:6c:1f:fc:6e:8e:a5:68:5c:bd:0d:eb:3f:55:83:
e3:d5:bf:25:00:c6:a1:7f:31:0a:2d:4d:17:ff:b6:
71:cf:81:fc:1f:10:3c:bc:d3:64:82:40:29:7d:d4:
66:ec:28:9e:73:42:34:7e:8c:db:e1:1b:d4:0d:45:
0f:90:c3:5a:17:1a:e0:dd:4f:24:ad:77:7b:50:af:
98:4f:21:58:51:97:8a:ea:df:8d:e2:26:72:04:09:
90:91:77:eb:8c:ee:78:dc:78:2d:be:2b:ac:22:bd:
48:5c:44:f0:ea:ac:69:45:df:48:d9:e2:b9:a2:c6:
c3:17:c6:2a:10:42:2f:dc:f7:09:da:ef:63:e2:91:
a5:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:BE:A2:2C:D7:F5:16:A0:56:F6:9E:6D:5F:CE:DD:D7:E5:1A:BC:C8
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/2b6iLNf1FqBW9p5tX87d1-UavMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.16.0/22
45.147.224.0/22
45.155.252.0/22
45.157.208.0/22
130.193.104.0/21
176.125.248.0/22
185.108.204.0/22
185.199.212.0/22
185.214.108.0/22
185.221.24.0/22
185.225.20.0/22
185.250.24.0/22
185.251.228.0/22
185.255.200.0/22
188.95.248.0/21
193.58.144.0/22
194.5.64.0/22
194.146.92.0/23
194.147.16.0/23
IPv6:
2a03:680::/32
Signature Algorithm: sha256WithRSAEncryption
79:67:50:97:8f:89:21:41:ab:36:f1:2a:7d:17:e9:3f:06:a5:
16:36:02:a4:f1:fa:d0:ad:f6:32:e4:34:ad:6d:f0:3b:c9:cb:
38:bf:2d:25:8b:62:b7:0b:e0:0f:4c:32:fa:bf:b8:35:64:16:
97:7c:a1:46:2f:06:9b:c7:0b:5f:1b:c7:db:1e:70:2c:4b:6e:
df:0c:7a:bc:3c:a7:c3:39:6e:0d:c2:0a:0e:0d:4f:90:30:c7:
a4:41:dd:dd:98:23:6a:cb:37:01:ca:7a:06:85:03:28:45:aa:
72:05:49:de:08:d0:ed:47:a0:ce:d3:ba:c4:37:8f:3d:44:55:
6f:b1:f5:05:c9:b7:9c:57:f6:0b:16:09:56:70:6f:af:96:b4:
fe:4e:7f:97:1a:29:96:e7:56:86:2a:2b:bc:5b:8c:f3:e8:5b:
60:7e:b4:e0:5f:6d:b0:37:b7:7e:54:ca:c5:2f:55:96:3b:83:
d4:71:78:0c:20:88:97:47:c5:84:28:4e:26:4f:0f:2d:4b:7c:
b2:16:7f:92:7a:3f:1d:70:65:b4:dd:8a:22:a2:7c:42:fb:b5:
09:e5:d5:ce:93:fe:4b:b0:9e:eb:b0:bf:eb:12:dc:e7:73:29:
8f:7e:8b:1a:5b:86:98:24:d1:f8:d0:02:8f:4d:83:bf:0a:67:
05:cf:a9:d7
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgISAYPliM49nTObH2QrVYkpMGokMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjIxMDE3MTA0MTMxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWJlYTIyY2Q3ZjUxNmEwNTZmNjllNmQ1ZmNlZGRkN2U1MWFiY2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbkMSnzjVsXTccUnkrC0qzWJ4k1w
Y/K6O2/U1TlAKBG8MhK1nBTbzqi2Lmeyjs2UBZd/PMcT8ENEqsoKHBkkUtSJJvxz
FNVyK9mFoDAS2gKNGgsNlD3YQ1cJTR8m22aqwjMJFhlDbeHrreG8pLOWGl82EnFu
ZGDsbB/8bo6laFy9Des/VYPj1b8lAMahfzEKLU0X/7Zxz4H8HxA8vNNkgkApfdRm
7Ciec0I0fozb4RvUDUUPkMNaFxrg3U8krXd7UK+YTyFYUZeK6t+N4iZyBAmQkXfr
jO543HgtviusIr1IXETw6qxpRd9I2eK5osbDF8YqEEIv3PcJ2u9j4pGlPQIDAQAB
o4IChzCCAoMwHQYDVR0OBBYEFNm+oizX9RagVvaebV/O3dflGrzIMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvMmI2aUxOZjFGcUJXOXA1dFg4N2QxLVVhdk1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGcBggrBgEFBQcBBwEB/wSBjDCBiTB4BAIAATByAwQCLVoQ
AwQCLZPgAwQCLZv8AwQCLZ3QAwQDgsFoAwQCsH34AwQCuWzMAwQCucfUAwQCudZs
AwQCud0YAwQCueEUAwQCufoYAwQCufvkAwQCuf/IAwQDvF/4AwQCwTqQAwQCwgVA
AwQBwpJcAwQBwpMQMA0EAgACMAcDBQAqAwaAMA0GCSqGSIb3DQEBCwUAA4IBAQB5
Z1CXj4khQas28Sp9F+k/BqUWNgKk8frQrfYy5DStbfA7ycs4vy0li2K3C+APTDL6
v7g1ZBaXfKFGLwabxwtfG8fbHnAsS27fDHq8PKfDOW4NwgoODU+QMMekQd3dmCNq
yzcBynoGhQMoRapyBUneCNDtR6DO07rEN489RFVvsfUFybecV/YLFglWcG+vlrT+
Tn+XGimW51aGKiu8W4zz6FtgfrTgX22wN7d+VMrFL1WWO4PUcXgMIIiXR8WEKE4m
Tw8tS3yyFn+Sej8dcGW03YoionxC+7UJ5dXOk/5LsJ7rsL/rEtzncymPfosaW4aY
JNH40AKPTYO/CmcFz6nX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:13 2024 by rpki-client on console-fra.rpki-client.org