Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/PbPTaQDunGyMbK2yhZO1SfB_byk.roa
File: PbPTaQDunGyMbK2yhZO1SfB_byk.roa (raw, json)
Hash identifier: LuGmsJZp7HTmkfnSGliPLJeSNz8Eaz14XfU7Hqi53lo=
Subject key identifier: 3D:B3:D3:69:00:EE:9C:6C:8C:6C:AD:B2:85:93:B5:49:F0:7F:6F:29
Certificate issuer: /CN=f8203a0c04b81fe1766fa41bd31b73b588188ac7
Certificate serial: 018CCA2A36FC4125CBBFC36814B4CF1497BC
Authority key identifier: F8:20:3A:0C:04:B8:1F:E1:76:6F:A4:1B:D3:1B:73:B5:88:18:8A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-CA6DAS4H-F2b6Qb0xtztYgYisc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/PbPTaQDunGyMbK2yhZO1SfB_byk.roa
Signing time: Tue 02 Jan 2024 12:33:33 +0000
ROA not before: Tue 02 Jan 2024 12:33:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60721
IP address blocks: 185.162.144.0/24 maxlen: 24
185.162.145.0/24 maxlen: 24
185.162.146.0/24 maxlen: 24
185.162.147.0/24 maxlen: 24
185.171.24.0/24 maxlen: 24
185.171.25.0/24 maxlen: 24
185.171.26.0/24 maxlen: 24
185.171.27.0/24 maxlen: 24
185.247.136.0/24 maxlen: 24
185.247.137.0/24 maxlen: 24
185.247.138.0/24 maxlen: 24
185.247.139.0/24 maxlen: 24
45.136.104.0/24 maxlen: 24
45.136.105.0/24 maxlen: 24
185.26.144.0/24 maxlen: 24
185.26.145.0/24 maxlen: 24
185.26.146.0/24 maxlen: 24
185.26.147.0/24 maxlen: 24
185.126.177.0/24 maxlen: 24
185.126.178.0/24 maxlen: 24
185.126.179.0/24 maxlen: 24
185.126.176.0/24 maxlen: 24
45.136.106.0/24 maxlen: 24
45.136.107.0/24 maxlen: 24
185.153.228.0/24 maxlen: 24
185.153.229.0/24 maxlen: 24
185.153.230.0/24 maxlen: 24
185.153.231.0/24 maxlen: 24
2a0d:c480::/29 maxlen: 29
2a04:3880::/30 maxlen: 30
2a0d:a2c0::/29 maxlen: 29
2a06:c380::/29 maxlen: 29
2a0b:6000::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:36:fc:41:25:cb:bf:c3:68:14:b4:cf:14:97:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8203a0c04b81fe1766fa41bd31b73b588188ac7
Validity
Not Before: Jan 2 12:33:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3db3d36900ee9c6c8c6cadb28593b549f07f6f29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e6:d1:2c:8a:e2:62:59:7f:38:b9:7d:72:57:
38:ec:3d:f5:e0:ae:62:f8:47:e4:ee:c0:77:95:96:
1f:cf:99:b3:a9:4a:5c:2b:35:73:e8:aa:c6:df:aa:
01:90:f5:8e:a3:0f:19:6b:c3:b0:26:c4:41:d0:69:
03:04:c3:93:b2:0e:e0:aa:06:55:da:e9:cd:87:e8:
f5:77:f1:93:e8:fe:d1:3e:0a:4b:35:d0:3f:c7:ec:
7e:21:0c:1c:28:50:94:13:f2:8b:c4:de:84:69:df:
b4:5d:17:98:81:39:b0:72:47:01:7b:b4:80:ba:5b:
c1:0d:dc:63:7f:f3:02:ee:49:cf:9a:22:34:0b:86:
3c:c3:ee:d3:e9:c5:e8:ed:c0:4c:8f:84:26:99:0f:
b0:83:33:f5:86:68:ee:d1:0f:f1:8d:52:32:72:5a:
e1:bb:de:31:d6:10:cf:0a:8e:44:6e:dc:61:be:7a:
e5:94:3f:2d:84:e8:23:e6:bb:08:7a:dd:3c:5d:2a:
4f:7e:2e:27:9b:c0:d8:f0:f2:d0:2b:e7:cb:b9:db:
fa:a3:8f:31:ab:6c:d3:eb:c3:73:ef:7a:40:80:fa:
6f:b6:55:9c:dd:b6:e5:6d:0e:75:e2:4c:a6:a3:47:
f9:43:c2:1a:81:9d:37:d8:f4:da:f2:97:c4:ed:79:
0f:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:B3:D3:69:00:EE:9C:6C:8C:6C:AD:B2:85:93:B5:49:F0:7F:6F:29
X509v3 Authority Key Identifier:
keyid:F8:20:3A:0C:04:B8:1F:E1:76:6F:A4:1B:D3:1B:73:B5:88:18:8A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-CA6DAS4H-F2b6Qb0xtztYgYisc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/PbPTaQDunGyMbK2yhZO1SfB_byk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/1-CA6DAS4H-F2b6Qb0xtztYgYisc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.104.0/22
185.26.144.0/22
185.126.176.0/22
185.153.228.0/22
185.162.144.0/22
185.171.24.0/22
185.247.136.0/22
IPv6:
2a04:3880::/30
2a06:c380::/29
2a0b:6000::/29
2a0d:a2c0::/29
2a0d:c480::/29
Signature Algorithm: sha256WithRSAEncryption
53:5b:ab:f1:e2:fe:63:95:df:09:b8:bb:23:3c:00:3b:ef:91:
3d:f5:e3:02:5d:06:ec:ac:46:6a:44:75:06:d5:35:97:87:a2:
48:9e:a8:6a:30:b9:ef:1f:98:20:80:c0:1b:66:61:4a:eb:fd:
57:c6:c4:ef:44:59:95:23:2f:a5:59:c5:65:90:15:06:27:ae:
4a:67:e7:8c:49:bf:96:26:d5:ee:fe:7c:13:56:92:3a:95:87:
65:38:b7:a2:40:a6:79:f2:a4:0a:d5:b1:fe:e3:45:65:c2:bd:
a0:69:8c:ac:87:e0:30:31:ef:b3:5b:0a:1f:77:aa:0d:0d:0f:
fe:cf:72:a8:95:d5:74:14:81:18:f4:35:f3:9b:0c:54:db:78:
11:11:a4:08:87:51:24:fc:00:84:ea:22:c1:a2:3b:62:32:b6:
f3:b6:29:f1:f0:be:58:52:10:45:cd:f2:b1:90:c3:16:81:a3:
83:18:fa:a1:4d:c6:d2:e7:45:a2:59:72:fa:d7:d7:59:1a:ec:
0c:a7:bd:b7:5d:86:39:32:a9:2f:0a:cf:8e:4c:a1:f7:63:24:
56:c2:9a:b1:ca:31:61:9d:fa:ac:12:6c:59:2b:b3:2c:2c:7c:
c4:1a:fa:e2:77:85:8e:13:8f:8d:d0:40:93:03:ba:af:b6:8f:
1e:cc:b9:c4
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYzKKjb8QSXLv8NoFLTPFJe8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MjAzYTBjMDRiODFmZTE3NjZmYTQxYmQzMWI3M2I1ODgx
ODhhYzcwHhcNMjQwMTAyMTIzMzMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGIzZDM2OTAwZWU5YzZjOGM2Y2FkYjI4NTkzYjU0OWYwN2Y2ZjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnubRLIriYll/OLl9clc47D314K5i
+Efk7sB3lZYfz5mzqUpcKzVz6KrG36oBkPWOow8Za8OwJsRB0GkDBMOTsg7gqgZV
2unNh+j1d/GT6P7RPgpLNdA/x+x+IQwcKFCUE/KLxN6Ead+0XReYgTmwckcBe7SA
ulvBDdxjf/MC7knPmiI0C4Y8w+7T6cXo7cBMj4QmmQ+wgzP1hmju0Q/xjVIyclrh
u94x1hDPCo5EbtxhvnrllD8thOgj5rsIet08XSpPfi4nm8DY8PLQK+fLudv6o48x
q2zT68Nz73pAgPpvtlWc3bblbQ514kymo0f5Q8IagZ032PTa8pfE7XkPhQIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFD2z02kA7pxsjGytsoWTtUnwf28pMB8GA1UdIwQY
MBaAFPggOgwEuB/hdm+kG9Mbc7WIGIrHMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1DQTZEQVM0SC1GMmI2UWIweHR6dFlnWWlzYy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWIvZTE0Y2EzLWRhOGUtNGI1OC04NjNh
LTMzODk2MjBjMWJkNy8xL1BiUFRhUUR1bkd5TWJLMnloWk8xU2ZCX2J5ay5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNWIvZTE0Y2EzLWRhOGUtNGI1OC04NjNhLTMzODk2MjBjMWJk
Ny8xLzEtQ0E2REFTNEgtRjJiNlFiMHh0enRZZ1lpc2MuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwbgYIKwYBBQUHAQcBAf8EXzBdMDAEAgABMCoDBAItiGgD
BAK5GpADBAK5frADBAK5meQDBAK5opADBAK5qxgDBAK594gwKQQCAAIwIwMFAioE
OIADBQMqBsOAAwUDKgtgAAMFAyoNosADBQMqDcSAMA0GCSqGSIb3DQEBCwUAA4IB
AQBTW6vx4v5jld8JuLsjPAA775E99eMCXQbsrEZqRHUG1TWXh6JInqhqMLnvH5gg
gMAbZmFK6/1XxsTvRFmVIy+lWcVlkBUGJ65KZ+eMSb+WJtXu/nwTVpI6lYdlOLei
QKZ58qQK1bH+40Vlwr2gaYysh+AwMe+zWwofd6oNDQ/+z3KoldV0FIEY9DXzmwxU
23gREaQIh1Ek/ACE6iLBojtiMrbztinx8L5YUhBFzfKxkMMWgaODGPqhTcbS50Wi
WXL619dZGuwMp723XYY5MqkvCs+OTKH3YyRWwpqxyjFhnfqsEmxZK7MsLHzEGvri
d4WOE4+N0ECTA7qvto8ezLnE
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:10:39 2025 by rpki-client