Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/YUsUQMOUOK0LpgtDg2EVfVS6mEE.roa
File: YUsUQMOUOK0LpgtDg2EVfVS6mEE.roa (raw, json)
Hash identifier: /v42NEt/8A1cikySUeGw7pa1mXWPymqyYSBaUS8/5HQ=
Subject key identifier: 61:4B:14:40:C3:94:38:AD:0B:A6:0B:43:83:61:15:7D:54:BA:98:41
Certificate issuer: /CN=f8203a0c04b81fe1766fa41bd31b73b588188ac7
Certificate serial: 0C779D5F
Authority key identifier: F8:20:3A:0C:04:B8:1F:E1:76:6F:A4:1B:D3:1B:73:B5:88:18:8A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-CA6DAS4H-F2b6Qb0xtztYgYisc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/YUsUQMOUOK0LpgtDg2EVfVS6mEE.roa
Signing time: Sat 01 Jan 2022 15:55:36 +0000
ROA not before: Sat 01 Jan 2022 15:55:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 185.162.144.0/24 maxlen: 24
185.162.145.0/24 maxlen: 24
185.162.146.0/24 maxlen: 24
185.162.147.0/24 maxlen: 24
185.171.24.0/24 maxlen: 24
185.171.26.0/24 maxlen: 24
185.171.25.0/24 maxlen: 24
185.171.27.0/24 maxlen: 24
185.247.136.0/24 maxlen: 24
185.247.139.0/24 maxlen: 24
185.247.137.0/24 maxlen: 24
185.247.138.0/24 maxlen: 24
45.136.105.0/24 maxlen: 24
45.136.104.0/24 maxlen: 24
185.26.144.0/24 maxlen: 24
185.26.145.0/24 maxlen: 24
185.26.146.0/24 maxlen: 24
185.26.147.0/24 maxlen: 24
185.126.179.0/24 maxlen: 24
185.126.177.0/24 maxlen: 24
185.126.178.0/24 maxlen: 24
185.126.176.0/24 maxlen: 24
45.136.106.0/24 maxlen: 24
45.136.107.0/24 maxlen: 24
185.153.228.0/24 maxlen: 24
185.153.229.0/24 maxlen: 24
185.153.230.0/24 maxlen: 24
185.153.231.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 209165663 (0xc779d5f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8203a0c04b81fe1766fa41bd31b73b588188ac7
Validity
Not Before: Jan 1 15:55:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=614b1440c39438ad0ba60b438361157d54ba9841
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:20:a8:dd:43:b4:ba:73:83:04:24:af:c9:d3:
32:07:b5:ca:7b:dc:5d:04:a3:6b:f8:9a:06:d2:3b:
be:ca:03:66:cb:62:29:ae:d4:9e:17:56:e6:dc:6b:
0c:32:45:34:b6:d4:e3:c4:18:d9:53:f8:1b:ef:b1:
fd:13:4c:52:47:b4:c3:4b:bc:94:50:a4:48:16:0e:
b1:c0:af:e3:4e:8e:d9:44:b0:1c:25:63:c7:98:8a:
b6:d3:b0:ba:0c:46:b6:ac:25:c4:0d:15:c6:61:06:
3c:55:a3:24:cb:5a:50:99:44:e8:d6:98:68:ff:0e:
84:78:9f:81:00:40:5b:fa:c1:f9:18:93:6e:e8:80:
2c:ee:c3:1d:06:18:61:3e:c2:91:b5:04:22:84:12:
a9:fc:bf:79:af:29:08:8b:b5:2a:1f:9f:a2:38:09:
43:aa:28:b3:45:de:4b:af:1e:16:6c:7d:d0:f4:9d:
71:d7:74:54:28:b6:b0:1e:d4:19:82:40:d5:5b:66:
dd:89:57:1a:b8:e7:b5:27:58:64:7e:55:b6:bb:1f:
eb:87:d2:0c:7b:1b:46:6b:04:12:15:be:96:25:7a:
6a:f7:62:6b:0e:ed:92:fa:1a:50:61:d4:81:c0:73:
7a:37:c1:d0:ab:91:a8:95:ab:ce:eb:3d:3f:19:8d:
1b:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:4B:14:40:C3:94:38:AD:0B:A6:0B:43:83:61:15:7D:54:BA:98:41
X509v3 Authority Key Identifier:
keyid:F8:20:3A:0C:04:B8:1F:E1:76:6F:A4:1B:D3:1B:73:B5:88:18:8A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-CA6DAS4H-F2b6Qb0xtztYgYisc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/YUsUQMOUOK0LpgtDg2EVfVS6mEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/1-CA6DAS4H-F2b6Qb0xtztYgYisc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.104.0/22
185.26.144.0/22
185.126.176.0/22
185.153.228.0/22
185.162.144.0/22
185.171.24.0/22
185.247.136.0/22
Signature Algorithm: sha256WithRSAEncryption
12:6a:ed:b6:f8:3d:25:27:5c:85:bd:17:ee:2d:d6:53:27:00:
25:1d:b5:85:79:eb:9f:50:02:3c:11:1c:38:40:3c:37:1f:8d:
c7:e6:b8:ee:32:c4:71:c5:a2:25:0c:cc:d4:20:9d:ef:e8:64:
0d:ff:d5:59:88:50:ca:8f:ac:58:4a:98:2f:b2:2d:b2:53:05:
4e:43:8b:0b:e3:ba:6a:89:6d:38:6b:1c:43:6a:b6:4b:0d:7e:
6d:af:75:f0:26:00:2c:dd:8c:33:3d:61:e0:29:89:95:26:ad:
1f:57:27:9a:2d:1c:a4:a5:1e:0e:f3:ab:8b:5d:db:a0:38:3b:
e9:b4:e7:c9:ef:99:e2:3d:de:05:aa:99:33:d0:82:e0:0e:c1:
02:6f:4a:ca:aa:11:4d:85:eb:50:54:26:0e:df:02:2c:2b:f9:
71:30:03:05:8e:94:3c:3a:37:59:09:1c:91:d7:5a:33:f1:ca:
04:94:6b:7e:ad:1f:0b:e1:4f:ee:6e:92:36:13:78:ba:30:9b:
c5:40:c0:b6:db:d1:80:fa:34:de:df:14:7a:15:27:bb:51:fe:
ab:18:3a:74:b5:a9:f6:e9:5f:99:c1:0b:ce:b2:47:fe:33:a3:
77:b9:bd:13:28:d1:a0:66:9c:6e:73:c6:1e:a9:01:ff:85:db:
5c:02:79:ce
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIEDHedXzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ODIwM2EwYzA0YjgxZmUxNzY2ZmE0MWJkMzFiNzNiNTg4MTg4YWM3MB4XDTIyMDEw
MTE1NTUzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjE0YjE0NDBjMzk0
MzhhZDBiYTYwYjQzODM2MTE1N2Q1NGJhOTg0MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK0gqN1DtLpzgwQkr8nTMge1ynvcXQSja/iaBtI7vsoDZsti
Ka7UnhdW5txrDDJFNLbU48QY2VP4G++x/RNMUke0w0u8lFCkSBYOscCv406O2USw
HCVjx5iKttOwugxGtqwlxA0VxmEGPFWjJMtaUJlE6NaYaP8OhHifgQBAW/rB+RiT
buiALO7DHQYYYT7CkbUEIoQSqfy/ea8pCIu1Kh+fojgJQ6oos0XeS68eFmx90PSd
cdd0VCi2sB7UGYJA1Vtm3YlXGrjntSdYZH5Vtrsf64fSDHsbRmsEEhW+liV6avdi
aw7tkvoaUGHUgcBzejfB0KuRqJWrzus9PxmNG9cCAwEAAaOCAi8wggIrMB0GA1Ud
DgQWBBRhSxRAw5Q4rQumC0ODYRV9VLqYQTAfBgNVHSMEGDAWgBT4IDoMBLgf4XZv
pBvTG3O1iBiKxzAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtQ0E2REFTNEgtRjJiNlFiMHh0enRZZ1lpc2MuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzViL2UxNGNhMy1kYThlLTRiNTgtODYzYS0zMzg5NjIwYzFiZDcv
MS9ZVXNVUU1PVU9LMExwZ3REZzJFVmZWUzZtRUUucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVi
L2UxNGNhMy1kYThlLTRiNTgtODYzYS0zMzg5NjIwYzFiZDcvMS8xLUNBNkRBUzRI
LUYyYjZRYjB4dHp0WWdZaXNjLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCLYhoAwQCuRqQAwQCuX6wAwQC
uZnkAwQCuaKQAwQCuasYAwQCufeIMA0GCSqGSIb3DQEBCwUAA4IBAQASau22+D0l
J1yFvRfuLdZTJwAlHbWFeeufUAI8ERw4QDw3H43H5rjuMsRxxaIlDMzUIJ3v6GQN
/9VZiFDKj6xYSpgvsi2yUwVOQ4sL47pqiW04axxDarZLDX5tr3XwJgAs3YwzPWHg
KYmVJq0fVyeaLRykpR4O86uLXdugODvptOfJ75niPd4Fqpkz0ILgDsECb0rKqhFN
hetQVCYO3wIsK/lxMAMFjpQ8OjdZCRyR11oz8coElGt+rR8L4U/ubpI2E3i6MJvF
QMC229GA+jTe3xR6FSe7Uf6rGDp0tan26V+ZwQvOskf+M6N3ub0TKNGgZpxuc8Ye
qQH/hdtcAnnO
-----END CERTIFICATE-----
Generated at Sun Apr 13 01:19:43 2025 by rpki-client