Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/2sESbBLR__qvFaLxUZ1WjykOHTw.roa
File: 2sESbBLR__qvFaLxUZ1WjykOHTw.roa (raw, json)
Hash identifier: 0LFblDdZdq94to84Isa4OOm1QJa8uBf4iZZqBjRwmCY=
Subject key identifier: DA:C1:12:6C:12:D1:FF:FA:AF:15:A2:F1:51:9D:56:8F:29:0E:1D:3C
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 1448382B
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/2sESbBLR__qvFaLxUZ1WjykOHTw.roa
Signing time: Tue 22 Mar 2022 14:25:35 +0000
ROA not before: Tue 22 Mar 2022 14:25:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 85.8.164.0/22 maxlen: 24
212.90.100.0/22 maxlen: 24
185.248.184.0/22 maxlen: 24
185.220.236.0/22 maxlen: 24
188.253.0.0/23 maxlen: 24
91.132.59.0/24 maxlen: 24
193.36.73.0/24 maxlen: 24
193.36.85.0/24 maxlen: 24
193.36.84.0/24 maxlen: 24
212.87.192.0/22 maxlen: 24
185.234.144.0/22 maxlen: 24
82.115.20.0/23 maxlen: 24
82.115.24.0/22 maxlen: 24
185.129.108.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 340277291 (0x1448382b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Mar 22 14:25:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dac1126c12d1fffaaf15a2f1519d568f290e1d3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:b4:2b:89:a8:2d:12:d4:a5:bc:59:d6:62:e0:
f5:ba:d9:55:06:75:15:65:da:08:fd:92:a3:93:d0:
9e:21:df:10:0f:43:bc:25:fd:d7:1b:bb:b1:7a:2f:
e2:17:c2:27:87:9c:58:3c:8c:11:93:8f:23:14:12:
88:50:c1:60:4d:37:01:37:0b:ea:78:55:82:ba:75:
e1:39:da:50:cf:ef:f2:90:68:46:1a:99:eb:dd:6d:
49:0b:7a:ca:95:bf:af:25:f7:44:07:00:9c:67:67:
71:0e:b1:f9:ba:0f:9c:3d:ef:ec:35:be:be:ba:51:
b8:a4:d7:5e:c2:d1:8f:7d:2c:da:a0:bf:ec:51:20:
0e:94:3f:c3:20:d1:3c:ba:f2:84:4c:2d:c1:97:1b:
0d:f0:85:28:67:66:7d:c7:52:54:8b:8b:ef:de:41:
4f:5c:d8:24:6c:34:bf:08:89:f1:12:2a:54:fa:ad:
94:9e:2a:67:e1:57:50:7b:af:b7:2a:28:bc:d1:70:
18:90:64:eb:b4:ff:7f:e9:d4:8d:9f:aa:a0:52:30:
e4:17:17:6c:8f:e6:ca:87:0f:99:a9:7e:81:2d:52:
09:d0:ee:10:1e:83:8a:1e:ac:b4:e4:49:69:d2:f0:
7e:7d:bf:4d:a7:04:31:8b:aa:d7:78:0f:1d:12:a7:
ec:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:C1:12:6C:12:D1:FF:FA:AF:15:A2:F1:51:9D:56:8F:29:0E:1D:3C
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/2sESbBLR__qvFaLxUZ1WjykOHTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.115.20.0/23
82.115.24.0/22
85.8.164.0/22
91.132.59.0/24
185.129.108.0/23
185.220.236.0/22
185.234.144.0/22
185.248.184.0/22
188.253.0.0/23
193.36.73.0/24
193.36.84.0/23
212.87.192.0/22
212.90.100.0/22
Signature Algorithm: sha256WithRSAEncryption
6d:1e:76:06:cd:7f:71:0b:e8:d0:7a:50:de:55:e6:84:c7:71:
94:9c:6e:b8:06:98:44:e4:12:4d:bf:d3:25:ee:b8:43:e9:a0:
f8:ec:c5:c0:4a:da:3f:8e:aa:1d:be:d3:37:7d:3f:46:ab:08:
ea:05:d0:c8:4a:57:05:a8:9d:f5:57:e0:6a:c6:31:34:c3:b5:
3d:55:9a:50:01:d2:69:c5:07:79:1e:47:5b:0e:54:d8:24:69:
b5:07:ac:48:d1:fb:83:5f:47:39:58:a7:d5:26:a1:c2:36:7b:
34:6c:f6:26:4c:27:77:2d:a5:ad:9d:4c:f1:1c:5e:0a:be:71:
7c:05:de:76:31:a3:93:1c:37:32:50:f2:bb:05:36:9c:12:ac:
74:75:dd:4c:6f:a1:6a:c3:c2:af:4b:a8:fc:16:8b:cc:a5:0e:
c3:4c:4b:a0:31:a2:ee:2c:03:11:75:1f:f8:f2:2e:ea:5a:2c:
fe:81:20:7e:07:93:56:93:19:e2:7b:6e:bd:9e:8a:d2:7c:9f:
44:38:0d:be:75:b9:f4:8b:9f:31:77:44:c3:46:24:88:48:54:
8f:7d:9a:53:0a:95:d4:1e:8b:9e:c4:25:90:59:46:61:a5:48:
74:bb:95:f0:a6:04:af:a6:1d:87:5f:75:a8:4a:1c:f7:b7:41:
32:4d:0d:10
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIEFEg4KzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YWMzZGFhMWIxNDg1MGYyZTYxYzU5MmIyMTkxOTE1YTVlNjVhNDc4MB4XDTIyMDMy
MjE0MjUzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGFjMTEyNmMxMmQx
ZmZmYWFmMTVhMmYxNTE5ZDU2OGYyOTBlMWQzYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALm0K4moLRLUpbxZ1mLg9brZVQZ1FWXaCP2So5PQniHfEA9D
vCX91xu7sXov4hfCJ4ecWDyMEZOPIxQSiFDBYE03ATcL6nhVgrp14TnaUM/v8pBo
RhqZ691tSQt6ypW/ryX3RAcAnGdncQ6x+boPnD3v7DW+vrpRuKTXXsLRj30s2qC/
7FEgDpQ/wyDRPLryhEwtwZcbDfCFKGdmfcdSVIuL795BT1zYJGw0vwiJ8RIqVPqt
lJ4qZ+FXUHuvtyoovNFwGJBk67T/f+nUjZ+qoFIw5BcXbI/myocPmal+gS1SCdDu
EB6Dih6stORJadLwfn2/TacEMYuq13gPHRKn7JsCAwEAAaOCAlEwggJNMB0GA1Ud
DgQWBBTawRJsEtH/+q8VovFRnVaPKQ4dPDAfBgNVHSMEGDAWgBQqw9qhsUhQ8uYc
WSshkZFaXmWkeDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tzUGFvYkZJVVBMbUhGa3JJWkdSV2w1bHBIZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzAvNDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8x
LzJzRVNiQkxSX19xdkZhTHhVWjFXanlrT0hUdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAv
NDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8xL0tzUGFvYkZJVVBM
bUhGa3JJWkdSV2w1bHBIZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBn
BggrBgEFBQcBBwEB/wRYMFYwVAQCAAEwTgMEAVJzFAMEAlJzGAMEAlUIpAMEAFuE
OwMEAbmBbAMEArnc7AMEArnqkAMEArn4uAMEAbz9AAMEAMEkSQMEAcEkVAMEAtRX
wAMEAtRaZDANBgkqhkiG9w0BAQsFAAOCAQEAbR52Bs1/cQvo0HpQ3lXmhMdxlJxu
uAaYROQSTb/TJe64Q+mg+OzFwEraP46qHb7TN30/RqsI6gXQyEpXBaid9VfgasYx
NMO1PVWaUAHSacUHeR5HWw5U2CRptQesSNH7g19HOVin1SahwjZ7NGz2Jkwndy2l
rZ1M8RxeCr5xfAXedjGjkxw3MlDyuwU2nBKsdHXdTG+hasPCr0uo/BaLzKUOw0xL
oDGi7iwDEXUf+PIu6los/oEgfgeTVpMZ4ntuvZ6K0nyfRDgNvnW59IufMXdEw0Yk
iEhUj32aUwqV1B6LnsQlkFlGYaVIdLuV8KYEr6Ydh191qEoc97dBMk0NEA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:24 2023 by rpki-client on console-ams.rpki-client.org