Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/C4TBD1uTOnc_q4f_8jN4m8S0Upo.roa
File: C4TBD1uTOnc_q4f_8jN4m8S0Upo.roa (raw, json)
Hash identifier: CSzoP+58BI0OYx9nfpVIoeKsGpi//ABUmtsUSGUTClU=
Subject key identifier: 0B:84:C1:0F:5B:93:3A:77:3F:AB:87:FF:F2:33:78:9B:C4:B4:52:9A
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 13354770
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/C4TBD1uTOnc_q4f_8jN4m8S0Upo.roa
Signing time: Sat 01 Jan 2022 04:03:03 +0000
ROA not before: Sat 01 Jan 2022 04:03:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 85.8.164.0/22 maxlen: 24
212.90.100.0/22 maxlen: 24
185.248.184.0/22 maxlen: 24
185.220.236.0/22 maxlen: 24
188.253.0.0/23 maxlen: 24
185.215.245.0/24 maxlen: 24
91.132.59.0/24 maxlen: 24
212.87.192.0/22 maxlen: 24
185.234.144.0/22 maxlen: 24
185.59.115.0/24 maxlen: 24
82.115.16.0/24 maxlen: 24
82.115.20.0/23 maxlen: 24
82.115.18.0/23 maxlen: 24
82.115.24.0/22 maxlen: 24
185.129.108.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 322258800 (0x13354770)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 1 04:03:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0b84c10f5b933a773fab87fff233789bc4b4529a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:8b:0a:7b:93:24:3d:23:a7:60:2e:ca:57:b3:
b6:38:c9:5c:71:cc:b6:f0:6f:db:c4:1f:41:03:d1:
b0:13:56:bf:f9:97:56:7a:ba:08:17:11:43:d5:3c:
78:a1:05:11:ac:02:f7:5f:0c:af:8c:36:43:a6:0e:
54:a1:65:e5:e5:73:0c:84:dd:b8:38:81:92:3a:30:
01:a8:af:db:34:d2:4f:bc:af:99:bc:82:94:85:ea:
a6:c8:10:84:8f:97:ee:34:22:e6:a7:6c:d4:12:c9:
25:2c:fa:b0:78:93:e0:61:a7:c7:93:33:56:a0:87:
5e:6e:94:09:52:96:b2:c3:2f:f4:87:68:97:29:38:
03:a5:b7:2e:d1:a4:61:a8:9a:02:1d:0a:43:2c:6f:
08:e0:d9:6a:2a:f1:26:29:c4:73:3c:3b:cb:39:00:
33:79:62:ad:07:7b:f7:ec:86:d0:23:f3:6c:af:10:
f7:04:c7:17:27:39:d4:b5:fe:cc:0a:0b:44:1e:9e:
7a:ac:c0:b9:ad:a2:05:e9:ff:39:5f:69:e2:96:d5:
ae:32:c9:70:da:15:61:8d:51:d8:ff:f7:f1:16:67:
df:87:01:7c:9b:64:42:de:f7:0d:db:00:4b:e6:6e:
e4:61:75:4a:5c:62:9a:64:ec:97:d0:64:e4:b8:13:
a5:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:84:C1:0F:5B:93:3A:77:3F:AB:87:FF:F2:33:78:9B:C4:B4:52:9A
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/C4TBD1uTOnc_q4f_8jN4m8S0Upo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.115.16.0/24
82.115.18.0-82.115.21.255
82.115.24.0/22
85.8.164.0/22
91.132.59.0/24
185.59.115.0/24
185.129.108.0/23
185.215.245.0/24
185.220.236.0/22
185.234.144.0/22
185.248.184.0/22
188.253.0.0/23
212.87.192.0/22
212.90.100.0/22
Signature Algorithm: sha256WithRSAEncryption
4e:40:7b:2e:cc:50:60:6c:ba:e3:b1:cb:c0:c1:dc:b6:f4:47:
c6:0a:b4:fb:93:de:bd:d5:df:de:6a:c5:c1:81:fb:3d:7d:77:
97:29:64:90:8d:b9:b8:2d:ee:52:18:40:64:cc:38:d7:4b:52:
60:f0:c5:a3:7b:fb:7a:fc:bb:e3:6f:13:a5:4c:a3:16:bf:35:
fb:60:4b:62:9d:a8:5d:15:0a:4e:8a:d7:ff:9b:a6:99:0a:24:
80:01:b0:0f:6e:68:aa:0f:76:09:bf:eb:54:49:0e:55:10:ad:
8b:90:c3:ee:ae:8a:30:7b:ba:1c:35:f9:44:3b:7b:0d:98:28:
ce:b8:36:08:cd:33:ed:39:c1:9a:c7:fc:f1:05:98:be:fe:19:
d6:73:8e:e2:0c:60:3a:7b:79:50:54:fe:d5:61:9a:17:e0:9c:
16:f1:64:e3:cd:5c:86:3e:82:ac:d0:4a:79:30:07:66:65:9e:
de:34:2d:73:a8:04:05:21:e9:29:e7:6d:e4:cc:75:2c:dd:4c:
3a:38:74:43:5d:1c:ad:cc:1b:17:43:c1:c5:df:08:65:be:6c:
6c:dc:2e:61:74:dc:ce:7e:f3:de:33:c3:e0:7a:5c:f6:0a:79:
90:d2:e4:08:b9:e7:a0:da:bb:77:17:ef:d1:3e:a9:94:10:20:
36:f5:cb:85
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIEEzVHcDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YWMzZGFhMWIxNDg1MGYyZTYxYzU5MmIyMTkxOTE1YTVlNjVhNDc4MB4XDTIyMDEw
MTA0MDMwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGI4NGMxMGY1Yjkz
M2E3NzNmYWI4N2ZmZjIzMzc4OWJjNGI0NTI5YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJaLCnuTJD0jp2AuyleztjjJXHHMtvBv28QfQQPRsBNWv/mX
Vnq6CBcRQ9U8eKEFEawC918Mr4w2Q6YOVKFl5eVzDITduDiBkjowAaiv2zTST7yv
mbyClIXqpsgQhI+X7jQi5qds1BLJJSz6sHiT4GGnx5MzVqCHXm6UCVKWssMv9Ido
lyk4A6W3LtGkYaiaAh0KQyxvCODZairxJinEczw7yzkAM3lirQd79+yG0CPzbK8Q
9wTHFyc51LX+zAoLRB6eeqzAua2iBen/OV9p4pbVrjLJcNoVYY1R2P/38RZn34cB
fJtkQt73DdsAS+Zu5GF1SlximmTsl9Bk5LgTpZ0CAwEAAaOCAl8wggJbMB0GA1Ud
DgQWBBQLhMEPW5M6dz+rh//yM3ibxLRSmjAfBgNVHSMEGDAWgBQqw9qhsUhQ8uYc
WSshkZFaXmWkeDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tzUGFvYkZJVVBMbUhGa3JJWkdSV2w1bHBIZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzAvNDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8x
L0M0VEJEMXVUT25jX3E0Zl84ak40bThTMFVwby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAv
NDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8xL0tzUGFvYkZJVVBM
bUhGa3JJWkdSV2w1bHBIZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB1
BggrBgEFBQcBBwEB/wRmMGQwYgQCAAEwXAMEAFJzEDAMAwQBUnMSAwQBUnMUAwQC
UnMYAwQCVQikAwQAW4Q7AwQAuTtzAwQBuYFsAwQAudf1AwQCudzsAwQCueqQAwQC
ufi4AwQBvP0AAwQC1FfAAwQC1FpkMA0GCSqGSIb3DQEBCwUAA4IBAQBOQHsuzFBg
bLrjscvAwdy29EfGCrT7k9691d/easXBgfs9fXeXKWSQjbm4Le5SGEBkzDjXS1Jg
8MWje/t6/LvjbxOlTKMWvzX7YEtinahdFQpOitf/m6aZCiSAAbAPbmiqD3YJv+tU
SQ5VEK2LkMPuroowe7ocNflEO3sNmCjOuDYIzTPtOcGax/zxBZi+/hnWc47iDGA6
e3lQVP7VYZoX4JwW8WTjzVyGPoKs0Ep5MAdmZZ7eNC1zqAQFIekp523kzHUs3Uw6
OHRDXRytzBsXQ8HF3whlvmxs3C5hdNzOfvPeM8Pgelz2CnmQ0uQIueeg2rt3F+/R
PqmUECA29cuF
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:42 2023 by rpki-client on console-fra.rpki-client.org