Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/b2Z_m8ylTDhPFajXn3kmd6qVYuA.roa
File: b2Z_m8ylTDhPFajXn3kmd6qVYuA.roa (raw, json)
Hash identifier: 9iCmNjH9yD6Zlwe7eb1SXXfcr1IKXG9EquWu0mYj5A4=
Subject key identifier: 6F:66:7F:9B:CC:A5:4C:38:4F:15:A8:D7:9F:79:26:77:AA:95:62:E0
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 1557DA96
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/b2Z_m8ylTDhPFajXn3kmd6qVYuA.roa
Signing time: Wed 15 Jun 2022 03:05:08 +0000
ROA not before: Wed 15 Jun 2022 03:05:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 85.8.164.0/22 maxlen: 24
185.220.236.0/22 maxlen: 24
188.253.0.0/23 maxlen: 24
185.234.144.0/22 maxlen: 24
91.132.59.0/24 maxlen: 24
193.36.73.0/24 maxlen: 24
193.36.85.0/24 maxlen: 24
193.36.84.0/24 maxlen: 24
82.115.20.0/23 maxlen: 24
82.115.24.0/22 maxlen: 24
185.129.108.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 358079126 (0x1557da96)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jun 15 03:05:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6f667f9bcca54c384f15a8d79f792677aa9562e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:b1:b7:a0:9b:0b:bd:49:e4:2e:6e:ef:71:8b:
86:71:57:78:dc:ff:4b:8a:62:49:d6:1c:a5:b0:01:
73:e4:e4:f7:f0:db:95:b2:16:48:a1:44:f5:88:fa:
4f:ce:53:63:a2:97:27:e5:68:17:4d:d9:85:53:0b:
66:59:8a:79:88:4a:55:d2:0c:2e:bd:3c:82:e0:55:
f6:a6:3b:8a:37:11:20:b6:cc:e1:c1:cd:e6:b3:ce:
2e:be:02:d1:a5:f1:ac:98:e2:d6:77:bf:b3:da:88:
37:aa:c4:c2:0a:2a:41:ca:22:b2:c2:5a:21:12:57:
22:ef:67:a5:1c:85:b8:e3:5d:67:75:e7:6c:4f:a7:
29:0e:a6:dc:02:1d:76:f7:fc:c1:72:cf:1d:e9:53:
3e:3d:e7:27:7b:ba:4b:8a:a7:ab:5f:4a:77:7b:46:
6c:d8:21:45:9d:69:ee:c6:47:f1:12:d5:05:30:9a:
86:52:ea:fb:ca:29:f1:06:48:dd:07:49:17:6c:ef:
d5:37:0c:2e:7b:a9:ec:76:1c:d4:7c:cf:0e:5c:2a:
fd:5b:f2:c3:24:79:3b:e5:52:51:9d:3b:7a:39:97:
20:5a:7a:87:2f:ac:c8:de:66:10:12:79:c8:cf:77:
3c:fd:dc:31:8d:91:ce:18:69:9f:cd:0d:e7:86:8a:
01:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:66:7F:9B:CC:A5:4C:38:4F:15:A8:D7:9F:79:26:77:AA:95:62:E0
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/b2Z_m8ylTDhPFajXn3kmd6qVYuA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.115.20.0/23
82.115.24.0/22
85.8.164.0/22
91.132.59.0/24
185.129.108.0/23
185.220.236.0/22
185.234.144.0/22
188.253.0.0/23
193.36.73.0/24
193.36.84.0/23
Signature Algorithm: sha256WithRSAEncryption
dd:03:11:2a:6b:4b:6f:69:32:23:ed:a6:1a:b2:fa:18:b9:81:
c4:cd:23:d4:a6:ff:3f:0e:97:b3:fc:cf:51:6f:7f:6e:87:a3:
da:96:2b:fe:87:d0:58:95:98:72:bf:39:64:e5:1a:5a:54:5e:
ce:6a:cc:bb:23:b0:4c:30:57:1e:33:9a:ab:19:42:8b:0a:b4:
34:6b:08:30:bb:e2:ae:cd:de:4a:b4:14:3f:01:73:cc:95:89:
8b:ba:72:0a:54:10:99:32:e5:e0:56:d9:de:8d:22:69:57:ad:
84:cb:91:c8:5e:10:b1:58:97:9a:cb:7a:97:c8:b0:99:bb:e4:
36:49:d0:dc:d8:e2:cd:cf:3d:42:3d:4c:d1:fb:d1:72:71:1f:
d2:f4:52:02:59:3a:0b:28:4c:23:5e:68:19:0b:ec:fe:cf:01:
af:bf:7b:7f:82:e2:55:a6:db:31:5d:7c:fd:04:50:18:e6:f1:
69:12:15:1b:0c:43:13:fe:21:a8:fd:fe:e9:66:47:24:82:75:
43:66:ce:84:92:e2:06:57:96:11:e1:b8:77:11:1b:42:d8:40:
5a:07:6d:a1:4d:e4:c4:4c:d2:95:c5:60:40:b6:36:3e:c3:12:
3c:71:e2:b5:39:47:da:4f:fb:a5:04:52:cc:37:83:f6:9d:c6:
b6:b5:f5:06
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgIEFVfaljANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YWMzZGFhMWIxNDg1MGYyZTYxYzU5MmIyMTkxOTE1YTVlNjVhNDc4MB4XDTIyMDYx
NTAzMDUwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmY2NjdmOWJjY2E1
NGMzODRmMTVhOGQ3OWY3OTI2NzdhYTk1NjJlMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKOxt6CbC71J5C5u73GLhnFXeNz/S4piSdYcpbABc+Tk9/Db
lbIWSKFE9Yj6T85TY6KXJ+VoF03ZhVMLZlmKeYhKVdIMLr08guBV9qY7ijcRILbM
4cHN5rPOLr4C0aXxrJji1ne/s9qIN6rEwgoqQcoissJaIRJXIu9npRyFuONdZ3Xn
bE+nKQ6m3AIddvf8wXLPHelTPj3nJ3u6S4qnq19Kd3tGbNghRZ1p7sZH8RLVBTCa
hlLq+8op8QZI3QdJF2zv1TcMLnup7HYc1HzPDlwq/VvywyR5O+VSUZ07ejmXIFp6
hy+syN5mEBJ5yM93PP3cMY2Rzhhpn80N54aKAX8CAwEAAaOCAj8wggI7MB0GA1Ud
DgQWBBRvZn+bzKVMOE8VqNefeSZ3qpVi4DAfBgNVHSMEGDAWgBQqw9qhsUhQ8uYc
WSshkZFaXmWkeDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tzUGFvYkZJVVBMbUhGa3JJWkdSV2w1bHBIZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzAvNDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8x
L2IyWl9tOHlsVERoUEZhalhuM2ttZDZxVll1QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAv
NDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8xL0tzUGFvYkZJVVBM
bUhGa3JJWkdSV2w1bHBIZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBV
BggrBgEFBQcBBwEB/wRGMEQwQgQCAAEwPAMEAVJzFAMEAlJzGAMEAlUIpAMEAFuE
OwMEAbmBbAMEArnc7AMEArnqkAMEAbz9AAMEAMEkSQMEAcEkVDANBgkqhkiG9w0B
AQsFAAOCAQEA3QMRKmtLb2kyI+2mGrL6GLmBxM0j1Kb/Pw6Xs/zPUW9/boej2pYr
/ofQWJWYcr85ZOUaWlRezmrMuyOwTDBXHjOaqxlCiwq0NGsIMLvirs3eSrQUPwFz
zJWJi7pyClQQmTLl4FbZ3o0iaVethMuRyF4QsViXmst6l8iwmbvkNknQ3Njizc89
Qj1M0fvRcnEf0vRSAlk6CyhMI15oGQvs/s8Br797f4LiVabbMV18/QRQGObxaRIV
GwxDE/4hqP3+6WZHJIJ1Q2bOhJLiBleWEeG4dxEbQthAWgdtoU3kxEzSlcVgQLY2
PsMSPHHitTlH2k/7pQRSzDeD9p3GtrX1Bg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:45 2023 by rpki-client on console-fra.rpki-client.org