Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/Ub23sTK2d0jpCKD8PMs5iPVLw5E.roa
File: Ub23sTK2d0jpCKD8PMs5iPVLw5E.roa (raw, json)
Hash identifier: 2VTyqJ2MYtAEPPpn+3Q/u4hOdPuKgpaVap3hZDn7yeU=
Subject key identifier: 51:BD:B7:B1:32:B6:77:48:E9:08:A0:FC:3C:CB:39:88:F5:4B:C3:91
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 0185B9A7F0FA5966794FAE48D713548541B1
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/Ub23sTK2d0jpCKD8PMs5iPVLw5E.roa
Signing time: Mon 16 Jan 2023 08:17:49 +0000
ROA not before: Mon 16 Jan 2023 08:17:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12325
IP address blocks: 86.105.144.0/22 maxlen: 24
89.34.219.0/24 maxlen: 24
176.223.66.0/24 maxlen: 24
89.46.128.0/22 maxlen: 24
188.213.212.0/24 maxlen: 24
188.213.216.0/24 maxlen: 24
94.176.213.0/24 maxlen: 24
89.47.36.0/24 maxlen: 24
93.115.203.0/24 maxlen: 24
92.114.32.0/24 maxlen: 24
92.114.54.0/24 maxlen: 24
188.211.238.0/24 maxlen: 24
31.14.228.0/22 maxlen: 24
188.212.121.0/24 maxlen: 24
94.177.28.0/24 maxlen: 24
85.204.18.0/24 maxlen: 24
185.18.224.0/23 maxlen: 24
89.35.124.0/23 maxlen: 24
89.35.130.0/23 maxlen: 24
89.35.129.0/24 maxlen: 24
128.0.41.0/24 maxlen: 24
89.46.42.0/24 maxlen: 24
188.213.0.0/24 maxlen: 24
89.40.222.0/23 maxlen: 24
217.19.4.0/24 maxlen: 24
77.81.100.0/24 maxlen: 24
89.44.105.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:b9:a7:f0:fa:59:66:79:4f:ae:48:d7:13:54:85:41:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 16 08:17:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=51bdb7b132b67748e908a0fc3ccb3988f54bc391
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ec:ae:c9:5d:27:13:17:b2:a6:9f:20:3a:ef:
7b:a9:14:06:c5:e5:26:4d:53:d7:a3:57:b4:92:cc:
63:32:79:01:f6:0f:89:f7:aa:f6:84:9c:3f:ba:45:
d4:97:0e:5c:a7:05:72:9e:4d:5c:b9:b3:95:c4:7a:
c1:39:a1:66:2a:9c:87:32:f4:f7:88:55:d8:58:8b:
36:43:b9:02:5d:22:a3:34:79:af:d9:b5:0b:60:8f:
56:19:56:f3:e8:a7:cd:db:d9:ce:23:38:20:15:93:
25:15:75:14:18:5d:ba:b2:51:66:07:6f:ec:41:aa:
1f:09:95:8f:e5:27:47:7c:57:78:5c:4d:fd:7d:19:
bf:c9:06:68:ad:c5:bb:88:7a:22:82:87:4a:18:35:
ef:02:b3:5d:49:ea:60:71:8c:61:38:be:40:34:63:
b2:b8:55:ce:6a:f3:2c:c1:ce:6e:3c:0e:6d:85:66:
0b:16:f7:5e:3b:fe:63:a0:d7:09:39:70:bf:e6:23:
20:ee:e3:5a:1f:f6:0c:91:45:fa:b8:06:62:ad:9e:
8f:0f:79:7e:91:94:ba:c3:4d:39:26:e9:9b:be:45:
59:82:b3:e5:eb:25:dc:d4:fe:ea:d5:aa:fb:f8:21:
e2:ab:18:e5:26:4a:86:4d:b6:8e:a7:d7:8f:1f:34:
a0:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:BD:B7:B1:32:B6:77:48:E9:08:A0:FC:3C:CB:39:88:F5:4B:C3:91
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/Ub23sTK2d0jpCKD8PMs5iPVLw5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.228.0/22
77.81.100.0/24
85.204.18.0/24
86.105.144.0/22
89.34.219.0/24
89.35.124.0/23
89.35.129.0-89.35.131.255
89.40.222.0/23
89.44.105.0/24
89.46.42.0/24
89.46.128.0/22
89.47.36.0/24
92.114.32.0/24
92.114.54.0/24
93.115.203.0/24
94.176.213.0/24
94.177.28.0/24
128.0.41.0/24
176.223.66.0/24
185.18.224.0/23
188.211.238.0/24
188.212.121.0/24
188.213.0.0/24
188.213.212.0/24
188.213.216.0/24
217.19.4.0/24
Signature Algorithm: sha256WithRSAEncryption
c8:00:db:91:3b:6d:fa:0e:b9:87:d6:35:e8:86:b4:d1:01:a4:
1e:07:39:7d:c6:1c:cf:3e:a3:bf:a1:69:36:47:2c:39:98:66:
a6:5c:5e:2b:ba:bb:8e:05:e6:a7:f8:08:7e:f0:61:a2:8b:40:
9d:da:ac:5c:cc:dd:52:cf:2b:a5:99:cd:b0:d1:b5:b3:bd:5a:
63:8e:1d:30:17:99:6a:37:ee:74:38:4d:9a:67:1d:11:03:61:
54:3e:e6:9e:fe:2b:92:de:34:26:ee:b9:2f:f5:71:6f:69:78:
57:69:14:4c:82:c1:66:51:03:2d:fe:63:bc:f4:57:bb:02:c4:
d3:bd:5b:2e:af:e7:3d:3e:f2:8d:c9:1c:5e:50:e2:e1:68:69:
3e:78:e9:15:65:c5:8b:19:5b:a2:96:ff:d8:7c:16:38:0e:22:
1a:3d:67:bd:8d:cd:32:df:25:e7:ef:af:fb:42:39:40:09:71:
a0:3f:df:27:ba:3f:56:02:95:4e:6e:bd:6d:87:73:b9:d5:07:
fc:56:1b:b5:43:5a:cd:52:da:bc:33:6a:72:83:9f:28:c4:23:
e7:a6:fb:73:03:90:50:92:7f:57:55:5a:1d:9e:70:03:67:5a:
43:23:2b:48:da:a6:de:af:ec:74:2a:57:5f:e7:20:eb:d8:cb:
c2:10:70:28
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgISAYW5p/D6WWZ5T65I1xNUhUGxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjMwMTE2MDgxNzQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWJkYjdiMTMyYjY3NzQ4ZTkwOGEwZmMzY2NiMzk4OGY1NGJjMzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+yuyV0nExeypp8gOu97qRQGxeUm
TVPXo1e0ksxjMnkB9g+J96r2hJw/ukXUlw5cpwVynk1cubOVxHrBOaFmKpyHMvT3
iFXYWIs2Q7kCXSKjNHmv2bULYI9WGVbz6KfN29nOIzggFZMlFXUUGF26slFmB2/s
QaofCZWP5SdHfFd4XE39fRm/yQZorcW7iHoigodKGDXvArNdSepgcYxhOL5ANGOy
uFXOavMswc5uPA5thWYLFvdeO/5joNcJOXC/5iMg7uNaH/YMkUX6uAZirZ6PD3l+
kZS6w005JumbvkVZgrPl6yXc1P7q1ar7+CHiqxjlJkqGTbaOp9ePHzSgewIDAQAB
o4ICrjCCAqowHQYDVR0OBBYEFFG9t7EytndI6Qig/DzLOYj1S8ORMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL1ViMjNzVEsyZDBqcENLRDhQTXM1aVBWTHc1RS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgcEGCCsGAQUFBwEHAQH/BIGxMIGuMIGrBAIAATCBpAME
Ah8O5AMEAE1RZAMEAFXMEgMEAlZpkAMEAFki2wMEAVkjfDAMAwQAWSOBAwQCWSOA
AwQBWSjeAwQAWSxpAwQAWS4qAwQCWS6AAwQAWS8kAwQAXHIgAwQAXHI2AwQAXXPL
AwQAXrDVAwQAXrEcAwQAgAApAwQAsN9CAwQBuRLgAwQAvNPuAwQAvNR5AwQAvNUA
AwQAvNXUAwQAvNXYAwQA2RMEMA0GCSqGSIb3DQEBCwUAA4IBAQDIANuRO236DrmH
1jXohrTRAaQeBzl9xhzPPqO/oWk2Ryw5mGamXF4ruruOBean+Ah+8GGii0Cd2qxc
zN1Szyulmc2w0bWzvVpjjh0wF5lqN+50OE2aZx0RA2FUPuae/iuS3jQm7rkv9XFv
aXhXaRRMgsFmUQMt/mO89Fe7AsTTvVsur+c9PvKNyRxeUOLhaGk+eOkVZcWLGVui
lv/YfBY4DiIaPWe9jc0y3yXn76/7QjlACXGgP98nuj9WApVObr1th3O51Qf8Vhu1
Q1rNUtq8M2pyg58oxCPnpvtzA5BQkn9XVVodnnADZ1pDIytI2qber+x0Kldf5yDr
2MvCEHAo
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:49 2023 by rpki-client on console-ams.rpki-client.org