Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/lVhiOh6tdtizpyQAPYrL0Eaq8Eo.roa
File: lVhiOh6tdtizpyQAPYrL0Eaq8Eo.roa (raw, json)
Hash identifier: O1/HGUFBkTmrNanV8Hcg+49ZFLCLwSXuj+08mPNk0Gg=
Subject key identifier: 95:58:62:3A:1E:AD:76:D8:B3:A7:24:00:3D:8A:CB:D0:46:AA:F0:4A
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 0185C44DED661B78CCACA8DCB714EAD1D66C
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/lVhiOh6tdtizpyQAPYrL0Eaq8Eo.roa
Signing time: Wed 18 Jan 2023 09:55:19 +0000
ROA not before: Wed 18 Jan 2023 09:55:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12325
IP address blocks: 86.105.144.0/22 maxlen: 24
89.34.219.0/24 maxlen: 24
176.223.66.0/24 maxlen: 24
89.46.128.0/22 maxlen: 24
188.213.212.0/24 maxlen: 24
188.213.216.0/24 maxlen: 24
94.176.213.0/24 maxlen: 24
89.47.36.0/24 maxlen: 24
188.215.40.0/22 maxlen: 24
93.115.203.0/24 maxlen: 24
92.114.32.0/24 maxlen: 24
92.114.54.0/24 maxlen: 24
188.211.238.0/24 maxlen: 24
31.14.228.0/22 maxlen: 24
89.46.232.0/21 maxlen: 24
188.212.121.0/24 maxlen: 24
94.177.28.0/24 maxlen: 24
85.204.18.0/24 maxlen: 24
185.18.224.0/23 maxlen: 24
89.35.124.0/23 maxlen: 24
89.35.130.0/23 maxlen: 24
89.35.129.0/24 maxlen: 24
128.0.41.0/24 maxlen: 24
89.37.192.0/22 maxlen: 24
89.46.42.0/24 maxlen: 24
188.213.0.0/24 maxlen: 24
89.40.222.0/23 maxlen: 24
217.19.4.0/24 maxlen: 24
77.81.100.0/24 maxlen: 24
89.44.105.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c4:4d:ed:66:1b:78:cc:ac:a8:dc:b7:14:ea:d1:d6:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 18 09:55:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9558623a1ead76d8b3a724003d8acbd046aaf04a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:ef:7a:ee:b3:7c:8e:78:90:11:4d:e5:fc:32:
f5:ca:00:b9:b1:5f:f9:0d:b4:63:10:84:c5:87:a8:
5d:41:1a:84:41:77:b2:7f:07:01:a9:62:de:02:65:
10:e5:e4:f4:b5:d7:a6:22:dc:1a:2d:49:4c:42:30:
93:68:27:fe:9b:c8:a5:a9:a5:2d:05:10:85:b2:e5:
27:73:73:34:3e:d9:38:88:f1:2d:9c:1e:bb:44:9c:
7d:c0:e3:08:f1:e1:c2:6c:30:65:a4:b6:0b:83:49:
ef:78:65:2a:23:76:13:18:d5:dd:be:b5:5c:d0:8e:
e6:41:b7:90:c0:fa:c1:72:92:10:2c:d6:3b:e0:ab:
5c:c3:04:b1:7b:21:b4:35:4c:75:25:e1:ae:54:e6:
77:26:02:f4:cb:05:a9:48:97:3e:1d:a4:4d:27:a7:
b4:d7:82:73:c1:db:81:d0:f5:e9:df:7e:3c:2a:09:
0d:41:f7:00:6b:2f:04:12:84:ca:05:20:97:25:12:
d2:bf:8b:f6:24:a6:e1:19:91:e3:d6:59:ae:33:47:
83:9d:02:6f:36:55:09:f9:5a:14:b3:8c:f7:a9:ec:
c7:e2:5b:9f:c9:6d:8f:54:66:02:3c:e7:63:cd:7f:
15:d0:8d:d0:3a:8e:a1:a0:e3:a8:6a:3a:d8:8a:c9:
52:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:58:62:3A:1E:AD:76:D8:B3:A7:24:00:3D:8A:CB:D0:46:AA:F0:4A
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/lVhiOh6tdtizpyQAPYrL0Eaq8Eo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.228.0/22
77.81.100.0/24
85.204.18.0/24
86.105.144.0/22
89.34.219.0/24
89.35.124.0/23
89.35.129.0-89.35.131.255
89.37.192.0/22
89.40.222.0/23
89.44.105.0/24
89.46.42.0/24
89.46.128.0/22
89.46.232.0/21
89.47.36.0/24
92.114.32.0/24
92.114.54.0/24
93.115.203.0/24
94.176.213.0/24
94.177.28.0/24
128.0.41.0/24
176.223.66.0/24
185.18.224.0/23
188.211.238.0/24
188.212.121.0/24
188.213.0.0/24
188.213.212.0/24
188.213.216.0/24
188.215.40.0/22
217.19.4.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:6a:e0:c7:c9:10:f9:c6:2a:cb:52:fe:91:eb:15:ff:48:35:
c6:3b:3b:3a:20:26:7b:ec:9d:96:64:8b:86:91:83:c6:57:74:
48:fd:b6:f9:78:91:89:e0:40:cf:95:66:a1:9f:db:c0:fe:4e:
bb:6a:54:44:63:12:2d:8c:ca:34:0a:10:0f:24:7b:40:54:48:
c5:d4:89:dc:fe:fa:31:3d:95:38:f3:f1:5f:d0:98:13:99:84:
a9:ac:27:f4:8e:92:75:76:e7:18:38:02:e6:c8:de:c9:79:90:
04:6d:18:b6:85:1b:37:3e:3d:3c:91:b8:03:bd:74:72:cb:30:
78:92:7a:9f:e5:a5:66:90:c7:8f:ec:96:87:2d:92:0a:cb:51:
15:ae:ba:8d:af:3a:c9:fb:62:a2:0e:99:70:3d:65:99:cb:f8:
2a:b5:46:4d:15:a8:90:1c:f3:9d:d1:27:b5:60:af:8b:4a:72:
70:c5:83:c6:f2:9b:90:f5:b9:80:8e:b0:67:48:80:5d:b3:4e:
9f:8e:37:f8:15:52:cd:4b:f6:01:2b:c7:1d:00:a6:43:cd:52:
54:50:f2:99:b2:01:f2:01:c8:8c:a3:03:0d:a0:3e:e6:b9:85:
ac:88:24:37:a7:2a:bb:0f:6a:5b:8a:b4:8c:69:2b:95:b9:31:
d8:d8:88:4f
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgISAYXETe1mG3jMrKjctxTq0dZsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjMwMTE4MDk1NTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTU4NjIzYTFlYWQ3NmQ4YjNhNzI0MDAzZDhhY2JkMDQ2YWFmMDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+967rN8jniQEU3l/DL1ygC5sV/5
DbRjEITFh6hdQRqEQXeyfwcBqWLeAmUQ5eT0tdemItwaLUlMQjCTaCf+m8ilqaUt
BRCFsuUnc3M0Ptk4iPEtnB67RJx9wOMI8eHCbDBlpLYLg0nveGUqI3YTGNXdvrVc
0I7mQbeQwPrBcpIQLNY74KtcwwSxeyG0NUx1JeGuVOZ3JgL0ywWpSJc+HaRNJ6e0
14JzwduB0PXp3348KgkNQfcAay8EEoTKBSCXJRLSv4v2JKbhGZHj1lmuM0eDnQJv
NlUJ+VoUs4z3qezH4lufyW2PVGYCPOdjzX8V0I3QOo6hoOOoajrYislSRwIDAQAB
o4ICwDCCArwwHQYDVR0OBBYEFJVYYjoerXbYs6ckAD2Ky9BGqvBKMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL2xWaGlPaDZ0ZHRpenB5UUFQWXJMMEVhcThFby5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgdMGCCsGAQUFBwEHAQH/BIHDMIHAMIG9BAIAATCBtgME
Ah8O5AMEAE1RZAMEAFXMEgMEAlZpkAMEAFki2wMEAVkjfDAMAwQAWSOBAwQCWSOA
AwQCWSXAAwQBWSjeAwQAWSxpAwQAWS4qAwQCWS6AAwQDWS7oAwQAWS8kAwQAXHIg
AwQAXHI2AwQAXXPLAwQAXrDVAwQAXrEcAwQAgAApAwQAsN9CAwQBuRLgAwQAvNPu
AwQAvNR5AwQAvNUAAwQAvNXUAwQAvNXYAwQCvNcoAwQA2RMEMA0GCSqGSIb3DQEB
CwUAA4IBAQBcauDHyRD5xirLUv6R6xX/SDXGOzs6ICZ77J2WZIuGkYPGV3RI/bb5
eJGJ4EDPlWahn9vA/k67alREYxItjMo0ChAPJHtAVEjF1Inc/voxPZU48/Ff0JgT
mYSprCf0jpJ1ducYOALmyN7JeZAEbRi2hRs3Pj08kbgDvXRyyzB4knqf5aVmkMeP
7JaHLZIKy1EVrrqNrzrJ+2KiDplwPWWZy/gqtUZNFaiQHPOd0Se1YK+LSnJwxYPG
8puQ9bmAjrBnSIBds06fjjf4FVLNS/YBK8cdAKZDzVJUUPKZsgHyAciMowMNoD7m
uYWsiCQ3pyq7D2pbirSMaSuVuTHY2IhP
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:12 2023 by rpki-client on console-fra.rpki-client.org