Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/WBhZskZiVzE-N7AQ-BVWxdfPUHo.roa
File: WBhZskZiVzE-N7AQ-BVWxdfPUHo.roa (raw, json)
Hash identifier: 0HR32ltSBkouKFBJzu1FF9ulv5CKeGwAbFTualJx2yA=
Subject key identifier: 58:18:59:B2:46:62:57:31:3E:37:B0:10:F8:15:56:C5:D7:CF:50:7A
Certificate issuer: /CN=add353933674a5608f6d1ee2dab4f64c8bff8f39
Certificate serial: 018D65A65612CBD165290911A8ECF047AD0A
Authority key identifier: AD:D3:53:93:36:74:A5:60:8F:6D:1E:E2:DA:B4:F6:4C:8B:FF:8F:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/WBhZskZiVzE-N7AQ-BVWxdfPUHo.roa
Signing time: Thu 01 Feb 2024 17:10:16 +0000
ROA not before: Thu 01 Feb 2024 17:10:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8851
IP address blocks: 91.84.0.0/18 maxlen: 18
91.84.96.0/19 maxlen: 19
91.84.128.0/17 maxlen: 17
91.85.0.0/17 maxlen: 17
91.85.128.0/19 maxlen: 19
91.85.192.0/18 maxlen: 18
194.46.32.0/19 maxlen: 19
194.46.64.0/19 maxlen: 19
194.46.80.0/20 maxlen: 20
212.104.128.0/19 maxlen: 19
212.104.129.0/24 maxlen: 24
212.104.130.0/24 maxlen: 24
212.104.132.0/24 maxlen: 24
212.104.136.0/24 maxlen: 24
212.104.143.0/24 maxlen: 24
212.104.149.0/24 maxlen: 24
212.104.150.0/24 maxlen: 24
212.104.152.0/24 maxlen: 24
212.104.155.0/24 maxlen: 24
212.104.156.0/24 maxlen: 24
212.104.159.0/24 maxlen: 24
212.108.80.0/21 maxlen: 21
212.108.88.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:65:a6:56:12:cb:d1:65:29:09:11:a8:ec:f0:47:ad:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=add353933674a5608f6d1ee2dab4f64c8bff8f39
Validity
Not Before: Feb 1 17:10:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=581859b2466257313e37b010f81556c5d7cf507a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:e6:16:42:37:0b:a5:7a:c9:03:d8:1a:e6:7a:
b4:27:de:d7:e1:11:ec:bd:68:be:de:4d:2f:17:9d:
c9:2e:10:cf:40:9c:c7:b6:52:20:32:18:03:88:67:
d9:92:08:e8:2d:6f:3f:8f:3c:36:b1:6a:ab:42:bd:
db:1f:42:7b:3c:f8:a8:f8:50:57:7d:09:cf:5d:87:
f2:2d:e0:75:5b:c7:3d:f3:cf:c4:c3:12:51:60:2f:
94:94:66:3e:fa:f4:0d:0b:8c:5a:b8:49:cf:58:51:
31:9a:03:42:e3:ec:29:b4:d6:8d:4b:09:22:3a:20:
c3:fd:88:10:cc:92:01:30:d1:a0:69:ec:f9:5f:20:
35:52:0e:22:c1:b4:f7:25:9d:c4:dd:0b:18:7e:68:
7a:3f:5b:c6:e2:29:bd:c3:dd:b5:60:53:0f:89:46:
72:ae:d1:d5:53:f5:ff:43:51:2f:50:73:1a:cd:98:
a2:52:98:a8:46:9b:0a:d6:e2:dc:61:cf:aa:1a:05:
31:93:fc:98:50:53:73:23:24:08:81:ed:66:79:47:
a7:9d:f7:22:b8:f6:68:ea:ff:10:a0:3b:85:ec:ef:
e6:e1:d7:66:ec:f8:08:33:4c:ed:d9:f1:79:30:57:
00:37:10:95:95:99:8c:31:20:67:dd:13:7e:e7:89:
7a:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:18:59:B2:46:62:57:31:3E:37:B0:10:F8:15:56:C5:D7:CF:50:7A
X509v3 Authority Key Identifier:
keyid:AD:D3:53:93:36:74:A5:60:8F:6D:1E:E2:DA:B4:F6:4C:8B:FF:8F:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/WBhZskZiVzE-N7AQ-BVWxdfPUHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.84.0.0/18
91.84.96.0-91.85.159.255
91.85.192.0/18
194.46.32.0-194.46.95.255
212.104.128.0/19
212.108.80.0-212.108.89.255
Signature Algorithm: sha256WithRSAEncryption
74:2c:a6:31:b1:3e:f3:da:9f:f7:58:3c:1d:65:58:1b:72:73:
38:8b:dd:c8:f9:bc:01:0b:75:92:2f:3c:ec:d4:72:94:4d:49:
9c:0b:cb:58:d9:c9:bd:59:bd:c7:d2:d8:23:d1:58:bc:46:2b:
0a:bd:de:e6:af:d6:12:d5:ea:31:0e:26:70:db:96:69:f9:d4:
c2:7d:9d:04:11:00:25:b3:2b:73:57:58:59:cd:4b:ce:7d:a6:
9e:32:a1:7e:df:91:83:f3:9b:bd:69:d2:65:86:22:71:37:f2:
92:3d:32:aa:ef:14:fe:eb:62:e6:fb:44:6e:31:72:e8:ee:8b:
a8:e9:66:f9:aa:45:6f:71:c4:c3:4f:e5:0a:ab:3e:9b:0f:55:
78:12:ff:32:0c:c2:6e:55:73:9c:e9:dc:3e:ef:45:43:78:ef:
ab:f3:62:bf:94:69:21:a4:8f:3a:8d:ae:09:87:99:7d:f0:67:
6a:77:c1:39:c0:2c:52:b5:19:a8:e2:89:eb:62:b1:46:83:40:
c2:ad:16:3c:bb:ac:e4:7c:46:99:35:2a:ff:d4:8f:58:f5:d0:
8d:c0:15:27:66:5b:d9:39:61:ce:46:79:18:eb:cf:23:54:51:
93:ec:28:68:e1:bc:0b:a5:cb:84:c6:60:3c:ed:d9:f0:1d:d9:
fc:74:57:7d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAY1lplYSy9FlKQkRqOzwR60KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZDM1MzkzMzY3NGE1NjA4ZjZkMWVlMmRhYjRmNjRjOGJm
ZjhmMzkwHhcNMjQwMjAxMTcxMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODE4NTliMjQ2NjI1NzMxM2UzN2IwMTBmODE1NTZjNWQ3Y2Y1MDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2eYWQjcLpXrJA9ga5nq0J97X4RHs
vWi+3k0vF53JLhDPQJzHtlIgMhgDiGfZkgjoLW8/jzw2sWqrQr3bH0J7PPio+FBX
fQnPXYfyLeB1W8c988/EwxJRYC+UlGY++vQNC4xauEnPWFExmgNC4+wptNaNSwki
OiDD/YgQzJIBMNGgaez5XyA1Ug4iwbT3JZ3E3QsYfmh6P1vG4im9w921YFMPiUZy
rtHVU/X/Q1EvUHMazZiiUpioRpsK1uLcYc+qGgUxk/yYUFNzIyQIge1meUennfci
uPZo6v8QoDuF7O/m4ddm7PgIM0zt2fF5MFcANxCVlZmMMSBn3RN+54l66wIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFFgYWbJGYlcxPjewEPgVVsXXz1B6MB8GA1UdIwQY
MBaAFK3TU5M2dKVgj20e4tq09kyL/485MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmROVGt6WjBwV0NQYlI3aTJyVDJUSXZfanprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy80OGI0MDctNmQ5NC00OWFlLWEzZDgt
NzJjODMxMjg3NjFiLzEvV0JoWnNrWmlWekUtTjdBUS1CVld4ZGZQVUhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy80OGI0MDctNmQ5NC00OWFlLWEzZDgtNzJjODMxMjg3NjFi
LzEvcmROVGt6WjBwV0NQYlI3aTJyVDJUSXZfanprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQGW1QAMAwD
BAVbVGADBAVbVYADBAZbVcAwDAMEBcIuIAMEBcIuQAMEBdRogDAMAwQE1GxQAwQB
1GxYMA0GCSqGSIb3DQEBCwUAA4IBAQB0LKYxsT7z2p/3WDwdZVgbcnM4i93I+bwB
C3WSLzzs1HKUTUmcC8tY2cm9Wb3H0tgj0Vi8RisKvd7mr9YS1eoxDiZw25Zp+dTC
fZ0EEQAlsytzV1hZzUvOfaaeMqF+35GD85u9adJlhiJxN/KSPTKq7xT+62Lm+0Ru
MXLo7ouo6Wb5qkVvccTDT+UKqz6bD1V4Ev8yDMJuVXOc6dw+70VDeO+r82K/lGkh
pI86ja4Jh5l98Gdqd8E5wCxStRmo4onrYrFGg0DCrRY8u6zkfEaZNSr/1I9Y9dCN
wBUnZlvZOWHORnkY688jVFGT7Cho4bwLpcuExmA87dnwHdn8dFd9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:37 2024 by rpki-client on console-ams.rpki-client.org