Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/HbMPbctaufFynHYCFZA-9KXb_Rg.roa
File: HbMPbctaufFynHYCFZA-9KXb_Rg.roa (raw, json)
Hash identifier: kGWX83X3bWbEJ0PpFlZE3oU5SM4/8/ysS/hE45mAaRc=
Subject key identifier: 1D:B3:0F:6D:CB:5A:B9:F1:72:9C:76:02:15:90:3E:F4:A5:DB:FD:18
Certificate issuer: /CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Certificate serial: 018CC7275204EE39143531D06D5A35CDE5D5
Authority key identifier: 81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/HbMPbctaufFynHYCFZA-9KXb_Rg.roa
Signing time: Mon 01 Jan 2024 22:31:31 +0000
ROA not before: Mon 01 Jan 2024 22:31:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64236
IP address blocks: 185.199.226.0/24 maxlen: 24
185.199.224.0/23 maxlen: 23
45.92.29.0/24 maxlen: 24
185.215.150.0/24 maxlen: 24
185.215.150.0/23 maxlen: 23
185.215.148.0/24 maxlen: 24
212.162.148.0/22 maxlen: 22
185.235.14.0/23 maxlen: 23
193.39.185.0/24 maxlen: 24
193.39.186.0/24 maxlen: 24
185.191.231.0/24 maxlen: 24
185.191.228.0/23 maxlen: 23
45.81.150.0/24 maxlen: 24
185.218.235.0/24 maxlen: 24
85.209.84.0/23 maxlen: 23
85.209.87.0/24 maxlen: 24
185.202.172.0/23 maxlen: 23
185.202.175.0/24 maxlen: 24
2a0b:aac0::/29 maxlen: 29
2a0a:1f42::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:52:04:ee:39:14:35:31:d0:6d:5a:35:cd:e5:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Validity
Not Before: Jan 1 22:31:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1db30f6dcb5ab9f1729c760215903ef4a5dbfd18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e7:95:73:d2:7b:36:c0:99:6a:43:38:20:77:
92:64:b0:e3:13:02:0d:16:b0:ad:48:de:b3:15:89:
2f:b7:cb:db:6f:ba:2c:50:88:b0:62:1f:6a:69:a1:
c3:e7:ae:f2:00:e3:2c:a4:82:7c:e0:9e:8e:ec:12:
86:d1:e1:27:ba:61:7b:47:b2:3d:eb:a8:4c:01:1e:
cf:40:d6:b0:fc:ab:46:7f:c8:a8:fc:58:d7:50:0f:
8b:d6:04:85:d8:03:f2:ea:33:3e:7f:19:03:e9:ea:
a4:55:20:e4:67:cb:35:83:8f:b0:83:3e:12:0c:3b:
f0:16:71:cb:53:11:d4:62:79:40:b8:3b:36:89:d2:
27:6c:a5:83:b2:3f:47:37:f8:f3:92:de:2a:ff:cc:
19:dd:39:08:ac:0c:56:bc:ff:87:86:2d:c0:a0:46:
99:52:59:0b:be:f8:d6:9a:13:65:46:36:11:ed:66:
36:d8:6c:f2:3a:8a:f0:62:cb:e2:04:4b:a8:62:b1:
d4:fd:32:4c:4a:40:5f:32:45:53:c1:fd:fc:38:b2:
bb:2b:d2:39:34:af:b4:4b:cf:ca:4c:4b:56:80:87:
15:6a:8c:c3:8e:51:1a:50:91:0a:09:bd:43:da:17:
2d:e3:db:12:4c:f2:90:b7:8a:f5:83:4d:fc:a1:50:
e4:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:B3:0F:6D:CB:5A:B9:F1:72:9C:76:02:15:90:3E:F4:A5:DB:FD:18
X509v3 Authority Key Identifier:
keyid:81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/HbMPbctaufFynHYCFZA-9KXb_Rg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/gci3Ore963b_SLLKCZYW7b5xxCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.150.0/24
45.92.29.0/24
85.209.84.0/23
85.209.87.0/24
185.191.228.0/23
185.191.231.0/24
185.199.224.0-185.199.226.255
185.202.172.0/23
185.202.175.0/24
185.215.148.0/24
185.215.150.0/23
185.218.235.0/24
185.235.14.0/23
193.39.185.0-193.39.186.255
212.162.148.0/22
IPv6:
2a0a:1f42::/32
2a0b:aac0::/29
Signature Algorithm: sha256WithRSAEncryption
41:2c:7c:95:69:c5:8b:7c:87:e8:82:8e:ae:3d:71:12:99:d7:
09:82:1c:6f:5a:c9:15:1a:77:b6:48:fa:b5:51:25:f4:43:51:
74:f3:b4:8d:9d:6e:85:37:5a:b4:a3:f0:bc:6c:ef:ac:28:64:
92:21:0c:46:1f:46:1a:36:d1:11:f2:6a:fe:9f:1b:4d:72:88:
2e:dd:5c:30:74:69:a8:dd:1e:a2:33:8a:97:3b:14:01:74:f1:
25:08:4f:c0:4b:b6:80:f2:48:62:f7:c1:86:ae:c8:11:ae:c1:
50:42:f8:c4:61:f2:22:6f:98:d3:35:13:09:01:50:4c:04:37:
7c:5a:d0:6a:01:dd:48:14:fc:5e:5f:10:a8:b5:80:bf:6d:9c:
55:c9:90:9b:c4:a2:6f:e4:f9:a3:40:85:d9:11:38:ff:ae:ff:
71:4d:be:e4:05:51:25:5d:1f:bb:ab:c9:74:fa:dd:19:bd:2a:
0d:d9:44:42:fb:9c:bc:81:35:a5:18:c6:2c:bf:9d:4a:e9:c3:
d6:35:36:78:b4:50:7e:9e:7b:d7:2d:14:75:8b:21:32:fc:23:
c2:5b:bf:57:42:e3:ce:59:80:0e:78:54:cf:36:70:b7:24:f1:
a4:bd:85:c8:6a:0d:85:f2:9c:04:74:93:6f:22:f0:71:cc:27:
ab:61:3e:c6
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgISAYzHJ1IE7jkUNTHQbVo1zeXVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYzhiNzNhYjdiZGViNzZmZjQ4YjJjYTA5OTYxNmVkYmU3
MWM0MjYwHhcNMjQwMTAxMjIzMTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGIzMGY2ZGNiNWFiOWYxNzI5Yzc2MDIxNTkwM2VmNGE1ZGJmZDE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApueVc9J7NsCZakM4IHeSZLDjEwIN
FrCtSN6zFYkvt8vbb7osUIiwYh9qaaHD567yAOMspIJ84J6O7BKG0eEnumF7R7I9
66hMAR7PQNaw/KtGf8io/FjXUA+L1gSF2APy6jM+fxkD6eqkVSDkZ8s1g4+wgz4S
DDvwFnHLUxHUYnlAuDs2idInbKWDsj9HN/jzkt4q/8wZ3TkIrAxWvP+Hhi3AoEaZ
UlkLvvjWmhNlRjYR7WY22GzyOorwYsviBEuoYrHU/TJMSkBfMkVTwf38OLK7K9I5
NK+0S8/KTEtWgIcVaozDjlEaUJEKCb1D2hct49sSTPKQt4r1g038oVDkVwIDAQAB
o4IChjCCAoIwHQYDVR0OBBYEFB2zD23LWrnxcpx2AhWQPvSl2/0YMB8GA1UdIwQY
MBaAFIHItzq3vet2/0iyygmWFu2+ccQmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2NpM09yZTk2M2JfU0xMS0NaWVc3YjV4eENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8yMDc5MzQtOWVkYy00YTg5LTgyMGUt
ZDg0ODhiM2FiNDJmLzEvSGJNUGJjdGF1ZkZ5bkhZQ0ZaQS05S1hiX1JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8yMDc5MzQtOWVkYy00YTg5LTgyMGUtZDg0ODhiM2FiNDJm
LzEvZ2NpM09yZTk2M2JfU0xMS0NaWVc3YjV4eENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGbBggrBgEFBQcBBwEB/wSBizCBiDBwBAIAATBqAwQALVGW
AwQALVwdAwQBVdFUAwQAVdFXAwQBub/kAwQAub/nMAwDBAW5x+ADBAC5x+IDBAG5
yqwDBAC5yq8DBAC515QDBAG515YDBAC52usDBAG56w4wDAMEAMEnuQMEAMEnugME
AtSilDAUBAIAAjAOAwUAKgofQgMFAyoLqsAwDQYJKoZIhvcNAQELBQADggEBAEEs
fJVpxYt8h+iCjq49cRKZ1wmCHG9ayRUad7ZI+rVRJfRDUXTztI2dboU3WrSj8Lxs
76woZJIhDEYfRho20RHyav6fG01yiC7dXDB0aajdHqIzipc7FAF08SUIT8BLtoDy
SGL3wYauyBGuwVBC+MRh8iJvmNM1EwkBUEwEN3xa0GoB3UgU/F5fEKi1gL9tnFXJ
kJvEom/k+aNAhdkROP+u/3FNvuQFUSVdH7uryXT63Rm9Kg3ZREL7nLyBNaUYxiy/
nUrpw9Y1Nni0UH6ee9ctFHWLITL8I8Jbv1dC485ZgA54VM82cLck8aS9hchqDYXy
nAR0k28i8HHMJ6thPsY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:08 2024 by rpki-client on console-fra.rpki-client.org