Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/NuyHMzx4Z2A2w8zqMzgnWfQucVk.roa
File: NuyHMzx4Z2A2w8zqMzgnWfQucVk.roa (raw, json)
Hash identifier: oTCgK9F+H62NyNLGjbeAIE2cTOwEkGQsfDOQ/kOwyeY=
Subject key identifier: 36:EC:87:33:3C:78:67:60:36:C3:CC:EA:33:38:27:59:F4:2E:71:59
Certificate issuer: /CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Certificate serial: 018A18E12B6EE6CA5AE7449655308CDC9C7E
Authority key identifier: 81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/NuyHMzx4Z2A2w8zqMzgnWfQucVk.roa
Signing time: Mon 21 Aug 2023 16:15:24 +0000
ROA not before: Mon 21 Aug 2023 16:15:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62164
IP address blocks: 185.199.226.0/24 maxlen: 24
185.199.224.0/23 maxlen: 23
45.92.29.0/24 maxlen: 24
45.11.88.0/23 maxlen: 24
45.11.88.0/22 maxlen: 22
45.11.90.0/23 maxlen: 23
212.162.148.0/22 maxlen: 22
185.235.14.0/23 maxlen: 23
193.39.185.0/24 maxlen: 24
193.39.186.0/24 maxlen: 24
193.39.184.0/24 maxlen: 24
193.39.187.0/24 maxlen: 24
185.191.231.0/24 maxlen: 24
185.191.228.0/23 maxlen: 23
185.218.235.0/24 maxlen: 24
5.181.164.0/23 maxlen: 23
5.181.164.0/22 maxlen: 22
5.181.167.0/24 maxlen: 24
185.149.232.0/22 maxlen: 22
185.149.232.0/24 maxlen: 24
185.149.233.0/24 maxlen: 24
185.215.150.0/23 maxlen: 23
185.215.148.0/24 maxlen: 24
185.149.234.0/23 maxlen: 23
45.81.150.0/24 maxlen: 24
85.209.84.0/23 maxlen: 23
85.209.87.0/24 maxlen: 24
185.202.172.0/23 maxlen: 23
185.202.175.0/24 maxlen: 24
185.202.174.0/24 maxlen: 24
2a0b:aac0::/29 maxlen: 29
2a0a:1f42::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:18:e1:2b:6e:e6:ca:5a:e7:44:96:55:30:8c:dc:9c:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Validity
Not Before: Aug 21 16:15:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=36ec87333c78676036c3ccea33382759f42e7159
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f9:37:df:5f:79:31:32:e1:0e:a5:e7:7f:4b:
c3:8c:f0:55:b4:c7:79:c5:75:c5:e0:75:35:00:e7:
32:34:87:d1:ed:1b:91:e1:4a:53:0f:1b:f0:d8:db:
d2:34:a1:8c:04:10:61:d0:0b:f6:60:99:bc:c1:75:
6f:20:2a:b9:09:59:61:18:6a:da:8d:a1:78:5c:ac:
33:cb:39:a1:d5:32:23:52:0d:19:a4:56:e6:44:07:
62:a8:93:46:9a:b5:99:5f:fc:dd:c8:96:7d:df:5e:
33:12:76:12:3f:7f:44:48:4d:df:43:af:47:8d:41:
75:ec:2e:2f:15:94:f4:c3:22:7f:19:bb:2a:47:8e:
8c:81:b6:d4:47:dc:54:18:ff:e4:fd:14:64:84:04:
74:bd:d6:8d:b2:ee:2f:8c:e3:23:00:2f:76:21:fa:
5d:06:2c:aa:f9:39:b6:49:94:11:1a:0c:4f:14:4a:
52:47:71:52:65:a3:83:fb:87:b2:c8:dc:bc:a6:ef:
38:07:57:7b:3f:7d:61:36:b4:0a:b1:08:70:9e:83:
88:38:dc:fc:39:56:9c:19:5d:ce:11:24:56:dd:0d:
ff:7c:35:95:ab:41:04:a2:88:03:98:3d:a9:67:7b:
1a:59:30:1e:c0:2c:dd:b0:0f:1f:fa:6a:97:9d:6a:
77:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:EC:87:33:3C:78:67:60:36:C3:CC:EA:33:38:27:59:F4:2E:71:59
X509v3 Authority Key Identifier:
keyid:81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/NuyHMzx4Z2A2w8zqMzgnWfQucVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/gci3Ore963b_SLLKCZYW7b5xxCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.164.0/22
45.11.88.0/22
45.81.150.0/24
45.92.29.0/24
85.209.84.0/23
85.209.87.0/24
185.149.232.0/22
185.191.228.0/23
185.191.231.0/24
185.199.224.0-185.199.226.255
185.202.172.0/22
185.215.148.0/24
185.215.150.0/23
185.218.235.0/24
185.235.14.0/23
193.39.184.0/22
212.162.148.0/22
IPv6:
2a0a:1f42::/32
2a0b:aac0::/29
Signature Algorithm: sha256WithRSAEncryption
74:b3:f6:ef:b0:3e:3c:a6:71:c9:d9:c7:eb:c2:77:6c:6c:26:
b1:e4:b2:93:8d:17:08:62:c1:d1:ae:1b:dd:14:27:bc:07:87:
35:17:db:a6:30:53:56:fe:4f:81:ef:03:0e:ca:0c:2e:65:8f:
8d:e3:1c:04:9f:46:be:df:fc:8b:5a:26:69:8b:32:9d:56:0c:
b7:c0:c7:57:d4:3f:b3:83:84:69:8d:d9:29:b8:bc:5e:a5:fd:
c4:f1:97:d0:5b:5d:ef:1a:b4:44:84:82:cd:67:62:45:d0:91:
bd:31:dd:fb:ff:e8:86:54:aa:bb:70:9f:d8:31:07:a8:c9:a5:
57:7f:0d:f3:f1:60:09:41:9f:38:f9:20:51:05:f4:73:94:8e:
30:67:4c:12:27:33:55:04:bb:38:6b:15:5c:88:9e:17:a5:da:
b0:ce:fd:87:73:73:16:4b:03:06:bd:71:b6:78:7e:d0:70:82:
27:43:85:76:f4:c8:5f:01:0d:6d:5c:2d:9c:e7:77:ae:18:78:
cb:f3:97:db:b3:05:05:a6:84:f0:d5:5b:07:36:de:6e:3e:b3:
18:c6:5d:7f:cb:e9:0b:a1:d9:2b:32:a2:52:5f:0e:fc:2f:c2:
bd:85:fc:a6:35:ca:f5:e6:57:11:57:b5:13:54:62:b0:00:80:
ff:ea:d3:e0
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAYoY4Stu5spa50SWVTCM3Jx+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYzhiNzNhYjdiZGViNzZmZjQ4YjJjYTA5OTYxNmVkYmU3
MWM0MjYwHhcNMjMwODIxMTYxNTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmVjODczMzNjNzg2NzYwMzZjM2NjZWEzMzM4Mjc1OWY0MmU3MTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/k33195MTLhDqXnf0vDjPBVtMd5
xXXF4HU1AOcyNIfR7RuR4UpTDxvw2NvSNKGMBBBh0Av2YJm8wXVvICq5CVlhGGra
jaF4XKwzyzmh1TIjUg0ZpFbmRAdiqJNGmrWZX/zdyJZ9314zEnYSP39ESE3fQ69H
jUF17C4vFZT0wyJ/GbsqR46MgbbUR9xUGP/k/RRkhAR0vdaNsu4vjOMjAC92Ifpd
Biyq+Tm2SZQRGgxPFEpSR3FSZaOD+4eyyNy8pu84B1d7P31hNrQKsQhwnoOIONz8
OVacGV3OESRW3Q3/fDWVq0EEoogDmD2pZ3saWTAewCzdsA8f+mqXnWp3ewIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFDbshzM8eGdgNsPM6jM4J1n0LnFZMB8GA1UdIwQY
MBaAFIHItzq3vet2/0iyygmWFu2+ccQmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2NpM09yZTk2M2JfU0xMS0NaWVc3YjV4eENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8yMDc5MzQtOWVkYy00YTg5LTgyMGUt
ZDg0ODhiM2FiNDJmLzEvTnV5SE16eDRaMkEydzh6cU16Z25XZlF1Y1ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8yMDc5MzQtOWVkYy00YTg5LTgyMGUtZDg0ODhiM2FiNDJm
LzEvZ2NpM09yZTk2M2JfU0xMS0NaWVc3YjV4eENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDB0BAIAATBuAwQCBbWk
AwQCLQtYAwQALVGWAwQALVwdAwQBVdFUAwQAVdFXAwQCuZXoAwQBub/kAwQAub/n
MAwDBAW5x+ADBAC5x+IDBAK5yqwDBAC515QDBAG515YDBAC52usDBAG56w4DBALB
J7gDBALUopQwFAQCAAIwDgMFACoKH0IDBQMqC6rAMA0GCSqGSIb3DQEBCwUAA4IB
AQB0s/bvsD48pnHJ2cfrwndsbCax5LKTjRcIYsHRrhvdFCe8B4c1F9umMFNW/k+B
7wMOygwuZY+N4xwEn0a+3/yLWiZpizKdVgy3wMdX1D+zg4RpjdkpuLxepf3E8ZfQ
W13vGrREhILNZ2JF0JG9Md37/+iGVKq7cJ/YMQeoyaVXfw3z8WAJQZ84+SBRBfRz
lI4wZ0wSJzNVBLs4axVciJ4Xpdqwzv2Hc3MWSwMGvXG2eH7QcIInQ4V29MhfAQ1t
XC2c53euGHjL85fbswUFpoTw1VsHNt5uPrMYxl1/y+kLodkrMqJSXw78L8K9hfym
Ncr15lcRV7UTVGKwAID/6tPg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:02 2024 by rpki-client on console-ams.rpki-client.org