Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/OtaieSKB-1rzG5jJJbstGrca_tM.roa
File: OtaieSKB-1rzG5jJJbstGrca_tM.roa (raw, json)
Hash identifier: +XfGDofN5q+Fjde1u83RF7GGVzHwCC8L3RQzdHxF97Q=
Subject key identifier: 3A:D6:A2:79:22:81:FB:5A:F3:1B:98:C9:25:BB:2D:1A:B7:1A:FE:D3
Certificate issuer: /CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Certificate serial: 060A7B70
Authority key identifier: 81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/OtaieSKB-1rzG5jJJbstGrca_tM.roa
Signing time: Fri 18 Feb 2022 23:20:27 +0000
ROA not before: Fri 18 Feb 2022 23:20:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 64236
IP address blocks: 185.199.226.0/24 maxlen: 24
185.199.224.0/23 maxlen: 23
45.92.29.0/24 maxlen: 24
185.215.150.0/23 maxlen: 23
185.215.148.0/24 maxlen: 24
212.162.148.0/22 maxlen: 22
185.235.14.0/23 maxlen: 23
193.39.185.0/24 maxlen: 24
193.39.186.0/24 maxlen: 24
185.191.231.0/24 maxlen: 24
185.191.228.0/23 maxlen: 23
45.81.150.0/24 maxlen: 24
185.218.235.0/24 maxlen: 24
85.209.84.0/23 maxlen: 23
85.209.87.0/24 maxlen: 24
185.202.172.0/23 maxlen: 23
185.202.175.0/24 maxlen: 24
2a0b:aac0::/29 maxlen: 29
2a0a:1f42::/32 maxlen: 32
2a0a:1f47::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101350256 (0x60a7b70)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Validity
Not Before: Feb 18 23:20:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3ad6a2792281fb5af31b98c925bb2d1ab71afed3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f4:94:4a:b1:3e:bb:bc:41:5f:c0:d8:d1:b6:
dc:aa:aa:91:30:4b:a7:38:16:24:d0:3a:6f:05:2d:
4f:78:31:d7:4c:25:d9:b6:1c:ce:c6:f2:87:06:52:
87:1c:a8:93:3f:a1:6b:a0:81:36:6a:90:95:83:df:
1d:f5:39:6d:dd:dc:54:a6:4a:43:40:10:43:3d:c9:
dd:2b:ba:45:65:8b:c8:e3:10:30:99:ef:22:61:57:
23:bd:35:69:8d:09:c1:4b:56:e6:e1:4d:23:7d:af:
74:8f:9c:36:61:c3:a9:01:2f:2a:a3:7d:84:a5:74:
d3:82:7c:09:7b:56:30:53:48:c7:74:0e:b5:b6:a0:
31:f0:c9:81:2c:6f:75:18:d1:5b:34:0f:4e:4c:8f:
e6:c5:e6:8e:b6:c9:38:0a:d8:0b:0c:dc:bd:da:4e:
99:19:fc:50:11:1c:56:1f:eb:55:7c:7b:bd:40:e9:
f6:73:8f:34:15:40:51:91:e3:1d:d2:48:72:59:e1:
12:b2:52:25:78:d2:c9:e7:10:d5:7a:5f:a8:f4:86:
88:38:8c:0f:b8:b8:65:b2:11:d2:f4:82:0e:47:2f:
12:94:b0:56:79:0b:f8:9a:cf:ec:9c:d5:c0:35:af:
10:25:5f:4a:29:25:56:13:f8:ba:88:57:68:0d:43:
dc:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:D6:A2:79:22:81:FB:5A:F3:1B:98:C9:25:BB:2D:1A:B7:1A:FE:D3
X509v3 Authority Key Identifier:
keyid:81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/OtaieSKB-1rzG5jJJbstGrca_tM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/gci3Ore963b_SLLKCZYW7b5xxCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.150.0/24
45.92.29.0/24
85.209.84.0/23
85.209.87.0/24
185.191.228.0/23
185.191.231.0/24
185.199.224.0-185.199.226.255
185.202.172.0/23
185.202.175.0/24
185.215.148.0/24
185.215.150.0/23
185.218.235.0/24
185.235.14.0/23
193.39.185.0-193.39.186.255
212.162.148.0/22
IPv6:
2a0a:1f42::/32
2a0a:1f47::/32
2a0b:aac0::/29
Signature Algorithm: sha256WithRSAEncryption
2d:7b:ec:e5:d4:27:28:a2:34:d4:18:8c:f4:f9:1f:18:02:19:
b8:5a:22:de:45:cd:9a:82:b5:0e:3d:ed:8c:fd:ca:7b:bd:6f:
9b:72:57:ef:d3:49:30:bb:69:93:ac:a4:b9:da:78:8f:9f:22:
ef:d6:05:bb:43:4b:2e:f5:3f:5f:4c:5c:80:95:12:49:70:7b:
d2:0f:d3:0d:3b:41:cd:89:7f:bb:33:8d:63:16:04:79:9e:6e:
c1:49:e4:ea:cc:04:58:ef:06:47:ad:13:1e:d0:85:d9:df:59:
81:d0:aa:85:a4:a4:fc:81:66:43:9d:0c:38:b3:26:39:ce:c8:
f7:a4:2f:49:e4:b3:87:f0:45:5e:7f:d5:b2:0a:d9:6c:f5:5d:
9c:1a:5c:0b:7a:79:62:8b:bc:bc:3a:b6:6d:b8:e4:95:18:06:
cc:9c:79:91:2f:30:b3:9f:24:f9:43:4b:78:7a:ab:1c:5b:2d:
b4:ce:1b:c5:cd:ad:d9:5a:81:b3:7f:ae:96:aa:3b:5d:c1:1f:
1e:0b:87:5e:a8:5c:a9:b9:22:98:ea:67:f2:9d:64:5e:56:da:
2e:e5:3c:eb:32:a8:cd:09:1e:1d:d1:76:03:5a:e1:00:e3:ce:
2b:68:e9:d8:dc:9b:cb:08:f5:90:2e:07:3e:19:9a:68:f7:31:
83:10:e5:ab
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgIEBgp7cDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MWM4YjczYWI3YmRlYjc2ZmY0OGIyY2EwOTk2MTZlZGJlNzFjNDI2MB4XDTIyMDIx
ODIzMjAyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2FkNmEyNzkyMjgx
ZmI1YWYzMWI5OGM5MjViYjJkMWFiNzFhZmVkMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALL0lEqxPru8QV/A2NG23KqqkTBLpzgWJNA6bwUtT3gx10wl
2bYczsbyhwZShxyokz+ha6CBNmqQlYPfHfU5bd3cVKZKQ0AQQz3J3Su6RWWLyOMQ
MJnvImFXI701aY0JwUtW5uFNI32vdI+cNmHDqQEvKqN9hKV004J8CXtWMFNIx3QO
tbagMfDJgSxvdRjRWzQPTkyP5sXmjrbJOArYCwzcvdpOmRn8UBEcVh/rVXx7vUDp
9nOPNBVAUZHjHdJIclnhErJSJXjSyecQ1XpfqPSGiDiMD7i4ZbIR0vSCDkcvEpSw
VnkL+JrP7JzVwDWvECVfSiklVhP4uohXaA1D3HECAwEAAaOCAo0wggKJMB0GA1Ud
DgQWBBQ61qJ5IoH7WvMbmMkluy0atxr+0zAfBgNVHSMEGDAWgBSByLc6t73rdv9I
ssoJlhbtvnHEJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2djaTNPcmU5NjNiX1NMTEtDWllXN2I1eHhDWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTgvMjA3OTM0LTllZGMtNGE4OS04MjBlLWQ4NDg4YjNhYjQyZi8x
L090YWllU0tCLTFyekc1akpKYnN0R3JjYV90TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgv
MjA3OTM0LTllZGMtNGE4OS04MjBlLWQ4NDg4YjNhYjQyZi8xL2djaTNPcmU5NjNi
X1NMTEtDWllXN2I1eHhDWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
ogYIKwYBBQUHAQcBAf8EgZIwgY8wcAQCAAEwagMEAC1RlgMEAC1cHQMEAVXRVAME
AFXRVwMEAbm/5AMEALm/5zAMAwQFucfgAwQAucfiAwQBucqsAwQAucqvAwQAudeU
AwQBudeWAwQAudrrAwQBuesOMAwDBADBJ7kDBADBJ7oDBALUopQwGwQCAAIwFQMF
ACoKH0IDBQAqCh9HAwUDKguqwDANBgkqhkiG9w0BAQsFAAOCAQEALXvs5dQnKKI0
1BiM9PkfGAIZuFoi3kXNmoK1Dj3tjP3Ke71vm3JX79NJMLtpk6ykudp4j58i79YF
u0NLLvU/X0xcgJUSSXB70g/TDTtBzYl/uzONYxYEeZ5uwUnk6swEWO8GR60THtCF
2d9ZgdCqhaSk/IFmQ50MOLMmOc7I96QvSeSzh/BFXn/VsgrZbPVdnBpcC3p5You8
vDq2bbjklRgGzJx5kS8ws58k+UNLeHqrHFsttM4bxc2t2VqBs3+ulqo7XcEfHguH
XqhcqbkimOpn8p1kXlbaLuU86zKozQkeHdF2A1rhAOPOK2jp2Nybywj1kC4HPhma
aPcxgxDlqw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:02 2024 by rpki-client on console-ams.rpki-client.org