Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/SwISWUEEdT-52ZtEM0Da_fZlIp0.roa
File: SwISWUEEdT-52ZtEM0Da_fZlIp0.roa (raw, json)
Hash identifier: G8KEVMN5L/S6LH1KSxcHsFMGt0ksqV4AjVAV3Ant+eo=
Subject key identifier: 4B:02:12:59:41:04:75:3F:B9:D9:9B:44:33:40:DA:FD:F6:65:22:9D
Certificate issuer: /CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Certificate serial: 01856FCB9318B1D9B0175D837D80560BDCDF
Authority key identifier: 81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/SwISWUEEdT-52ZtEM0Da_fZlIp0.roa
Signing time: Mon 02 Jan 2023 00:04:50 +0000
ROA not before: Mon 02 Jan 2023 00:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60978
IP address blocks: 185.199.224.0/23 maxlen: 23
185.199.226.0/24 maxlen: 24
45.92.29.0/24 maxlen: 24
185.215.148.0/24 maxlen: 24
185.215.150.0/24 maxlen: 24
212.162.148.0/22 maxlen: 22
185.235.14.0/23 maxlen: 23
193.39.185.0/24 maxlen: 24
193.39.186.0/24 maxlen: 24
45.81.150.0/24 maxlen: 24
185.191.228.0/23 maxlen: 23
185.191.231.0/24 maxlen: 24
185.218.235.0/24 maxlen: 24
85.209.84.0/23 maxlen: 23
85.209.87.0/24 maxlen: 24
185.202.172.0/23 maxlen: 23
185.202.175.0/24 maxlen: 24
2a0b:aac0::/29 maxlen: 29
2a0a:1f42::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:93:18:b1:d9:b0:17:5d:83:7d:80:56:0b:dc:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Validity
Not Before: Jan 2 00:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b0212594104753fb9d99b443340dafdf665229d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:24:61:e9:dd:1e:98:74:bb:d7:e6:65:5f:64:
13:cb:41:98:b1:7e:32:d3:39:7d:6e:1d:1b:5f:40:
3e:31:bc:f4:2e:d7:4c:b9:99:97:7c:b1:67:e0:7a:
fa:18:40:d6:2e:e1:8b:8f:75:89:76:16:68:b3:d2:
0f:06:2d:4f:1b:97:29:2f:44:bc:3b:28:ca:83:70:
74:60:9c:5e:6e:5a:55:f3:a8:50:e8:3f:8e:b2:a4:
aa:74:0d:00:a7:ee:5e:a1:53:6b:eb:d6:09:5e:0d:
43:af:a0:80:56:2e:a5:70:23:63:e7:b3:8e:14:04:
51:91:21:12:94:50:3f:00:5c:61:1b:ae:e7:82:61:
26:8f:f7:c0:3c:15:20:56:bf:f2:ad:b7:99:d5:cf:
fe:07:2b:fc:b8:86:91:d0:1b:95:7f:6b:c2:2e:c8:
d6:6c:63:02:34:cf:56:92:1a:d5:fd:0a:39:99:53:
bd:54:0e:f5:62:13:6c:09:58:13:c8:a9:86:60:fa:
3e:dd:ad:70:1e:45:32:89:d5:1b:e4:c2:60:1e:1e:
dd:6d:1d:aa:71:81:fb:83:60:7e:88:49:dd:6d:40:
7a:52:00:01:62:88:7b:7f:9f:be:c9:11:e7:77:98:
31:f0:07:22:99:87:bc:71:9d:c2:25:47:60:65:92:
56:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:02:12:59:41:04:75:3F:B9:D9:9B:44:33:40:DA:FD:F6:65:22:9D
X509v3 Authority Key Identifier:
keyid:81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/SwISWUEEdT-52ZtEM0Da_fZlIp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/gci3Ore963b_SLLKCZYW7b5xxCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.150.0/24
45.92.29.0/24
85.209.84.0/23
85.209.87.0/24
185.191.228.0/23
185.191.231.0/24
185.199.224.0-185.199.226.255
185.202.172.0/23
185.202.175.0/24
185.215.148.0/24
185.215.150.0/24
185.218.235.0/24
185.235.14.0/23
193.39.185.0-193.39.186.255
212.162.148.0/22
IPv6:
2a0a:1f42::/32
2a0b:aac0::/29
Signature Algorithm: sha256WithRSAEncryption
5a:12:8b:c0:c1:b8:ea:c2:8b:40:b6:af:7f:79:2d:72:db:35:
a4:30:ab:0e:b5:59:66:76:f4:cf:5f:a9:9f:89:74:69:0a:94:
5a:ba:dd:27:93:a9:4e:8a:45:cd:54:5d:b6:30:7e:70:b5:76:
7c:e0:b7:69:5e:de:06:d4:17:a1:e5:36:2c:77:65:2e:60:4b:
46:20:69:31:d1:98:5d:1d:26:ee:71:cc:3e:98:d8:40:ed:72:
f5:60:22:1e:fd:1f:dd:c1:8a:b6:12:10:1c:fc:0a:72:72:03:
96:bd:14:38:f9:bb:07:50:12:87:ab:d7:41:1a:17:eb:b8:bc:
3e:99:77:dd:4e:d1:f6:33:f1:0d:ed:ac:e4:f4:50:fa:fd:5b:
d1:3d:a6:83:cc:b9:eb:89:c2:cc:4f:93:df:31:a9:66:c7:60:
1f:17:38:c8:e6:42:b1:18:ce:0d:34:19:61:ae:be:61:c1:28:
5b:c6:6e:53:f3:c5:1c:96:90:db:43:81:09:4e:0b:db:2d:03:
1c:26:92:c5:23:93:a9:f9:cb:3a:05:d5:34:d1:02:91:bd:63:
87:12:23:4f:24:21:99:f9:a1:be:b4:47:25:be:3c:ae:e0:56:
53:f3:d7:41:88:78:23:2e:59:4e:7d:d8:8a:b8:fb:ec:0d:43:
06:94:4d:18
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgISAYVvy5MYsdmwF12DfYBWC9zfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYzhiNzNhYjdiZGViNzZmZjQ4YjJjYTA5OTYxNmVkYmU3
MWM0MjYwHhcNMjMwMTAyMDAwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjAyMTI1OTQxMDQ3NTNmYjlkOTliNDQzMzQwZGFmZGY2NjUyMjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSRh6d0emHS71+ZlX2QTy0GYsX4y
0zl9bh0bX0A+Mbz0LtdMuZmXfLFn4Hr6GEDWLuGLj3WJdhZos9IPBi1PG5cpL0S8
OyjKg3B0YJxeblpV86hQ6D+OsqSqdA0Ap+5eoVNr69YJXg1Dr6CAVi6lcCNj57OO
FARRkSESlFA/AFxhG67ngmEmj/fAPBUgVr/yrbeZ1c/+Byv8uIaR0BuVf2vCLsjW
bGMCNM9WkhrV/Qo5mVO9VA71YhNsCVgTyKmGYPo+3a1wHkUyidUb5MJgHh7dbR2q
cYH7g2B+iEndbUB6UgABYoh7f5++yRHnd5gx8AcimYe8cZ3CJUdgZZJWYwIDAQAB
o4IChjCCAoIwHQYDVR0OBBYEFEsCEllBBHU/udmbRDNA2v32ZSKdMB8GA1UdIwQY
MBaAFIHItzq3vet2/0iyygmWFu2+ccQmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2NpM09yZTk2M2JfU0xMS0NaWVc3YjV4eENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8yMDc5MzQtOWVkYy00YTg5LTgyMGUt
ZDg0ODhiM2FiNDJmLzEvU3dJU1dVRUVkVC01Mlp0RU0wRGFfZlpsSXAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8yMDc5MzQtOWVkYy00YTg5LTgyMGUtZDg0ODhiM2FiNDJm
LzEvZ2NpM09yZTk2M2JfU0xMS0NaWVc3YjV4eENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGbBggrBgEFBQcBBwEB/wSBizCBiDBwBAIAATBqAwQALVGW
AwQALVwdAwQBVdFUAwQAVdFXAwQBub/kAwQAub/nMAwDBAW5x+ADBAC5x+IDBAG5
yqwDBAC5yq8DBAC515QDBAC515YDBAC52usDBAG56w4wDAMEAMEnuQMEAMEnugME
AtSilDAUBAIAAjAOAwUAKgofQgMFAyoLqsAwDQYJKoZIhvcNAQELBQADggEBAFoS
i8DBuOrCi0C2r395LXLbNaQwqw61WWZ29M9fqZ+JdGkKlFq63SeTqU6KRc1UXbYw
fnC1dnzgt2le3gbUF6HlNix3ZS5gS0YgaTHRmF0dJu5xzD6Y2EDtcvVgIh79H93B
irYSEBz8CnJyA5a9FDj5uwdQEoer10EaF+u4vD6Zd91O0fYz8Q3trOT0UPr9W9E9
poPMueuJwsxPk98xqWbHYB8XOMjmQrEYzg00GWGuvmHBKFvGblPzxRyWkNtDgQlO
C9stAxwmksUjk6n5yzoF1TTRApG9Y4cSI08kIZn5ob60RyW+PK7gVlPz10GIeCMu
WU592Iq4++wNQwaUTRg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:08 2024 by rpki-client on console-fra.rpki-client.org