Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/UVRpRm471OrOQZbo86lnoObIvYw.roa
File: UVRpRm471OrOQZbo86lnoObIvYw.roa (raw, json)
Hash identifier: FcuQG0BXqcOabqW784gbgKqKwsxPwfQrZhoE30CP3J0=
Subject key identifier: 51:54:69:46:6E:3B:D4:EA:CE:41:96:E8:F3:A9:67:A0:E6:C8:BD:8C
Certificate issuer: /CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Certificate serial: 01856FCB94D2043DD10A579E4EB8C7A3EA96
Authority key identifier: 81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/UVRpRm471OrOQZbo86lnoObIvYw.roa
Signing time: Mon 02 Jan 2023 00:04:50 +0000
ROA not before: Mon 02 Jan 2023 00:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 64236
IP address blocks: 185.199.226.0/24 maxlen: 24
185.199.224.0/23 maxlen: 23
45.92.29.0/24 maxlen: 24
185.215.150.0/23 maxlen: 23
185.215.148.0/24 maxlen: 24
212.162.148.0/22 maxlen: 22
185.235.14.0/23 maxlen: 23
193.39.185.0/24 maxlen: 24
193.39.186.0/24 maxlen: 24
185.191.231.0/24 maxlen: 24
185.191.228.0/23 maxlen: 23
45.81.150.0/24 maxlen: 24
185.218.235.0/24 maxlen: 24
85.209.84.0/23 maxlen: 23
85.209.87.0/24 maxlen: 24
185.202.172.0/23 maxlen: 23
185.202.175.0/24 maxlen: 24
2a0b:aac0::/29 maxlen: 29
2a0a:1f42::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:94:d2:04:3d:d1:0a:57:9e:4e:b8:c7:a3:ea:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Validity
Not Before: Jan 2 00:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=515469466e3bd4eace4196e8f3a967a0e6c8bd8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a1:22:a6:01:b5:e0:42:ad:41:6a:bd:81:0e:
ef:73:02:a9:66:fd:47:bc:f5:65:1a:66:e5:9f:08:
ba:b8:00:a2:4c:70:2e:ba:40:06:6a:7f:aa:03:de:
4a:b8:3c:20:1a:dd:b8:e8:be:9d:08:8d:bc:8b:6c:
c9:c9:48:de:80:a3:b7:94:5a:27:49:2c:c5:df:74:
a1:88:58:29:4d:f9:65:2f:c0:77:e3:af:60:17:00:
6e:3c:71:e8:74:b8:b2:36:85:3e:6a:d8:21:cf:b6:
19:c9:59:f1:f8:6b:4b:11:94:62:58:9e:c4:17:60:
d9:2d:61:68:f3:e3:74:79:da:3e:e9:9b:37:b3:9a:
06:55:7d:4a:36:1c:ee:0d:1e:f8:94:e3:56:a6:b0:
4f:c1:7e:32:67:1f:bf:9c:f1:56:49:4c:f1:b2:10:
07:e9:50:25:5a:2a:4d:bc:c2:4a:a6:c4:5a:e4:75:
79:f5:02:e7:0f:18:e9:b2:79:be:fe:f3:0f:4e:bf:
d5:2e:47:fb:d5:a9:fd:90:d5:92:9f:48:d9:c1:77:
0e:85:10:11:80:79:03:5a:49:3f:fb:12:98:67:6c:
19:83:21:3e:0e:b3:0e:58:2a:a6:23:62:25:f7:5c:
03:aa:11:00:17:47:6b:0d:00:be:2d:c7:60:17:f5:
c6:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:54:69:46:6E:3B:D4:EA:CE:41:96:E8:F3:A9:67:A0:E6:C8:BD:8C
X509v3 Authority Key Identifier:
keyid:81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/UVRpRm471OrOQZbo86lnoObIvYw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/gci3Ore963b_SLLKCZYW7b5xxCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.150.0/24
45.92.29.0/24
85.209.84.0/23
85.209.87.0/24
185.191.228.0/23
185.191.231.0/24
185.199.224.0-185.199.226.255
185.202.172.0/23
185.202.175.0/24
185.215.148.0/24
185.215.150.0/23
185.218.235.0/24
185.235.14.0/23
193.39.185.0-193.39.186.255
212.162.148.0/22
IPv6:
2a0a:1f42::/32
2a0b:aac0::/29
Signature Algorithm: sha256WithRSAEncryption
16:11:60:d6:6b:38:0d:32:46:6f:8c:46:cb:f9:b1:29:29:10:
a1:22:89:9e:00:a2:0d:59:93:24:79:d3:09:27:31:6b:41:7c:
64:e7:3a:58:2d:b2:11:53:4f:19:6b:b8:68:28:0f:29:e6:21:
9e:e2:81:8c:ea:75:7d:fa:81:74:30:06:f5:5b:0f:1e:4c:6b:
48:f9:08:a4:66:67:5f:12:d8:73:45:b9:4f:48:e5:7a:ae:74:
e7:61:15:cb:ee:c1:1a:ba:14:51:11:0e:08:88:33:b9:82:a6:
93:b2:40:73:70:27:77:e4:a9:1f:3b:eb:30:13:71:cc:99:ee:
2a:b3:5f:c5:53:a1:e1:4d:e1:74:1a:65:1b:bd:e2:53:e6:f7:
82:27:b8:c6:2f:5a:28:77:c3:b1:8e:3b:97:33:5a:62:21:dd:
02:68:26:62:74:1d:e7:31:d1:c9:e1:ec:b1:f7:54:d4:52:66:
a7:11:8d:1a:d3:2b:4b:9a:0a:f6:62:98:5c:1d:b0:ef:5b:e8:
8b:54:c2:98:d0:77:8f:0f:4a:cd:e8:0b:fe:2d:a7:9d:9e:40:
f2:22:f5:2d:29:51:07:e6:c2:88:f3:da:e5:2e:4e:e8:43:80:
ae:76:94:5f:f1:55:3a:19:e1:93:57:00:76:54:4d:a2:a1:78:
9c:8a:12:54
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgISAYVvy5TSBD3RCleeTrjHo+qWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYzhiNzNhYjdiZGViNzZmZjQ4YjJjYTA5OTYxNmVkYmU3
MWM0MjYwHhcNMjMwMTAyMDAwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTU0Njk0NjZlM2JkNGVhY2U0MTk2ZThmM2E5NjdhMGU2YzhiZDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqEipgG14EKtQWq9gQ7vcwKpZv1H
vPVlGmblnwi6uACiTHAuukAGan+qA95KuDwgGt246L6dCI28i2zJyUjegKO3lFon
SSzF33ShiFgpTfllL8B3469gFwBuPHHodLiyNoU+atghz7YZyVnx+GtLEZRiWJ7E
F2DZLWFo8+N0edo+6Zs3s5oGVX1KNhzuDR74lONWprBPwX4yZx+/nPFWSUzxshAH
6VAlWipNvMJKpsRa5HV59QLnDxjpsnm+/vMPTr/VLkf71an9kNWSn0jZwXcOhRAR
gHkDWkk/+xKYZ2wZgyE+DrMOWCqmI2Il91wDqhEAF0drDQC+LcdgF/XGxQIDAQAB
o4IChjCCAoIwHQYDVR0OBBYEFFFUaUZuO9TqzkGW6POpZ6DmyL2MMB8GA1UdIwQY
MBaAFIHItzq3vet2/0iyygmWFu2+ccQmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2NpM09yZTk2M2JfU0xMS0NaWVc3YjV4eENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8yMDc5MzQtOWVkYy00YTg5LTgyMGUt
ZDg0ODhiM2FiNDJmLzEvVVZScFJtNDcxT3JPUVpibzg2bG5vT2JJdll3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8yMDc5MzQtOWVkYy00YTg5LTgyMGUtZDg0ODhiM2FiNDJm
LzEvZ2NpM09yZTk2M2JfU0xMS0NaWVc3YjV4eENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGbBggrBgEFBQcBBwEB/wSBizCBiDBwBAIAATBqAwQALVGW
AwQALVwdAwQBVdFUAwQAVdFXAwQBub/kAwQAub/nMAwDBAW5x+ADBAC5x+IDBAG5
yqwDBAC5yq8DBAC515QDBAG515YDBAC52usDBAG56w4wDAMEAMEnuQMEAMEnugME
AtSilDAUBAIAAjAOAwUAKgofQgMFAyoLqsAwDQYJKoZIhvcNAQELBQADggEBABYR
YNZrOA0yRm+MRsv5sSkpEKEiiZ4Aog1ZkyR50wknMWtBfGTnOlgtshFTTxlruGgo
DynmIZ7igYzqdX36gXQwBvVbDx5Ma0j5CKRmZ18S2HNFuU9I5XqudOdhFcvuwRq6
FFERDgiIM7mCppOyQHNwJ3fkqR876zATccyZ7iqzX8VToeFN4XQaZRu94lPm94In
uMYvWih3w7GOO5czWmIh3QJoJmJ0Hecx0cnh7LH3VNRSZqcRjRrTK0uaCvZimFwd
sO9b6ItUwpjQd48PSs3oC/4tp52eQPIi9S0pUQfmwojz2uUuTuhDgK52lF/xVToZ
4ZNXAHZUTaKheJyKElQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:02 2024 by rpki-client on console-ams.rpki-client.org