Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/_S3ZMbHl2utF2aEnl96wyiM3UfA.roa
File: _S3ZMbHl2utF2aEnl96wyiM3UfA.roa (raw, json)
Hash identifier: iO8Ig9yEVZWkvDKuBrmrbNIaL99dD7oeDL11LhxJ+aQ=
Subject key identifier: FD:2D:D9:31:B1:E5:DA:EB:45:D9:A1:27:97:DE:B0:CA:23:37:51:F0
Certificate issuer: /CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Certificate serial: 0188D6A6F2A9A6C5C896F6542FD489441C5D
Authority key identifier: 81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/_S3ZMbHl2utF2aEnl96wyiM3UfA.roa
Signing time: Tue 20 Jun 2023 02:34:05 +0000
ROA not before: Tue 20 Jun 2023 02:34:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62164
IP address blocks: 185.199.226.0/24 maxlen: 24
185.199.224.0/23 maxlen: 23
45.92.29.0/24 maxlen: 24
45.11.88.0/23 maxlen: 24
45.11.88.0/22 maxlen: 22
45.11.90.0/23 maxlen: 23
185.229.243.0/24 maxlen: 24
212.162.148.0/22 maxlen: 22
185.235.14.0/23 maxlen: 23
193.39.185.0/24 maxlen: 24
193.39.186.0/24 maxlen: 24
193.39.184.0/24 maxlen: 24
193.39.187.0/24 maxlen: 24
185.191.231.0/24 maxlen: 24
185.191.228.0/23 maxlen: 23
185.218.235.0/24 maxlen: 24
5.181.164.0/23 maxlen: 23
5.181.164.0/22 maxlen: 22
5.181.166.0/24 maxlen: 24
5.181.167.0/24 maxlen: 24
185.149.232.0/22 maxlen: 22
185.149.232.0/24 maxlen: 24
185.149.233.0/24 maxlen: 24
185.215.150.0/23 maxlen: 23
185.215.148.0/24 maxlen: 24
185.149.234.0/23 maxlen: 23
45.81.148.0/24 maxlen: 24
45.81.150.0/24 maxlen: 24
85.209.84.0/23 maxlen: 23
85.209.87.0/24 maxlen: 24
185.202.172.0/23 maxlen: 23
185.202.175.0/24 maxlen: 24
185.202.174.0/24 maxlen: 24
2a0b:aac0::/29 maxlen: 29
2a0a:1f42::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d6:a6:f2:a9:a6:c5:c8:96:f6:54:2f:d4:89:44:1c:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Validity
Not Before: Jun 20 02:34:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd2dd931b1e5daeb45d9a12797deb0ca233751f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:3e:f0:89:5f:c8:05:dd:8b:20:55:53:f9:85:
f9:bd:81:24:a0:3f:69:8b:6c:41:74:a3:ff:87:9e:
9c:fb:dd:77:cc:73:73:86:06:86:d5:a9:59:c7:a9:
13:07:f9:ec:a6:4b:8b:4b:00:c8:95:1b:11:b5:cd:
cc:5e:a8:14:e9:bd:53:5a:6a:93:07:24:5e:d7:c4:
4d:b0:c2:8f:93:9b:ff:bf:be:6e:f2:da:4b:65:4c:
91:d4:66:8a:6d:cf:d6:81:d3:4f:2c:5e:fb:60:11:
02:ed:47:b3:9d:b5:a8:fd:20:31:bc:71:ef:2e:68:
6d:fd:4b:e1:15:79:ae:72:dd:4a:bd:9c:14:11:4b:
17:01:5f:b2:50:c9:ce:f9:e4:aa:ab:76:ab:a6:49:
ed:1a:f9:06:04:28:98:f7:f3:af:ae:22:65:a9:fb:
a2:b9:1b:03:69:26:59:75:ed:82:ee:6c:8a:0a:99:
81:5b:9c:3e:b7:f8:b3:28:43:64:f2:2d:56:26:e5:
55:fa:c0:19:b8:39:56:5e:ac:49:57:f8:73:0d:2a:
5f:58:d8:ae:1d:8a:56:25:74:22:e4:71:0f:db:28:
b4:74:e6:47:3e:bc:60:3b:72:44:99:72:3b:8c:f9:
c6:3d:d2:08:72:e5:92:4b:b7:82:20:f2:4f:fa:85:
da:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:2D:D9:31:B1:E5:DA:EB:45:D9:A1:27:97:DE:B0:CA:23:37:51:F0
X509v3 Authority Key Identifier:
keyid:81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/_S3ZMbHl2utF2aEnl96wyiM3UfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/gci3Ore963b_SLLKCZYW7b5xxCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.164.0/22
45.11.88.0/22
45.81.148.0/24
45.81.150.0/24
45.92.29.0/24
85.209.84.0/23
85.209.87.0/24
185.149.232.0/22
185.191.228.0/23
185.191.231.0/24
185.199.224.0-185.199.226.255
185.202.172.0/22
185.215.148.0/24
185.215.150.0/23
185.218.235.0/24
185.229.243.0/24
185.235.14.0/23
193.39.184.0/22
212.162.148.0/22
IPv6:
2a0a:1f42::/32
2a0b:aac0::/29
Signature Algorithm: sha256WithRSAEncryption
62:64:59:4d:c7:c7:ae:e1:29:1d:6f:af:13:b2:f1:01:24:49:
04:35:89:94:b4:48:d8:1e:83:5f:70:e2:0e:4a:7d:51:75:7b:
3d:db:96:e9:38:e0:89:cf:f2:b4:78:ed:ff:6a:4c:b6:bf:cc:
09:f5:8e:eb:68:0e:a8:cc:81:68:68:f7:d4:63:65:91:af:be:
5c:ba:dc:98:5c:d7:82:19:d9:e0:41:bc:fe:d2:c0:45:98:e8:
e8:42:6c:c2:1e:8e:b8:cd:d2:ac:2d:f2:26:0a:25:c6:7c:c8:
9d:83:8a:d9:a3:bf:a4:78:bd:22:7a:17:12:c8:87:e3:96:59:
a1:b8:c8:88:c4:4c:a4:8c:b9:93:da:18:f3:e5:fc:0e:b5:9c:
b2:be:4b:00:5f:f4:70:09:ab:b0:ab:39:b3:5d:32:c0:ea:b7:
30:33:48:ae:0d:dc:8e:d7:c6:28:2a:ef:0e:33:2f:82:e9:9c:
09:22:9d:57:e5:2f:a5:a8:eb:03:c9:4c:26:64:15:0f:67:d2:
46:73:96:9d:ae:cf:a1:0e:9b:a0:0b:1b:44:ab:d8:a5:41:00:
a5:79:f5:f3:4f:de:03:c4:e5:3a:ab:d2:73:bb:82:2b:af:0f:
f1:19:34:ea:b8:a1:e3:34:3b:5a:bc:dc:e9:da:b0:5e:94:94:
c3:8b:3e:df
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgISAYjWpvKppsXIlvZUL9SJRBxdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYzhiNzNhYjdiZGViNzZmZjQ4YjJjYTA5OTYxNmVkYmU3
MWM0MjYwHhcNMjMwNjIwMDIzNDA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDJkZDkzMWIxZTVkYWViNDVkOWExMjc5N2RlYjBjYTIzMzc1MWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkz7wiV/IBd2LIFVT+YX5vYEkoD9p
i2xBdKP/h56c+913zHNzhgaG1alZx6kTB/nspkuLSwDIlRsRtc3MXqgU6b1TWmqT
ByRe18RNsMKPk5v/v75u8tpLZUyR1GaKbc/WgdNPLF77YBEC7UeznbWo/SAxvHHv
Lmht/UvhFXmuct1KvZwUEUsXAV+yUMnO+eSqq3arpkntGvkGBCiY9/OvriJlqfui
uRsDaSZZde2C7myKCpmBW5w+t/izKENk8i1WJuVV+sAZuDlWXqxJV/hzDSpfWNiu
HYpWJXQi5HEP2yi0dOZHPrxgO3JEmXI7jPnGPdIIcuWSS7eCIPJP+oXaJQIDAQAB
o4IClzCCApMwHQYDVR0OBBYEFP0t2TGx5drrRdmhJ5fesMojN1HwMB8GA1UdIwQY
MBaAFIHItzq3vet2/0iyygmWFu2+ccQmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2NpM09yZTk2M2JfU0xMS0NaWVc3YjV4eENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8yMDc5MzQtOWVkYy00YTg5LTgyMGUt
ZDg0ODhiM2FiNDJmLzEvX1MzWk1iSGwydXRGMmFFbmw5Nnd5aU0zVWZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8yMDc5MzQtOWVkYy00YTg5LTgyMGUtZDg0ODhiM2FiNDJm
LzEvZ2NpM09yZTk2M2JfU0xMS0NaWVc3YjV4eENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGsBggrBgEFBQcBBwEB/wSBnDCBmTCBgAQCAAEwegMEAgW1
pAMEAi0LWAMEAC1RlAMEAC1RlgMEAC1cHQMEAVXRVAMEAFXRVwMEArmV6AMEAbm/
5AMEALm/5zAMAwQFucfgAwQAucfiAwQCucqsAwQAudeUAwQBudeWAwQAudrrAwQA
ueXzAwQBuesOAwQCwSe4AwQC1KKUMBQEAgACMA4DBQAqCh9CAwUDKguqwDANBgkq
hkiG9w0BAQsFAAOCAQEAYmRZTcfHruEpHW+vE7LxASRJBDWJlLRI2B6DX3DiDkp9
UXV7PduW6Tjgic/ytHjt/2pMtr/MCfWO62gOqMyBaGj31GNlka++XLrcmFzXghnZ
4EG8/tLARZjo6EJswh6OuM3SrC3yJgolxnzInYOK2aO/pHi9InoXEsiH45ZZobjI
iMRMpIy5k9oY8+X8DrWcsr5LAF/0cAmrsKs5s10ywOq3MDNIrg3cjtfGKCrvDjMv
gumcCSKdV+UvpajrA8lMJmQVD2fSRnOWna7PoQ6boAsbRKvYpUEApXn180/eA8Tl
OqvSc7uCK68P8Rk06rih4zQ7Wrzc6dqwXpSUw4s+3w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:08 2024 by rpki-client on console-fra.rpki-client.org