Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/dYUndOMmgSWwBNNGgvaXDkkUvi0.roa
File: dYUndOMmgSWwBNNGgvaXDkkUvi0.roa (raw, json)
Hash identifier: KGv1rhrC7XgPParKeVBdD1i/HS00BeJHCPCHEj9+25c=
Subject key identifier: 75:85:27:74:E3:26:81:25:B0:04:D3:46:82:F6:97:0E:49:14:BE:2D
Certificate issuer: /CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Certificate serial: 018B2ACE7676B7E6F254D4E63F8C1846871F
Authority key identifier: 81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/dYUndOMmgSWwBNNGgvaXDkkUvi0.roa
Signing time: Fri 13 Oct 2023 20:50:55 +0000
ROA not before: Fri 13 Oct 2023 20:50:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62164
IP address blocks: 185.199.226.0/24 maxlen: 24
185.199.224.0/23 maxlen: 23
45.92.29.0/24 maxlen: 24
45.11.88.0/23 maxlen: 24
45.11.88.0/22 maxlen: 22
45.11.90.0/23 maxlen: 23
212.162.148.0/22 maxlen: 22
185.235.14.0/23 maxlen: 23
193.39.185.0/24 maxlen: 24
193.39.186.0/24 maxlen: 24
193.39.184.0/24 maxlen: 24
193.39.187.0/24 maxlen: 24
185.191.231.0/24 maxlen: 24
185.191.228.0/23 maxlen: 23
185.218.235.0/24 maxlen: 24
5.181.164.0/23 maxlen: 23
5.181.164.0/22 maxlen: 22
5.181.167.0/24 maxlen: 24
185.149.232.0/22 maxlen: 22
185.149.232.0/24 maxlen: 24
185.149.233.0/24 maxlen: 24
185.215.151.0/24 maxlen: 24
185.215.148.0/24 maxlen: 24
185.149.234.0/23 maxlen: 23
45.81.150.0/24 maxlen: 24
85.209.84.0/23 maxlen: 23
85.209.87.0/24 maxlen: 24
185.202.172.0/23 maxlen: 23
185.202.175.0/24 maxlen: 24
185.202.174.0/24 maxlen: 24
2a0b:aac0::/29 maxlen: 29
2a0a:1f42::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:2a:ce:76:76:b7:e6:f2:54:d4:e6:3f:8c:18:46:87:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Validity
Not Before: Oct 13 20:50:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=75852774e3268125b004d34682f6970e4914be2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:79:bd:84:6c:89:4a:ac:bd:ee:48:0a:94:f4:
c3:cd:73:49:30:c4:f7:04:ba:21:a4:3c:72:a2:06:
0a:85:b5:02:d2:19:d4:66:1e:f0:b8:41:56:59:b2:
0b:35:01:c6:20:b7:af:94:00:fb:5c:69:4f:ff:89:
bb:eb:15:a1:1b:68:56:7f:25:38:44:6c:2a:05:50:
d1:be:46:30:6a:6d:0f:ca:d6:cd:70:1d:83:fe:e0:
01:cd:1b:75:e6:25:49:94:d4:b3:1c:83:e6:58:cf:
92:74:10:b3:b4:1d:08:75:13:cf:6e:ff:15:0a:57:
78:10:39:18:31:c7:5f:5d:9d:19:29:fe:54:38:43:
39:2e:c6:b6:b2:cc:40:ee:91:47:14:d7:5b:14:84:
a5:5a:ef:85:bc:38:db:33:fb:59:80:a8:52:ae:e0:
77:28:53:ab:41:53:a1:bd:77:03:9b:f7:d5:ab:6d:
71:95:ac:6b:8c:4f:36:87:8b:73:a6:36:5d:df:5a:
78:28:1c:9e:b5:72:d5:8d:ce:a8:95:1c:96:29:6c:
80:43:82:ed:1f:12:a4:56:56:c9:fc:a7:81:6d:53:
6e:13:b7:a9:94:95:bf:42:ad:5d:da:0d:56:49:03:
69:53:f0:d9:0c:4a:ad:d2:58:1e:0a:c9:f1:f2:4b:
a3:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:85:27:74:E3:26:81:25:B0:04:D3:46:82:F6:97:0E:49:14:BE:2D
X509v3 Authority Key Identifier:
keyid:81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/dYUndOMmgSWwBNNGgvaXDkkUvi0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/gci3Ore963b_SLLKCZYW7b5xxCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.164.0/22
45.11.88.0/22
45.81.150.0/24
45.92.29.0/24
85.209.84.0/23
85.209.87.0/24
185.149.232.0/22
185.191.228.0/23
185.191.231.0/24
185.199.224.0-185.199.226.255
185.202.172.0/22
185.215.148.0/24
185.215.151.0/24
185.218.235.0/24
185.235.14.0/23
193.39.184.0/22
212.162.148.0/22
IPv6:
2a0a:1f42::/32
2a0b:aac0::/29
Signature Algorithm: sha256WithRSAEncryption
51:80:46:61:ab:f0:9b:ac:90:c0:35:c9:a8:95:9d:39:3e:76:
1d:42:3a:3c:db:7a:04:8c:8d:aa:a4:44:af:76:54:15:08:23:
08:15:f5:c4:f9:59:f5:f1:a8:30:0a:2d:c2:41:9f:18:f4:34:
a1:9a:6e:75:bb:7a:cf:01:28:2a:ea:ff:d0:58:d3:17:78:4a:
bb:91:7d:1a:29:95:52:13:42:b7:5a:d1:39:5a:1b:ae:69:da:
25:cc:dc:a8:d5:c9:c1:2c:63:8e:10:fd:40:19:af:26:fc:fc:
63:d4:17:03:73:cf:a5:3c:82:2e:0d:28:81:43:66:5b:b6:61:
c3:7b:a4:1a:ec:88:46:94:38:e7:f6:41:b7:d2:14:c0:cd:e8:
86:80:71:53:c6:61:01:26:8f:fc:fc:18:d9:86:d8:1e:6d:03:
c0:c1:21:38:12:11:05:18:1f:5b:29:3b:79:79:ec:18:ee:1d:
c8:ca:12:82:6e:cd:51:31:58:f9:26:00:13:de:f6:1e:af:3d:
2a:1f:c7:4b:03:45:ba:09:b7:c1:34:6e:85:2d:10:73:e6:9e:
9b:22:66:9e:de:ff:b7:c5:95:34:c2:52:11:b3:fb:c1:29:04:
fd:db:19:c8:74:20:9c:4d:8f:d7:5d:39:e5:ba:eb:f9:fc:d1:
cf:ec:62:fc
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAYsqznZ2t+byVNTmP4wYRocfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYzhiNzNhYjdiZGViNzZmZjQ4YjJjYTA5OTYxNmVkYmU3
MWM0MjYwHhcNMjMxMDEzMjA1MDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTg1Mjc3NGUzMjY4MTI1YjAwNGQzNDY4MmY2OTcwZTQ5MTRiZTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Hm9hGyJSqy97kgKlPTDzXNJMMT3
BLohpDxyogYKhbUC0hnUZh7wuEFWWbILNQHGILevlAD7XGlP/4m76xWhG2hWfyU4
RGwqBVDRvkYwam0PytbNcB2D/uABzRt15iVJlNSzHIPmWM+SdBCztB0IdRPPbv8V
Cld4EDkYMcdfXZ0ZKf5UOEM5Lsa2ssxA7pFHFNdbFISlWu+FvDjbM/tZgKhSruB3
KFOrQVOhvXcDm/fVq21xlaxrjE82h4tzpjZd31p4KByetXLVjc6olRyWKWyAQ4Lt
HxKkVlbJ/KeBbVNuE7eplJW/Qq1d2g1WSQNpU/DZDEqt0lgeCsnx8kujewIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFHWFJ3TjJoElsATTRoL2lw5JFL4tMB8GA1UdIwQY
MBaAFIHItzq3vet2/0iyygmWFu2+ccQmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2NpM09yZTk2M2JfU0xMS0NaWVc3YjV4eENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8yMDc5MzQtOWVkYy00YTg5LTgyMGUt
ZDg0ODhiM2FiNDJmLzEvZFlVbmRPTW1nU1d3Qk5OR2d2YVhEa2tVdmkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8yMDc5MzQtOWVkYy00YTg5LTgyMGUtZDg0ODhiM2FiNDJm
LzEvZ2NpM09yZTk2M2JfU0xMS0NaWVc3YjV4eENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDB0BAIAATBuAwQCBbWk
AwQCLQtYAwQALVGWAwQALVwdAwQBVdFUAwQAVdFXAwQCuZXoAwQBub/kAwQAub/n
MAwDBAW5x+ADBAC5x+IDBAK5yqwDBAC515QDBAC515cDBAC52usDBAG56w4DBALB
J7gDBALUopQwFAQCAAIwDgMFACoKH0IDBQMqC6rAMA0GCSqGSIb3DQEBCwUAA4IB
AQBRgEZhq/CbrJDANcmolZ05PnYdQjo823oEjI2qpESvdlQVCCMIFfXE+Vn18agw
Ci3CQZ8Y9DShmm51u3rPASgq6v/QWNMXeEq7kX0aKZVSE0K3WtE5WhuuadolzNyo
1cnBLGOOEP1AGa8m/Pxj1BcDc8+lPIIuDSiBQ2ZbtmHDe6Qa7IhGlDjn9kG30hTA
zeiGgHFTxmEBJo/8/BjZhtgebQPAwSE4EhEFGB9bKTt5eewY7h3IyhKCbs1RMVj5
JgAT3vYerz0qH8dLA0W6CbfBNG6FLRBz5p6bImae3v+3xZU0wlIRs/vBKQT92xnI
dCCcTY/XXTnluuv5/NHP7GL8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:08 2024 by rpki-client on console-fra.rpki-client.org