Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/jAN-XjrwYsf6J2pITJXqUnAlubU.roa
File: jAN-XjrwYsf6J2pITJXqUnAlubU.roa (raw, json)
Hash identifier: sjDOoQ41LbtY/aLhccw5UAsakOfrvn+rm14Z/4V76FE=
Subject key identifier: 8C:03:7E:5E:3A:F0:62:C7:FA:27:6A:48:4C:95:EA:52:70:25:B9:B5
Certificate issuer: /CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Certificate serial: 018B2A1CDA46D3FDE4758528B3990F3893FF
Authority key identifier: 81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/jAN-XjrwYsf6J2pITJXqUnAlubU.roa
Signing time: Fri 13 Oct 2023 17:36:55 +0000
ROA not before: Fri 13 Oct 2023 17:36:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 64236
IP address blocks: 185.199.226.0/24 maxlen: 24
185.199.224.0/23 maxlen: 23
45.92.29.0/24 maxlen: 24
185.215.150.0/24 maxlen: 24
185.215.150.0/23 maxlen: 23
185.215.148.0/24 maxlen: 24
212.162.148.0/22 maxlen: 22
185.235.14.0/23 maxlen: 23
193.39.185.0/24 maxlen: 24
193.39.186.0/24 maxlen: 24
185.191.231.0/24 maxlen: 24
185.191.228.0/23 maxlen: 23
45.81.150.0/24 maxlen: 24
185.218.235.0/24 maxlen: 24
85.209.84.0/23 maxlen: 23
85.209.87.0/24 maxlen: 24
185.202.172.0/23 maxlen: 23
185.202.175.0/24 maxlen: 24
2a0b:aac0::/29 maxlen: 29
2a0a:1f42::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:2a:1c:da:46:d3:fd:e4:75:85:28:b3:99:0f:38:93:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Validity
Not Before: Oct 13 17:36:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8c037e5e3af062c7fa276a484c95ea527025b9b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e2:e9:10:71:20:ba:83:f2:71:bf:cd:e9:4c:
3d:cd:a3:da:1a:85:e0:f0:e6:42:94:8e:ad:32:8c:
3d:c8:a9:5a:bb:cf:f6:85:3a:a0:ae:4c:43:dd:fd:
29:ed:1f:65:64:58:cb:72:05:5c:39:ea:99:2a:1b:
8b:0f:1e:d0:23:00:5a:0b:90:12:4a:15:e7:b7:3a:
05:e3:21:7b:c2:f4:b6:5c:55:77:e1:a8:72:17:a6:
7f:db:20:8f:35:73:fc:1b:f6:5c:69:e4:43:68:c4:
98:b4:62:2a:b5:7c:3b:00:a0:b1:44:c2:c9:72:bd:
e1:6b:bf:e5:bb:f1:ca:36:85:b9:71:71:e9:83:71:
d8:15:50:bc:ad:be:29:dc:70:85:0c:50:5e:b4:9a:
e1:d9:6c:34:b2:7a:d0:ce:18:86:67:07:10:97:28:
a4:b0:5b:e9:d8:92:8a:2c:a8:47:aa:55:01:57:da:
53:df:25:ad:b5:2e:97:f4:84:ac:3b:06:12:17:f6:
73:ca:91:4c:22:f6:42:24:94:3d:c8:40:a2:49:d1:
94:95:4e:fb:97:0f:da:86:a3:ff:e2:46:95:a6:13:
0d:b3:d6:9e:81:5b:7e:8d:75:34:40:ff:43:99:24:
a1:ca:8c:39:38:f0:33:8b:36:1e:e0:b3:ee:0d:35:
8f:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:03:7E:5E:3A:F0:62:C7:FA:27:6A:48:4C:95:EA:52:70:25:B9:B5
X509v3 Authority Key Identifier:
keyid:81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/jAN-XjrwYsf6J2pITJXqUnAlubU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/gci3Ore963b_SLLKCZYW7b5xxCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.150.0/24
45.92.29.0/24
85.209.84.0/23
85.209.87.0/24
185.191.228.0/23
185.191.231.0/24
185.199.224.0-185.199.226.255
185.202.172.0/23
185.202.175.0/24
185.215.148.0/24
185.215.150.0/23
185.218.235.0/24
185.235.14.0/23
193.39.185.0-193.39.186.255
212.162.148.0/22
IPv6:
2a0a:1f42::/32
2a0b:aac0::/29
Signature Algorithm: sha256WithRSAEncryption
12:db:80:b1:43:fb:07:4e:f5:2a:f1:02:52:d3:f9:55:1a:ed:
7b:b4:75:7d:95:f2:f1:c2:ea:04:b4:c7:49:dc:0e:46:b7:89:
4d:90:ab:83:af:0d:47:e0:dc:d2:b3:78:ee:43:95:b0:f2:c6:
2e:d5:83:2a:de:15:f1:8f:2c:e0:0d:f2:a2:6e:62:ff:d7:87:
26:60:4b:11:91:ac:da:d9:a4:ea:71:7c:41:54:6f:23:77:88:
0c:4c:9e:e4:93:89:7b:44:b9:dd:c4:0c:64:a9:90:0a:60:f5:
be:fc:11:82:a5:3c:09:72:52:14:97:95:40:e8:6a:0b:07:28:
1e:78:2a:9a:ab:79:ce:9c:b3:c0:f4:83:fc:c1:90:4a:3e:be:
2d:4a:5f:61:64:74:44:1a:b3:c2:53:9e:ca:bf:69:34:1b:50:
cc:07:71:80:ce:11:bb:13:84:4d:59:36:79:57:95:ee:42:03:
28:92:0a:df:98:84:89:0e:09:60:36:db:51:b4:bf:1a:e8:a2:
22:ff:e4:a2:ce:ea:66:05:d9:6a:52:67:94:53:d8:0d:0c:05:
78:cc:52:50:50:b9:a9:b7:29:84:63:e3:ff:bb:7c:b7:82:b2:
a8:b0:ef:f1:8a:18:e2:09:a5:33:db:e9:61:36:1c:d2:c0:71:
2f:1a:3f:89
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgISAYsqHNpG0/3kdYUos5kPOJP/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYzhiNzNhYjdiZGViNzZmZjQ4YjJjYTA5OTYxNmVkYmU3
MWM0MjYwHhcNMjMxMDEzMTczNjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzAzN2U1ZTNhZjA2MmM3ZmEyNzZhNDg0Yzk1ZWE1MjcwMjViOWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+LpEHEguoPycb/N6Uw9zaPaGoXg
8OZClI6tMow9yKlau8/2hTqgrkxD3f0p7R9lZFjLcgVcOeqZKhuLDx7QIwBaC5AS
ShXntzoF4yF7wvS2XFV34ahyF6Z/2yCPNXP8G/ZcaeRDaMSYtGIqtXw7AKCxRMLJ
cr3ha7/lu/HKNoW5cXHpg3HYFVC8rb4p3HCFDFBetJrh2Ww0snrQzhiGZwcQlyik
sFvp2JKKLKhHqlUBV9pT3yWttS6X9ISsOwYSF/ZzypFMIvZCJJQ9yECiSdGUlU77
lw/ahqP/4kaVphMNs9aegVt+jXU0QP9DmSShyow5OPAzizYe4LPuDTWPiwIDAQAB
o4IChjCCAoIwHQYDVR0OBBYEFIwDfl468GLH+idqSEyV6lJwJbm1MB8GA1UdIwQY
MBaAFIHItzq3vet2/0iyygmWFu2+ccQmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2NpM09yZTk2M2JfU0xMS0NaWVc3YjV4eENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8yMDc5MzQtOWVkYy00YTg5LTgyMGUt
ZDg0ODhiM2FiNDJmLzEvakFOLVhqcndZc2Y2SjJwSVRKWHFVbkFsdWJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8yMDc5MzQtOWVkYy00YTg5LTgyMGUtZDg0ODhiM2FiNDJm
LzEvZ2NpM09yZTk2M2JfU0xMS0NaWVc3YjV4eENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGbBggrBgEFBQcBBwEB/wSBizCBiDBwBAIAATBqAwQALVGW
AwQALVwdAwQBVdFUAwQAVdFXAwQBub/kAwQAub/nMAwDBAW5x+ADBAC5x+IDBAG5
yqwDBAC5yq8DBAC515QDBAG515YDBAC52usDBAG56w4wDAMEAMEnuQMEAMEnugME
AtSilDAUBAIAAjAOAwUAKgofQgMFAyoLqsAwDQYJKoZIhvcNAQELBQADggEBABLb
gLFD+wdO9SrxAlLT+VUa7Xu0dX2V8vHC6gS0x0ncDka3iU2Qq4OvDUfg3NKzeO5D
lbDyxi7VgyreFfGPLOAN8qJuYv/XhyZgSxGRrNrZpOpxfEFUbyN3iAxMnuSTiXtE
ud3EDGSpkApg9b78EYKlPAlyUhSXlUDoagsHKB54Kpqrec6cs8D0g/zBkEo+vi1K
X2FkdEQas8JTnsq/aTQbUMwHcYDOEbsThE1ZNnlXle5CAyiSCt+YhIkOCWA221G0
vxrooiL/5KLO6mYF2WpSZ5RT2A0MBXjMUlBQuam3KYRj4/+7fLeCsqiw7/GKGOIJ
pTPb6WE2HNLAcS8aP4k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:02 2024 by rpki-client on console-ams.rpki-client.org