Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/kAWMBh_pYhl1Y696FJrLen6Mg4o.roa
File: kAWMBh_pYhl1Y696FJrLen6Mg4o.roa (raw, json)
Hash identifier: l5QgsTR7cq1RgRRpP1OrZ65C4nHWKYK1+DP7ZN/Zt4c=
Subject key identifier: 90:05:8C:06:1F:E9:62:19:75:63:AF:7A:14:9A:CB:7A:7E:8C:83:8A
Certificate issuer: /CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Certificate serial: 06643CD8
Authority key identifier: 81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/kAWMBh_pYhl1Y696FJrLen6Mg4o.roa
Signing time: Fri 25 Mar 2022 12:50:09 +0000
ROA not before: Fri 25 Mar 2022 12:50:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 64236
IP address blocks: 185.199.226.0/24 maxlen: 24
185.199.224.0/23 maxlen: 23
45.92.29.0/24 maxlen: 24
185.215.150.0/23 maxlen: 23
185.215.148.0/24 maxlen: 24
212.162.148.0/22 maxlen: 22
185.235.14.0/23 maxlen: 23
193.39.185.0/24 maxlen: 24
193.39.186.0/24 maxlen: 24
185.191.231.0/24 maxlen: 24
185.191.228.0/23 maxlen: 23
45.81.150.0/24 maxlen: 24
185.218.235.0/24 maxlen: 24
85.209.84.0/23 maxlen: 23
85.209.87.0/24 maxlen: 24
185.202.172.0/23 maxlen: 23
185.202.175.0/24 maxlen: 24
2a0b:aac0::/29 maxlen: 29
2a0a:1f42::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107232472 (0x6643cd8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Validity
Not Before: Mar 25 12:50:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=90058c061fe962197563af7a149acb7a7e8c838a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:84:02:3e:86:8b:c5:3e:ea:f8:48:ce:39:e3:
6a:b7:3c:69:e7:12:e7:1d:04:a7:26:a4:85:e6:9b:
eb:98:e4:29:ec:7f:b9:f1:b6:e9:84:1e:1c:04:cc:
b9:af:15:3b:07:77:9a:a1:99:0b:50:e5:96:be:73:
cb:5a:f4:08:bc:db:74:6d:44:ac:75:4e:4d:c9:30:
e4:e5:4a:98:37:95:47:49:54:d8:ea:63:16:fa:69:
32:da:27:2b:f8:0a:eb:79:82:11:58:33:d1:de:9e:
bf:c2:b9:97:67:01:53:40:d7:d4:e5:c7:a4:bc:7f:
aa:bf:78:ed:a4:c7:26:61:d7:7f:8f:14:0c:09:01:
a1:1d:78:1d:5f:b2:39:c6:80:ef:bb:39:80:cc:16:
52:a6:82:94:dc:23:69:39:39:55:e5:e4:df:57:f3:
01:e0:a5:c2:20:a8:71:ce:9f:50:e9:06:9f:07:7d:
5e:15:c3:21:40:c9:26:25:ff:73:11:f9:ea:35:d9:
ae:51:c8:f3:5e:10:05:05:37:a0:9b:6e:51:cc:c4:
09:cf:3f:a8:d5:7e:69:78:a1:cb:96:eb:85:52:f0:
9f:10:2c:86:d4:c8:cd:ea:3c:3a:29:5f:a7:08:3a:
61:2c:ef:17:80:95:1d:32:25:83:44:1d:71:84:1b:
88:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:05:8C:06:1F:E9:62:19:75:63:AF:7A:14:9A:CB:7A:7E:8C:83:8A
X509v3 Authority Key Identifier:
keyid:81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/kAWMBh_pYhl1Y696FJrLen6Mg4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/gci3Ore963b_SLLKCZYW7b5xxCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.150.0/24
45.92.29.0/24
85.209.84.0/23
85.209.87.0/24
185.191.228.0/23
185.191.231.0/24
185.199.224.0-185.199.226.255
185.202.172.0/23
185.202.175.0/24
185.215.148.0/24
185.215.150.0/23
185.218.235.0/24
185.235.14.0/23
193.39.185.0-193.39.186.255
212.162.148.0/22
IPv6:
2a0a:1f42::/32
2a0b:aac0::/29
Signature Algorithm: sha256WithRSAEncryption
85:d2:2a:8f:c3:83:54:1a:b5:aa:3c:9c:0a:6f:15:5c:cf:f7:
0e:4e:cd:0d:7f:bb:02:13:fd:11:3e:18:bb:5e:da:9b:df:31:
11:a6:41:b0:b8:80:2e:b3:22:18:8e:e4:a8:f0:02:bb:8e:8a:
85:a1:c6:b2:86:57:94:f0:e0:07:60:04:06:ba:33:b2:f5:dd:
51:71:07:0b:0c:14:d3:46:e5:f0:f0:1e:28:8d:1b:e1:32:03:
5b:7e:a3:e5:4d:b4:1f:95:b8:f4:09:59:2b:26:4d:19:46:4e:
44:e3:ad:9c:c8:c0:47:ea:87:43:75:2f:0e:79:21:2c:41:55:
f7:a4:2c:fd:bd:50:a1:b8:f3:51:e6:7f:88:69:af:ba:6b:62:
d3:a4:d2:20:a1:3c:c0:38:00:e7:d1:ec:8f:8e:a1:9e:18:e4:
86:7a:37:37:d4:28:ce:c7:0e:55:fc:d2:d0:27:01:de:73:ba:
e9:a1:b2:eb:12:e4:08:70:26:cf:fb:b0:62:05:e4:74:fc:bf:
e3:3e:53:94:c6:f1:d5:7d:25:eb:35:be:87:1c:b4:33:9a:2f:
f8:82:f3:2d:d7:82:60:5c:3b:66:05:cd:cf:2f:ea:1d:4b:7a:
8c:a5:ac:db:6c:f6:b6:56:b1:d3:60:81:bb:b2:ea:35:74:a0:
01:dc:9d:cd
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIEBmQ82DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MWM4YjczYWI3YmRlYjc2ZmY0OGIyY2EwOTk2MTZlZGJlNzFjNDI2MB4XDTIyMDMy
NTEyNTAwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTAwNThjMDYxZmU5
NjIxOTc1NjNhZjdhMTQ5YWNiN2E3ZThjODM4YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJWEAj6Gi8U+6vhIzjnjarc8aecS5x0Epyakheab65jkKex/
ufG26YQeHATMua8VOwd3mqGZC1Dllr5zy1r0CLzbdG1ErHVOTckw5OVKmDeVR0lU
2OpjFvppMtonK/gK63mCEVgz0d6ev8K5l2cBU0DX1OXHpLx/qr947aTHJmHXf48U
DAkBoR14HV+yOcaA77s5gMwWUqaClNwjaTk5VeXk31fzAeClwiCocc6fUOkGnwd9
XhXDIUDJJiX/cxH56jXZrlHI814QBQU3oJtuUczECc8/qNV+aXihy5brhVLwnxAs
htTIzeo8Oilfpwg6YSzvF4CVHTIlg0QdcYQbiMECAwEAAaOCAoYwggKCMB0GA1Ud
DgQWBBSQBYwGH+liGXVjr3oUmst6foyDijAfBgNVHSMEGDAWgBSByLc6t73rdv9I
ssoJlhbtvnHEJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2djaTNPcmU5NjNiX1NMTEtDWllXN2I1eHhDWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTgvMjA3OTM0LTllZGMtNGE4OS04MjBlLWQ4NDg4YjNhYjQyZi8x
L2tBV01CaF9wWWhsMVk2OTZGSnJMZW42TWc0by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgv
MjA3OTM0LTllZGMtNGE4OS04MjBlLWQ4NDg4YjNhYjQyZi8xL2djaTNPcmU5NjNi
X1NMTEtDWllXN2I1eHhDWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
mwYIKwYBBQUHAQcBAf8EgYswgYgwcAQCAAEwagMEAC1RlgMEAC1cHQMEAVXRVAME
AFXRVwMEAbm/5AMEALm/5zAMAwQFucfgAwQAucfiAwQBucqsAwQAucqvAwQAudeU
AwQBudeWAwQAudrrAwQBuesOMAwDBADBJ7kDBADBJ7oDBALUopQwFAQCAAIwDgMF
ACoKH0IDBQMqC6rAMA0GCSqGSIb3DQEBCwUAA4IBAQCF0iqPw4NUGrWqPJwKbxVc
z/cOTs0Nf7sCE/0RPhi7Xtqb3zERpkGwuIAusyIYjuSo8AK7joqFocayhleU8OAH
YAQGujOy9d1RcQcLDBTTRuXw8B4ojRvhMgNbfqPlTbQflbj0CVkrJk0ZRk5E462c
yMBH6odDdS8OeSEsQVX3pCz9vVChuPNR5n+Iaa+6a2LTpNIgoTzAOADn0eyPjqGe
GOSGejc31CjOxw5V/NLQJwHec7rpobLrEuQIcCbP+7BiBeR0/L/jPlOUxvHVfSXr
Nb6HHLQzmi/4gvMt14JgXDtmBc3PL+odS3qMpazbbPa2VrHTYIG7suo1dKAB3J3N
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:02 2024 by rpki-client on console-ams.rpki-client.org