Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/yhnBSf5ugTEArNKsN1836Jes6QY.roa
File: yhnBSf5ugTEArNKsN1836Jes6QY.roa (raw, json)
Hash identifier: DspfMSolIGm4GlgbySQs7oxbbQIvOJFSOjjJ6+GfBBE=
Subject key identifier: CA:19:C1:49:FE:6E:81:31:00:AC:D2:AC:37:5F:37:E8:97:AC:E9:06
Certificate issuer: /CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Certificate serial: 018CC8016ABF1968E6D8A4D662564CE8425C
Authority key identifier: C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/yhnBSf5ugTEArNKsN1836Jes6QY.roa
Signing time: Tue 02 Jan 2024 02:29:45 +0000
ROA not before: Tue 02 Jan 2024 02:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15879
IP address blocks: 46.255.104.0/21 maxlen: 24
77.245.80.0/20 maxlen: 24
194.105.138.0/23 maxlen: 24
217.115.192.0/20 maxlen: 24
87.250.128.0/19 maxlen: 24
193.189.134.0/24 maxlen: 24
213.130.160.0/19 maxlen: 24
212.204.192.0/18 maxlen: 24
217.149.64.0/20 maxlen: 24
185.55.128.0/22 maxlen: 24
185.28.148.0/22 maxlen: 24
193.91.48.0/20 maxlen: 24
83.219.64.0/19 maxlen: 24
93.188.248.0/21 maxlen: 24
213.133.32.0/19 maxlen: 24
217.148.80.0/20 maxlen: 24
94.247.192.0/21 maxlen: 24
217.194.96.0/19 maxlen: 24
213.197.192.0/18 maxlen: 24
80.246.176.0/20 maxlen: 24
213.206.64.0/18 maxlen: 24
5.226.40.0/21 maxlen: 24
82.201.0.0/17 maxlen: 24
81.24.48.0/20 maxlen: 24
2001:67c:1a4::/48 maxlen: 48
2001:9a0::/32 maxlen: 48
2a02:f18::/32 maxlen: 48
2001:898::/29 maxlen: 48
2a02:f30::/32 maxlen: 48
2001:14a0::/32 maxlen: 48
2001:40e0::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:6a:bf:19:68:e6:d8:a4:d6:62:56:4c:e8:42:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Validity
Not Before: Jan 2 02:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca19c149fe6e813100acd2ac375f37e897ace906
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:c2:80:91:84:50:c1:35:c2:dc:09:f7:79:f1:
6f:33:c8:23:d9:96:89:75:98:dc:9e:e9:c9:d3:ee:
d0:63:8d:2a:04:63:0e:6b:67:63:1d:a3:96:aa:e9:
d7:dc:e6:e1:14:11:cf:a4:22:93:b0:ee:0f:9c:ed:
dc:29:f8:fa:2f:f2:59:bb:44:b4:f4:32:83:36:52:
c1:58:cb:47:18:dc:6a:f9:f2:9d:1a:bb:bb:e2:10:
ae:d3:76:9a:32:d7:b8:96:94:0b:f7:7c:75:d1:1a:
ff:ed:fc:51:cb:42:00:9a:5b:16:82:ea:19:11:4d:
56:0f:05:b1:30:29:33:0f:f3:a1:53:69:f3:09:69:
19:34:15:da:f3:78:e2:ac:9a:f5:cc:58:c9:f8:a2:
0b:fa:f0:f6:24:43:20:18:44:aa:a6:03:30:1d:ab:
ae:97:a4:ca:c9:a7:69:aa:de:92:78:15:c1:2c:ff:
eb:ed:69:6c:bc:09:b9:35:f8:45:ff:ab:94:b6:b7:
be:47:21:25:f5:39:dc:5f:1e:72:a0:e7:6e:53:7e:
f8:4f:9b:d7:1d:ad:0f:93:bc:97:a6:4d:ee:13:4d:
69:94:7f:ae:66:db:82:83:2b:e7:39:43:05:eb:5e:
5f:01:17:4a:fc:4c:33:ad:44:c7:95:2b:4d:8d:90:
d0:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:19:C1:49:FE:6E:81:31:00:AC:D2:AC:37:5F:37:E8:97:AC:E9:06
X509v3 Authority Key Identifier:
keyid:C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/yhnBSf5ugTEArNKsN1836Jes6QY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.40.0/21
46.255.104.0/21
77.245.80.0/20
80.246.176.0/20
81.24.48.0/20
82.201.0.0/17
83.219.64.0/19
87.250.128.0/19
93.188.248.0/21
94.247.192.0/21
185.28.148.0/22
185.55.128.0/22
193.91.48.0/20
193.189.134.0/24
194.105.138.0/23
212.204.192.0/18
213.130.160.0/19
213.133.32.0/19
213.197.192.0/18
213.206.64.0/18
217.115.192.0/20
217.148.80.0/20
217.149.64.0/20
217.194.96.0/19
IPv6:
2001:67c:1a4::/48
2001:898::/29
2001:9a0::/32
2001:14a0::/32
2001:40e0::/32
2a02:f18::/32
2a02:f30::/32
Signature Algorithm: sha256WithRSAEncryption
46:06:3e:aa:6a:db:5d:f3:ec:6b:5d:3a:1a:7a:8e:3b:fb:d3:
22:3b:5d:22:5d:84:6d:ac:68:1b:93:b3:52:2b:10:2b:c5:02:
d8:d8:81:fc:bc:d7:31:14:1f:1c:57:df:e8:9f:5b:47:3a:2a:
78:19:48:d8:47:10:54:c4:aa:65:f0:4e:44:a8:ca:49:33:32:
db:fb:80:24:5d:ab:bc:30:20:f2:a6:8c:44:80:f6:f1:9b:f5:
4a:e9:a4:81:2a:fe:36:d2:fc:df:03:93:16:44:e2:d3:df:11:
f4:6e:4a:91:a3:2c:80:50:e5:43:8d:76:20:fc:44:d8:80:4c:
62:04:f1:d1:01:28:5a:6b:0f:c3:44:f4:ee:f2:d0:ac:c1:ac:
64:3e:71:71:46:50:54:8f:bb:0d:58:a1:cf:33:3f:c0:2e:9d:
fc:20:6e:a4:86:20:41:5d:00:d2:c0:b5:43:72:0a:5d:65:d2:
c5:ff:db:86:24:50:a1:77:41:5f:44:05:28:21:63:6d:32:fc:
71:95:0d:c1:b1:a2:b5:5b:71:02:78:22:ca:f6:5e:bd:e5:af:
c4:bf:a7:44:56:1e:c1:34:40:36:95:fe:f9:89:f9:6b:f9:29:
c1:7f:91:50:30:00:e4:f8:b2:33:90:48:3c:6a:56:e0:94:9e:
96:d0:71:78
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgISAYzIAWq/GWjm2KTWYlZM6EJcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzOTgwNjBmMWJmMjJmMDk5OWNiMDcxYjFiNDI2OTZkYmM0
M2UxMGMwHhcNMjQwMTAyMDIyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTE5YzE0OWZlNmU4MTMxMDBhY2QyYWMzNzVmMzdlODk3YWNlOTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhsKAkYRQwTXC3An3efFvM8gj2ZaJ
dZjcnunJ0+7QY40qBGMOa2djHaOWqunX3ObhFBHPpCKTsO4PnO3cKfj6L/JZu0S0
9DKDNlLBWMtHGNxq+fKdGru74hCu03aaMte4lpQL93x10Rr/7fxRy0IAmlsWguoZ
EU1WDwWxMCkzD/OhU2nzCWkZNBXa83jirJr1zFjJ+KIL+vD2JEMgGESqpgMwHauu
l6TKyadpqt6SeBXBLP/r7WlsvAm5NfhF/6uUtre+RyEl9TncXx5yoOduU374T5vX
Ha0Pk7yXpk3uE01plH+uZtuCgyvnOUMF615fARdK/EwzrUTHlStNjZDQIQIDAQAB
o4IC0zCCAs8wHQYDVR0OBBYEFMoZwUn+boExAKzSrDdfN+iXrOkGMB8GA1UdIwQY
MBaAFMOYBg8b8i8JmcsHGxtCaW28Q+EMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAt
YzkyN2I4YzJjN2M0LzEveWhuQlNmNXVnVEVBck5Lc04xODM2SmVzNlFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAtYzkyN2I4YzJjN2M0
LzEvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHoBggrBgEFBQcBBwEB/wSB2DCB1TCBlwQCAAEwgZADBAMF
4igDBAMu/2gDBARN9VADBARQ9rADBARRGDADBAdSyQADBAVT20ADBAVX+oADBANd
vPgDBANe98ADBAK5HJQDBAK5N4ADBATBWzADBADBvYYDBAHCaYoDBAbUzMADBAXV
gqADBAXVhSADBAbVxcADBAbVzkADBATZc8ADBATZlFADBATZlUADBAXZwmAwOQQC
AAIwMwMHACABBnwBpAMFAyABCJgDBQAgAQmgAwUAIAEUoAMFACABQOADBQAqAg8Y
AwUAKgIPMDANBgkqhkiG9w0BAQsFAAOCAQEARgY+qmrbXfPsa106GnqOO/vTIjtd
Il2EbaxoG5OzUisQK8UC2NiB/LzXMRQfHFff6J9bRzoqeBlI2EcQVMSqZfBORKjK
STMy2/uAJF2rvDAg8qaMRID28Zv1SumkgSr+NtL83wOTFkTi098R9G5KkaMsgFDl
Q412IPxE2IBMYgTx0QEoWmsPw0T07vLQrMGsZD5xcUZQVI+7DVihzzM/wC6d/CBu
pIYgQV0A0sC1Q3IKXWXSxf/bhiRQoXdBX0QFKCFjbTL8cZUNwbGitVtxAngiyvZe
veWvxL+nRFYewTRANpX++Yn5a/kpwX+RUDAA5PiyM5BIPGpW4JSeltBxeA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:02 2024 by rpki-client on console-fra.rpki-client.org