Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/18VHGi-6X_D8XbJ1gqBDPXzqcgs.roa
File: 18VHGi-6X_D8XbJ1gqBDPXzqcgs.roa (raw, json)
Hash identifier: OWdMWjNUWd/PH1ou5GF469BGj0TqhmNxeFuusAKb5pM=
Subject key identifier: D7:C5:47:1A:2F:BA:5F:F0:FC:5D:B2:75:82:A0:43:3D:7C:EA:72:0B
Certificate issuer: /CN=c41c7221ede3af5ee92e3206af2f18bd010d5dd9
Certificate serial: 058151B6
Authority key identifier: C4:1C:72:21:ED:E3:AF:5E:E9:2E:32:06:AF:2F:18:BD:01:0D:5D:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/18VHGi-6X_D8XbJ1gqBDPXzqcgs.roa
Signing time: Sat 01 Jan 2022 10:58:07 +0000
ROA not before: Sat 01 Jan 2022 10:58:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35745
IP address blocks: 37.131.160.0/20 maxlen: 20
95.178.0.0/21 maxlen: 21
93.175.128.0/20 maxlen: 20
93.175.129.0/24 maxlen: 24
188.125.224.0/19 maxlen: 19
46.20.58.0/24 maxlen: 24
91.206.108.0/23 maxlen: 23
128.127.80.0/20 maxlen: 20
128.127.80.0/21 maxlen: 21
91.208.50.0/24 maxlen: 24
95.178.96.0/21 maxlen: 21
95.178.92.0/22 maxlen: 22
95.178.104.0/23 maxlen: 23
185.15.232.0/22 maxlen: 22
46.20.48.0/20 maxlen: 20
79.139.96.0/20 maxlen: 20
188.125.244.0/22 maxlen: 22
95.178.40.0/21 maxlen: 21
188.125.242.0/23 maxlen: 23
213.109.32.0/20 maxlen: 20
213.109.40.0/24 maxlen: 24
213.109.39.0/24 maxlen: 24
2a00:10a0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92361142 (0x58151b6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c41c7221ede3af5ee92e3206af2f18bd010d5dd9
Validity
Not Before: Jan 1 10:58:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d7c5471a2fba5ff0fc5db27582a0433d7cea720b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:ff:2c:9b:2f:64:0e:00:35:2b:28:4c:42:7f:
75:f8:33:91:e9:85:f8:f4:ab:80:7e:b4:a0:5d:61:
f9:c9:7b:19:3a:99:ad:e4:5f:ca:c3:f0:14:d8:39:
48:39:e8:c2:89:f2:f3:8d:fd:44:92:fd:c4:3b:ea:
c4:83:9d:b0:69:8b:27:87:18:4c:a9:76:5b:4d:71:
1c:16:51:2c:2c:ea:a9:22:be:af:b3:2c:78:d3:21:
3b:40:3a:e8:83:0e:e0:f5:ea:1c:70:cb:51:c7:4a:
d1:4d:46:7e:79:f3:1a:51:d6:14:75:cb:48:f4:ff:
6c:d8:53:cb:61:0f:dd:a8:b0:a4:ac:e7:ee:57:66:
35:15:7a:1d:a9:75:72:16:8a:d7:2c:05:ff:d7:67:
15:64:e5:4e:ff:b8:14:03:35:23:aa:26:1d:d9:af:
81:4d:fc:04:e0:99:27:36:6f:25:0a:7e:8e:45:a3:
b2:f3:3e:29:46:04:8d:0f:bb:df:38:80:ea:fa:22:
58:e7:3c:fb:b3:66:34:3c:ad:47:d6:21:b1:35:ad:
3e:5b:8d:b7:5a:e4:d5:d1:c3:d6:62:59:99:c5:30:
5b:48:b8:ae:87:33:a9:61:9f:36:27:4b:9b:bf:77:
06:db:a2:c1:c0:0a:6d:99:c7:8b:89:fd:b8:85:a2:
60:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:C5:47:1A:2F:BA:5F:F0:FC:5D:B2:75:82:A0:43:3D:7C:EA:72:0B
X509v3 Authority Key Identifier:
keyid:C4:1C:72:21:ED:E3:AF:5E:E9:2E:32:06:AF:2F:18:BD:01:0D:5D:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/18VHGi-6X_D8XbJ1gqBDPXzqcgs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/xBxyIe3jr17pLjIGry8YvQENXdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.131.160.0/20
46.20.48.0/20
79.139.96.0/20
91.206.108.0/23
91.208.50.0/24
93.175.128.0/20
95.178.0.0/21
95.178.40.0/21
95.178.92.0-95.178.105.255
128.127.80.0/20
185.15.232.0/22
188.125.224.0/19
213.109.32.0/20
IPv6:
2a00:10a0::/32
Signature Algorithm: sha256WithRSAEncryption
41:2f:6b:a1:bc:4c:fd:46:a3:01:de:9d:55:10:ec:4d:3f:87:
17:5b:51:5f:d1:c9:d4:b0:dc:05:04:3e:b1:63:ca:b0:20:9a:
83:2c:35:1f:1b:33:cf:5a:4e:7f:1d:60:e4:1e:32:f6:2c:68:
41:79:b0:e4:b8:05:f2:14:71:e5:82:5f:bc:37:8e:50:f4:e3:
a5:4c:0e:40:27:3b:f3:93:57:51:d6:af:79:6e:14:9b:e2:94:
dd:02:06:25:79:58:2d:14:b3:f7:12:94:0a:d6:8d:93:64:8e:
fc:69:bc:a7:45:53:c4:db:73:d3:1a:3d:2b:68:13:e2:0c:80:
4e:d3:f5:62:e0:9e:79:93:4b:25:6a:51:96:e9:3a:88:4e:d5:
61:13:77:72:16:34:01:9c:2a:10:ff:12:16:82:7a:ca:c0:99:
e7:7e:37:16:98:fb:41:87:dd:48:05:d6:34:de:69:b8:3f:1d:
42:95:5c:df:09:73:42:b7:24:b6:fb:e0:6f:f0:85:c4:e6:67:
d2:42:68:91:8d:95:7c:93:c2:56:3c:f8:b7:02:af:5b:e2:b9:
36:56:af:fc:43:76:a2:06:8c:e0:d9:06:a5:0a:bb:28:ca:3d:
6c:02:c3:05:9d:46:f9:fd:75:a7:73:7d:f2:97:83:ab:51:67:
b1:9c:bf:cf
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgIEBYFRtjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDFjNzIyMWVkZTNhZjVlZTkyZTMyMDZhZjJmMThiZDAxMGQ1ZGQ5MB4XDTIyMDEw
MTEwNTgwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDdjNTQ3MWEyZmJh
NWZmMGZjNWRiMjc1ODJhMDQzM2Q3Y2VhNzIwYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANr/LJsvZA4ANSsoTEJ/dfgzkemF+PSrgH60oF1h+cl7GTqZ
reRfysPwFNg5SDnowony8439RJL9xDvqxIOdsGmLJ4cYTKl2W01xHBZRLCzqqSK+
r7MseNMhO0A66IMO4PXqHHDLUcdK0U1GfnnzGlHWFHXLSPT/bNhTy2EP3aiwpKzn
7ldmNRV6Hal1chaK1ywF/9dnFWTlTv+4FAM1I6omHdmvgU38BOCZJzZvJQp+jkWj
svM+KUYEjQ+73ziA6voiWOc8+7NmNDytR9YhsTWtPluNt1rk1dHD1mJZmcUwW0i4
roczqWGfNidLm793BtuiwcAKbZnHi4n9uIWiYGUCAwEAAaOCAmgwggJkMB0GA1Ud
DgQWBBTXxUcaL7pf8PxdsnWCoEM9fOpyCzAfBgNVHSMEGDAWgBTEHHIh7eOvXuku
MgavLxi9AQ1d2TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hCeHlJZTNqcjE3cExqSUdyeThZdlFFTlhkay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjgvZTk5YjM1LThjZjYtNDkzNC1hNTkxLTk5MzBmMjE5NGEwZS8x
LzE4VkhHaS02WF9EOFhiSjFncUJEUFh6cWNncy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjgv
ZTk5YjM1LThjZjYtNDkzNC1hNTkxLTk5MzBmMjE5NGEwZS8xL3hCeHlJZTNqcjE3
cExqSUdyeThZdlFFTlhkay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB+
BggrBgEFBQcBBwEB/wRvMG0wXAQCAAEwVgMEBCWDoAMEBC4UMAMEBE+LYAMEAVvO
bAMEAFvQMgMEBF2vgAMEA1+yAAMEA1+yKDAMAwQCX7JcAwQBX7JoAwQEgH9QAwQC
uQ/oAwQFvH3gAwQE1W0gMA0EAgACMAcDBQAqABCgMA0GCSqGSIb3DQEBCwUAA4IB
AQBBL2uhvEz9RqMB3p1VEOxNP4cXW1Ff0cnUsNwFBD6xY8qwIJqDLDUfGzPPWk5/
HWDkHjL2LGhBebDkuAXyFHHlgl+8N45Q9OOlTA5AJzvzk1dR1q95bhSb4pTdAgYl
eVgtFLP3EpQK1o2TZI78abynRVPE23PTGj0raBPiDIBO0/Vi4J55k0slalGW6TqI
TtVhE3dyFjQBnCoQ/xIWgnrKwJnnfjcWmPtBh91IBdY03mm4Px1ClVzfCXNCtyS2
++Bv8IXE5mfSQmiRjZV8k8JWPPi3Aq9b4rk2Vq/8Q3aiBozg2QalCrsoyj1sAsMF
nUb5/XWnc33yl4OrUWexnL/P
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:26 2024 by rpki-client on console-ams.rpki-client.org