Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/e7549e-5b25-4200-88b9-4e4a35dd3677/1/RMCudYmprsuHD0yXh267AIV1dT8.roa
File: RMCudYmprsuHD0yXh267AIV1dT8.roa (raw, json)
Hash identifier: /CavMpMjZMn1Drbkh+3TiNtIwBKVH5ijMqcgE5/vhAk=
Subject key identifier: 44:C0:AE:75:89:A9:AE:CB:87:0F:4C:97:87:6E:BB:00:85:75:75:3F
Certificate issuer: /CN=8c060040ef3a0823aa973f0d0592b1dda808f782
Certificate serial: 09194501
Authority key identifier: 8C:06:00:40:EF:3A:08:23:AA:97:3F:0D:05:92:B1:DD:A8:08:F7:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jAYAQO86CCOqlz8NBZKx3agI94I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/e7549e-5b25-4200-88b9-4e4a35dd3677/1/RMCudYmprsuHD0yXh267AIV1dT8.roa
Signing time: Fri 03 Jun 2022 10:00:20 +0000
ROA not before: Fri 03 Jun 2022 10:00:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20900
IP address blocks: 31.217.232.0/21 maxlen: 24
185.182.252.0/22 maxlen: 24
213.190.64.0/19 maxlen: 24
78.159.132.0/22 maxlen: 22
195.78.82.0/24 maxlen: 24
78.159.148.0/24 maxlen: 24
45.11.208.0/22 maxlen: 22
91.214.114.0/23 maxlen: 23
91.214.114.0/24 maxlen: 24
91.214.115.0/24 maxlen: 24
2001:1b08::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 152651009 (0x9194501)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c060040ef3a0823aa973f0d0592b1dda808f782
Validity
Not Before: Jun 3 10:00:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=44c0ae7589a9aecb870f4c97876ebb008575753f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e5:53:65:a4:d7:60:60:5f:95:7a:97:2f:56:
7a:cd:df:0e:68:a3:25:76:13:b3:1b:18:98:0e:22:
b5:83:ce:3d:2d:55:38:08:54:33:12:ff:bb:7c:d3:
4c:12:fa:4a:77:01:e7:32:54:7e:5f:3b:c8:23:18:
3a:84:c4:1d:3c:5d:d8:c4:32:1c:4d:16:79:52:e9:
45:1d:9d:11:b3:aa:48:5b:d1:d9:11:56:cb:84:5b:
ca:6e:3b:48:0b:bd:9c:dc:74:4c:83:92:51:cd:a3:
15:1b:db:fe:2c:06:46:fa:c0:36:d4:23:67:e0:0b:
98:96:e5:12:62:bb:07:fb:97:85:9c:5d:98:2a:a2:
79:43:10:49:58:79:9f:85:a2:98:10:c9:70:0b:f6:
cc:32:51:3c:14:59:61:34:f9:a5:22:9e:b3:9e:57:
74:5c:d9:43:38:5c:6c:93:e4:80:dd:51:50:5c:4d:
e6:4d:e8:ee:17:c9:9a:8d:e7:77:c9:6b:86:6f:af:
df:a8:8c:37:97:95:e8:82:f2:fe:ef:53:13:d5:f3:
cc:15:9d:09:6b:2c:b5:85:55:ed:e2:6a:ab:c6:78:
e0:ec:a6:18:3a:5a:d9:22:e5:e8:27:77:7c:a6:2c:
4e:7f:1b:a6:8c:26:15:d5:ec:a0:b9:34:ed:6f:a2:
38:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:C0:AE:75:89:A9:AE:CB:87:0F:4C:97:87:6E:BB:00:85:75:75:3F
X509v3 Authority Key Identifier:
keyid:8C:06:00:40:EF:3A:08:23:AA:97:3F:0D:05:92:B1:DD:A8:08:F7:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jAYAQO86CCOqlz8NBZKx3agI94I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e7549e-5b25-4200-88b9-4e4a35dd3677/1/RMCudYmprsuHD0yXh267AIV1dT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e7549e-5b25-4200-88b9-4e4a35dd3677/1/jAYAQO86CCOqlz8NBZKx3agI94I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.217.232.0/21
45.11.208.0/22
78.159.132.0/22
78.159.148.0/24
91.214.114.0/23
185.182.252.0/22
195.78.82.0/24
213.190.64.0/19
IPv6:
2001:1b08::/32
Signature Algorithm: sha256WithRSAEncryption
a0:e6:ea:67:32:04:70:ca:37:bd:84:2c:90:17:df:fc:3d:85:
f7:83:58:ec:c9:fe:4b:5a:d3:08:de:b4:37:f9:a2:3f:06:18:
ff:dc:2d:e9:51:df:be:1e:74:8b:05:c1:3b:43:bd:92:61:00:
b1:ba:3a:7d:73:db:69:6c:8c:b6:9b:83:a5:d1:b2:56:28:73:
85:e2:ed:c1:ce:bc:e2:11:16:fd:14:21:af:26:2e:0f:c0:17:
89:49:50:0f:1c:ba:39:4d:3f:ca:77:93:15:aa:5d:e4:2c:c6:
e2:cd:c0:58:fc:00:11:c1:bb:54:f5:a0:5c:14:a2:a6:49:68:
ad:57:49:e0:46:52:a5:d9:f5:1a:10:70:44:16:fd:68:51:3a:
fa:60:f2:5f:eb:ab:dd:ca:b9:5e:37:fe:37:c6:34:6e:32:ee:
1f:44:00:22:44:aa:17:98:6e:17:c9:21:23:2c:43:61:fc:d7:
38:20:5e:e5:d0:e7:8f:ce:08:c0:d3:51:45:1c:7f:a7:13:0c:
35:c2:54:2e:fb:9a:a2:c7:85:23:31:cd:c1:7b:de:66:2f:cb:
4a:d0:b6:97:ad:32:0e:42:b2:7c:6a:cc:ae:6c:a8:e2:b6:4e:
68:0b:3d:b3:fb:88:cc:b7:e7:af:53:ee:16:ce:3c:3f:51:44:
99:44:c1:0c
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIECRlFATANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YzA2MDA0MGVmM2EwODIzYWE5NzNmMGQwNTkyYjFkZGE4MDhmNzgyMB4XDTIyMDYw
MzEwMDAyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDRjMGFlNzU4OWE5
YWVjYjg3MGY0Yzk3ODc2ZWJiMDA4NTc1NzUzZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMPlU2Wk12BgX5V6ly9Wes3fDmijJXYTsxsYmA4itYPOPS1V
OAhUMxL/u3zTTBL6SncB5zJUfl87yCMYOoTEHTxd2MQyHE0WeVLpRR2dEbOqSFvR
2RFWy4Rbym47SAu9nNx0TIOSUc2jFRvb/iwGRvrANtQjZ+ALmJblEmK7B/uXhZxd
mCqieUMQSVh5n4WimBDJcAv2zDJRPBRZYTT5pSKes55XdFzZQzhcbJPkgN1RUFxN
5k3o7hfJmo3nd8lrhm+v36iMN5eV6ILy/u9TE9XzzBWdCWsstYVV7eJqq8Z44Oym
GDpa2SLl6Cd3fKYsTn8bpowmFdXsoLk07W+iOFkCAwEAAaOCAkIwggI+MB0GA1Ud
DgQWBBREwK51iamuy4cPTJeHbrsAhXV1PzAfBgNVHSMEGDAWgBSMBgBA7zoII6qX
Pw0FkrHdqAj3gjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pBWUFRTzg2Q0NPcWx6OE5CWkt4M2FnSTk0SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjkvZTc1NDllLTViMjUtNDIwMC04OGI5LTRlNGEzNWRkMzY3Ny8x
L1JNQ3VkWW1wcnN1SEQweVhoMjY3QUlWMWRUOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjkv
ZTc1NDllLTViMjUtNDIwMC04OGI5LTRlNGEzNWRkMzY3Ny8xL2pBWUFRTzg2Q0NP
cWx6OE5CWkt4M2FnSTk0SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBY
BggrBgEFBQcBBwEB/wRJMEcwNgQCAAEwMAMEAx/Z6AMEAi0L0AMEAk6fhAMEAE6f
lAMEAVvWcgMEArm2/AMEAMNOUgMEBdW+QDANBAIAAjAHAwUAIAEbCDANBgkqhkiG
9w0BAQsFAAOCAQEAoObqZzIEcMo3vYQskBff/D2F94NY7Mn+S1rTCN60N/miPwYY
/9wt6VHfvh50iwXBO0O9kmEAsbo6fXPbaWyMtpuDpdGyVihzheLtwc684hEW/RQh
ryYuD8AXiUlQDxy6OU0/yneTFapd5CzG4s3AWPwAEcG7VPWgXBSipklorVdJ4EZS
pdn1GhBwRBb9aFE6+mDyX+ur3cq5Xjf+N8Y0bjLuH0QAIkSqF5huF8khIyxDYfzX
OCBe5dDnj84IwNNRRRx/pxMMNcJULvuaoseFIzHNwXveZi/LStC2l60yDkKyfGrM
rmyo4rZOaAs9s/uIzLfnr1PuFs48P1FEmUTBDA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:20 2024 by rpki-client on console-fra.rpki-client.org