Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/txjmX19YJY24CZsSlURvToq_ekc.roa
File: txjmX19YJY24CZsSlURvToq_ekc.roa (raw, json)
Hash identifier: jDfvISFKmJFleTG48BJCby/HP3mqyw0teDZaaiXAHQM=
Subject key identifier: B7:18:E6:5F:5F:58:25:8D:B8:09:9B:12:95:44:6F:4E:8A:BF:7A:47
Certificate issuer: /CN=94948e5f2fa04b222a6e96883b840f7124531556
Certificate serial: 09E9A92A
Authority key identifier: 94:94:8E:5F:2F:A0:4B:22:2A:6E:96:88:3B:84:0F:71:24:53:15:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lJSOXy-gSyIqbpaIO4QPcSRTFVY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/txjmX19YJY24CZsSlURvToq_ekc.roa
Signing time: Sat 01 Jan 2022 13:58:28 +0000
ROA not before: Sat 01 Jan 2022 13:58:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60117
IP address blocks: 185.117.73.0/24 maxlen: 24
185.117.72.0/24 maxlen: 24
185.117.74.0/24 maxlen: 24
185.117.75.0/24 maxlen: 24
185.198.58.0/24 maxlen: 24
185.198.57.0/24 maxlen: 24
185.198.56.0/24 maxlen: 24
185.198.59.0/24 maxlen: 24
185.183.96.0/24 maxlen: 24
185.183.98.0/24 maxlen: 24
185.183.97.0/24 maxlen: 24
185.183.99.0/24 maxlen: 24
188.116.36.0/24 maxlen: 24
185.141.24.0/24 maxlen: 24
185.141.26.0/24 maxlen: 24
185.141.25.0/24 maxlen: 24
185.141.27.0/24 maxlen: 24
194.36.188.0/24 maxlen: 24
194.36.190.0/24 maxlen: 24
194.36.189.0/24 maxlen: 24
194.36.191.0/24 maxlen: 24
185.45.192.0/24 maxlen: 24
185.82.201.0/24 maxlen: 24
185.82.200.0/24 maxlen: 24
185.82.203.0/24 maxlen: 24
185.82.202.0/24 maxlen: 24
185.45.193.0/24 maxlen: 24
185.45.194.0/24 maxlen: 24
185.45.195.0/24 maxlen: 24
185.106.121.0/24 maxlen: 24
185.244.148.0/24 maxlen: 24
185.106.120.0/24 maxlen: 24
185.106.123.0/24 maxlen: 24
185.244.150.0/24 maxlen: 24
185.106.122.0/24 maxlen: 24
185.244.149.0/24 maxlen: 24
185.244.151.0/24 maxlen: 24
212.8.251.0/24 maxlen: 24
2a05:9341::/32 maxlen: 32
2a05:9342::/32 maxlen: 32
2a04:dd00::/29 maxlen: 29
2a06:3d80::/29 maxlen: 29
2a04:dd01::/32 maxlen: 32
2a05:9340::/32 maxlen: 32
2a04:dd00::/32 maxlen: 32
2a03:660::/32 maxlen: 32
2a04:dd02::/32 maxlen: 32
2a05:9340::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 166308138 (0x9e9a92a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94948e5f2fa04b222a6e96883b840f7124531556
Validity
Not Before: Jan 1 13:58:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b718e65f5f58258db8099b1295446f4e8abf7a47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:9f:ab:41:8a:81:99:86:85:dc:0f:fb:de:2c:
21:66:47:b0:16:f6:1e:89:85:e9:84:3b:a7:8c:fa:
c5:fa:ac:1e:7d:1b:df:33:ba:e1:67:9a:a2:45:e2:
d3:ff:d3:4b:3a:87:53:07:b1:b2:9c:12:ad:4e:50:
56:be:2f:fd:6a:23:ff:70:c2:e6:b4:81:a8:de:39:
c9:4a:94:34:a0:a6:51:4d:a2:35:fa:fc:23:dd:8f:
70:8f:5d:88:a8:c3:ba:a5:5d:ba:7b:55:50:e2:51:
04:08:01:b3:be:be:d3:cc:74:e0:1b:70:67:0e:ab:
73:c3:98:62:06:5e:c9:08:c7:47:fe:e7:3b:f2:ce:
f9:66:df:d9:47:e5:e4:dc:48:fc:50:15:76:2b:7c:
f3:65:64:6d:1e:71:ac:0c:a6:d4:46:fe:37:66:0e:
3a:52:0e:5d:b3:5a:d5:3a:a6:88:99:8d:95:73:3a:
39:77:7f:0e:02:88:f7:d5:87:1e:fc:a0:b8:32:d1:
39:5c:a7:fd:da:b7:f6:0a:46:50:2a:31:6b:b3:d3:
ed:ae:3f:65:9e:74:e6:14:56:38:e3:83:cb:0f:bc:
5f:f8:64:d2:cf:3d:53:a6:0c:cd:d6:a0:80:de:4a:
cf:bd:1e:87:20:c9:93:6f:0b:74:11:ca:6e:c7:55:
4c:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:18:E6:5F:5F:58:25:8D:B8:09:9B:12:95:44:6F:4E:8A:BF:7A:47
X509v3 Authority Key Identifier:
keyid:94:94:8E:5F:2F:A0:4B:22:2A:6E:96:88:3B:84:0F:71:24:53:15:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lJSOXy-gSyIqbpaIO4QPcSRTFVY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/txjmX19YJY24CZsSlURvToq_ekc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/lJSOXy-gSyIqbpaIO4QPcSRTFVY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.45.192.0/22
185.82.200.0/22
185.106.120.0/22
185.117.72.0/22
185.141.24.0/22
185.183.96.0/22
185.198.56.0/22
185.244.148.0/22
188.116.36.0/24
194.36.188.0/22
212.8.251.0/24
IPv6:
2a03:660::/32
2a04:dd00::/29
2a05:9340::/29
2a06:3d80::/29
Signature Algorithm: sha256WithRSAEncryption
82:ce:79:c6:41:0b:6b:85:99:cb:81:01:90:4e:50:9a:02:2d:
38:96:47:41:c9:e5:fb:c7:eb:c0:3c:02:c8:22:07:23:2a:2e:
e4:55:b8:e3:4b:de:69:7c:9b:79:35:ac:79:9a:0e:1e:66:7c:
8c:8d:19:33:ce:d0:82:04:9a:fc:86:aa:a9:7d:2c:fd:2f:6e:
d2:f8:26:4b:d2:c3:27:cd:33:90:3a:59:59:51:27:de:0b:47:
3e:39:50:3f:d7:73:af:29:da:b1:d2:04:94:a5:db:fd:3e:b1:
b8:e1:05:68:7f:1d:12:d7:6c:1f:b5:83:cf:90:fe:ec:e4:3b:
4a:d1:87:c5:fd:79:ee:42:a6:43:be:07:6b:f4:53:9d:a3:a8:
99:85:21:5c:bc:43:8f:12:f2:a3:3d:3f:5f:9b:c2:2a:a8:c6:
96:0d:f9:fd:e7:f5:da:27:50:ad:49:2f:61:a3:f4:3f:3a:95:
71:2c:5f:4c:55:f4:6f:c7:56:3a:05:63:e4:25:25:86:37:29:
63:02:a1:98:df:96:44:b8:e6:46:40:a2:85:ce:25:46:e3:f6:
17:9b:74:9a:8a:cd:64:1e:0f:eb:0e:e9:a2:64:63:8c:76:54:
2c:a8:bf:53:71:4e:73:0f:37:a3:c6:56:3c:ca:6b:37:64:11:
ca:95:39:1a
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIECempKjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDk0OGU1ZjJmYTA0YjIyMmE2ZTk2ODgzYjg0MGY3MTI0NTMxNTU2MB4XDTIyMDEw
MTEzNTgyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjcxOGU2NWY1ZjU4
MjU4ZGI4MDk5YjEyOTU0NDZmNGU4YWJmN2E0NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPOfq0GKgZmGhdwP+94sIWZHsBb2HomF6YQ7p4z6xfqsHn0b
3zO64WeaokXi0//TSzqHUwexspwSrU5QVr4v/Woj/3DC5rSBqN45yUqUNKCmUU2i
Nfr8I92PcI9diKjDuqVduntVUOJRBAgBs76+08x04BtwZw6rc8OYYgZeyQjHR/7n
O/LO+Wbf2Ufl5NxI/FAVdit882VkbR5xrAym1Eb+N2YOOlIOXbNa1TqmiJmNlXM6
OXd/DgKI99WHHvyguDLROVyn/dq39gpGUCoxa7PT7a4/ZZ505hRWOOODyw+8X/hk
0s89U6YMzdaggN5Kz70ehyDJk28LdBHKbsdVTEUCAwEAAaOCAmkwggJlMB0GA1Ud
DgQWBBS3GOZfX1gljbgJmxKVRG9Oir96RzAfBgNVHSMEGDAWgBSUlI5fL6BLIipu
log7hA9xJFMVVjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xKU09YeS1nU3lJcWJwYUlPNFFQY1NSVEZWWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzMvZWM0OGJlLTkyNTAtNGY3Yy05Yzg3LTY0MWI4ZTYwZDNlMi8x
L3R4am1YMTlZSlkyNENac1NsVVJ2VG9xX2VrYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMv
ZWM0OGJlLTkyNTAtNGY3Yy05Yzg3LTY0MWI4ZTYwZDNlMi8xL2xKU09YeS1nU3lJ
cWJwYUlPNFFQY1NSVEZWWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB/
BggrBgEFBQcBBwEB/wRwMG4wSAQCAAEwQgMEArktwAMEArlSyAMEArlqeAMEArl1
SAMEArmNGAMEArm3YAMEArnGOAMEArn0lAMEALx0JAMEAsIkvAMEANQI+zAiBAIA
AjAcAwUAKgMGYAMFAyoE3QADBQMqBZNAAwUDKgY9gDANBgkqhkiG9w0BAQsFAAOC
AQEAgs55xkELa4WZy4EBkE5QmgItOJZHQcnl+8frwDwCyCIHIyou5FW440veaXyb
eTWseZoOHmZ8jI0ZM87QggSa/IaqqX0s/S9u0vgmS9LDJ80zkDpZWVEn3gtHPjlQ
P9dzrynasdIElKXb/T6xuOEFaH8dEtdsH7WDz5D+7OQ7StGHxf157kKmQ74Ha/RT
naOomYUhXLxDjxLyoz0/X5vCKqjGlg35/ef12idQrUkvYaP0PzqVcSxfTFX0b8dW
OgVj5CUlhjcpYwKhmN+WRLjmRkCihc4lRuP2F5t0morNZB4P6w7pomRjjHZULKi/
U3FOcw83o8ZWPMprN2QRypU5Gg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:55 2024 by rpki-client on console-fra.rpki-client.org