Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/y_V8WDprA5hZIfXHAyrEyLfkfsg.roa
File: y_V8WDprA5hZIfXHAyrEyLfkfsg.roa (raw, json)
Hash identifier: XouQTMcP1NqWMgSScnefTUQArWZnuqfqYkqo+12NHHI=
Subject key identifier: CB:F5:7C:58:3A:6B:03:98:59:21:F5:C7:03:2A:C4:C8:B7:E4:7E:C8
Certificate issuer: /CN=94948e5f2fa04b222a6e96883b840f7124531556
Certificate serial: 018571D7A3A6B503BA54D5129FF3390BB827
Authority key identifier: 94:94:8E:5F:2F:A0:4B:22:2A:6E:96:88:3B:84:0F:71:24:53:15:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lJSOXy-gSyIqbpaIO4QPcSRTFVY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/y_V8WDprA5hZIfXHAyrEyLfkfsg.roa
Signing time: Mon 02 Jan 2023 09:37:15 +0000
ROA not before: Mon 02 Jan 2023 09:37:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60117
IP address blocks: 185.117.73.0/24 maxlen: 24
185.117.72.0/24 maxlen: 24
185.117.74.0/24 maxlen: 24
185.117.75.0/24 maxlen: 24
185.198.58.0/24 maxlen: 24
185.198.57.0/24 maxlen: 24
185.198.56.0/24 maxlen: 24
185.198.59.0/24 maxlen: 24
185.141.24.0/24 maxlen: 24
185.141.26.0/24 maxlen: 24
185.141.25.0/24 maxlen: 24
185.141.27.0/24 maxlen: 24
194.36.188.0/24 maxlen: 24
194.36.190.0/24 maxlen: 24
194.36.189.0/24 maxlen: 24
194.36.191.0/24 maxlen: 24
185.45.192.0/24 maxlen: 24
185.82.201.0/24 maxlen: 24
185.82.200.0/24 maxlen: 24
185.82.203.0/24 maxlen: 24
185.82.202.0/24 maxlen: 24
185.45.193.0/24 maxlen: 24
185.45.194.0/24 maxlen: 24
185.45.195.0/24 maxlen: 24
185.106.121.0/24 maxlen: 24
185.244.148.0/24 maxlen: 24
185.106.120.0/24 maxlen: 24
185.244.150.0/24 maxlen: 24
185.106.123.0/24 maxlen: 24
185.244.149.0/24 maxlen: 24
185.106.122.0/24 maxlen: 24
185.244.151.0/24 maxlen: 24
212.8.251.0/24 maxlen: 24
185.183.96.0/24 maxlen: 24
185.183.98.0/24 maxlen: 24
185.183.97.0/24 maxlen: 24
185.183.99.0/24 maxlen: 24
188.116.36.0/24 maxlen: 24
2a05:9341::/32 maxlen: 32
2a05:9342::/32 maxlen: 32
2a05:9340::/32 maxlen: 32
2a03:660::/32 maxlen: 32
2a04:dd02::/32 maxlen: 32
2a05:9340::/29 maxlen: 29
2a0e:df40::/32 maxlen: 32
2a04:dd00::/29 maxlen: 29
2a06:3d80::/29 maxlen: 29
2a04:dd01::/32 maxlen: 32
2a04:dd00::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:a3:a6:b5:03:ba:54:d5:12:9f:f3:39:0b:b8:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94948e5f2fa04b222a6e96883b840f7124531556
Validity
Not Before: Jan 2 09:37:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cbf57c583a6b03985921f5c7032ac4c8b7e47ec8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:3d:ae:c2:3b:ad:97:2d:4a:40:96:ea:50:70:
bf:82:b1:76:81:4e:b2:ee:ca:2c:ff:af:fb:bb:4e:
60:90:0c:84:92:53:65:88:74:34:a9:61:cf:a5:08:
22:29:a1:26:04:fe:b7:4e:9c:b7:6d:8b:b4:6f:d5:
8e:df:b2:c3:0d:27:6c:b6:3e:04:0f:df:ef:2d:60:
5a:02:39:51:ac:50:1e:f2:6d:b2:80:93:cd:b6:a4:
77:c3:58:0f:08:6c:4f:84:44:c6:1b:13:96:67:7c:
cb:7f:35:46:09:8d:14:93:5b:8f:93:dd:bf:b4:8b:
f1:df:6b:8d:00:de:7c:be:91:50:1b:4c:d2:84:b6:
0a:f1:7b:ab:81:35:3e:6d:49:38:f1:74:b4:86:79:
82:7e:87:93:30:a4:86:d2:80:88:b3:c3:ee:82:87:
a3:71:5a:e5:27:50:1f:de:eb:23:48:e2:01:32:26:
74:b0:85:cd:41:cc:2c:38:0e:7c:d0:20:a5:b7:1b:
be:51:c6:f1:fc:53:7b:bf:7f:6f:39:78:99:ba:3e:
ba:5e:76:02:b8:66:61:f6:59:73:cf:3c:62:95:6c:
8d:7a:6f:3b:04:0c:a8:b6:c9:81:49:c3:c2:7d:44:
9d:fe:ed:4c:54:1c:81:eb:24:fe:a0:ba:f7:3d:4e:
4d:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:F5:7C:58:3A:6B:03:98:59:21:F5:C7:03:2A:C4:C8:B7:E4:7E:C8
X509v3 Authority Key Identifier:
keyid:94:94:8E:5F:2F:A0:4B:22:2A:6E:96:88:3B:84:0F:71:24:53:15:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lJSOXy-gSyIqbpaIO4QPcSRTFVY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/y_V8WDprA5hZIfXHAyrEyLfkfsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/lJSOXy-gSyIqbpaIO4QPcSRTFVY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.45.192.0/22
185.82.200.0/22
185.106.120.0/22
185.117.72.0/22
185.141.24.0/22
185.183.96.0/22
185.198.56.0/22
185.244.148.0/22
188.116.36.0/24
194.36.188.0/22
212.8.251.0/24
IPv6:
2a03:660::/32
2a04:dd00::/29
2a05:9340::/29
2a06:3d80::/29
2a0e:df40::/32
Signature Algorithm: sha256WithRSAEncryption
ba:4f:5d:30:d3:11:8e:64:10:a1:ca:5a:3a:81:04:c5:c4:b9:
b4:23:41:7a:35:bc:e3:dc:d9:a6:88:b3:00:ed:24:df:1c:2f:
91:f0:1b:06:03:b5:ca:a3:d2:ee:61:be:44:7e:20:d2:e0:60:
98:41:24:bd:68:4f:a2:b1:41:4a:26:d0:d0:76:96:18:d6:6e:
15:dc:c3:66:5c:bf:ee:cc:69:20:f9:65:f2:f4:ba:c8:9d:19:
16:18:54:6e:90:a9:90:fb:f1:e9:45:47:ae:df:e2:5f:8d:39:
9b:3b:51:96:af:b0:3f:38:ef:37:7d:60:b9:0d:5b:f7:b0:a8:
9e:c3:be:57:d4:0c:ea:e6:51:c6:95:52:5f:d6:70:96:98:e6:
75:4a:59:e3:e8:c2:89:b4:37:7c:e7:ec:94:a8:db:0e:18:91:
89:0a:ae:c2:ac:da:68:da:b5:5d:97:b9:c1:7b:74:fe:a9:04:
e6:3f:75:bc:71:3d:ca:d5:05:74:1a:e0:58:af:2c:28:34:0e:
1a:68:2d:22:07:fd:bb:81:4e:d3:ea:60:da:5a:7b:25:41:c9:
6b:51:bd:12:c8:75:66:cb:28:c6:5f:46:6b:1e:0e:e4:f9:20:
23:48:a2:d2:3c:09:10:5d:eb:21:e6:18:98:29:90:c1:3b:a1:
e4:95:23:1d
-----BEGIN CERTIFICATE-----
MIIFZTCCBE2gAwIBAgISAYVx16OmtQO6VNUSn/M5C7gnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0OTQ4ZTVmMmZhMDRiMjIyYTZlOTY4ODNiODQwZjcxMjQ1
MzE1NTYwHhcNMjMwMTAyMDkzNzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmY1N2M1ODNhNmIwMzk4NTkyMWY1YzcwMzJhYzRjOGI3ZTQ3ZWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwD2uwjutly1KQJbqUHC/grF2gU6y
7sos/6/7u05gkAyEklNliHQ0qWHPpQgiKaEmBP63Tpy3bYu0b9WO37LDDSdstj4E
D9/vLWBaAjlRrFAe8m2ygJPNtqR3w1gPCGxPhETGGxOWZ3zLfzVGCY0Uk1uPk92/
tIvx32uNAN58vpFQG0zShLYK8XurgTU+bUk48XS0hnmCfoeTMKSG0oCIs8Pugoej
cVrlJ1Af3usjSOIBMiZ0sIXNQcwsOA580CCltxu+Ucbx/FN7v39vOXiZuj66XnYC
uGZh9llzzzxilWyNem87BAyotsmBScPCfUSd/u1MVByB6yT+oLr3PU5N9wIDAQAB
o4ICcTCCAm0wHQYDVR0OBBYEFMv1fFg6awOYWSH1xwMqxMi35H7IMB8GA1UdIwQY
MBaAFJSUjl8voEsiKm6WiDuED3EkUxVWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEpTT1h5LWdTeUlxYnBhSU80UVBjU1JURlZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9lYzQ4YmUtOTI1MC00ZjdjLTljODct
NjQxYjhlNjBkM2UyLzEveV9WOFdEcHJBNWhaSWZYSEF5ckV5TGZrZnNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9lYzQ4YmUtOTI1MC00ZjdjLTljODctNjQxYjhlNjBkM2Uy
LzEvbEpTT1h5LWdTeUlxYnBhSU80UVBjU1JURlZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGGBggrBgEFBQcBBwEB/wR3MHUwSAQCAAEwQgMEArktwAME
ArlSyAMEArlqeAMEArl1SAMEArmNGAMEArm3YAMEArnGOAMEArn0lAMEALx0JAME
AsIkvAMEANQI+zApBAIAAjAjAwUAKgMGYAMFAyoE3QADBQMqBZNAAwUDKgY9gAMF
ACoO30AwDQYJKoZIhvcNAQELBQADggEBALpPXTDTEY5kEKHKWjqBBMXEubQjQXo1
vOPc2aaIswDtJN8cL5HwGwYDtcqj0u5hvkR+INLgYJhBJL1oT6KxQUom0NB2lhjW
bhXcw2Zcv+7MaSD5ZfL0usidGRYYVG6QqZD78elFR67f4l+NOZs7UZavsD847zd9
YLkNW/ewqJ7DvlfUDOrmUcaVUl/WcJaY5nVKWePowom0N3zn7JSo2w4YkYkKrsKs
2mjatV2XucF7dP6pBOY/dbxxPcrVBXQa4FivLCg0DhpoLSIH/buBTtPqYNpaeyVB
yWtRvRLIdWbLKMZfRmseDuT5ICNIotI8CRBd6yHmGJgpkME7oeSVIx0=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:32 2023 by rpki-client on console-fra.rpki-client.org