Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/ycMyRLHaZVd_1vmC06iM7LdJ4p0.roa
File: ycMyRLHaZVd_1vmC06iM7LdJ4p0.roa (raw, json)
Hash identifier: YbGGfQFQEtF53RZfaL+9/30JYgXni396Xysr0tbPXC4=
Subject key identifier: C9:C3:32:44:B1:DA:65:57:7F:D6:F9:82:D3:A8:8C:EC:B7:49:E2:9D
Certificate issuer: /CN=94948e5f2fa04b222a6e96883b840f7124531556
Certificate serial: 0186503125453104EB05B0F0B627FB8E4C4A
Authority key identifier: 94:94:8E:5F:2F:A0:4B:22:2A:6E:96:88:3B:84:0F:71:24:53:15:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lJSOXy-gSyIqbpaIO4QPcSRTFVY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/ycMyRLHaZVd_1vmC06iM7LdJ4p0.roa
Signing time: Tue 14 Feb 2023 13:50:43 +0000
ROA not before: Tue 14 Feb 2023 13:50:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60117
IP address blocks: 185.117.73.0/24 maxlen: 24
185.117.72.0/24 maxlen: 24
185.117.74.0/24 maxlen: 24
185.117.75.0/24 maxlen: 24
185.198.58.0/24 maxlen: 24
185.198.57.0/24 maxlen: 24
185.198.56.0/24 maxlen: 24
185.198.59.0/24 maxlen: 24
185.183.96.0/24 maxlen: 24
185.183.98.0/24 maxlen: 24
185.183.97.0/24 maxlen: 24
185.183.99.0/24 maxlen: 24
188.116.36.0/24 maxlen: 24
185.141.24.0/24 maxlen: 24
185.141.25.0/24 maxlen: 24
185.141.27.0/24 maxlen: 24
194.36.188.0/24 maxlen: 24
194.36.190.0/24 maxlen: 24
194.36.189.0/24 maxlen: 24
194.36.191.0/24 maxlen: 24
185.45.192.0/24 maxlen: 24
185.82.201.0/24 maxlen: 24
185.82.200.0/24 maxlen: 24
185.82.203.0/24 maxlen: 24
185.82.202.0/24 maxlen: 24
185.45.193.0/24 maxlen: 24
185.45.194.0/24 maxlen: 24
185.45.195.0/24 maxlen: 24
185.106.121.0/24 maxlen: 24
185.244.148.0/24 maxlen: 24
185.106.120.0/24 maxlen: 24
185.244.150.0/24 maxlen: 24
185.106.123.0/24 maxlen: 24
185.244.149.0/24 maxlen: 24
185.106.122.0/24 maxlen: 24
185.244.151.0/24 maxlen: 24
212.8.251.0/24 maxlen: 24
2a05:9341::/32 maxlen: 32
2a0e:df40::/32 maxlen: 32
2a05:9342::/32 maxlen: 32
2a04:dd00::/29 maxlen: 29
2a06:3d80::/29 maxlen: 29
2a04:dd01::/32 maxlen: 32
2a05:9340::/32 maxlen: 32
2a04:dd00::/32 maxlen: 32
2a03:660::/32 maxlen: 32
2a04:dd02::/32 maxlen: 32
2a05:9340::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:50:31:25:45:31:04:eb:05:b0:f0:b6:27:fb:8e:4c:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94948e5f2fa04b222a6e96883b840f7124531556
Validity
Not Before: Feb 14 13:50:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9c33244b1da65577fd6f982d3a88cecb749e29d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:06:9b:9d:ae:80:d7:89:83:ec:1e:b8:59:67:
5f:09:a3:97:45:db:93:6e:a0:1c:a0:b3:45:13:63:
73:66:ea:90:26:50:4e:35:53:8e:81:f9:4c:fa:fd:
a0:b8:8c:cc:85:76:9e:24:4c:46:bd:ef:71:16:c4:
e7:74:24:68:d4:5e:53:ee:1d:cd:c5:30:98:08:16:
e2:bb:86:da:9a:ec:48:9d:80:45:c2:56:91:4d:f8:
c1:4a:03:01:e1:c5:57:ea:59:0b:0e:af:13:b5:7f:
b5:7b:67:05:39:f2:10:32:8f:91:d3:7d:e9:fa:f6:
4a:96:40:be:c9:da:da:02:64:67:9d:51:83:a5:dd:
3e:4a:fa:bb:bd:51:59:0c:7a:c4:2a:55:3d:0e:89:
ef:3b:83:51:34:b6:9e:23:4a:ce:a3:32:a2:c4:cc:
11:c5:39:85:d2:81:84:13:6d:f4:cc:0a:6d:b4:1a:
d8:f3:31:54:12:d8:01:00:71:ce:42:51:35:5f:de:
dd:90:f0:e8:15:37:40:f5:7b:ca:03:62:bb:6f:84:
d6:cf:ff:1b:0f:8d:56:c6:58:4d:de:67:e9:4e:88:
8c:a9:7d:d2:60:6a:0c:88:db:03:e6:78:ea:96:06:
f1:55:e7:c7:11:8a:2f:9a:5d:3d:41:61:8a:01:6b:
9c:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:C3:32:44:B1:DA:65:57:7F:D6:F9:82:D3:A8:8C:EC:B7:49:E2:9D
X509v3 Authority Key Identifier:
keyid:94:94:8E:5F:2F:A0:4B:22:2A:6E:96:88:3B:84:0F:71:24:53:15:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lJSOXy-gSyIqbpaIO4QPcSRTFVY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/ycMyRLHaZVd_1vmC06iM7LdJ4p0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/lJSOXy-gSyIqbpaIO4QPcSRTFVY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.45.192.0/22
185.82.200.0/22
185.106.120.0/22
185.117.72.0/22
185.141.24.0/23
185.141.27.0/24
185.183.96.0/22
185.198.56.0/22
185.244.148.0/22
188.116.36.0/24
194.36.188.0/22
212.8.251.0/24
IPv6:
2a03:660::/32
2a04:dd00::/29
2a05:9340::/29
2a06:3d80::/29
2a0e:df40::/32
Signature Algorithm: sha256WithRSAEncryption
35:a7:87:a9:a0:9f:9e:90:fe:9a:ae:da:dd:0f:fd:d6:18:cf:
92:04:1c:bc:18:62:99:3e:51:0c:82:b0:c8:ea:ef:19:e1:51:
ab:24:20:f7:27:63:d9:ff:d1:17:2a:3d:2b:49:5d:61:4a:74:
46:71:80:6c:52:71:40:3d:ff:09:ad:75:bc:7c:f5:02:f8:6e:
eb:7c:fe:68:67:8e:f6:92:f8:c9:6e:f3:66:23:c5:90:1f:5a:
17:af:3a:0a:5c:ad:25:b7:ce:2e:31:18:93:a6:3d:ea:47:3b:
df:c3:d6:91:a7:c9:52:1f:d8:0a:72:c0:ca:42:a3:9e:94:9f:
51:da:9d:6b:1b:3e:bf:51:91:af:68:cb:d3:bf:eb:1b:2f:bc:
56:92:45:f2:c3:6f:94:e5:16:95:21:88:89:d1:4c:d5:44:15:
72:5f:05:d7:c7:e9:57:5a:24:19:f7:9f:ef:85:35:0e:9d:bc:
de:bb:a2:c1:16:2f:ba:00:d6:6c:fa:a3:07:3c:b6:59:b5:e6:
dd:23:6e:5a:45:8c:79:01:66:f2:eb:ed:d7:51:c7:16:d5:72:
17:d0:14:cf:d2:08:d7:96:20:7a:d6:77:3b:dc:0d:a3:26:af:
33:4b:5c:48:b6:36:1a:78:2f:b5:0f:b8:3b:55:e4:a0:32:dd:
e4:e5:5b:78
-----BEGIN CERTIFICATE-----
MIIFazCCBFOgAwIBAgISAYZQMSVFMQTrBbDwtif7jkxKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0OTQ4ZTVmMmZhMDRiMjIyYTZlOTY4ODNiODQwZjcxMjQ1
MzE1NTYwHhcNMjMwMjE0MTM1MDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWMzMzI0NGIxZGE2NTU3N2ZkNmY5ODJkM2E4OGNlY2I3NDllMjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwAabna6A14mD7B64WWdfCaOXRduT
bqAcoLNFE2NzZuqQJlBONVOOgflM+v2guIzMhXaeJExGve9xFsTndCRo1F5T7h3N
xTCYCBbiu4bamuxInYBFwlaRTfjBSgMB4cVX6lkLDq8TtX+1e2cFOfIQMo+R033p
+vZKlkC+ydraAmRnnVGDpd0+Svq7vVFZDHrEKlU9DonvO4NRNLaeI0rOozKixMwR
xTmF0oGEE230zApttBrY8zFUEtgBAHHOQlE1X97dkPDoFTdA9XvKA2K7b4TWz/8b
D41WxlhN3mfpToiMqX3SYGoMiNsD5njqlgbxVefHEYovml09QWGKAWucxQIDAQAB
o4ICdzCCAnMwHQYDVR0OBBYEFMnDMkSx2mVXf9b5gtOojOy3SeKdMB8GA1UdIwQY
MBaAFJSUjl8voEsiKm6WiDuED3EkUxVWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEpTT1h5LWdTeUlxYnBhSU80UVBjU1JURlZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9lYzQ4YmUtOTI1MC00ZjdjLTljODct
NjQxYjhlNjBkM2UyLzEveWNNeVJMSGFaVmRfMXZtQzA2aU03TGRKNHAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9lYzQ4YmUtOTI1MC00ZjdjLTljODctNjQxYjhlNjBkM2Uy
LzEvbEpTT1h5LWdTeUlxYnBhSU80UVBjU1JURlZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGMBggrBgEFBQcBBwEB/wR9MHswTgQCAAEwSAMEArktwAME
ArlSyAMEArlqeAMEArl1SAMEAbmNGAMEALmNGwMEArm3YAMEArnGOAMEArn0lAME
ALx0JAMEAsIkvAMEANQI+zApBAIAAjAjAwUAKgMGYAMFAyoE3QADBQMqBZNAAwUD
KgY9gAMFACoO30AwDQYJKoZIhvcNAQELBQADggEBADWnh6mgn56Q/pqu2t0P/dYY
z5IEHLwYYpk+UQyCsMjq7xnhUaskIPcnY9n/0RcqPStJXWFKdEZxgGxScUA9/wmt
dbx89QL4but8/mhnjvaS+Mlu82YjxZAfWhevOgpcrSW3zi4xGJOmPepHO9/D1pGn
yVIf2ApywMpCo56Un1HanWsbPr9Rka9oy9O/6xsvvFaSRfLDb5TlFpUhiInRTNVE
FXJfBdfH6VdaJBn3n++FNQ6dvN67osEWL7oA1mz6owc8tlm15t0jblpFjHkBZvLr
7ddRxxbVchfQFM/SCNeWIHrWdzvcDaMmrzNLXEi2Nhp4L7UPuDtV5KAy3eTlW3g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:50 2024 by rpki-client on console-ams.rpki-client.org