Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/hZbd8NRcPV502LBsFvbpY5sVHDU.roa
File: hZbd8NRcPV502LBsFvbpY5sVHDU.roa (raw, json)
Hash identifier: 8ZlYvPZB3fub37UGeGnlchs1gbI/KijeLTfjHLsoySA=
Subject key identifier: 85:96:DD:F0:D4:5C:3D:5E:74:D8:B0:6C:16:F6:E9:63:9B:15:1C:35
Certificate issuer: /CN=b0c20ae1dacca31815b274702927c1a5a9dbc7b3
Certificate serial: 018322E9FD1BF21B3EB9CC6C268A6B8E18BD
Authority key identifier: B0:C2:0A:E1:DA:CC:A3:18:15:B2:74:70:29:27:C1:A5:A9:DB:C7:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sMIK4drMoxgVsnRwKSfBpanbx7M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/hZbd8NRcPV502LBsFvbpY5sVHDU.roa
Signing time: Fri 09 Sep 2022 15:41:43 +0000
ROA not before: Fri 09 Sep 2022 15:41:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6718
IP address blocks: 91.208.75.0/24 maxlen: 24
91.250.242.0/24 maxlen: 24
193.32.28.0/24 maxlen: 24
128.0.34.0/24 maxlen: 24
128.0.33.0/24 maxlen: 24
128.0.36.0/24 maxlen: 24
91.239.230.0/24 maxlen: 24
185.36.252.0/24 maxlen: 24
5.154.224.0/24 maxlen: 24
91.216.8.0/24 maxlen: 24
2a05:1c04::/32 maxlen: 32
2a05:1c00::/32 maxlen: 32
2a05:1c02::/32 maxlen: 32
2a00:ece0::/32 maxlen: 32
2a05:1c03::/32 maxlen: 32
2a04:6c80::/48 maxlen: 48
2a05:1c01::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:22:e9:fd:1b:f2:1b:3e:b9:cc:6c:26:8a:6b:8e:18:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0c20ae1dacca31815b274702927c1a5a9dbc7b3
Validity
Not Before: Sep 9 15:41:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8596ddf0d45c3d5e74d8b06c16f6e9639b151c35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:06:27:bb:69:b9:d4:4a:a3:42:e3:a9:20:85:
7a:fc:f8:f0:db:94:64:6a:d4:b5:58:d6:08:11:14:
94:ef:5c:a4:f9:97:f1:5f:8b:d7:03:00:fb:d0:13:
56:d6:76:ed:0d:43:c6:3f:1d:9a:9b:5f:91:c4:62:
a2:d3:f9:8a:57:f9:98:36:a6:32:f7:eb:c4:87:0a:
b6:4d:7d:33:9f:b7:42:03:c3:60:1d:55:e2:60:37:
31:9b:47:de:39:02:c9:29:64:d5:1e:76:1d:0b:f9:
43:8d:58:c5:24:6c:04:7e:f1:8a:81:6d:3f:1f:db:
6b:f2:06:5e:5f:50:52:14:8c:9a:9d:5e:03:52:ff:
51:86:31:a2:60:74:6b:b9:69:c8:ec:ac:d8:0a:9d:
1c:f2:40:c7:9a:9f:13:68:58:a1:ab:5b:9e:67:ec:
39:d3:6a:4f:85:36:07:f8:85:d0:6d:c7:ca:30:9b:
19:29:b2:6d:ea:ef:fd:7d:f4:48:48:4d:46:e5:3c:
9e:7e:39:28:73:f0:41:11:45:f7:84:0e:41:f2:f0:
ab:67:a2:f4:a8:ba:89:d8:bb:5a:8d:42:ba:0b:5e:
ad:e2:86:cf:27:98:4b:31:f4:23:7a:cb:d1:5a:58:
02:75:51:46:6e:44:af:68:24:9a:fb:76:de:cf:73:
ec:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:96:DD:F0:D4:5C:3D:5E:74:D8:B0:6C:16:F6:E9:63:9B:15:1C:35
X509v3 Authority Key Identifier:
keyid:B0:C2:0A:E1:DA:CC:A3:18:15:B2:74:70:29:27:C1:A5:A9:DB:C7:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sMIK4drMoxgVsnRwKSfBpanbx7M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/hZbd8NRcPV502LBsFvbpY5sVHDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/sMIK4drMoxgVsnRwKSfBpanbx7M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.224.0/24
91.208.75.0/24
91.216.8.0/24
91.239.230.0/24
91.250.242.0/24
128.0.33.0-128.0.34.255
128.0.36.0/24
185.36.252.0/24
193.32.28.0/24
IPv6:
2a00:ece0::/32
2a04:6c80::/48
2a05:1c00::-2a05:1c04:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
65:ca:3c:6f:13:ad:46:28:a0:5a:1d:31:9c:a4:fb:79:98:46:
a3:3a:ba:33:54:ed:4e:1e:cb:99:f2:d3:d9:d7:f8:f5:df:70:
4f:0d:2a:f2:2c:63:0f:21:40:f4:46:da:87:6c:42:48:f8:1d:
0c:2b:f0:c2:1f:a3:3f:20:f5:e2:fd:09:2f:ba:d7:3a:d3:7d:
30:6f:03:69:34:24:05:3f:29:cc:78:c2:95:18:40:7e:29:b3:
7f:15:be:01:11:33:1c:bb:c6:2b:81:08:ac:84:e5:d3:4b:12:
ca:73:9c:20:07:25:e8:80:71:ab:b4:46:2d:15:58:a7:50:84:
6f:ed:26:c2:71:3e:93:65:ca:af:6d:67:dc:58:86:e5:0f:03:
b0:c1:5a:6a:36:67:c1:a1:c6:e0:0b:86:62:a0:b9:f9:e4:84:
d3:f4:53:94:d0:92:32:68:bd:05:5f:49:c8:72:76:54:2e:a1:
1c:f4:02:0c:48:8c:81:9a:68:88:ee:f4:97:9c:4a:28:d3:87:
96:51:52:94:69:1a:70:da:90:11:bb:09:b1:ee:7a:ea:81:f8:
f8:24:76:96:a8:79:37:2f:6e:e9:15:98:99:1e:71:ac:d2:c7:
6c:a9:89:0c:cf:ad:e1:f8:97:84:16:d4:f0:89:c8:3a:f6:72:
b4:c7:1b:13
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgISAYMi6f0b8hs+ucxsJoprjhi9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYzIwYWUxZGFjY2EzMTgxNWIyNzQ3MDI5MjdjMWE1YTlk
YmM3YjMwHhcNMjIwOTA5MTU0MTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTk2ZGRmMGQ0NWMzZDVlNzRkOGIwNmMxNmY2ZTk2MzliMTUxYzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhgYnu2m51EqjQuOpIIV6/Pjw25Rk
atS1WNYIERSU71yk+ZfxX4vXAwD70BNW1nbtDUPGPx2am1+RxGKi0/mKV/mYNqYy
9+vEhwq2TX0zn7dCA8NgHVXiYDcxm0feOQLJKWTVHnYdC/lDjVjFJGwEfvGKgW0/
H9tr8gZeX1BSFIyanV4DUv9RhjGiYHRruWnI7KzYCp0c8kDHmp8TaFihq1ueZ+w5
02pPhTYH+IXQbcfKMJsZKbJt6u/9ffRISE1G5Tyefjkoc/BBEUX3hA5B8vCrZ6L0
qLqJ2LtajUK6C16t4obPJ5hLMfQjesvRWlgCdVFGbkSvaCSa+3bez3PspwIDAQAB
o4ICaDCCAmQwHQYDVR0OBBYEFIWW3fDUXD1edNiwbBb26WObFRw1MB8GA1UdIwQY
MBaAFLDCCuHazKMYFbJ0cCknwaWp28ezMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc01JSzRkck1veGdWc25Sd0tTZkJwYW5ieDdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ODg4NjktN2E2NS00MTViLWI2OGYt
NTQ4NDQwMmNlYjdhLzEvaFpiZDhOUmNQVjUwMkxCc0Z2YnBZNXNWSERVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ODg4NjktN2E2NS00MTViLWI2OGYtNTQ4NDQwMmNlYjdh
LzEvc01JSzRkck1veGdWc25Sd0tTZkJwYW5ieDdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH4GCCsGAQUFBwEHAQH/BG8wbTBEBAIAATA+AwQABZrgAwQA
W9BLAwQAW9gIAwQAW+/mAwQAW/ryMAwDBACAACEDBACAACIDBACAACQDBAC5JPwD
BADBIBwwJQQCAAIwHwMFACoA7OADBwAqBGyAAAAwDQMEAioFHAMFACoFHAQwDQYJ
KoZIhvcNAQELBQADggEBAGXKPG8TrUYooFodMZyk+3mYRqM6ujNU7U4ey5ny09nX
+PXfcE8NKvIsYw8hQPRG2odsQkj4HQwr8MIfoz8g9eL9CS+61zrTfTBvA2k0JAU/
Kcx4wpUYQH4ps38VvgERMxy7xiuBCKyE5dNLEspznCAHJeiAcau0Ri0VWKdQhG/t
JsJxPpNlyq9tZ9xYhuUPA7DBWmo2Z8GhxuALhmKgufnkhNP0U5TQkjJovQVfSchy
dlQuoRz0AgxIjIGaaIju9JecSijTh5ZRUpRpGnDakBG7CbHueuqB+PgkdpaoeTcv
bukVmJkecazSx2ypiQzPreH4l4QW1PCJyDr2crTHGxM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:08 2024 by rpki-client on console-ams.rpki-client.org