Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/LYtpIMT5-tear7SViYN36vTKPRg.roa
File: LYtpIMT5-tear7SViYN36vTKPRg.roa (raw, json)
Hash identifier: ysiBXRToKNa4Zse/9yHYtQPsr67jxw02KyxGqItJacI=
Subject key identifier: 2D:8B:69:20:C4:F9:FA:D7:9A:AF:B4:95:89:83:77:EA:F4:CA:3D:18
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0184A4D24AF788317250C69D884BB839643A
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/LYtpIMT5-tear7SViYN36vTKPRg.roa
Signing time: Wed 23 Nov 2022 14:09:15 +0000
ROA not before: Wed 23 Nov 2022 14:09:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200740
IP address blocks: 94.142.136.0/23 maxlen: 23
94.142.137.0/24 maxlen: 24
94.142.136.0/24 maxlen: 24
185.103.252.0/24 maxlen: 24
185.117.116.0/24 maxlen: 24
185.103.253.0/24 maxlen: 24
185.103.252.0/23 maxlen: 23
45.9.72.0/24 maxlen: 24
185.233.80.0/23 maxlen: 23
185.233.82.0/24 maxlen: 24
185.102.136.0/24 maxlen: 24
185.252.144.0/24 maxlen: 24
185.103.254.0/24 maxlen: 24
185.117.119.0/24 maxlen: 24
185.103.255.0/24 maxlen: 24
185.103.254.0/23 maxlen: 23
185.40.7.0/24 maxlen: 24
194.36.178.0/23 maxlen: 23
185.233.202.0/23 maxlen: 23
185.232.170.0/23 maxlen: 23
185.94.164.0/24 maxlen: 24
185.200.190.0/24 maxlen: 24
185.94.164.0/23 maxlen: 23
185.94.165.0/24 maxlen: 24
91.217.76.0/24 maxlen: 24
46.17.105.0/24 maxlen: 24
2a04:5200:68::/48 maxlen: 48
2a0d:2cc4::/31 maxlen: 31
2a04:5201:2::/48 maxlen: 48
2a04:5201:7::/48 maxlen: 48
2a04:5201:8018::/48 maxlen: 48
2a04:5201:4::/48 maxlen: 48
2a0d:2cc2::/31 maxlen: 31
2a04:5201:6::/48 maxlen: 48
2a0d:2cc0::/31 maxlen: 31
2a0d:2cc6::/31 maxlen: 31
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a4:d2:4a:f7:88:31:72:50:c6:9d:88:4b:b8:39:64:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Nov 23 14:09:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2d8b6920c4f9fad79aafb495898377eaf4ca3d18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:49:e9:bb:9a:10:98:c6:6b:89:34:1c:80:b4:
af:9e:3a:d2:35:4d:bf:a7:2b:a7:6b:d2:9d:2e:13:
35:e1:1b:c5:3e:b3:b9:03:d1:1d:81:70:96:b6:3b:
9b:97:53:26:88:78:67:e0:f2:70:6e:cf:08:74:86:
fa:09:20:ea:81:03:5e:73:f4:cc:d5:8a:7b:7f:85:
66:3b:77:83:21:61:fa:7d:7d:5b:62:cf:76:32:53:
88:60:6a:1d:4a:0a:2f:8f:76:d7:39:38:2b:84:bf:
a5:89:0c:69:8a:51:1e:9c:cd:c2:b7:ca:eb:ee:47:
88:d4:7f:40:b4:8b:76:30:a3:cd:db:4f:0b:36:3d:
29:81:18:63:03:3c:3a:c5:28:90:89:4f:2e:30:85:
e7:42:f6:3b:21:03:fc:2e:67:8b:41:ea:8b:d9:56:
f4:8a:27:9d:12:7a:e5:09:b3:0b:1c:50:ed:c7:a4:
11:2c:9a:31:ce:37:f5:30:44:8f:93:9a:e0:bc:8e:
2e:ae:0b:32:e6:bd:d0:74:a0:66:32:7e:bf:22:fd:
5f:27:5a:13:08:ca:20:0e:81:5a:8f:68:4a:9b:5d:
a3:2a:65:5e:a5:c8:1e:9c:60:3f:98:72:c8:be:0a:
b3:68:3e:d8:83:f7:03:9a:da:fa:58:53:63:43:4c:
33:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:8B:69:20:C4:F9:FA:D7:9A:AF:B4:95:89:83:77:EA:F4:CA:3D:18
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/LYtpIMT5-tear7SViYN36vTKPRg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.72.0/24
46.17.105.0/24
91.217.76.0/24
94.142.136.0/23
185.40.7.0/24
185.94.164.0/23
185.102.136.0/24
185.103.252.0/22
185.117.116.0/24
185.117.119.0/24
185.200.190.0/24
185.232.170.0/23
185.233.80.0-185.233.82.255
185.233.202.0/23
185.252.144.0/24
194.36.178.0/23
IPv6:
2a04:5200:68::/48
2a04:5201:2::/48
2a04:5201:4::/48
2a04:5201:6::/47
2a04:5201:8018::/48
2a0d:2cc0::/29
Signature Algorithm: sha256WithRSAEncryption
57:36:80:9e:fc:1a:c7:fa:d3:9a:01:92:53:90:f8:91:b9:33:
15:78:74:bd:bb:f5:1b:1c:8f:46:c0:fe:f2:b8:8b:50:b9:ff:
2c:2d:71:62:87:1b:8a:cb:fa:41:69:66:cb:62:ee:aa:ed:6a:
3e:5a:84:36:c8:81:2e:4a:25:b7:27:01:97:75:0b:b5:25:68:
f5:b0:82:b3:5e:f3:03:6c:76:f4:3a:cc:10:73:49:e2:a6:02:
64:ae:05:85:15:cb:a1:ad:20:26:86:28:b8:c7:5f:db:5d:d5:
b5:5f:64:56:3e:6c:7a:9a:01:61:56:7b:73:ab:e7:7a:86:90:
ff:e3:6c:e0:eb:4a:76:4e:65:f0:fe:57:ee:bd:76:67:b9:a9:
9b:35:e0:de:fc:b2:5b:03:6d:75:29:d3:65:e2:26:83:dd:f9:
e8:7c:b7:17:eb:cb:ad:de:af:d7:86:d1:65:a6:3a:97:0a:36:
f6:d9:83:e5:76:42:34:62:ff:94:4a:58:9d:57:a1:a7:16:8f:
28:fa:3d:3b:c0:20:89:6f:b2:b8:23:cd:aa:c6:6b:80:fb:49:
fb:21:97:09:d8:29:cf:52:af:a3:df:e4:44:e7:66:9c:5f:c7:
14:2b:07:5d:47:11:e2:d4:b9:57:89:a1:84:53:a5:e7:cb:9d:
15:36:75:a8
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgISAYSk0kr3iDFyUMadiEu4OWQ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjIxMTIzMTQwOTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDhiNjkyMGM0ZjlmYWQ3OWFhZmI0OTU4OTgzNzdlYWY0Y2EzZDE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUnpu5oQmMZriTQcgLSvnjrSNU2/
pyuna9KdLhM14RvFPrO5A9EdgXCWtjubl1MmiHhn4PJwbs8IdIb6CSDqgQNec/TM
1Yp7f4VmO3eDIWH6fX1bYs92MlOIYGodSgovj3bXOTgrhL+liQxpilEenM3Ct8rr
7keI1H9AtIt2MKPN208LNj0pgRhjAzw6xSiQiU8uMIXnQvY7IQP8LmeLQeqL2Vb0
iiedEnrlCbMLHFDtx6QRLJoxzjf1MESPk5rgvI4urgsy5r3QdKBmMn6/Iv1fJ1oT
CMogDoFaj2hKm12jKmVepcgenGA/mHLIvgqzaD7Yg/cDmtr6WFNjQ0wzlQIDAQAB
o4ICqjCCAqYwHQYDVR0OBBYEFC2LaSDE+frXmq+0lYmDd+r0yj0YMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvTFl0cElNVDUtdGVhcjdTVmlZTjM2dlRLUFJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG/BggrBgEFBQcBBwEB/wSBrzCBrDBuBAIAATBoAwQALQlI
AwQALhFpAwQAW9lMAwQBXo6IAwQAuSgHAwQBuV6kAwQAuWaIAwQCuWf8AwQAuXV0
AwQAuXV3AwQAuci+AwQBueiqMAwDBAS56VADBAC56VIDBAG56coDBAC5/JADBAHC
JLIwOgQCAAIwNAMHACoEUgAAaAMHACoEUgEAAgMHACoEUgEABAMHASoEUgEABgMH
ACoEUgGAGAMFAyoNLMAwDQYJKoZIhvcNAQELBQADggEBAFc2gJ78Gsf605oBklOQ
+JG5MxV4dL279Rscj0bA/vK4i1C5/ywtcWKHG4rL+kFpZsti7qrtaj5ahDbIgS5K
JbcnAZd1C7UlaPWwgrNe8wNsdvQ6zBBzSeKmAmSuBYUVy6GtICaGKLjHX9td1bVf
ZFY+bHqaAWFWe3Or53qGkP/jbODrSnZOZfD+V+69dme5qZs14N78slsDbXUp02Xi
JoPd+eh8txfry63er9eG0WWmOpcKNvbZg+V2QjRi/5RKWJ1XoacWjyj6PTvAIIlv
srgjzarGa4D7SfshlwnYKc9Sr6Pf5ETnZpxfxxQrB11HEeLUuVeJoYRTpefLnRU2
dag=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:10 2024 by rpki-client on console-ams.rpki-client.org