Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/3d2d7b-2c5c-498f-85bf-285ec8fe8ec6/1/hUts5L92Ks-vwgzRy65tfc_NhTw.roa
File: hUts5L92Ks-vwgzRy65tfc_NhTw.roa (raw, json)
Hash identifier: 9PddQ6zza9RW4p9ZBEVGAAK/zb03d+DyyOlr80Oe0M4=
Subject key identifier: 85:4B:6C:E4:BF:76:2A:CF:AF:C2:0C:D1:CB:AE:6D:7D:CF:CD:85:3C
Certificate issuer: /CN=7dbacb1fc2c2063042781631b517ce475233a2bd
Certificate serial: 131A2F64
Authority key identifier: 7D:BA:CB:1F:C2:C2:06:30:42:78:16:31:B5:17:CE:47:52:33:A2:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fbrLH8LCBjBCeBYxtRfOR1Izor0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/3d2d7b-2c5c-498f-85bf-285ec8fe8ec6/1/hUts5L92Ks-vwgzRy65tfc_NhTw.roa
Signing time: Sat 01 Jan 2022 07:52:55 +0000
ROA not before: Sat 01 Jan 2022 07:52:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207903
IP address blocks: 185.88.64.0/24 maxlen: 24
185.88.64.0/22 maxlen: 22
185.88.65.0/24 maxlen: 24
185.88.67.0/24 maxlen: 24
185.88.66.0/24 maxlen: 24
45.81.171.0/24 maxlen: 24
45.81.170.0/24 maxlen: 24
45.81.169.0/24 maxlen: 24
45.81.168.0/24 maxlen: 24
45.81.168.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 320483172 (0x131a2f64)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7dbacb1fc2c2063042781631b517ce475233a2bd
Validity
Not Before: Jan 1 07:52:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=854b6ce4bf762acfafc20cd1cbae6d7dcfcd853c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:dd:bf:a8:cb:c5:19:42:bb:7a:5a:d9:a4:5c:
92:ce:c4:83:a6:9c:90:05:f9:c1:e3:19:73:e8:48:
91:ee:eb:94:74:0f:5a:cc:74:e3:03:c1:a8:fd:73:
bb:ae:6c:b5:e3:52:9f:76:77:cd:7b:18:f6:c1:3e:
9e:be:0e:ff:69:46:47:62:e5:50:34:c2:ba:cf:7d:
57:b9:1e:25:91:40:b3:97:97:a4:3a:4f:43:81:a4:
9d:87:90:c4:83:aa:82:45:86:c0:64:d4:25:f0:df:
ad:6b:7e:21:05:01:47:56:93:71:4b:09:fb:31:74:
d1:f8:40:23:9e:a3:15:e5:e2:7b:e0:69:72:df:3f:
2a:14:7b:96:20:3e:1b:0b:5a:e9:fb:68:30:0d:12:
c1:53:9d:35:6b:20:84:6e:2f:d3:c1:e6:a4:e3:86:
3e:c1:af:08:08:f4:be:1c:bc:5e:12:2d:b3:18:e8:
11:75:f0:c7:06:75:b2:1c:fd:b0:61:c5:01:63:ec:
05:f6:86:86:a1:84:7e:5a:c1:f9:7b:78:b7:5b:06:
c8:99:35:c4:53:71:4c:97:21:d2:38:c1:1c:2c:7e:
7d:9a:67:e0:ae:f3:d3:5e:3c:5c:24:ff:59:35:fc:
a7:f2:f5:41:50:e9:d5:a1:ff:68:e0:e7:46:67:37:
b6:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:4B:6C:E4:BF:76:2A:CF:AF:C2:0C:D1:CB:AE:6D:7D:CF:CD:85:3C
X509v3 Authority Key Identifier:
keyid:7D:BA:CB:1F:C2:C2:06:30:42:78:16:31:B5:17:CE:47:52:33:A2:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fbrLH8LCBjBCeBYxtRfOR1Izor0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/3d2d7b-2c5c-498f-85bf-285ec8fe8ec6/1/hUts5L92Ks-vwgzRy65tfc_NhTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/3d2d7b-2c5c-498f-85bf-285ec8fe8ec6/1/fbrLH8LCBjBCeBYxtRfOR1Izor0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.168.0/22
185.88.64.0/22
Signature Algorithm: sha256WithRSAEncryption
01:33:44:14:53:2c:6d:1f:2a:92:a3:52:32:1f:aa:73:e3:3a:
67:07:0d:41:0a:7c:f7:ea:d2:74:91:8f:26:94:ee:7c:45:5a:
c3:92:64:9f:a7:62:5d:ca:a3:dc:b9:6a:96:7d:2a:d8:bc:88:
da:3f:87:2b:1d:0c:22:1a:0c:63:ae:c0:a0:ee:fa:c9:2c:3c:
94:6a:9f:0a:e7:b4:c8:eb:ec:7c:69:6b:f6:27:2a:be:88:03:
49:aa:95:a4:cc:29:42:00:40:9e:62:71:fe:20:3e:2a:0b:eb:
1d:00:89:07:9a:7d:8e:40:f2:be:34:f0:e9:bf:9f:02:c9:26:
58:ce:9f:66:04:1e:8b:d3:58:37:1a:14:40:63:38:f0:66:4b:
ad:7c:ea:81:3b:4b:f4:b6:b1:da:4f:70:00:a7:66:fd:ad:fc:
d0:2e:a3:1a:ec:bf:34:d1:43:d4:e4:cc:f9:61:10:5a:5c:04:
03:87:c4:48:99:28:16:ae:04:6e:56:bd:1f:29:06:7e:38:5c:
ec:3a:31:8a:51:af:9b:e9:16:b1:83:05:20:22:53:20:f6:1f:
a9:6d:94:31:73:f8:cc:73:fa:a5:ab:d5:55:90:5d:aa:0f:05:
a0:1b:ce:bb:3b:d7:23:c6:f8:f6:87:fd:fa:c9:c3:09:28:86:
1f:b7:cc:8e
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEExovZDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZGJhY2IxZmMyYzIwNjMwNDI3ODE2MzFiNTE3Y2U0NzUyMzNhMmJkMB4XDTIyMDEw
MTA3NTI1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODU0YjZjZTRiZjc2
MmFjZmFmYzIwY2QxY2JhZTZkN2RjZmNkODUzYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALXdv6jLxRlCu3pa2aRcks7Eg6ackAX5weMZc+hIke7rlHQP
Wsx04wPBqP1zu65steNSn3Z3zXsY9sE+nr4O/2lGR2LlUDTCus99V7keJZFAs5eX
pDpPQ4GknYeQxIOqgkWGwGTUJfDfrWt+IQUBR1aTcUsJ+zF00fhAI56jFeXie+Bp
ct8/KhR7liA+Gwta6ftoMA0SwVOdNWsghG4v08HmpOOGPsGvCAj0vhy8XhItsxjo
EXXwxwZ1shz9sGHFAWPsBfaGhqGEflrB+Xt4t1sGyJk1xFNxTJch0jjBHCx+fZpn
4K7z0148XCT/WTX8p/L1QVDp1aH/aODnRmc3tv8CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSFS2zkv3Yqz6/CDNHLrm19z82FPDAfBgNVHSMEGDAWgBR9ussfwsIGMEJ4
FjG1F85HUjOivTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZickxIOExDQmpCQ2VCWXh0UmZPUjFJem9yMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDgvM2QyZDdiLTJjNWMtNDk4Zi04NWJmLTI4NWVjOGZlOGVjNi8x
L2hVdHM1TDkyS3MtdndnelJ5NjV0ZmNfTmhUdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDgv
M2QyZDdiLTJjNWMtNDk4Zi04NWJmLTI4NWVjOGZlOGVjNi8xL2ZickxIOExDQmpC
Q2VCWXh0UmZPUjFJem9yMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAi1RqAMEArlYQDANBgkqhkiG9w0B
AQsFAAOCAQEAATNEFFMsbR8qkqNSMh+qc+M6ZwcNQQp89+rSdJGPJpTufEVaw5Jk
n6diXcqj3Llqln0q2LyI2j+HKx0MIhoMY67AoO76ySw8lGqfCue0yOvsfGlr9icq
vogDSaqVpMwpQgBAnmJx/iA+KgvrHQCJB5p9jkDyvjTw6b+fAskmWM6fZgQei9NY
NxoUQGM48GZLrXzqgTtL9Lax2k9wAKdm/a380C6jGuy/NNFD1OTM+WEQWlwEA4fE
SJkoFq4Ebla9HykGfjhc7DoxilGvm+kWsYMFICJTIPYfqW2UMXP4zHP6pavVVZBd
qg8FoBvOuzvXI8b49of9+snDCSiGH7fMjg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:57 2024 by rpki-client on console-ams.rpki-client.org