Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/3d2d7b-2c5c-498f-85bf-285ec8fe8ec6/1/s1FF90QHA-cMAlLt5lEF6_V2PL0.roa
File: s1FF90QHA-cMAlLt5lEF6_V2PL0.roa (raw, json)
Hash identifier: UJzfKEF3QhNu1Vj5yvxEHwH7M5ZpEx4tmx0RnkCZUt4=
Subject key identifier: B3:51:45:F7:44:07:03:E7:0C:02:52:ED:E6:51:05:EB:F5:76:3C:BD
Certificate issuer: /CN=7dbacb1fc2c2063042781631b517ce475233a2bd
Certificate serial: 018C5E8557C4DA838B34BCBAF24655CEBAF2
Authority key identifier: 7D:BA:CB:1F:C2:C2:06:30:42:78:16:31:B5:17:CE:47:52:33:A2:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fbrLH8LCBjBCeBYxtRfOR1Izor0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/3d2d7b-2c5c-498f-85bf-285ec8fe8ec6/1/s1FF90QHA-cMAlLt5lEF6_V2PL0.roa
Signing time: Tue 12 Dec 2023 14:54:06 +0000
ROA not before: Tue 12 Dec 2023 14:54:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207903
IP address blocks: 185.88.64.0/24 maxlen: 24
185.88.64.0/22 maxlen: 22
185.88.65.0/24 maxlen: 24
185.88.67.0/24 maxlen: 24
185.88.66.0/24 maxlen: 24
45.81.170.0/24 maxlen: 24
45.81.169.0/24 maxlen: 24
45.81.168.0/24 maxlen: 24
45.81.171.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5e:85:57:c4:da:83:8b:34:bc:ba:f2:46:55:ce:ba:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7dbacb1fc2c2063042781631b517ce475233a2bd
Validity
Not Before: Dec 12 14:54:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b35145f7440703e70c0252ede65105ebf5763cbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:27:bf:ed:1a:fb:66:7b:9a:5e:a8:72:02:3f:
4f:c6:ad:8b:41:ba:cc:76:6b:7c:f7:97:8f:a8:24:
06:09:f8:bc:08:8c:ed:39:f7:0e:41:84:39:5d:a1:
cb:ea:fa:66:f6:62:7c:d2:b1:5b:48:39:f1:24:c8:
c5:99:70:f6:97:58:6e:e8:70:c0:cc:a9:6f:d9:3b:
b8:b6:69:55:98:2d:52:17:e7:da:c0:bf:f8:2b:c4:
13:d3:f4:66:b9:c9:e2:61:8d:1b:4d:8d:87:18:49:
23:b6:39:eb:c7:45:54:2f:d0:9e:3a:7f:62:2e:ba:
8b:0d:cd:a9:0d:c1:17:ac:df:51:1c:6f:9e:f9:c9:
d5:d6:c2:a7:0b:8a:10:42:73:66:ca:f9:c8:6e:7e:
14:cc:5c:bb:a5:3b:ff:e5:f7:8c:01:e8:02:99:d9:
de:d4:d7:88:45:85:d3:e0:34:cd:17:09:a5:1a:64:
1e:62:0f:d7:e0:66:d9:f5:26:80:de:47:b2:7a:4b:
02:ec:17:8d:19:ab:fd:b4:a0:ef:5b:6c:e7:fb:f4:
c6:b4:b3:c5:87:26:d5:77:49:8c:26:fc:94:75:7a:
85:59:04:20:e8:9f:ca:a5:f6:fd:a3:5c:3a:cf:67:
e2:58:b6:41:01:d7:a0:53:b7:8a:77:da:df:0a:78:
29:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:51:45:F7:44:07:03:E7:0C:02:52:ED:E6:51:05:EB:F5:76:3C:BD
X509v3 Authority Key Identifier:
keyid:7D:BA:CB:1F:C2:C2:06:30:42:78:16:31:B5:17:CE:47:52:33:A2:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fbrLH8LCBjBCeBYxtRfOR1Izor0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/3d2d7b-2c5c-498f-85bf-285ec8fe8ec6/1/s1FF90QHA-cMAlLt5lEF6_V2PL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/3d2d7b-2c5c-498f-85bf-285ec8fe8ec6/1/fbrLH8LCBjBCeBYxtRfOR1Izor0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.168.0/22
185.88.64.0/22
Signature Algorithm: sha256WithRSAEncryption
18:ae:69:42:05:3b:cd:ba:99:aa:f6:cd:7b:79:7c:2c:c1:bd:
c9:fa:a8:e7:f0:d3:69:3d:4f:bd:ad:3a:9f:ed:08:06:31:2f:
e0:87:53:76:50:14:48:c6:67:cf:bc:b1:d0:b1:7b:89:8c:66:
2f:c1:5e:f9:6c:cc:c4:30:ea:42:2e:7e:35:71:c1:3b:74:2c:
77:41:12:3d:5a:35:eb:66:df:cc:2b:cc:01:b3:5a:92:c3:b0:
d8:55:37:5f:a2:cc:21:f6:1d:7d:ca:92:8c:2b:2d:4a:05:94:
29:c9:4d:a8:39:2f:89:be:ff:74:83:e5:98:19:3d:5d:ad:a8:
bc:0d:bb:ba:55:f9:d1:f4:64:ac:19:b2:86:4c:9f:37:00:e9:
02:78:36:a2:20:69:6a:72:0e:7e:9b:ac:87:05:f8:7a:90:b5:
72:99:ae:7f:79:20:25:11:1b:75:ee:ba:a4:7a:98:00:9e:15:
61:db:ef:1e:10:bd:f0:5e:5a:d1:74:e0:74:30:e8:94:8a:93:
36:69:52:1c:44:c5:ee:bb:5b:2f:e2:e6:37:e6:bc:28:4b:c0:
ad:a6:9c:66:9f:a8:6d:37:b5:95:f8:42:cc:cd:38:b1:59:e1:
b1:63:b9:37:40:df:e6:0f:21:ee:e8:54:6a:a0:a9:04:9f:f2:
b3:51:e4:68
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYxehVfE2oOLNLy68kZVzrryMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYmFjYjFmYzJjMjA2MzA0Mjc4MTYzMWI1MTdjZTQ3NTIz
M2EyYmQwHhcNMjMxMjEyMTQ1NDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzUxNDVmNzQ0MDcwM2U3MGMwMjUyZWRlNjUxMDVlYmY1NzYzY2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCe/7Rr7ZnuaXqhyAj9Pxq2LQbrM
dmt895ePqCQGCfi8CIztOfcOQYQ5XaHL6vpm9mJ80rFbSDnxJMjFmXD2l1hu6HDA
zKlv2Tu4tmlVmC1SF+fawL/4K8QT0/RmucniYY0bTY2HGEkjtjnrx0VUL9CeOn9i
LrqLDc2pDcEXrN9RHG+e+cnV1sKnC4oQQnNmyvnIbn4UzFy7pTv/5feMAegCmdne
1NeIRYXT4DTNFwmlGmQeYg/X4GbZ9SaA3keyeksC7BeNGav9tKDvW2zn+/TGtLPF
hybVd0mMJvyUdXqFWQQg6J/Kpfb9o1w6z2fiWLZBAdegU7eKd9rfCngpOwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLNRRfdEBwPnDAJS7eZRBev1djy9MB8GA1UdIwQY
MBaAFH26yx/CwgYwQngWMbUXzkdSM6K9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmJyTEg4TENCakJDZUJZeHRSZk9SMUl6b3IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zZDJkN2ItMmM1Yy00OThmLTg1YmYt
Mjg1ZWM4ZmU4ZWM2LzEvczFGRjkwUUhBLWNNQWxMdDVsRUY2X1YyUEwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zZDJkN2ItMmM1Yy00OThmLTg1YmYtMjg1ZWM4ZmU4ZWM2
LzEvZmJyTEg4TENCakJDZUJZeHRSZk9SMUl6b3IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLVGoAwQC
uVhAMA0GCSqGSIb3DQEBCwUAA4IBAQAYrmlCBTvNupmq9s17eXwswb3J+qjn8NNp
PU+9rTqf7QgGMS/gh1N2UBRIxmfPvLHQsXuJjGYvwV75bMzEMOpCLn41ccE7dCx3
QRI9WjXrZt/MK8wBs1qSw7DYVTdfoswh9h19ypKMKy1KBZQpyU2oOS+Jvv90g+WY
GT1drai8Dbu6VfnR9GSsGbKGTJ83AOkCeDaiIGlqcg5+m6yHBfh6kLVyma5/eSAl
ERt17rqkepgAnhVh2+8eEL3wXlrRdOB0MOiUipM2aVIcRMXuu1sv4uY35rwoS8Ct
ppxmn6htN7WV+ELMzTixWeGxY7k3QN/mDyHu6FRqoKkEn/KzUeRo
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:57 2024 by rpki-client on console-ams.rpki-client.org