Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/tD2puw-hcoxqgKwcUH-7YLduNa0.roa
File: tD2puw-hcoxqgKwcUH-7YLduNa0.roa (raw, json)
Hash identifier: LOJMVcyXBOOSAJYdY0nJbu5rB0dF610vuOmc3a7Z2HA=
Subject key identifier: B4:3D:A9:BB:0F:A1:72:8C:6A:80:AC:1C:50:7F:BB:60:B7:6E:35:AD
Certificate issuer: /CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
Certificate serial: 018601F439F78CA458364DC729C8581DBC24
Authority key identifier: 08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/tD2puw-hcoxqgKwcUH-7YLduNa0.roa
Signing time: Mon 30 Jan 2023 09:13:48 +0000
ROA not before: Mon 30 Jan 2023 09:13:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44285
IP address blocks: 45.140.224.0/22 maxlen: 22
45.87.4.0/22 maxlen: 22
45.9.253.0/24 maxlen: 24
45.9.252.0/24 maxlen: 24
45.9.254.0/24 maxlen: 24
185.18.213.0/24 maxlen: 24
185.18.212.0/22 maxlen: 22
185.18.212.0/24 maxlen: 24
185.18.215.0/24 maxlen: 24
185.18.214.0/24 maxlen: 24
37.32.32.0/24 maxlen: 24
37.32.33.0/24 maxlen: 24
37.32.32.0/21 maxlen: 21
37.32.32.0/22 maxlen: 22
37.32.36.0/22 maxlen: 22
37.32.37.0/24 maxlen: 24
37.32.38.0/24 maxlen: 24
37.32.36.0/24 maxlen: 24
37.32.35.0/24 maxlen: 24
37.32.34.0/24 maxlen: 24
37.75.246.0/24 maxlen: 24
37.75.245.0/24 maxlen: 24
37.75.244.0/24 maxlen: 24
37.75.244.0/22 maxlen: 22
37.75.243.0/24 maxlen: 24
37.32.39.0/24 maxlen: 24
37.75.247.0/24 maxlen: 24
195.110.38.0/24 maxlen: 24
195.110.38.0/23 maxlen: 23
195.110.39.0/24 maxlen: 24
185.182.250.0/24 maxlen: 24
185.182.250.0/23 maxlen: 23
185.182.248.0/22 maxlen: 22
185.182.248.0/23 maxlen: 23
185.182.251.0/24 maxlen: 24
91.236.168.0/23 maxlen: 23
91.236.169.0/24 maxlen: 24
91.236.168.0/24 maxlen: 24
185.51.201.0/24 maxlen: 24
185.51.200.0/24 maxlen: 24
185.51.203.0/24 maxlen: 24
185.51.202.0/24 maxlen: 24
46.28.74.0/24 maxlen: 24
46.28.73.0/24 maxlen: 24
46.28.72.0/24 maxlen: 24
46.28.72.0/21 maxlen: 24
86.57.120.0/23 maxlen: 23
86.57.122.0/23 maxlen: 23
185.121.128.0/22 maxlen: 24
185.121.128.0/24 maxlen: 24
185.121.131.0/24 maxlen: 24
185.121.130.0/24 maxlen: 24
185.121.129.0/24 maxlen: 24
88.135.38.0/24 maxlen: 24
88.135.37.0/24 maxlen: 24
185.141.132.0/24 maxlen: 24
185.141.134.0/24 maxlen: 24
185.141.133.0/24 maxlen: 24
185.141.135.0/24 maxlen: 24
86.57.96.0/20 maxlen: 20
86.57.112.0/23 maxlen: 23
86.57.114.0/23 maxlen: 23
86.57.116.0/22 maxlen: 22
217.172.124.0/23 maxlen: 23
217.172.120.0/21 maxlen: 24
217.172.127.0/24 maxlen: 24
217.172.126.0/23 maxlen: 23
84.47.226.0/24 maxlen: 24
84.47.224.0/22 maxlen: 22
84.47.225.0/24 maxlen: 24
84.47.224.0/21 maxlen: 21
84.47.224.0/24 maxlen: 24
188.209.152.0/23 maxlen: 23
84.47.231.0/24 maxlen: 24
84.47.227.0/24 maxlen: 24
84.47.230.0/24 maxlen: 24
84.47.229.0/24 maxlen: 24
84.47.228.0/24 maxlen: 24
84.47.228.0/22 maxlen: 22
88.135.39.0/24 maxlen: 24
185.128.138.0/24 maxlen: 24
185.128.137.0/24 maxlen: 24
185.128.136.0/24 maxlen: 24
185.128.139.0/24 maxlen: 24
2a02:828::/32 maxlen: 32
2a02:829::/32 maxlen: 32
2a02:828::/29 maxlen: 29
2a02:82b::/32 maxlen: 32
2a02:828::/64 maxlen: 64
2a02:828::/48 maxlen: 48
2a02:82e::/32 maxlen: 32
2a02:82c::/32 maxlen: 32
2a02:82f::/32 maxlen: 32
2a02:828:1::/48 maxlen: 48
2a02:82d::/32 maxlen: 32
2a02:82a::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:01:f4:39:f7:8c:a4:58:36:4d:c7:29:c8:58:1d:bc:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
Validity
Not Before: Jan 30 09:13:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b43da9bb0fa1728c6a80ac1c507fbb60b76e35ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:69:97:96:27:ab:43:61:c6:0b:7b:50:b3:8e:
36:23:a8:42:69:cd:79:71:62:52:36:1a:51:c5:63:
74:b3:ad:c7:06:b1:eb:e3:6e:f1:1d:f8:69:87:79:
83:43:2b:19:28:1d:49:35:16:e1:92:96:ae:1f:90:
18:bb:fe:5f:4a:c1:d9:46:7d:84:2e:1b:52:28:36:
27:63:75:0d:f4:79:5a:03:9b:0b:23:46:1d:d9:28:
bb:7a:55:08:15:b5:94:d6:e3:d4:84:91:0f:35:60:
cc:bb:22:ec:aa:74:8c:5f:fd:6b:0f:bb:36:e1:48:
75:fe:08:b2:cc:7d:38:8a:19:d9:dc:1f:b5:ea:78:
b3:4e:bb:8b:08:b4:e6:71:8a:7d:76:cd:41:82:86:
53:f9:b3:12:ca:ff:29:db:e5:4c:a5:6f:3f:6a:6a:
e8:1b:54:24:33:ea:50:d1:49:d8:22:75:a9:a4:48:
a2:cd:cc:d5:80:90:6d:d8:d2:6a:51:53:06:de:2c:
d8:2f:7f:b8:a4:27:8f:12:d7:fb:da:39:67:d7:4b:
54:fc:ef:bf:15:8e:b9:c2:82:89:a1:b5:1c:11:24:
6f:48:4b:b9:8d:bd:ca:d2:b8:d3:b9:fa:75:63:8e:
f0:c3:08:51:67:19:19:11:be:19:80:5b:1a:1d:f7:
c6:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:3D:A9:BB:0F:A1:72:8C:6A:80:AC:1C:50:7F:BB:60:B7:6E:35:AD
X509v3 Authority Key Identifier:
keyid:08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/tD2puw-hcoxqgKwcUH-7YLduNa0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/CBt6IuUc-5z4QgXkRJmYrVXY8GU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.32.0/21
37.75.243.0-37.75.247.255
45.9.252.0-45.9.254.255
45.87.4.0/22
45.140.224.0/22
46.28.72.0/21
84.47.224.0/21
86.57.96.0-86.57.123.255
88.135.37.0-88.135.39.255
91.236.168.0/23
185.18.212.0/22
185.51.200.0/22
185.121.128.0/22
185.128.136.0/22
185.141.132.0/22
185.182.248.0/22
188.209.152.0/23
195.110.38.0/23
217.172.120.0/21
IPv6:
2a02:828::/29
Signature Algorithm: sha256WithRSAEncryption
45:5f:6d:ad:85:ec:79:68:c8:c1:a2:4c:2b:98:49:d0:52:3f:
4f:0d:c7:b0:9c:e0:b7:f0:2a:8c:f5:2a:4f:f0:6b:65:8a:af:
5a:40:1b:eb:f4:39:71:8a:01:87:30:8f:5f:12:d0:b2:74:88:
b2:a5:b7:ad:76:30:2c:64:0c:0d:9d:e9:db:b3:2c:a3:d8:dc:
40:c3:69:21:20:e3:3b:60:44:f1:44:f3:e9:80:19:f0:2b:a0:
d9:50:6f:3b:25:5e:40:73:b7:fc:85:87:9e:20:ed:02:25:16:
29:f3:83:27:31:c5:46:a6:49:39:ec:97:cb:cc:a2:64:e4:87:
e3:97:e9:8c:2e:69:12:c0:e5:db:3c:aa:6e:2c:38:5b:45:ee:
d8:9c:f3:4a:9c:47:ec:8d:9b:f3:f3:33:65:e2:8a:09:0d:d7:
48:a2:fc:8d:f9:30:0c:17:8f:f8:94:23:d7:49:93:d5:87:29:
ac:35:8a:e5:01:e8:43:2d:ab:fa:d9:83:30:14:44:c0:4f:86:
e0:fb:3b:4b:5d:7c:b7:a7:26:95:45:8e:96:4d:88:1f:dd:e7:
81:7d:50:44:c6:b8:62:db:df:9f:3b:00:32:1c:da:42:75:ed:
7d:e2:b3:d8:c5:f8:93:ff:06:21:50:95:26:fe:da:67:ab:84:
52:10:5f:3c
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgISAYYB9Dn3jKRYNk3HKchYHbwkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MWI3YTIyZTUxY2ZiOWNmODQyMDVlNDQ0OTk5OGFkNTVk
OGYwNjUwHhcNMjMwMTMwMDkxMzQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDNkYTliYjBmYTE3MjhjNmE4MGFjMWM1MDdmYmI2MGI3NmUzNWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWmXlierQ2HGC3tQs442I6hCac15
cWJSNhpRxWN0s63HBrHr427xHfhph3mDQysZKB1JNRbhkpauH5AYu/5fSsHZRn2E
LhtSKDYnY3UN9HlaA5sLI0Yd2Si7elUIFbWU1uPUhJEPNWDMuyLsqnSMX/1rD7s2
4Uh1/giyzH04ihnZ3B+16nizTruLCLTmcYp9ds1BgoZT+bMSyv8p2+VMpW8/amro
G1QkM+pQ0UnYInWppEiizczVgJBt2NJqUVMG3izYL3+4pCePEtf72jln10tU/O+/
FY65woKJobUcESRvSEu5jb3K0rjTufp1Y47wwwhRZxkZEb4ZgFsaHffGCwIDAQAB
o4ICqTCCAqUwHQYDVR0OBBYEFLQ9qbsPoXKMaoCsHFB/u2C3bjWtMB8GA1UdIwQY
MBaAFAgbeiLlHPuc+EIF5ESZmK1V2PBlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0J0Nkl1VWMtNXo0UWdYa1JKbVlyVlhZOEdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9jNTE1YzktZGYwOC00MjZjLTgwZTYt
MDM2NzI2OGZmODcxLzEvdEQycHV3LWhjb3hxZ0t3Y1VILTdZTGR1TmEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9jNTE1YzktZGYwOC00MjZjLTgwZTYtMDM2NzI2OGZmODcx
LzEvQ0J0Nkl1VWMtNXo0UWdYa1JKbVlyVlhZOEdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG+BggrBgEFBQcBBwEB/wSBrjCBqzCBmQQCAAEwgZIDBAMl
ICAwDAMEACVL8wMEAyVL8DAMAwQCLQn8AwQALQn+AwQCLVcEAwQCLYzgAwQDLhxI
AwQDVC/gMAwDBAVWOWADBAJWOXgwDAMEAFiHJQMEA1iHIAMEAVvsqAMEArkS1AME
ArkzyAMEArl5gAMEArmAiAMEArmNhAMEArm2+AMEAbzRmAMEAcNuJgMEA9mseDAN
BAIAAjAHAwUDKgIIKDANBgkqhkiG9w0BAQsFAAOCAQEARV9trYXseWjIwaJMK5hJ
0FI/Tw3HsJzgt/AqjPUqT/BrZYqvWkAb6/Q5cYoBhzCPXxLQsnSIsqW3rXYwLGQM
DZ3p27Mso9jcQMNpISDjO2BE8UTz6YAZ8Cug2VBvOyVeQHO3/IWHniDtAiUWKfOD
JzHFRqZJOeyXy8yiZOSH45fpjC5pEsDl2zyqbiw4W0Xu2JzzSpxH7I2b8/MzZeKK
CQ3XSKL8jfkwDBeP+JQj10mT1YcprDWK5QHoQy2r+tmDMBREwE+G4Ps7S118t6cm
lUWOlk2IH93ngX1QRMa4YtvfnzsAMhzaQnXtfeKz2MX4k/8GIVCVJv7aZ6uEUhBf
PA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:31 2025 by rpki-client