Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/8d7e7c-db7a-465f-8032-255100f2016a/1/iP2PUb-85MpuRo826R95rDCIxu8.roa
File: iP2PUb-85MpuRo826R95rDCIxu8.roa (raw, json)
Hash identifier: YBp5VxQVgBfWGwwYI8s7o7ymTNXGbiNpActDyG7fmqI=
Subject key identifier: 88:FD:8F:51:BF:BC:E4:CA:6E:46:8F:36:E9:1F:79:AC:30:88:C6:EF
Certificate issuer: /CN=073a6d3de5c125c1fe8b5fbe89584656e5861a2d
Certificate serial: 01856BDC750E6B18A42FE28FEE8844AF5AA9
Authority key identifier: 07:3A:6D:3D:E5:C1:25:C1:FE:8B:5F:BE:89:58:46:56:E5:86:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BzptPeXBJcH-i1--iVhGVuWGGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/8d7e7c-db7a-465f-8032-255100f2016a/1/iP2PUb-85MpuRo826R95rDCIxu8.roa
Signing time: Sun 01 Jan 2023 05:44:47 +0000
ROA not before: Sun 01 Jan 2023 05:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39405
IP address blocks: 185.246.25.0/24 maxlen: 24
185.116.128.0/22 maxlen: 24
185.117.16.0/22 maxlen: 24
193.84.73.0/24 maxlen: 24
185.244.72.0/22 maxlen: 24
45.153.92.0/22 maxlen: 22
185.224.35.0/24 maxlen: 24
185.224.34.0/24 maxlen: 24
185.224.33.0/24 maxlen: 24
185.224.32.0/24 maxlen: 24
185.246.24.0/24 maxlen: 24
185.253.92.0/22 maxlen: 24
141.0.200.0/21 maxlen: 24
185.249.184.0/22 maxlen: 24
185.227.0.0/22 maxlen: 24
185.246.96.0/22 maxlen: 24
93.93.40.0/21 maxlen: 24
45.145.112.0/22 maxlen: 22
185.247.86.0/23 maxlen: 24
2a01:6600::/32 maxlen: 32
2a0c:4400::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:dc:75:0e:6b:18:a4:2f:e2:8f:ee:88:44:af:5a:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=073a6d3de5c125c1fe8b5fbe89584656e5861a2d
Validity
Not Before: Jan 1 05:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88fd8f51bfbce4ca6e468f36e91f79ac3088c6ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ed:94:f5:41:6c:24:6e:47:1f:c2:bd:91:01:
c1:4e:2f:c8:f6:c3:b1:69:5f:51:8b:3d:8d:70:32:
b1:3f:c9:1a:b4:0d:46:69:61:0e:c6:9b:a2:4a:f6:
cf:ee:47:44:59:4d:7d:d8:9a:70:14:1e:90:88:d9:
23:de:5a:bc:08:0e:13:9f:7f:21:f0:2f:a3:6b:42:
c2:81:9f:d2:9d:06:0f:0d:6d:2b:55:3a:4a:87:19:
41:fa:5e:ed:6e:02:18:a7:b1:e8:7f:8e:d3:fe:3b:
b2:41:35:35:09:a6:40:78:89:28:ef:8f:cc:8d:17:
6d:c4:81:4d:ee:8f:41:03:05:d0:fb:a4:f1:48:ce:
2f:a6:85:7e:4a:95:42:dd:b8:84:db:84:87:d8:e0:
2b:67:3e:49:f6:0c:06:80:6f:93:e6:f1:85:83:b9:
09:d3:d8:89:b9:7d:bb:ea:81:2d:db:6a:eb:ce:f1:
2f:a9:52:08:60:e7:31:ff:59:63:e1:2f:60:33:0b:
98:f2:db:bc:5b:46:78:6d:69:b4:46:d5:f6:ed:2a:
2f:42:59:3e:d9:88:6e:92:e8:b0:8c:a5:c4:89:d8:
92:65:66:c9:5f:6f:d2:8a:80:5e:1e:10:b9:66:9c:
8e:7d:f7:d4:fb:a8:c9:ce:ee:93:f9:33:9a:4d:c4:
58:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:FD:8F:51:BF:BC:E4:CA:6E:46:8F:36:E9:1F:79:AC:30:88:C6:EF
X509v3 Authority Key Identifier:
keyid:07:3A:6D:3D:E5:C1:25:C1:FE:8B:5F:BE:89:58:46:56:E5:86:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BzptPeXBJcH-i1--iVhGVuWGGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/8d7e7c-db7a-465f-8032-255100f2016a/1/iP2PUb-85MpuRo826R95rDCIxu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/8d7e7c-db7a-465f-8032-255100f2016a/1/BzptPeXBJcH-i1--iVhGVuWGGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.112.0/22
45.153.92.0/22
93.93.40.0/21
141.0.200.0/21
185.116.128.0/22
185.117.16.0/22
185.224.32.0/22
185.227.0.0/22
185.244.72.0/22
185.246.24.0/23
185.246.96.0/22
185.247.86.0/23
185.249.184.0/22
185.253.92.0/22
193.84.73.0/24
IPv6:
2a01:6600::/32
2a0c:4400::/32
Signature Algorithm: sha256WithRSAEncryption
0a:bd:39:ce:b9:ed:df:38:2d:cb:94:b7:f2:00:a5:de:e4:21:
44:1f:6f:e6:0b:cd:05:46:e8:d1:82:4c:19:7e:d6:95:0e:ce:
df:e4:7a:2e:d6:7a:65:67:9d:0a:d7:d9:2f:ed:c9:9f:d8:8f:
ec:ee:c5:a1:3b:04:b9:6f:37:42:e4:64:7b:a2:3a:fc:71:84:
92:63:6e:f4:30:9c:3e:18:b3:8b:0a:4c:cf:9b:a9:ce:94:d6:
62:90:c0:80:ab:86:e2:5b:1d:6a:03:a3:c0:bd:d2:6d:e2:52:
45:d9:07:54:27:87:6b:78:41:1f:89:1f:b2:8e:bf:e5:82:e9:
0b:80:c4:e0:71:55:9e:2b:a7:33:91:9a:bc:ba:bb:6d:e2:b8:
17:c4:66:01:25:f1:31:37:08:99:f1:96:ea:ed:7d:fa:1b:5c:
05:c9:83:f6:c4:9f:4f:58:ad:e3:6b:ce:65:ed:32:ae:df:f9:
79:bd:83:d4:16:3a:78:ca:10:34:2b:f0:d2:25:1d:92:ad:39:
72:fe:ad:26:0d:9c:49:0c:cb:8a:87:0c:26:ec:4b:9f:df:38:
24:90:b4:c7:39:91:71:79:82:52:5b:97:20:2e:fa:17:ee:d0:
65:6a:d6:58:27:d1:3e:03:45:74:8b:1a:90:82:e6:61:46:da:
17:fc:33:97
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAYVr3HUOaxikL+KP7ohEr1qpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3M2E2ZDNkZTVjMTI1YzFmZThiNWZiZTg5NTg0NjU2ZTU4
NjFhMmQwHhcNMjMwMTAxMDU0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGZkOGY1MWJmYmNlNGNhNmU0NjhmMzZlOTFmNzlhYzMwODhjNmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+2U9UFsJG5HH8K9kQHBTi/I9sOx
aV9Riz2NcDKxP8katA1GaWEOxpuiSvbP7kdEWU192JpwFB6QiNkj3lq8CA4Tn38h
8C+ja0LCgZ/SnQYPDW0rVTpKhxlB+l7tbgIYp7Hof47T/juyQTU1CaZAeIko74/M
jRdtxIFN7o9BAwXQ+6TxSM4vpoV+SpVC3biE24SH2OArZz5J9gwGgG+T5vGFg7kJ
09iJuX276oEt22rrzvEvqVIIYOcx/1lj4S9gMwuY8tu8W0Z4bWm0RtX27SovQlk+
2YhukuiwjKXEidiSZWbJX2/SioBeHhC5ZpyOfffU+6jJzu6T+TOaTcRY0QIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFIj9j1G/vOTKbkaPNukfeawwiMbvMB8GA1UdIwQY
MBaAFAc6bT3lwSXB/otfvolYRlblhhotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnpwdFBlWEJKY0gtaTEtLWlWaEdWdVdHR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS84ZDdlN2MtZGI3YS00NjVmLTgwMzIt
MjU1MTAwZjIwMTZhLzEvaVAyUFViLTg1TXB1Um84MjZSOTVyRENJeHU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS84ZDdlN2MtZGI3YS00NjVmLTgwMzItMjU1MTAwZjIwMTZh
LzEvQnpwdFBlWEJKY0gtaTEtLWlWaEdWdVdHR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwYAQCAAEwWgMEAi2RcAME
Ai2ZXAMEA11dKAMEA40AyAMEArl0gAMEArl1EAMEArngIAMEArnjAAMEArn0SAME
Abn2GAMEArn2YAMEAbn3VgMEArn5uAMEArn9XAMEAMFUSTAUBAIAAjAOAwUAKgFm
AAMFACoMRAAwDQYJKoZIhvcNAQELBQADggEBAAq9Oc657d84LcuUt/IApd7kIUQf
b+YLzQVG6NGCTBl+1pUOzt/kei7WemVnnQrX2S/tyZ/Yj+zuxaE7BLlvN0LkZHui
OvxxhJJjbvQwnD4Ys4sKTM+bqc6U1mKQwICrhuJbHWoDo8C90m3iUkXZB1Qnh2t4
QR+JH7KOv+WC6QuAxOBxVZ4rpzORmry6u23iuBfEZgEl8TE3CJnxlurtffobXAXJ
g/bEn09YreNrzmXtMq7f+Xm9g9QWOnjKEDQr8NIlHZKtOXL+rSYNnEkMy4qHDCbs
S5/fOCSQtMc5kXF5glJblyAu+hfu0GVq1lgn0T4DRXSLGpCC5mFG2hf8M5c=
-----END CERTIFICATE-----
Generated at Wed Dec 6 11:10:10 2023 by rpki-client on console-fra.rpki-client.org