Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/KtTSdtiHdaPC4REEspo8pBA0ybY.roa
File: KtTSdtiHdaPC4REEspo8pBA0ybY.roa (raw, json)
Hash identifier: t4tJhYX4JWkYFzsou3d326lZbs5+xFCgO9yEyCVMX2M=
Subject key identifier: 2A:D4:D2:76:D8:87:75:A3:C2:E1:11:04:B2:9A:3C:A4:10:34:C9:B6
Certificate issuer: /CN=c61953c08980adc94f2fa3a3c1ba95c40d21e7d3
Certificate serial: 0190BAD19070F0AB8A1F470DA2C5A3612415
Authority key identifier: C6:19:53:C0:89:80:AD:C9:4F:2F:A3:A3:C1:BA:95:C4:0D:21:E7:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhlTwImArclPL6OjwbqVxA0h59M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/KtTSdtiHdaPC4REEspo8pBA0ybY.roa
Signing time: Tue 16 Jul 2024 09:13:34 +0000
ROA not before: Tue 16 Jul 2024 09:13:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1820
IP address blocks: 31.223.224.0/21 maxlen: 32
82.117.244.0/24 maxlen: 32
85.90.211.0/24 maxlen: 32
91.226.1.0/24 maxlen: 32
185.16.228.0/22 maxlen: 32
185.45.244.0/22 maxlen: 32
185.170.192.0/22 maxlen: 32
193.16.47.0/24 maxlen: 32
193.104.182.0/24 maxlen: 32
195.66.93.0/24 maxlen: 32
195.177.72.0/22 maxlen: 32
212.110.134.0/23 maxlen: 32
212.110.142.0/23 maxlen: 32
212.110.152.0/23 maxlen: 32
2a00:6180::/29 maxlen: 128
2a13:8800::/29 maxlen: 128
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ba:d1:90:70:f0:ab:8a:1f:47:0d:a2:c5:a3:61:24:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c61953c08980adc94f2fa3a3c1ba95c40d21e7d3
Validity
Not Before: Jul 16 09:13:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2ad4d276d88775a3c2e11104b29a3ca41034c9b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:96:68:c6:0b:36:24:2f:d3:be:40:29:fe:50:
bd:64:31:85:ba:05:5b:c8:1b:9e:1a:4d:c9:5a:72:
e6:a2:cd:ea:41:be:68:ca:20:33:f6:1a:86:78:36:
77:40:21:20:f2:64:7f:d5:bd:fb:bc:25:fd:6b:d6:
6b:ec:8c:1c:41:37:f3:95:4e:61:95:f1:3c:8c:bf:
ff:2b:bb:2f:be:12:86:25:f4:e8:31:69:1c:fa:12:
c8:7c:f6:88:8b:76:a4:48:2e:c6:c7:0e:c9:4d:e7:
8b:cf:b7:ca:5c:78:94:ac:fa:6a:4f:65:32:14:c6:
16:c3:22:8e:81:5d:74:c0:13:3b:12:c6:f4:fe:bd:
58:74:49:45:0e:f5:a0:83:f1:a3:18:f9:38:62:d8:
58:9c:12:5a:d6:4b:f5:b3:8e:98:7c:e2:6d:e6:60:
40:6b:30:23:dc:31:8d:69:69:1d:38:d8:46:ef:a4:
f5:fd:d9:5b:8b:37:cc:59:77:06:65:87:ee:29:4e:
cf:fd:d4:0e:3e:09:28:d7:90:05:57:d6:6a:5e:9c:
77:0e:f1:cf:d5:a1:b8:d6:0c:18:a9:1d:f9:b7:57:
9b:ca:cc:ff:70:69:26:d2:91:ca:ba:0c:8a:f7:c4:
79:99:48:77:2b:0e:3e:36:99:4b:75:2d:11:9c:d5:
77:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:D4:D2:76:D8:87:75:A3:C2:E1:11:04:B2:9A:3C:A4:10:34:C9:B6
X509v3 Authority Key Identifier:
keyid:C6:19:53:C0:89:80:AD:C9:4F:2F:A3:A3:C1:BA:95:C4:0D:21:E7:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhlTwImArclPL6OjwbqVxA0h59M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/KtTSdtiHdaPC4REEspo8pBA0ybY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/xhlTwImArclPL6OjwbqVxA0h59M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.223.224.0/21
82.117.244.0/24
85.90.211.0/24
91.226.1.0/24
185.16.228.0/22
185.45.244.0/22
185.170.192.0/22
193.16.47.0/24
193.104.182.0/24
195.66.93.0/24
195.177.72.0/22
212.110.134.0/23
212.110.142.0/23
212.110.152.0/23
IPv6:
2a00:6180::/29
2a13:8800::/29
Signature Algorithm: sha256WithRSAEncryption
32:a5:87:33:38:df:9d:6d:77:6b:31:bc:4b:18:69:7f:38:1a:
4e:93:cb:fa:0a:c8:c3:46:eb:c8:01:c4:70:30:00:70:3e:88:
90:09:9e:5f:65:dc:71:5d:a3:b0:82:59:93:e1:b3:04:85:d6:
e8:d6:5f:74:14:88:87:3a:fc:12:c1:09:34:5e:fe:16:5c:f3:
3f:ce:d5:c8:a1:5d:c7:86:91:34:6c:b3:cf:e7:0b:8a:24:fd:
66:3c:75:19:b1:75:cc:ac:a3:fb:de:0f:c2:46:08:29:b9:1e:
95:c7:b9:f0:cb:0f:95:5b:e4:9a:1d:c8:e8:41:e1:62:fe:c5:
83:f9:9c:e5:3f:c9:f3:c7:44:be:a9:44:4e:58:0a:3c:34:48:
c3:f2:65:a8:91:fc:7e:b3:19:e7:90:e6:b5:ea:cd:b1:d1:3f:
7a:42:fc:11:0f:a9:e6:b3:58:df:33:9b:f5:cf:f0:18:ac:6a:
8e:ad:a6:7a:cd:6b:f5:bc:03:89:b3:6f:6c:07:b4:a1:eb:5b:
4c:23:e1:52:ea:c0:8e:79:db:ab:e1:45:d3:7d:e5:22:00:41:
26:d0:74:8d:91:ad:81:93:30:bc:a7:6f:85:42:23:45:d3:15:
1a:2e:e8:6e:49:2b:f3:5b:18:4f:4b:e3:a8:b3:dd:0c:83:f2:
97:62:56:3f
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAZC60ZBw8KuKH0cNosWjYSQVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTk1M2MwODk4MGFkYzk0ZjJmYTNhM2MxYmE5NWM0MGQy
MWU3ZDMwHhcNMjQwNzE2MDkxMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWQ0ZDI3NmQ4ODc3NWEzYzJlMTExMDRiMjlhM2NhNDEwMzRjOWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZZoxgs2JC/TvkAp/lC9ZDGFugVb
yBueGk3JWnLmos3qQb5oyiAz9hqGeDZ3QCEg8mR/1b37vCX9a9Zr7IwcQTfzlU5h
lfE8jL//K7svvhKGJfToMWkc+hLIfPaIi3akSC7Gxw7JTeeLz7fKXHiUrPpqT2Uy
FMYWwyKOgV10wBM7Esb0/r1YdElFDvWgg/GjGPk4YthYnBJa1kv1s46YfOJt5mBA
azAj3DGNaWkdONhG76T1/dlbizfMWXcGZYfuKU7P/dQOPgko15AFV9ZqXpx3DvHP
1aG41gwYqR35t1ebysz/cGkm0pHKugyK98R5mUh3Kw4+NplLdS0RnNV3bQIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFCrU0nbYh3WjwuERBLKaPKQQNMm2MB8GA1UdIwQY
MBaAFMYZU8CJgK3JTy+jo8G6lcQNIefTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhsVHdJbUFyY2xQTDZPandicVZ4QTBoNTlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9lMDEyODUtNjYwZC00Y2QyLWFkMWYt
NjI1MjQ1YTAwYWJmLzEvS3RUU2R0aUhkYVBDNFJFRXNwbzhwQkEweWJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9lMDEyODUtNjYwZC00Y2QyLWFkMWYtNjI1MjQ1YTAwYWJm
LzEveGhsVHdJbUFyY2xQTDZPandicVZ4QTBoNTlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwWgQCAAEwVAMEAx/f4AME
AFJ19AMEAFVa0wMEAFviAQMEArkQ5AMEArkt9AMEArmqwAMEAMEQLwMEAMFotgME
AMNCXQMEAsOxSAMEAdRuhgMEAdRujgMEAdRumDAUBAIAAjAOAwUDKgBhgAMFAyoT
iAAwDQYJKoZIhvcNAQELBQADggEBADKlhzM4351td2sxvEsYaX84Gk6Ty/oKyMNG
68gBxHAwAHA+iJAJnl9l3HFdo7CCWZPhswSF1ujWX3QUiIc6/BLBCTRe/hZc8z/O
1cihXceGkTRss8/nC4ok/WY8dRmxdcyso/veD8JGCCm5HpXHufDLD5Vb5JodyOhB
4WL+xYP5nOU/yfPHRL6pRE5YCjw0SMPyZaiR/H6zGeeQ5rXqzbHRP3pC/BEPqeaz
WN8zm/XP8Bisao6tpnrNa/W8A4mzb2wHtKHrW0wj4VLqwI5526vhRdN95SIAQSbQ
dI2RrYGTMLynb4VCI0XTFRou6G5JK/NbGE9L46iz3QyD8pdiVj8=
-----END CERTIFICATE-----
Generated at Wed Sep 11 15:34:14 2024 by rpki-client on console-fra.rpki-client.org