Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/HY1dWz9ti-YKAIRCLOhmKqDX7NE.roa
File: HY1dWz9ti-YKAIRCLOhmKqDX7NE.roa (raw, json)
Hash identifier: QGW6Sa+c0vSUurwbs2wb1ges4YBPMPwvRew+w7cx1ek=
Subject key identifier: 1D:8D:5D:5B:3F:6D:8B:E6:0A:00:84:42:2C:E8:66:2A:A0:D7:EC:D1
Certificate issuer: /CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Certificate serial: 37F28BE7
Authority key identifier: E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/HY1dWz9ti-YKAIRCLOhmKqDX7NE.roa
Signing time: Tue 15 Mar 2022 13:43:09 +0000
ROA not before: Tue 15 Mar 2022 13:43:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5400
IP address blocks: 213.9.138.0/24 maxlen: 24
213.9.148.0/24 maxlen: 24
213.9.160.0/24 maxlen: 24
212.49.175.0/24 maxlen: 24
212.49.181.0/24 maxlen: 24
212.49.190.0/24 maxlen: 24
212.49.191.0/24 maxlen: 24
212.163.40.0/24 maxlen: 24
213.9.232.0/24 maxlen: 24
212.163.55.0/24 maxlen: 24
213.9.173.0/24 maxlen: 24
213.9.177.0/24 maxlen: 24
213.9.188.0/24 maxlen: 24
212.163.3.0/24 maxlen: 24
212.163.6.0/24 maxlen: 24
212.163.24.0/24 maxlen: 24
212.163.169.0/24 maxlen: 24
212.163.174.0/24 maxlen: 24
212.163.194.0/24 maxlen: 24
212.163.141.0/24 maxlen: 24
212.49.131.0/24 maxlen: 24
212.49.142.0/24 maxlen: 24
212.49.147.0/24 maxlen: 24
212.49.163.0/24 maxlen: 24
212.49.167.0/24 maxlen: 24
212.49.168.0/24 maxlen: 24
212.163.206.0/24 maxlen: 24
212.163.215.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 938642407 (0x37f28be7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Validity
Not Before: Mar 15 13:43:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1d8d5d5b3f6d8be60a0084422ce8662aa0d7ecd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:16:2c:78:11:40:9d:56:b0:b1:99:48:8e:37:
30:44:f8:cd:24:5c:47:5d:b3:77:f5:91:ba:60:6f:
b5:0e:d5:18:a5:3b:bf:7a:2e:60:d7:de:79:58:3f:
f4:15:10:e7:6a:56:56:3d:3b:90:02:0d:c5:68:e6:
7f:d2:37:e9:c1:9e:10:71:57:5a:26:5a:b4:fc:cd:
c4:8d:20:4d:b1:b3:8d:34:a7:63:2f:63:7b:55:85:
ad:ee:64:d7:7d:5d:3e:9f:2d:c8:9d:a4:17:7a:ae:
5a:83:2a:1e:48:50:45:55:9e:ef:f9:c9:2a:93:b9:
af:f6:13:08:0b:36:38:48:92:89:64:87:a2:02:89:
26:99:cb:bd:84:eb:6a:a2:23:ae:54:f4:9e:c0:d8:
4c:66:da:46:e6:ad:76:95:f5:ec:16:02:e4:5f:ca:
09:83:40:f2:36:28:66:2d:9a:7f:76:05:ca:3d:77:
87:4d:87:97:72:45:46:6c:6a:f5:58:ac:d0:86:30:
7e:2a:f4:29:f7:76:2f:bb:d4:60:ad:98:72:10:bf:
96:00:f6:ee:bb:c9:13:f3:2f:c2:15:6d:87:3c:6d:
73:31:a0:c2:43:36:37:99:1d:a8:11:41:f1:78:3c:
e3:02:85:0c:46:0f:2a:0d:92:bc:9e:7a:e9:e2:77:
7b:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:8D:5D:5B:3F:6D:8B:E6:0A:00:84:42:2C:E8:66:2A:A0:D7:EC:D1
X509v3 Authority Key Identifier:
keyid:E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/HY1dWz9ti-YKAIRCLOhmKqDX7NE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/6EA7XkXNWL5fbF0z-lZatJIj49s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.49.131.0/24
212.49.142.0/24
212.49.147.0/24
212.49.163.0/24
212.49.167.0-212.49.168.255
212.49.175.0/24
212.49.181.0/24
212.49.190.0/23
212.163.3.0/24
212.163.6.0/24
212.163.24.0/24
212.163.40.0/24
212.163.55.0/24
212.163.141.0/24
212.163.169.0/24
212.163.174.0/24
212.163.194.0/24
212.163.206.0/24
212.163.215.0/24
213.9.138.0/24
213.9.148.0/24
213.9.160.0/24
213.9.173.0/24
213.9.177.0/24
213.9.188.0/24
213.9.232.0/24
Signature Algorithm: sha256WithRSAEncryption
c8:13:5c:6d:ad:ca:d4:37:c6:d3:30:a0:a2:af:7e:04:b6:b4:
9f:a8:29:52:2f:ea:cc:d6:97:23:5c:67:a7:6e:c3:be:1e:f8:
7d:8e:5e:25:a9:a1:14:43:f1:61:a7:28:66:3f:9e:5c:8b:39:
c9:93:f8:45:9c:ba:74:4b:d6:33:4c:4f:32:36:7d:df:4f:01:
7c:70:3b:a5:8f:7a:31:3b:eb:f0:aa:11:8e:c9:85:d6:97:2d:
91:7e:ce:d2:a5:55:b7:e6:88:2b:ea:c0:86:59:33:7f:7b:fb:
33:fc:26:0c:25:6b:c6:50:1a:77:27:90:d8:5a:23:cf:c8:64:
33:7f:d6:e6:52:b6:6e:d4:1f:fd:3f:92:98:8b:c2:fd:63:76:
cd:69:02:25:bb:3f:62:63:7c:15:de:1f:67:c2:a7:1f:c1:ea:
0f:ee:ff:2a:e7:e4:a3:7e:77:97:b2:37:ee:60:05:57:10:57:
4b:06:d7:f8:e7:6d:ac:a1:56:f0:46:d0:79:69:48:fd:a6:ed:
cc:62:74:11:b4:0d:9c:4a:3a:53:5d:2d:d5:eb:27:ac:7e:49:
b7:43:4f:8f:21:d6:e2:81:cd:48:ba:d9:c7:fc:ee:69:e1:b8:
c0:e3:9c:5e:f4:5e:f4:67:af:74:ac:88:9e:ce:a7:9f:42:80:
2f:93:86:c5
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIEN/KL5zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ODQwM2I1ZTQ1Y2Q1OGJlNWY2YzVkMzNmYTU2NWFiNDkyMjNlM2RiMB4XDTIyMDMx
NTEzNDMwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWQ4ZDVkNWIzZjZk
OGJlNjBhMDA4NDQyMmNlODY2MmFhMGQ3ZWNkMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI4WLHgRQJ1WsLGZSI43MET4zSRcR12zd/WRumBvtQ7VGKU7
v3ouYNfeeVg/9BUQ52pWVj07kAINxWjmf9I36cGeEHFXWiZatPzNxI0gTbGzjTSn
Yy9je1WFre5k131dPp8tyJ2kF3quWoMqHkhQRVWe7/nJKpO5r/YTCAs2OEiSiWSH
ogKJJpnLvYTraqIjrlT0nsDYTGbaRuatdpX17BYC5F/KCYNA8jYoZi2af3YFyj13
h02Hl3JFRmxq9Vis0IYwfir0Kfd2L7vUYK2YchC/lgD27rvJE/MvwhVthzxtczGg
wkM2N5kdqBFB8Xg84wKFDEYPKg2SvJ566eJ3e58CAwEAAaOCAqwwggKoMB0GA1Ud
DgQWBBQdjV1bP22L5goAhEIs6GYqoNfs0TAfBgNVHSMEGDAWgBToQDteRc1Yvl9s
XTP6Vlq0kiPj2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZFQTdYa1hOV0w1ZmJGMHotbFphdEpJajQ5cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTcvODk3NmVkLWRhMGEtNDlhNS1hNzUxLWE4NzFlY2MyMTJhNi8x
L0hZMWRXejl0aS1ZS0FJUkNMT2htS3FEWDdORS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTcv
ODk3NmVkLWRhMGEtNDlhNS1hNzUxLWE4NzFlY2MyMTJhNi8xLzZFQTdYa1hOV0w1
ZmJGMHotbFphdEpJajQ5cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
wQYIKwYBBQUHAQcBAf8EgbEwga4wgasEAgABMIGkAwQA1DGDAwQA1DGOAwQA1DGT
AwQA1DGjMAwDBADUMacDBADUMagDBADUMa8DBADUMbUDBAHUMb4DBADUowMDBADU
owYDBADUoxgDBADUoygDBADUozcDBADUo40DBADUo6kDBADUo64DBADUo8IDBADU
o84DBADUo9cDBADVCYoDBADVCZQDBADVCaADBADVCa0DBADVCbEDBADVCbwDBADV
CegwDQYJKoZIhvcNAQELBQADggEBAMgTXG2tytQ3xtMwoKKvfgS2tJ+oKVIv6szW
lyNcZ6duw74e+H2OXiWpoRRD8WGnKGY/nlyLOcmT+EWcunRL1jNMTzI2fd9PAXxw
O6WPejE76/CqEY7JhdaXLZF+ztKlVbfmiCvqwIZZM397+zP8Jgwla8ZQGncnkNha
I8/IZDN/1uZStm7UH/0/kpiLwv1jds1pAiW7P2JjfBXeH2fCpx/B6g/u/yrn5KN+
d5eyN+5gBVcQV0sG1/jnbayhVvBG0HlpSP2m7cxidBG0DZxKOlNdLdXrJ6x+SbdD
T48h1uKBzUi62cf87mnhuMDjnF70XvRnr3SsiJ7Op59CgC+ThsU=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:33 2023 by rpki-client on console-ams.rpki-client.org