Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/c8010e-3289-4a36-a2b8-12b2bc58053a/1/hvFcX5UduFd-Lty1aGmOoHoDdRU.roa
File: hvFcX5UduFd-Lty1aGmOoHoDdRU.roa (raw, json)
Hash identifier: GWWlGb1uRo2xA9EVRFJNyy2y8oROY5es9VUminbAtIE=
Subject key identifier: 86:F1:5C:5F:95:1D:B8:57:7E:2E:DC:B5:68:69:8E:A0:7A:03:75:15
Certificate issuer: /CN=dba12207af4d186c44da2533c0b8f1fd1f55d8db
Certificate serial: 01851845A340AE5669AF5CF8F906D87337CD
Authority key identifier: DB:A1:22:07:AF:4D:18:6C:44:DA:25:33:C0:B8:F1:FD:1F:55:D8:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/26EiB69NGGxE2iUzwLjx_R9V2Ns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/c8010e-3289-4a36-a2b8-12b2bc58053a/1/hvFcX5UduFd-Lty1aGmOoHoDdRU.roa
Signing time: Fri 16 Dec 2022 00:11:35 +0000
ROA not before: Fri 16 Dec 2022 00:11:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41960
IP address blocks: 213.156.0.0/20 maxlen: 24
91.211.160.0/22 maxlen: 24
195.238.86.0/23 maxlen: 24
45.151.116.0/22 maxlen: 24
5.183.132.0/22 maxlen: 24
212.57.48.0/20 maxlen: 24
45.95.252.0/22 maxlen: 24
2.56.216.0/22 maxlen: 24
93.188.64.0/22 maxlen: 24
213.173.56.0/22 maxlen: 22
77.73.224.0/21 maxlen: 24
185.249.136.0/22 maxlen: 24
45.10.124.0/22 maxlen: 24
185.251.152.0/22 maxlen: 24
194.61.84.0/23 maxlen: 24
194.61.86.0/24 maxlen: 24
195.184.86.0/23 maxlen: 24
195.184.90.0/23 maxlen: 24
171.22.176.0/22 maxlen: 24
45.140.156.0/22 maxlen: 24
85.184.8.0/21 maxlen: 24
185.234.152.0/23 maxlen: 24
185.239.168.0/23 maxlen: 24
185.234.154.0/24 maxlen: 24
185.239.170.0/24 maxlen: 24
37.148.184.0/21 maxlen: 24
91.216.34.0/24 maxlen: 24
185.253.48.0/22 maxlen: 24
2a02:690::/29 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:18:45:a3:40:ae:56:69:af:5c:f8:f9:06:d8:73:37:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dba12207af4d186c44da2533c0b8f1fd1f55d8db
Validity
Not Before: Dec 16 00:11:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=86f15c5f951db8577e2edcb568698ea07a037515
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b0:dd:27:aa:4d:02:ca:f1:d8:d4:3e:2d:9a:
92:6b:a8:dc:db:fc:71:ed:f2:e4:85:31:d7:85:fb:
1e:8b:44:05:4c:3c:1a:db:cb:fe:12:12:ad:72:ca:
40:51:30:20:10:80:72:c7:f3:5d:bd:ec:65:25:b3:
54:b6:93:4c:0b:34:4e:96:c2:be:74:59:c5:0c:f6:
ee:b1:66:64:23:bb:77:c9:c9:92:6d:0c:96:86:3c:
18:2c:94:35:3f:bc:71:fb:0b:df:1a:83:2f:e8:4f:
ec:9a:f1:c3:38:09:2b:70:f5:fc:0e:5e:27:e9:aa:
a6:16:d6:c1:96:55:7a:1c:b7:1a:d0:47:01:8e:17:
aa:e2:ae:dd:9b:e2:6b:de:e5:4c:91:37:72:24:75:
c8:7a:33:e0:71:af:b8:f1:1a:5d:d8:7e:3c:8c:9a:
21:95:15:40:84:83:fa:52:63:8b:a4:44:2e:95:4f:
2a:58:5d:73:80:4e:e9:2c:b8:ec:2a:ba:c4:92:96:
99:63:7a:48:c0:90:c4:98:f1:1b:18:4b:dc:02:12:
84:59:67:ee:ae:50:c6:a9:e4:21:e9:0e:e2:da:55:
d7:7d:41:73:7d:32:ba:45:07:18:89:de:42:83:6d:
3a:76:0b:54:e6:54:7d:f0:05:55:ca:1c:79:bb:f5:
db:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:F1:5C:5F:95:1D:B8:57:7E:2E:DC:B5:68:69:8E:A0:7A:03:75:15
X509v3 Authority Key Identifier:
keyid:DB:A1:22:07:AF:4D:18:6C:44:DA:25:33:C0:B8:F1:FD:1F:55:D8:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/26EiB69NGGxE2iUzwLjx_R9V2Ns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/c8010e-3289-4a36-a2b8-12b2bc58053a/1/hvFcX5UduFd-Lty1aGmOoHoDdRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/c8010e-3289-4a36-a2b8-12b2bc58053a/1/26EiB69NGGxE2iUzwLjx_R9V2Ns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.216.0/22
5.183.132.0/22
37.148.184.0/21
45.10.124.0/22
45.95.252.0/22
45.140.156.0/22
45.151.116.0/22
77.73.224.0/21
85.184.8.0/21
91.211.160.0/22
91.216.34.0/24
93.188.64.0/22
171.22.176.0/22
185.234.152.0-185.234.154.255
185.239.168.0-185.239.170.255
185.249.136.0/22
185.251.152.0/22
185.253.48.0/22
194.61.84.0-194.61.86.255
195.184.86.0/23
195.184.90.0/23
195.238.86.0/23
212.57.48.0/20
213.156.0.0/20
213.173.56.0/22
IPv6:
2a02:690::/29
Signature Algorithm: sha256WithRSAEncryption
02:bb:9b:5f:6c:26:35:b8:2e:3a:d3:f5:5a:0d:e1:07:dd:5b:
5b:ee:cf:c8:fc:61:06:d6:91:d8:11:16:47:84:28:8e:3e:17:
d0:57:73:2e:48:eb:4b:03:24:f9:1c:66:8d:fb:c9:94:a0:f7:
c4:d1:b1:19:68:c5:06:8d:3e:e3:5e:bb:2e:98:99:03:a1:30:
9a:c4:77:b1:9e:b9:d4:b4:10:b4:88:22:4a:06:51:02:d8:55:
15:2d:80:93:22:42:b4:e9:a2:47:b7:f3:29:cb:ce:80:0f:61:
ce:e7:39:43:2c:4c:a4:60:04:4b:2a:70:90:f6:66:e0:d4:03:
89:9b:a0:1f:d3:44:4b:91:28:32:37:a7:e5:3c:31:63:f4:a6:
ca:8e:46:93:d9:26:30:bc:11:4c:19:93:76:ae:4b:6c:3c:ac:
d7:df:9c:35:5f:bb:9f:e5:e8:c0:ea:53:4a:9d:2f:e9:81:be:
8d:d5:b0:ef:ff:9f:7f:0d:57:0c:ba:d9:61:4a:54:ff:d8:58:
ab:9b:d9:0e:dd:86:3a:fd:02:01:d1:82:30:6b:d0:82:21:4a:
99:fe:f6:8c:47:4d:0e:f1:d5:8d:0b:53:f2:e8:5b:c0:ef:a6:
60:d2:99:90:59:9e:b0:0e:36:dc:f1:6e:62:08:64:af:29:aa:
15:fc:df:5d
-----BEGIN CERTIFICATE-----
MIIFuTCCBKGgAwIBAgISAYUYRaNArlZpr1z4+QbYczfNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYTEyMjA3YWY0ZDE4NmM0NGRhMjUzM2MwYjhmMWZkMWY1
NWQ4ZGIwHhcNMjIxMjE2MDAxMTM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmYxNWM1Zjk1MWRiODU3N2UyZWRjYjU2ODY5OGVhMDdhMDM3NTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7DdJ6pNAsrx2NQ+LZqSa6jc2/xx
7fLkhTHXhfsei0QFTDwa28v+EhKtcspAUTAgEIByx/NdvexlJbNUtpNMCzROlsK+
dFnFDPbusWZkI7t3ycmSbQyWhjwYLJQ1P7xx+wvfGoMv6E/smvHDOAkrcPX8Dl4n
6aqmFtbBllV6HLca0EcBjheq4q7dm+Jr3uVMkTdyJHXIejPgca+48Rpd2H48jJoh
lRVAhIP6UmOLpEQulU8qWF1zgE7pLLjsKrrEkpaZY3pIwJDEmPEbGEvcAhKEWWfu
rlDGqeQh6Q7i2lXXfUFzfTK6RQcYid5Cg206dgtU5lR98AVVyhx5u/XblwIDAQAB
o4ICxTCCAsEwHQYDVR0OBBYEFIbxXF+VHbhXfi7ctWhpjqB6A3UVMB8GA1UdIwQY
MBaAFNuhIgevTRhsRNolM8C48f0fVdjbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjZFaUI2OU5HR3hFMmlVendManhfUjlWMk5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9jODAxMGUtMzI4OS00YTM2LWEyYjgt
MTJiMmJjNTgwNTNhLzEvaHZGY1g1VWR1RmQtTHR5MWFHbU9vSG9EZFJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9jODAxMGUtMzI4OS00YTM2LWEyYjgtMTJiMmJjNTgwNTNh
LzEvMjZFaUI2OU5HR3hFMmlVendManhfUjlWMk5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHaBggrBgEFBQcBBwEB/wSByjCBxzCBtQQCAAEwga4DBAIC
ONgDBAIFt4QDBAMllLgDBAItCnwDBAItX/wDBAItjJwDBAItl3QDBANNSeADBANV
uAgDBAJb06ADBABb2CIDBAJdvEADBAKrFrAwDAMEA7nqmAMEALnqmjAMAwQDue+o
AwQAue+qAwQCufmIAwQCufuYAwQCuf0wMAwDBALCPVQDBADCPVYDBAHDuFYDBAHD
uFoDBAHD7lYDBATUOTADBATVnAADBALVrTgwDQQCAAIwBwMFAyoCBpAwDQYJKoZI
hvcNAQELBQADggEBAAK7m19sJjW4LjrT9VoN4QfdW1vuz8j8YQbWkdgRFkeEKI4+
F9BXcy5I60sDJPkcZo37yZSg98TRsRloxQaNPuNeuy6YmQOhMJrEd7GeudS0ELSI
IkoGUQLYVRUtgJMiQrTpoke38ynLzoAPYc7nOUMsTKRgBEsqcJD2ZuDUA4mboB/T
REuRKDI3p+U8MWP0psqORpPZJjC8EUwZk3auS2w8rNffnDVfu5/l6MDqU0qdL+mB
vo3VsO//n38NVwy62WFKVP/YWKub2Q7dhjr9AgHRgjBr0IIhSpn+9oxHTQ7x1Y0L
U/LoW8DvpmDSmZBZnrAONtzxbmIIZK8pqhX8310=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:11 2024 by rpki-client on console-fra.rpki-client.org