Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/827dcd-5695-41e6-bbfb-88e15fb19f74/1/7fyh0CES_ai1N31atNUn-WzMIsM.roa
File: 7fyh0CES_ai1N31atNUn-WzMIsM.roa (raw, json)
Hash identifier: qnCBoswRVbJe46ketsu7/iS6hABDXpT/jtlisXRUDic=
Subject key identifier: ED:FC:A1:D0:21:12:FD:A8:B5:37:7D:5A:B4:D5:27:F9:6C:CC:22:C3
Certificate issuer: /CN=47312b28074cb8dfad155178ca254bdb4f5e711a
Certificate serial: 01887627C02EFF4F3A2D03D97BBA86BD7F3A
Authority key identifier: 47:31:2B:28:07:4C:B8:DF:AD:15:51:78:CA:25:4B:DB:4F:5E:71:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RzErKAdMuN-tFVF4yiVL209ecRo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/827dcd-5695-41e6-bbfb-88e15fb19f74/1/7fyh0CES_ai1N31atNUn-WzMIsM.roa
Signing time: Thu 01 Jun 2023 08:51:36 +0000
ROA not before: Thu 01 Jun 2023 08:51:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212128
IP address blocks: 193.246.144.0/24 maxlen: 24
193.246.150.0/24 maxlen: 24
193.246.153.0/24 maxlen: 24
193.246.159.0/24 maxlen: 24
193.141.230.0/23 maxlen: 23
45.153.188.0/22 maxlen: 22
193.142.20.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:76:27:c0:2e:ff:4f:3a:2d:03:d9:7b:ba:86:bd:7f:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47312b28074cb8dfad155178ca254bdb4f5e711a
Validity
Not Before: Jun 1 08:51:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=edfca1d02112fda8b5377d5ab4d527f96ccc22c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ff:f7:c5:79:00:77:ff:fd:c5:56:5c:c4:72:
4b:2f:7d:c0:f8:f3:1d:26:52:d0:da:74:8e:1c:46:
10:9e:ba:ea:78:d4:ed:4c:7f:ac:1d:81:86:22:d0:
02:e3:50:22:6c:03:52:c2:20:1d:48:d5:63:45:cc:
4c:62:e9:72:da:1b:c7:e2:2a:53:65:b5:d5:48:cc:
51:d6:4a:ce:82:f7:0f:05:b6:b1:51:d8:12:22:59:
55:32:01:6a:51:69:20:34:2d:4d:8b:f8:2b:0f:08:
78:eb:56:10:af:0f:ea:36:2c:a1:f3:49:03:27:28:
06:80:47:4f:d7:93:63:3d:ad:fd:37:97:5a:14:87:
35:31:c8:3d:09:ec:85:ea:f3:6b:1b:69:3e:57:6b:
e8:35:e2:09:76:4b:09:86:26:ac:48:0a:76:b3:f6:
e1:cd:10:b9:c7:9a:69:ac:a2:1c:24:e8:7f:7a:15:
b7:ce:d6:0a:51:95:e9:5f:13:68:d9:e9:0e:7a:11:
96:95:ea:fb:a1:b0:33:9b:1a:6f:eb:04:65:b5:57:
16:38:2f:20:e0:19:f2:d2:63:45:e3:60:5a:0f:db:
1d:a3:95:7a:18:35:76:dd:66:9f:69:24:93:8e:df:
40:a1:6e:fe:99:96:0a:f6:0f:55:40:5b:80:b4:d2:
7e:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:FC:A1:D0:21:12:FD:A8:B5:37:7D:5A:B4:D5:27:F9:6C:CC:22:C3
X509v3 Authority Key Identifier:
keyid:47:31:2B:28:07:4C:B8:DF:AD:15:51:78:CA:25:4B:DB:4F:5E:71:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RzErKAdMuN-tFVF4yiVL209ecRo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/827dcd-5695-41e6-bbfb-88e15fb19f74/1/7fyh0CES_ai1N31atNUn-WzMIsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/827dcd-5695-41e6-bbfb-88e15fb19f74/1/RzErKAdMuN-tFVF4yiVL209ecRo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.188.0/22
193.141.230.0/23
193.142.20.0/23
193.246.144.0/24
193.246.150.0/24
193.246.153.0/24
193.246.159.0/24
Signature Algorithm: sha256WithRSAEncryption
58:42:1a:f0:ae:a0:d6:0b:b9:40:cd:69:23:2d:c0:84:94:12:
c5:9f:ed:f4:d8:2c:cb:ed:20:2a:ba:a5:1d:30:f8:7e:53:9a:
79:df:3f:d4:22:59:6b:d8:66:ec:c5:79:54:69:f9:f3:09:87:
a7:1f:8a:4e:90:86:f1:51:4b:54:f7:ff:16:6b:c6:2e:9e:69:
64:99:0f:38:22:5f:b8:1f:54:57:e3:b4:ed:17:9c:ee:3e:15:
d1:1c:cf:af:94:fa:a7:37:20:08:72:e9:f7:a6:de:20:c6:09:
54:44:64:6c:cb:62:0a:d4:d1:a1:7e:13:a4:25:54:b4:83:29:
40:d7:c5:b3:f2:af:ae:78:d2:b1:a2:33:1a:d9:c6:1c:b7:d6:
9f:d8:6c:cc:74:08:f2:69:1a:58:a8:81:39:52:16:30:1d:fd:
2c:89:c3:28:aa:5e:bb:03:fa:fe:f1:6a:99:78:31:80:6c:74:
31:e4:ae:22:38:51:18:02:f5:c0:6a:f9:60:6f:4a:e6:70:4b:
d5:52:2f:ce:e1:fa:ae:3c:d0:cb:2e:87:8f:2e:a0:0c:87:f3:
ac:f3:8f:b7:ce:10:12:55:63:5d:0c:a3:dd:35:9c:02:63:7d:
fa:8b:09:40:3f:ed:5a:40:65:50:81:1d:e3:e5:82:78:1c:bd:
f7:da:f8:9e
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYh2J8Au/086LQPZe7qGvX86MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3MzEyYjI4MDc0Y2I4ZGZhZDE1NTE3OGNhMjU0YmRiNGY1
ZTcxMWEwHhcNMjMwNjAxMDg1MTM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGZjYTFkMDIxMTJmZGE4YjUzNzdkNWFiNGQ1MjdmOTZjY2MyMmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArf/3xXkAd//9xVZcxHJLL33A+PMd
JlLQ2nSOHEYQnrrqeNTtTH+sHYGGItAC41AibANSwiAdSNVjRcxMYuly2hvH4ipT
ZbXVSMxR1krOgvcPBbaxUdgSIllVMgFqUWkgNC1Ni/grDwh461YQrw/qNiyh80kD
JygGgEdP15NjPa39N5daFIc1Mcg9CeyF6vNrG2k+V2voNeIJdksJhiasSAp2s/bh
zRC5x5pprKIcJOh/ehW3ztYKUZXpXxNo2ekOehGWler7obAzmxpv6wRltVcWOC8g
4Bny0mNF42BaD9sdo5V6GDV23WafaSSTjt9AoW7+mZYK9g9VQFuAtNJ+dwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFO38odAhEv2otTd9WrTVJ/lszCLDMB8GA1UdIwQY
MBaAFEcxKygHTLjfrRVReMolS9tPXnEaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnpFcktBZE11Ti10RlZGNHlpVkwyMDllY1JvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi84MjdkY2QtNTY5NS00MWU2LWJiZmIt
ODhlMTVmYjE5Zjc0LzEvN2Z5aDBDRVNfYWkxTjMxYXROVW4tV3pNSXNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi84MjdkY2QtNTY5NS00MWU2LWJiZmItODhlMTVmYjE5Zjc0
LzEvUnpFcktBZE11Ti10RlZGNHlpVkwyMDllY1JvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCLZm8AwQB
wY3mAwQBwY4UAwQAwfaQAwQAwfaWAwQAwfaZAwQAwfafMA0GCSqGSIb3DQEBCwUA
A4IBAQBYQhrwrqDWC7lAzWkjLcCElBLFn+302CzL7SAquqUdMPh+U5p53z/UIllr
2GbsxXlUafnzCYenH4pOkIbxUUtU9/8Wa8YunmlkmQ84Il+4H1RX47TtF5zuPhXR
HM+vlPqnNyAIcun3pt4gxglURGRsy2IK1NGhfhOkJVS0gylA18Wz8q+ueNKxojMa
2cYct9af2GzMdAjyaRpYqIE5UhYwHf0sicMoql67A/r+8WqZeDGAbHQx5K4iOFEY
AvXAavlgb0rmcEvVUi/O4fquPNDLLoePLqAMh/Os84+3zhASVWNdDKPdNZwCY336
iwlAP+1aQGVQgR3j5YJ4HL332vie
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:50 2024 by rpki-client on console-fra.rpki-client.org