Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/827dcd-5695-41e6-bbfb-88e15fb19f74/1/L_og2pc7uYQtSgdABjrCZ7RL5LI.roa
File: L_og2pc7uYQtSgdABjrCZ7RL5LI.roa (raw, json)
Hash identifier: TkhWhktNXmAJQDJxLkbnS6Z1LWzYj3imlljZ+HRwW2U=
Subject key identifier: 2F:FA:20:DA:97:3B:B9:84:2D:4A:07:40:06:3A:C2:67:B4:4B:E4:B2
Certificate issuer: /CN=47312b28074cb8dfad155178ca254bdb4f5e711a
Certificate serial: 018CC56EE5466956023A4F50E90A7E515348
Authority key identifier: 47:31:2B:28:07:4C:B8:DF:AD:15:51:78:CA:25:4B:DB:4F:5E:71:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RzErKAdMuN-tFVF4yiVL209ecRo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/827dcd-5695-41e6-bbfb-88e15fb19f74/1/L_og2pc7uYQtSgdABjrCZ7RL5LI.roa
Signing time: Mon 01 Jan 2024 14:30:28 +0000
ROA not before: Mon 01 Jan 2024 14:30:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212128
IP address blocks: 193.246.144.0/24 maxlen: 24
193.246.150.0/24 maxlen: 24
193.246.153.0/24 maxlen: 24
193.246.159.0/24 maxlen: 24
193.141.230.0/23 maxlen: 23
45.153.188.0/22 maxlen: 22
193.142.20.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:e5:46:69:56:02:3a:4f:50:e9:0a:7e:51:53:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47312b28074cb8dfad155178ca254bdb4f5e711a
Validity
Not Before: Jan 1 14:30:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2ffa20da973bb9842d4a0740063ac267b44be4b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:24:fa:b1:02:6e:a1:a8:7c:f2:bd:58:a7:dd:
a2:5b:f1:37:f7:d2:36:4a:67:82:40:0e:60:5d:30:
e1:71:6c:3d:3a:5e:88:c2:ce:13:2b:a0:e8:3f:ab:
4c:ea:c9:e6:d2:00:a8:a3:d7:1f:42:11:3d:5d:e8:
88:2d:da:e9:67:ad:9c:e7:41:c4:cf:d3:f1:67:ac:
ed:34:da:b9:34:5c:9c:ab:ce:8e:f2:d3:e7:2a:ca:
60:af:bc:f8:0c:5b:9b:10:e1:67:49:ce:bd:2d:e8:
dc:02:41:50:36:a2:9b:5b:93:5e:64:c7:8e:97:d0:
b9:14:22:40:09:59:cb:e8:ea:85:82:06:56:65:59:
c3:b1:e6:b2:63:ef:8d:37:dd:7d:3d:0e:53:1b:b6:
0e:de:6f:d7:18:dd:df:55:b6:28:13:49:4b:d6:23:
91:54:68:2c:4a:13:90:58:2b:c9:4d:b3:ee:31:2e:
01:f4:5c:9e:57:5e:6a:1a:8a:0a:9a:82:62:67:42:
21:26:00:45:6e:87:38:ab:46:d6:91:9e:00:7c:4b:
e0:a0:bb:6c:cc:a7:e4:0a:fe:e0:c5:d3:c4:c2:2c:
aa:bd:82:91:16:37:9b:76:eb:bb:3c:e9:60:a5:34:
fd:d6:54:92:a7:32:0c:96:94:f3:60:df:d9:fb:8f:
1f:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:FA:20:DA:97:3B:B9:84:2D:4A:07:40:06:3A:C2:67:B4:4B:E4:B2
X509v3 Authority Key Identifier:
keyid:47:31:2B:28:07:4C:B8:DF:AD:15:51:78:CA:25:4B:DB:4F:5E:71:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RzErKAdMuN-tFVF4yiVL209ecRo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/827dcd-5695-41e6-bbfb-88e15fb19f74/1/L_og2pc7uYQtSgdABjrCZ7RL5LI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/827dcd-5695-41e6-bbfb-88e15fb19f74/1/RzErKAdMuN-tFVF4yiVL209ecRo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.188.0/22
193.141.230.0/23
193.142.20.0/23
193.246.144.0/24
193.246.150.0/24
193.246.153.0/24
193.246.159.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:6e:41:ba:2e:25:46:31:4e:d4:b6:eb:ab:3d:ad:27:ac:86:
70:c6:1a:ed:e8:a5:a2:df:21:df:52:be:7f:02:56:20:28:4b:
2a:05:4b:d9:0d:ef:3b:f3:21:18:c9:f1:85:c6:9c:cd:97:75:
6c:31:2c:aa:4b:27:aa:ba:0c:01:99:36:f3:ea:2d:5b:cb:5a:
c0:23:d9:96:c1:2d:35:39:01:57:62:01:7d:7f:fa:e3:be:2c:
79:b1:26:e3:48:90:e5:3c:7b:79:6a:49:f8:28:89:50:ed:70:
3d:29:42:bf:49:54:d9:48:74:89:fe:c1:1b:db:bd:2a:66:70:
e3:4d:7e:b6:f4:fe:f7:8f:86:86:8d:80:a3:ad:bf:5f:b0:9c:
d1:cd:ef:1c:7e:54:ea:f2:99:ed:43:38:26:bd:ec:7d:4f:47:
ab:e9:3b:be:87:58:34:1c:65:f6:07:38:2d:da:0b:61:2a:48:
57:7a:3a:cc:4d:2e:9a:5d:08:37:a3:47:20:5a:a2:c2:b6:af:
1f:b6:3e:0d:6a:35:73:e6:02:8e:90:f2:fe:03:cc:c2:d0:b8:
6e:a0:87:c2:5a:aa:3b:b4:ec:6e:64:86:ab:1e:2a:fd:c2:03:
65:70:35:78:b2:30:e1:8c:2d:2d:ba:9d:b0:36:a2:6a:2f:2a:
56:db:b8:3f
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzFbuVGaVYCOk9Q6Qp+UVNIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3MzEyYjI4MDc0Y2I4ZGZhZDE1NTE3OGNhMjU0YmRiNGY1
ZTcxMWEwHhcNMjQwMTAxMTQzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmZhMjBkYTk3M2JiOTg0MmQ0YTA3NDAwNjNhYzI2N2I0NGJlNGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiyT6sQJuoah88r1Yp92iW/E399I2
SmeCQA5gXTDhcWw9Ol6Iws4TK6DoP6tM6snm0gCoo9cfQhE9XeiILdrpZ62c50HE
z9PxZ6ztNNq5NFycq86O8tPnKspgr7z4DFubEOFnSc69LejcAkFQNqKbW5NeZMeO
l9C5FCJACVnL6OqFggZWZVnDseayY++NN919PQ5TG7YO3m/XGN3fVbYoE0lL1iOR
VGgsShOQWCvJTbPuMS4B9FyeV15qGooKmoJiZ0IhJgBFboc4q0bWkZ4AfEvgoLts
zKfkCv7gxdPEwiyqvYKRFjebduu7POlgpTT91lSSpzIMlpTzYN/Z+48f+wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFC/6INqXO7mELUoHQAY6wme0S+SyMB8GA1UdIwQY
MBaAFEcxKygHTLjfrRVReMolS9tPXnEaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnpFcktBZE11Ti10RlZGNHlpVkwyMDllY1JvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi84MjdkY2QtNTY5NS00MWU2LWJiZmIt
ODhlMTVmYjE5Zjc0LzEvTF9vZzJwYzd1WVF0U2dkQUJqckNaN1JMNUxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi84MjdkY2QtNTY5NS00MWU2LWJiZmItODhlMTVmYjE5Zjc0
LzEvUnpFcktBZE11Ti10RlZGNHlpVkwyMDllY1JvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCLZm8AwQB
wY3mAwQBwY4UAwQAwfaQAwQAwfaWAwQAwfaZAwQAwfafMA0GCSqGSIb3DQEBCwUA
A4IBAQCbbkG6LiVGMU7UtuurPa0nrIZwxhrt6KWi3yHfUr5/AlYgKEsqBUvZDe87
8yEYyfGFxpzNl3VsMSyqSyequgwBmTbz6i1by1rAI9mWwS01OQFXYgF9f/rjvix5
sSbjSJDlPHt5akn4KIlQ7XA9KUK/SVTZSHSJ/sEb270qZnDjTX629P73j4aGjYCj
rb9fsJzRze8cflTq8pntQzgmvex9T0er6Tu+h1g0HGX2Bzgt2gthKkhXejrMTS6a
XQg3o0cgWqLCtq8ftj4NajVz5gKOkPL+A8zC0LhuoIfCWqo7tOxuZIarHir9wgNl
cDV4sjDhjC0tup2wNqJqLypW27g/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:50 2024 by rpki-client on console-fra.rpki-client.org