Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/HXdEWKqRzU10C44hhMY_gRw9Rns.roa
File: HXdEWKqRzU10C44hhMY_gRw9Rns.roa (raw, json)
Hash identifier: 4AxndA0UdsSOj66mp8tOrKxh7++CWcVAaIe24VSShgo=
Subject key identifier: 1D:77:44:58:AA:91:CD:4D:74:0B:8E:21:84:C6:3F:81:1C:3D:46:7B
Certificate issuer: /CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Certificate serial: 01856F1DBA32287FD8E0FDF500D84571AAFA
Authority key identifier: 0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/HXdEWKqRzU10C44hhMY_gRw9Rns.roa
Signing time: Sun 01 Jan 2023 20:54:57 +0000
ROA not before: Sun 01 Jan 2023 20:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205516
IP address blocks: 193.106.99.0/24 maxlen: 24
45.8.116.0/22 maxlen: 24
91.198.101.0/24 maxlen: 24
193.43.250.0/24 maxlen: 24
2a0e:6600::/29 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:ba:32:28:7f:d8:e0:fd:f5:00:d8:45:71:aa:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Validity
Not Before: Jan 1 20:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d774458aa91cd4d740b8e2184c63f811c3d467b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:b4:d1:9f:ec:25:8e:fe:ac:7f:2a:0a:c2:9f:
70:4c:b6:57:24:d3:24:fe:92:0d:30:d2:a3:20:9e:
84:64:a3:cb:c5:e3:09:da:2f:8e:68:71:f8:66:d9:
ba:36:ce:b8:42:32:d0:e3:ff:b4:fc:ce:1d:e4:4d:
87:e7:46:b2:60:40:b9:15:a2:8d:ac:d9:3e:89:f4:
14:d6:57:f6:db:fe:de:ef:b4:76:e4:1c:32:59:8a:
10:9b:ec:d4:b3:df:59:99:ec:21:fd:2e:d6:c1:40:
43:38:9e:c1:30:fd:32:34:6e:0e:ea:5c:0d:63:c1:
be:0a:26:a0:6b:7e:04:29:c1:50:3f:97:49:8c:3d:
92:b4:e4:9e:dc:50:12:51:bf:2b:ea:4f:27:6d:57:
1c:27:63:d4:36:3f:74:89:74:a2:c6:72:6e:cf:86:
33:7c:d0:5f:75:05:34:3c:52:a7:84:b0:8a:92:53:
e0:de:88:8d:01:05:21:8f:09:fc:2b:d4:20:26:46:
ed:ff:ab:e2:21:46:82:fb:d1:09:94:01:07:a5:a9:
db:0a:54:d7:93:0c:9c:9e:bf:c9:42:ff:79:ea:f3:
67:53:7c:8d:53:d9:3a:66:2c:39:c8:70:17:6d:0b:
5d:bd:c5:01:d0:9f:4c:50:df:ca:85:7d:84:dc:26:
ac:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:77:44:58:AA:91:CD:4D:74:0B:8E:21:84:C6:3F:81:1C:3D:46:7B
X509v3 Authority Key Identifier:
keyid:0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/HXdEWKqRzU10C44hhMY_gRw9Rns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/CnMngF3yD7XB1vTokHR0PK6ySvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.116.0/22
91.198.101.0/24
193.43.250.0/24
193.106.99.0/24
IPv6:
2a0e:6600::/29
Signature Algorithm: sha256WithRSAEncryption
9f:46:ae:87:7d:c3:a5:86:61:c8:89:cd:58:c9:3d:94:88:34:
7c:bd:58:33:9f:01:51:fb:22:d9:83:35:da:db:e8:e8:ef:53:
17:b9:bd:e5:d7:86:80:ba:ac:c1:b3:2b:c7:1d:6e:43:a0:ef:
c3:cb:76:a4:3d:22:1a:5c:44:90:43:be:1f:19:a9:fb:d0:8b:
04:ad:27:8d:2f:e8:12:2f:b7:ac:25:c9:9d:65:2a:4d:20:b4:
18:63:98:4f:4d:f9:8a:9a:c3:d1:f7:b0:65:3d:a0:a6:8d:b7:
3e:2b:d9:f5:2c:03:51:a9:22:4d:7b:b4:41:ee:ec:55:6d:d4:
4b:86:af:a6:fc:aa:c9:c1:51:b8:c8:6b:54:f9:56:e1:b5:17:
d6:e8:1f:bb:0b:97:5c:02:87:88:37:7b:e7:d2:4d:a7:dd:35:
14:49:16:86:1e:46:86:2e:e1:99:95:b9:58:50:c9:5c:60:9b:
27:6e:1f:a9:eb:85:ba:49:ac:2d:49:fe:85:62:cb:bc:b6:f0:
1e:5a:ae:ed:64:92:7f:35:45:59:31:8e:4d:64:58:5f:47:49:
18:f5:7b:e1:13:54:26:1d:07:d6:e1:74:f2:57:eb:d8:e1:8c:
8e:93:7b:a3:3b:dd:88:c2:d7:8e:55:d1:1e:17:01:6c:fd:8b:
d9:3f:3c:b8
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVvHboyKH/Y4P31ANhFcar6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNzMyNzgwNWRmMjBmYjVjMWQ2ZjRlODkwNzQ3NDNjYWVi
MjRhZjcwHhcNMjMwMTAxMjA1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDc3NDQ1OGFhOTFjZDRkNzQwYjhlMjE4NGM2M2Y4MTFjM2Q0NjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbTRn+wljv6sfyoKwp9wTLZXJNMk
/pINMNKjIJ6EZKPLxeMJ2i+OaHH4Ztm6Ns64QjLQ4/+0/M4d5E2H50ayYEC5FaKN
rNk+ifQU1lf22/7e77R25BwyWYoQm+zUs99Zmewh/S7WwUBDOJ7BMP0yNG4O6lwN
Y8G+Ciaga34EKcFQP5dJjD2StOSe3FASUb8r6k8nbVccJ2PUNj90iXSixnJuz4Yz
fNBfdQU0PFKnhLCKklPg3oiNAQUhjwn8K9QgJkbt/6viIUaC+9EJlAEHpanbClTX
kwycnr/JQv956vNnU3yNU9k6Ziw5yHAXbQtdvcUB0J9MUN/KhX2E3CasjwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFB13RFiqkc1NdAuOIYTGP4EcPUZ7MB8GA1UdIwQY
MBaAFApzJ4Bd8g+1wdb06JB0dDyuskr3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEt
MTBiYjQ1NzlkNTI4LzEvSFhkRVdLcVJ6VTEwQzQ0aGhNWV9nUnc5Um5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEtMTBiYjQ1NzlkNTI4
LzEvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCLQh0AwQA
W8ZlAwQAwSv6AwQAwWpjMA0EAgACMAcDBQMqDmYAMA0GCSqGSIb3DQEBCwUAA4IB
AQCfRq6HfcOlhmHIic1YyT2UiDR8vVgznwFR+yLZgzXa2+jo71MXub3l14aAuqzB
syvHHW5DoO/Dy3akPSIaXESQQ74fGan70IsErSeNL+gSL7esJcmdZSpNILQYY5hP
TfmKmsPR97BlPaCmjbc+K9n1LANRqSJNe7RB7uxVbdRLhq+m/KrJwVG4yGtU+Vbh
tRfW6B+7C5dcAoeIN3vn0k2n3TUUSRaGHkaGLuGZlblYUMlcYJsnbh+p64W6Sawt
Sf6FYsu8tvAeWq7tZJJ/NUVZMY5NZFhfR0kY9XvhE1QmHQfW4XTyV+vY4YyOk3uj
O92IwteOVdEeFwFs/YvZPzy4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:06 2024 by rpki-client on console-ams.rpki-client.org