Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/dd55e8-febd-49d0-a5a7-1cf15b2ba7be/1/CSJ3MgoxrLbFaQu4r3sS3XrA_xE.roa
File: CSJ3MgoxrLbFaQu4r3sS3XrA_xE.roa (raw, json)
Hash identifier: ZMwgJQeS0Ojh9Cs+EOEKH9RoVOORaHJVRXZ0gcC8xdw=
Subject key identifier: 09:22:77:32:0A:31:AC:B6:C5:69:0B:B8:AF:7B:12:DD:7A:C0:FF:11
Certificate issuer: /CN=ac7cc334f51d2b6eb4e27d6d56b9bce3e85560cc
Certificate serial: 01827D9B76058570B204401B117BE2AD869D
Authority key identifier: AC:7C:C3:34:F5:1D:2B:6E:B4:E2:7D:6D:56:B9:BC:E3:E8:55:60:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rHzDNPUdK2604n1tVrm84-hVYMw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/dd55e8-febd-49d0-a5a7-1cf15b2ba7be/1/CSJ3MgoxrLbFaQu4r3sS3XrA_xE.roa
Signing time: Mon 08 Aug 2022 13:18:36 +0000
ROA not before: Mon 08 Aug 2022 13:18:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 28716
IP address blocks: 77.95.136.0/21 maxlen: 24
147.123.80.0/20 maxlen: 24
80.94.116.0/24 maxlen: 24
80.94.112.0/20 maxlen: 24
217.19.144.0/20 maxlen: 24
78.159.216.0/21 maxlen: 24
185.61.12.0/22 maxlen: 24
147.123.96.0/20 maxlen: 24
45.89.180.0/22 maxlen: 24
185.41.212.0/22 maxlen: 22
78.159.192.0/21 maxlen: 24
46.243.32.0/21 maxlen: 24
2001:1bd0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:7d:9b:76:05:85:70:b2:04:40:1b:11:7b:e2:ad:86:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac7cc334f51d2b6eb4e27d6d56b9bce3e85560cc
Validity
Not Before: Aug 8 13:18:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=092277320a31acb6c5690bb8af7b12dd7ac0ff11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:ab:f5:1d:fd:7b:b7:75:59:da:a5:fa:a6:cb:
23:ac:f9:6c:76:4b:e2:ea:97:38:e8:6a:09:61:66:
1d:41:a7:e6:a0:24:0b:75:b7:25:48:44:03:64:bb:
5a:92:e7:23:42:d6:e4:60:e6:1d:b1:29:f1:41:f4:
b7:29:65:8b:c9:bb:0d:07:a6:7e:ec:dd:23:7d:8c:
f1:0e:8b:c1:bf:72:9e:f7:30:1b:17:12:d6:aa:9e:
69:57:9e:11:ae:db:13:81:11:4c:42:79:eb:d0:ba:
2a:ec:e7:90:15:14:05:67:55:a7:03:ec:fc:e5:97:
6f:00:f8:17:0c:71:87:36:26:bf:d0:ca:cc:44:29:
a1:5a:ad:5e:f3:59:12:3c:1d:6c:e2:2d:46:8f:89:
b5:f7:44:42:ce:ed:a0:ed:78:3b:5e:d5:2a:0a:ae:
f6:ac:78:f2:a3:fb:1c:5f:7b:9b:6b:95:16:98:16:
99:f8:1f:49:ad:99:30:82:db:26:bd:47:da:23:41:
3c:6b:33:5b:e0:a3:a7:d5:2c:53:4f:fc:1c:34:31:
37:49:96:3c:a2:71:cf:0d:21:68:c8:78:d3:13:29:
0e:ff:1d:91:72:30:60:af:88:fe:ea:94:29:e4:2e:
e9:09:b9:84:9b:ae:c0:96:a2:69:a3:97:26:37:a9:
4e:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:22:77:32:0A:31:AC:B6:C5:69:0B:B8:AF:7B:12:DD:7A:C0:FF:11
X509v3 Authority Key Identifier:
keyid:AC:7C:C3:34:F5:1D:2B:6E:B4:E2:7D:6D:56:B9:BC:E3:E8:55:60:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rHzDNPUdK2604n1tVrm84-hVYMw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/dd55e8-febd-49d0-a5a7-1cf15b2ba7be/1/CSJ3MgoxrLbFaQu4r3sS3XrA_xE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/dd55e8-febd-49d0-a5a7-1cf15b2ba7be/1/rHzDNPUdK2604n1tVrm84-hVYMw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.180.0/22
46.243.32.0/21
77.95.136.0/21
78.159.192.0/21
78.159.216.0/21
80.94.112.0/20
147.123.80.0-147.123.111.255
185.41.212.0/22
185.61.12.0/22
217.19.144.0/20
IPv6:
2001:1bd0::/32
Signature Algorithm: sha256WithRSAEncryption
69:64:9d:72:42:34:ad:93:e1:bb:73:6c:05:6c:25:a9:7c:14:
43:d3:b4:2f:d5:3f:ca:2a:8f:c5:73:57:9f:76:78:10:66:02:
a5:20:55:40:ad:40:a7:ef:cb:95:06:ac:3c:e8:32:a5:57:1c:
1b:da:ee:fc:61:d6:6d:34:e4:84:6c:ff:80:65:e9:15:b2:fd:
f0:a4:45:ea:9b:38:47:25:63:98:20:65:c5:5c:da:9d:67:2f:
2b:04:9b:d9:6d:4a:16:57:fb:8a:ac:28:f4:cb:04:cd:7d:5f:
fe:b5:4d:29:d2:0f:62:30:c8:ab:39:75:89:4a:a3:66:e3:a4:
63:ac:9d:a6:c3:80:55:73:49:10:0e:08:9e:04:3b:29:9d:81:
99:ee:82:62:48:5e:c7:78:28:17:06:01:cd:d6:ce:9b:6a:6a:
93:41:f8:67:50:54:29:d5:0e:9f:99:8d:d4:c9:c7:6f:9e:13:
eb:82:8c:ad:34:9e:9a:88:3b:07:12:7c:7a:27:a2:e9:73:08:
37:0c:74:44:22:ad:26:1f:40:b5:b2:f9:f3:66:79:ba:39:a0:
02:2f:2a:74:5e:8f:24:10:90:01:66:73:67:c2:e7:b9:76:f1:
cb:84:af:ba:7f:ce:94:65:8c:6d:2b:1b:e9:50:c8:f7:7a:16:
16:71:a7:59
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAYJ9m3YFhXCyBEAbEXvirYadMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjN2NjMzM0ZjUxZDJiNmViNGUyN2Q2ZDU2YjliY2UzZTg1
NTYwY2MwHhcNMjIwODA4MTMxODM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTIyNzczMjBhMzFhY2I2YzU2OTBiYjhhZjdiMTJkZDdhYzBmZjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzKv1Hf17t3VZ2qX6pssjrPlsdkvi
6pc46GoJYWYdQafmoCQLdbclSEQDZLtakucjQtbkYOYdsSnxQfS3KWWLybsNB6Z+
7N0jfYzxDovBv3Ke9zAbFxLWqp5pV54RrtsTgRFMQnnr0Loq7OeQFRQFZ1WnA+z8
5ZdvAPgXDHGHNia/0MrMRCmhWq1e81kSPB1s4i1Gj4m190RCzu2g7Xg7XtUqCq72
rHjyo/scX3uba5UWmBaZ+B9JrZkwgtsmvUfaI0E8azNb4KOn1SxTT/wcNDE3SZY8
onHPDSFoyHjTEykO/x2RcjBgr4j+6pQp5C7pCbmEm67AlqJpo5cmN6lO2wIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFAkidzIKMay2xWkLuK97Et16wP8RMB8GA1UdIwQY
MBaAFKx8wzT1HStutOJ9bVa5vOPoVWDMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckh6RE5QVWRLMjYwNG4xdFZybTg0LWhWWU13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9kZDU1ZTgtZmViZC00OWQwLWE1YTct
MWNmMTViMmJhN2JlLzEvQ1NKM01nb3hyTGJGYVF1NHIzc1MzWHJBX3hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9kZDU1ZTgtZmViZC00OWQwLWE1YTctMWNmMTViMmJhN2Jl
LzEvckh6RE5QVWRLMjYwNG4xdFZybTg0LWhWWU13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzBKBAIAATBEAwQCLVm0AwQD
LvMgAwQDTV+IAwQDTp/AAwQDTp/YAwQEUF5wMAwDBASTe1ADBASTe2ADBAK5KdQD
BAK5PQwDBATZE5AwDQQCAAIwBwMFACABG9AwDQYJKoZIhvcNAQELBQADggEBAGlk
nXJCNK2T4btzbAVsJal8FEPTtC/VP8oqj8VzV592eBBmAqUgVUCtQKfvy5UGrDzo
MqVXHBva7vxh1m005IRs/4Bl6RWy/fCkReqbOEclY5ggZcVc2p1nLysEm9ltShZX
+4qsKPTLBM19X/61TSnSD2IwyKs5dYlKo2bjpGOsnabDgFVzSRAOCJ4EOymdgZnu
gmJIXsd4KBcGAc3WzptqapNB+GdQVCnVDp+ZjdTJx2+eE+uCjK00npqIOwcSfHon
oulzCDcMdEQirSYfQLWy+fNmebo5oAIvKnRejyQQkAFmc2fC57l28cuEr7p/zpRl
jG0rG+lQyPd6FhZxp1k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:14 2024 by rpki-client on console-fra.rpki-client.org