Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/pB54pbK5-z0Dji33_NKEwXMdLXY.roa
File: pB54pbK5-z0Dji33_NKEwXMdLXY.roa (raw, json)
Hash identifier: rjSOutEoDbokFO6bo1/BqBznavZuUyl+ld7aCPdIcjI=
Subject key identifier: A4:1E:78:A5:B2:B9:FB:3D:03:8E:2D:F7:FC:D2:84:C1:73:1D:2D:76
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 01856FD51C2364C579CC20D941D405C277A0
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/pB54pbK5-z0Dji33_NKEwXMdLXY.roa
Signing time: Mon 02 Jan 2023 00:15:15 +0000
ROA not before: Mon 02 Jan 2023 00:15:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40975
IP address blocks: 93.115.108.0/24 maxlen: 24
46.102.104.0/24 maxlen: 24
46.102.235.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:1c:23:64:c5:79:cc:20:d9:41:d4:05:c2:77:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 2 00:15:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a41e78a5b2b9fb3d038e2df7fcd284c1731d2d76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:5d:d1:a7:00:10:68:6b:30:e2:e6:00:bc:19:
10:af:3a:a2:ba:14:3e:63:bb:42:aa:ce:9d:e6:38:
d6:69:c3:9e:af:ef:6a:cc:73:50:e8:d4:d6:bf:05:
26:02:8e:cc:f8:99:da:6b:5e:34:ca:8c:8b:a8:72:
2d:ec:a8:af:c7:9d:d4:d7:ec:14:5f:ff:e8:99:87:
d5:fa:91:1d:a4:66:3a:0a:e6:4f:79:f7:c1:37:b2:
c7:a5:3d:99:64:9f:0f:cf:9a:3b:b6:73:d2:58:0d:
c9:15:93:0a:75:06:8a:5b:70:9b:52:00:8b:23:ac:
a9:7a:a4:99:6d:e5:4d:78:bc:93:67:00:b3:16:f0:
52:92:16:fb:46:a1:1d:05:9f:f1:ec:6f:1e:e7:5a:
16:21:d6:f1:9f:86:a7:6b:f7:7c:64:70:95:b0:e4:
f0:a3:98:1e:6b:a4:ed:99:f9:a7:88:f8:00:22:05:
20:57:7d:cc:14:53:15:6d:2b:1d:1a:79:8e:fe:66:
e8:a4:cb:e9:39:4a:24:37:68:a5:ca:76:8d:b4:d1:
89:89:4b:2d:4f:b7:9e:b6:97:94:b4:d0:34:6e:e6:
10:26:35:fa:ab:ce:60:00:47:4c:a0:be:ee:07:ee:
da:ed:83:2f:e9:12:fe:02:0c:b5:62:ae:66:12:36:
28:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:1E:78:A5:B2:B9:FB:3D:03:8E:2D:F7:FC:D2:84:C1:73:1D:2D:76
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/pB54pbK5-z0Dji33_NKEwXMdLXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.104.0/24
46.102.235.0/24
93.115.108.0/24
Signature Algorithm: sha256WithRSAEncryption
ed:17:f2:e7:7b:14:a2:09:62:19:40:46:d8:58:f1:93:1d:06:
a8:33:88:e2:6b:e9:bb:23:16:9e:48:3e:2d:84:7d:16:44:40:
cd:fc:38:7a:40:38:df:b6:ad:23:8c:f5:36:e1:cc:db:49:c5:
66:a9:fd:2a:0d:bc:c7:c2:03:34:ad:9c:bd:f6:47:0c:76:13:
38:92:6d:9c:9d:bf:06:67:5a:21:f4:d0:1f:b5:f5:b8:0b:b9:
24:b3:01:7b:70:5c:d7:db:29:35:12:95:9c:e8:da:a2:a1:21:
78:9b:18:eb:8c:43:38:86:87:3e:27:ba:02:f3:c1:73:76:2f:
ae:1f:31:6f:03:8b:83:b3:d9:35:07:19:49:c9:1d:71:2f:e5:
19:f5:25:81:5e:d7:65:fd:f8:0e:eb:03:c5:46:d6:c3:93:27:
cd:ec:32:96:d5:52:e5:06:6c:13:de:e1:65:ee:53:33:09:7e:
e9:7b:1a:a6:42:aa:04:0e:de:48:39:34:65:af:aa:93:63:13:
8a:58:d4:9d:01:00:52:92:7b:a8:69:7e:a2:62:3b:f0:52:be:
87:50:a1:a3:f7:89:e5:fb:12:b5:04:3e:59:84:ae:55:b6:b6:
d7:43:4d:76:e2:85:62:29:90:6e:0a:e4:2a:b5:0b:c3:83:b6:
2c:cc:0e:4b
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVv1RwjZMV5zCDZQdQFwnegMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjMwMTAyMDAxNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDFlNzhhNWIyYjlmYjNkMDM4ZTJkZjdmY2QyODRjMTczMWQyZDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn13RpwAQaGsw4uYAvBkQrzqiuhQ+
Y7tCqs6d5jjWacOer+9qzHNQ6NTWvwUmAo7M+Jnaa140yoyLqHIt7Kivx53U1+wU
X//omYfV+pEdpGY6CuZPeffBN7LHpT2ZZJ8Pz5o7tnPSWA3JFZMKdQaKW3CbUgCL
I6ypeqSZbeVNeLyTZwCzFvBSkhb7RqEdBZ/x7G8e51oWIdbxn4ana/d8ZHCVsOTw
o5gea6TtmfmniPgAIgUgV33MFFMVbSsdGnmO/mbopMvpOUokN2ilynaNtNGJiUst
T7eetpeUtNA0buYQJjX6q85gAEdMoL7uB+7a7YMv6RL+Agy1Yq5mEjYoRwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFKQeeKWyufs9A44t9/zShMFzHS12MB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL3BCNTRwYks1LXowRGppMzNfTktFd1hNZExYWS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBAAuZmgD
BAAuZusDBABdc2wwDQYJKoZIhvcNAQELBQADggEBAO0X8ud7FKIJYhlARthY8ZMd
BqgziOJr6bsjFp5IPi2EfRZEQM38OHpAON+2rSOM9TbhzNtJxWap/SoNvMfCAzSt
nL32Rwx2EziSbZydvwZnWiH00B+19bgLuSSzAXtwXNfbKTUSlZzo2qKhIXibGOuM
QziGhz4nugLzwXN2L64fMW8Di4Oz2TUHGUnJHXEv5Rn1JYFe12X9+A7rA8VG1sOT
J83sMpbVUuUGbBPe4WXuUzMJful7GqZCqgQO3kg5NGWvqpNjE4pY1J0BAFKSe6hp
fqJiO/BSvodQoaP3ieX7ErUEPlmErlW2ttdDTXbihWIpkG4K5Cq1C8ODtizMDks=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:52 2024 by rpki-client on console-ams.rpki-client.org