Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/DBus-D-cvKxR_T_HCfce0gn0cjQ.roa
File: DBus-D-cvKxR_T_HCfce0gn0cjQ.roa (raw, json)
Hash identifier: +3BjzjbArr5z2XIZAhDXiSl/tIHnOf/3XXFnfz2cUd8=
Subject key identifier: 0C:1B:AC:F8:3F:9C:BC:AC:51:FD:3F:C7:09:F7:1E:D2:09:F4:72:34
Certificate issuer: /CN=a811a2c9fc8de9679bb158581b10ceaee91ff791
Certificate serial: 01856CE6250ECACA24CC5FFB33422037C574
Authority key identifier: A8:11:A2:C9:FC:8D:E9:67:9B:B1:58:58:1B:10:CE:AE:E9:1F:F7:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qBGiyfyN6WebsVhYGxDOrukf95E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/DBus-D-cvKxR_T_HCfce0gn0cjQ.roa
Signing time: Sun 01 Jan 2023 10:35:00 +0000
ROA not before: Sun 01 Jan 2023 10:35:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34393
IP address blocks: 45.85.184.0/22 maxlen: 22
95.215.24.0/21 maxlen: 21
95.215.20.0/22 maxlen: 22
195.177.64.0/22 maxlen: 22
195.177.84.0/22 maxlen: 22
2001:67c:2f64::/48 maxlen: 48
2a0e:c980::/29 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:25:0e:ca:ca:24:cc:5f:fb:33:42:20:37:c5:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a811a2c9fc8de9679bb158581b10ceaee91ff791
Validity
Not Before: Jan 1 10:35:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c1bacf83f9cbcac51fd3fc709f71ed209f47234
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:69:0d:36:b7:be:b7:cd:01:28:e7:4a:9b:a4:
98:2b:94:fa:7c:96:06:5d:4f:3e:a0:d0:86:28:94:
b7:f6:e9:e4:f5:f0:5d:bf:46:e0:8e:1b:f8:e9:2e:
0b:8b:06:d4:5b:0d:b4:d9:4f:8f:a2:7a:11:bc:d4:
ea:00:56:ae:77:1f:8d:60:49:cd:2f:f5:3b:03:b7:
3a:4b:5f:ad:5c:9c:09:1b:48:11:1e:22:3c:40:b7:
e4:d7:68:86:ce:f0:6b:dd:17:0d:63:e6:8f:20:81:
ad:de:f0:63:67:71:05:6d:c5:9d:9b:b7:db:ba:12:
c5:d3:8a:6b:95:6b:a8:f3:e6:37:95:8e:d2:4c:6c:
60:28:b2:75:be:69:bf:83:91:04:c1:86:76:33:96:
2f:d9:4e:3f:ef:86:66:2d:c8:2b:3a:5b:16:fa:2a:
e0:d7:8e:32:e6:d0:ee:cb:f0:b0:61:2d:3b:f5:31:
71:31:22:b4:59:7c:fe:1a:9d:a2:48:14:50:ff:6c:
73:00:e0:9c:8e:8d:73:2a:bb:b8:fa:d2:8e:b7:ee:
89:fe:0a:ce:3a:0f:fd:a1:34:da:3a:1e:b1:9b:dd:
56:30:51:a1:3e:04:0f:f2:af:c4:2e:86:79:3f:bf:
c1:ab:09:26:35:ff:60:ec:08:4f:ef:1f:5f:40:3a:
4f:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:1B:AC:F8:3F:9C:BC:AC:51:FD:3F:C7:09:F7:1E:D2:09:F4:72:34
X509v3 Authority Key Identifier:
keyid:A8:11:A2:C9:FC:8D:E9:67:9B:B1:58:58:1B:10:CE:AE:E9:1F:F7:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qBGiyfyN6WebsVhYGxDOrukf95E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/DBus-D-cvKxR_T_HCfce0gn0cjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/qBGiyfyN6WebsVhYGxDOrukf95E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.184.0/22
95.215.20.0-95.215.31.255
195.177.64.0/22
195.177.84.0/22
IPv6:
2001:67c:2f64::/48
2a0e:c980::/29
Signature Algorithm: sha256WithRSAEncryption
55:da:ef:0b:f8:02:f7:3e:03:b7:3f:cd:b9:a4:ff:24:af:d0:
70:da:1a:17:da:ec:0b:a4:09:a2:2e:1a:2a:82:75:4d:f5:d4:
e2:99:c1:89:e6:b0:2f:3a:eb:95:61:ab:0a:52:bd:1e:66:56:
7a:bf:a3:3a:d9:62:dd:33:2f:2a:b6:cd:e5:eb:ae:3a:73:b6:
51:2b:60:11:34:c6:ab:df:37:8a:c4:20:a1:3f:d6:9d:9b:7d:
c3:5d:14:44:33:db:83:21:54:43:20:97:c7:8b:a5:17:a8:91:
7a:16:c2:bd:90:80:bf:47:cf:7a:8e:d1:06:70:31:de:66:f4:
24:fe:68:f5:40:f5:67:43:be:46:dc:24:ba:ff:87:0b:aa:02:
b1:47:6f:db:98:89:cd:92:73:d5:79:86:53:94:9f:dd:24:a7:
c6:19:c4:57:62:79:f5:8b:d7:98:d4:6e:42:8a:a3:b9:8f:fd:
af:73:19:06:81:57:f6:8a:90:6f:93:82:cf:ea:aa:c4:98:d1:
43:d6:de:67:f8:07:39:22:72:16:7b:e1:91:b9:4c:97:15:dd:
53:16:2d:9a:66:61:46:16:1c:11:c2:7d:dd:71:79:c6:07:38:
b6:b6:00:65:a5:7e:66:44:5b:7e:b3:f8:92:57:f9:bd:ef:d6:
bd:45:02:db
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYVs5iUOysokzF/7M0IgN8V0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MTFhMmM5ZmM4ZGU5Njc5YmIxNTg1ODFiMTBjZWFlZTkx
ZmY3OTEwHhcNMjMwMTAxMTAzNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzFiYWNmODNmOWNiY2FjNTFmZDNmYzcwOWY3MWVkMjA5ZjQ3MjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWkNNre+t80BKOdKm6SYK5T6fJYG
XU8+oNCGKJS39unk9fBdv0bgjhv46S4LiwbUWw202U+PonoRvNTqAFaudx+NYEnN
L/U7A7c6S1+tXJwJG0gRHiI8QLfk12iGzvBr3RcNY+aPIIGt3vBjZ3EFbcWdm7fb
uhLF04prlWuo8+Y3lY7STGxgKLJ1vmm/g5EEwYZ2M5Yv2U4/74ZmLcgrOlsW+irg
144y5tDuy/CwYS079TFxMSK0WXz+Gp2iSBRQ/2xzAOCcjo1zKru4+tKOt+6J/grO
Og/9oTTaOh6xm91WMFGhPgQP8q/ELoZ5P7/BqwkmNf9g7AhP7x9fQDpPIwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFAwbrPg/nLysUf0/xwn3HtIJ9HI0MB8GA1UdIwQY
MBaAFKgRosn8jelnm7FYWBsQzq7pH/eRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUJHaXlmeU42V2Vic1ZoWUd4RE9ydWtmOTVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS8xZGVjYjMtMTU5My00NWRiLWFmNTYt
MGNjNGMwMDAwODU4LzEvREJ1cy1ELWN2S3hSX1RfSENmY2UwZ24wY2pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS8xZGVjYjMtMTU5My00NWRiLWFmNTYtMGNjNGMwMDAwODU4
LzEvcUJHaXlmeU42V2Vic1ZoWUd4RE9ydWtmOTVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAmBAIAATAgAwQCLVW4MAwD
BAJf1xQDBAVf1wADBALDsUADBALDsVQwFgQCAAIwEAMHACABBnwvZAMFAyoOyYAw
DQYJKoZIhvcNAQELBQADggEBAFXa7wv4Avc+A7c/zbmk/ySv0HDaGhfa7AukCaIu
GiqCdU311OKZwYnmsC8665VhqwpSvR5mVnq/ozrZYt0zLyq2zeXrrjpztlErYBE0
xqvfN4rEIKE/1p2bfcNdFEQz24MhVEMgl8eLpReokXoWwr2QgL9Hz3qO0QZwMd5m
9CT+aPVA9WdDvkbcJLr/hwuqArFHb9uYic2Sc9V5hlOUn90kp8YZxFdiefWL15jU
bkKKo7mP/a9zGQaBV/aKkG+Tgs/qqsSY0UPW3mf4BzkichZ74ZG5TJcV3VMWLZpm
YUYWHBHCfd1xecYHOLa2AGWlfmZEW36z+JJX+b3v1r1FAts=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:59 2024 by rpki-client on console-fra.rpki-client.org