Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/2O6MGc0lDPr2RIbbVEsHpVPnY14.roa
File: 2O6MGc0lDPr2RIbbVEsHpVPnY14.roa (raw, json)
Hash identifier: bU929LB1ZAADAzT0Xxwrb7ouMFnvvDPCylR/yK35n4U=
Subject key identifier: D8:EE:8C:19:CD:25:0C:FA:F6:44:86:DB:54:4B:07:A5:53:E7:63:5E
Certificate issuer: /CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Certificate serial: 018727DBE982AC243B5BF00966A08F79674C
Authority key identifier: 46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/2O6MGc0lDPr2RIbbVEsHpVPnY14.roa
Signing time: Tue 28 Mar 2023 10:55:36 +0000
ROA not before: Tue 28 Mar 2023 10:55:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41789
IP address blocks: 45.82.14.0/23 maxlen: 23
185.233.186.0/24 maxlen: 24
185.250.44.0/23 maxlen: 23
185.250.46.0/23 maxlen: 23
193.39.168.0/24 maxlen: 24
193.39.171.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:27:db:e9:82:ac:24:3b:5b:f0:09:66:a0:8f:79:67:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Validity
Not Before: Mar 28 10:55:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8ee8c19cd250cfaf64486db544b07a553e7635e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b4:33:a5:8d:f5:70:e1:76:55:3c:a1:de:a8:
12:4d:25:ba:db:69:69:07:89:fd:51:b2:aa:7d:5a:
10:fc:29:9e:34:01:8d:cb:c0:22:48:4b:be:e7:fa:
ea:53:f9:61:ba:df:2e:84:c4:79:16:21:4d:75:b3:
38:58:c9:20:f9:80:b1:96:e3:8f:93:f4:72:4f:da:
0e:40:7a:f9:c2:bb:95:bc:ab:1b:eb:22:95:27:e5:
d1:45:a1:cf:c3:6e:9f:3c:e1:3e:2e:53:b3:0c:fd:
ae:19:9f:52:db:1b:37:83:e1:de:f7:ea:87:2a:a3:
84:4a:33:da:c2:54:37:ff:49:89:04:52:1d:df:bd:
4a:8c:19:02:c0:e8:a8:d8:9a:83:b4:54:c0:7f:b9:
d8:89:e4:a4:ad:d7:7a:e0:bd:ff:d7:b9:91:90:fa:
e4:a4:07:2a:a0:2f:79:c2:6d:4d:f0:fe:42:33:9a:
ba:17:da:68:49:fa:5b:df:ab:33:46:ba:25:8c:5e:
a6:a6:85:de:43:1d:46:b7:09:73:11:bf:e6:67:1c:
9a:45:5b:13:cf:95:4c:95:ab:6d:c0:12:9e:ef:32:
ac:3d:3e:aa:6f:25:6a:94:5f:c6:e2:d4:bd:38:2e:
3d:61:e3:3b:a9:a6:61:d4:55:13:4b:f5:6b:66:5b:
cc:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:EE:8C:19:CD:25:0C:FA:F6:44:86:DB:54:4B:07:A5:53:E7:63:5E
X509v3 Authority Key Identifier:
keyid:46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/2O6MGc0lDPr2RIbbVEsHpVPnY14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.14.0/23
185.233.186.0/24
185.250.44.0/22
193.39.168.0/24
193.39.171.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:30:14:2b:fb:a2:bd:79:66:ec:3d:32:c5:98:e1:c6:64:e2:
09:3a:02:fd:4e:e7:c7:2e:fb:7a:71:02:b5:b9:81:51:86:aa:
d5:e8:57:d2:a6:b8:53:1a:9b:a3:89:1f:80:52:d9:f9:87:1b:
bb:13:08:a6:cc:d1:30:cc:37:69:69:5f:83:19:4d:a6:a0:c3:
9e:71:55:94:65:55:89:f3:79:25:71:7c:5c:f8:33:c4:ca:09:
5e:6d:9d:d3:d6:e5:f3:f3:8f:73:c7:26:e6:d8:a3:a7:e9:1e:
3e:ed:ad:2c:72:a8:31:9f:06:09:e0:9d:15:32:60:ca:9f:27:
f3:e6:93:c1:da:c8:d5:b0:8f:93:d7:23:61:a6:60:3b:e3:17:
3c:a2:e2:12:8e:56:7d:f3:da:8b:19:33:e7:73:80:84:00:11:
d5:dd:d4:c3:e2:83:35:59:8a:a9:f6:72:8a:b1:b2:52:0b:2a:
c9:4e:a0:3f:d8:53:f1:f8:67:14:68:7f:1e:1f:6d:6a:a5:fa:
f7:7e:f2:e9:e3:67:21:66:1d:3d:a6:b7:16:14:67:c4:cb:4e:
6f:c5:5d:32:ed:4e:ac:a0:2d:f3:27:3f:d5:e7:1d:b0:46:b9:
d8:1b:21:6c:2e:e7:f4:41:ec:3a:fc:10:b9:e7:7d:43:52:21:
a7:2f:b5:fc
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYcn2+mCrCQ7W/AJZqCPeWdMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NWViYTVjMWE4MGY4NmE0NTg5Mjc4ZWRkOTMwNGIzZjUx
NjlmODMwHhcNMjMwMzI4MTA1NTM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGVlOGMxOWNkMjUwY2ZhZjY0NDg2ZGI1NDRiMDdhNTUzZTc2MzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLQzpY31cOF2VTyh3qgSTSW622lp
B4n9UbKqfVoQ/CmeNAGNy8AiSEu+5/rqU/lhut8uhMR5FiFNdbM4WMkg+YCxluOP
k/RyT9oOQHr5wruVvKsb6yKVJ+XRRaHPw26fPOE+LlOzDP2uGZ9S2xs3g+He9+qH
KqOESjPawlQ3/0mJBFId371KjBkCwOio2JqDtFTAf7nYieSkrdd64L3/17mRkPrk
pAcqoC95wm1N8P5CM5q6F9poSfpb36szRroljF6mpoXeQx1GtwlzEb/mZxyaRVsT
z5VMlattwBKe7zKsPT6qbyVqlF/G4tS9OC49YeM7qaZh1FUTS/VrZlvMPwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNjujBnNJQz69kSG21RLB6VT52NeMB8GA1UdIwQY
MBaAFEZeulwagPhqRYknjt2TBLP1Fp+DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQt
NWM0NzZlMzMyNWY1LzEvMk82TUdjMGxEUHIyUkliYlZFc0hwVlBuWTE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQtNWM0NzZlMzMyNWY1
LzEvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBLVIOAwQA
uem6AwQCufosAwQAwSeoAwQAwSerMA0GCSqGSIb3DQEBCwUAA4IBAQBMMBQr+6K9
eWbsPTLFmOHGZOIJOgL9TufHLvt6cQK1uYFRhqrV6FfSprhTGpujiR+AUtn5hxu7
EwimzNEwzDdpaV+DGU2moMOecVWUZVWJ83klcXxc+DPEyglebZ3T1uXz849zxybm
2KOn6R4+7a0scqgxnwYJ4J0VMmDKnyfz5pPB2sjVsI+T1yNhpmA74xc8ouISjlZ9
89qLGTPnc4CEABHV3dTD4oM1WYqp9nKKsbJSCyrJTqA/2FPx+GcUaH8eH21qpfr3
fvLp42chZh09prcWFGfEy05vxV0y7U6soC3zJz/V5x2wRrnYGyFsLuf0Qew6/BC5
531DUiGnL7X8
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:33 2023 by rpki-client on console-fra.rpki-client.org