Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/Db5IuDHLyW2a7lsKFxkvEqkOKQg.roa
File: Db5IuDHLyW2a7lsKFxkvEqkOKQg.roa (raw, json)
Hash identifier: xu7Obyu8hMpCQ9bh7b2pqmX6oFDfA3iZWPGn3sXa+rA=
Subject key identifier: 0D:BE:48:B8:31:CB:C9:6D:9A:EE:5B:0A:17:19:2F:12:A9:0E:29:08
Certificate issuer: /CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Certificate serial: 01857BB07C687C76400B86DD649E962F9A0F
Authority key identifier: 46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/Db5IuDHLyW2a7lsKFxkvEqkOKQg.roa
Signing time: Wed 04 Jan 2023 07:30:41 +0000
ROA not before: Wed 04 Jan 2023 07:30:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 395800
IP address blocks: 185.244.50.0/24 maxlen: 24
185.244.48.0/24 maxlen: 24
193.39.168.0/24 maxlen: 24
193.39.170.0/24 maxlen: 24
194.187.120.0/24 maxlen: 24
91.200.151.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:7b:b0:7c:68:7c:76:40:0b:86:dd:64:9e:96:2f:9a:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Validity
Not Before: Jan 4 07:30:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0dbe48b831cbc96d9aee5b0a17192f12a90e2908
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:a5:db:59:fa:93:21:5f:3b:40:72:36:e9:f0:
16:3a:59:56:b2:bc:82:79:62:c3:4c:9e:12:9a:0d:
30:71:23:06:49:d7:5b:52:e8:bb:0c:e4:5b:ab:20:
05:6f:9c:e7:03:57:05:49:dd:28:d8:0b:7b:9e:1c:
1f:99:4a:63:8b:db:e6:c8:c3:3e:e2:c2:d1:8f:ef:
a1:df:a8:2b:dd:16:31:27:07:3c:a3:fc:33:df:0d:
b6:a6:f7:46:b9:5a:47:7b:81:1a:6f:92:f8:ab:87:
64:17:43:ea:b8:b6:eb:2a:a3:13:1f:16:a5:fa:58:
1c:23:0e:32:84:4c:39:2a:05:f7:a3:e6:0f:01:88:
e1:64:ed:64:69:06:86:52:5b:4e:dd:b8:64:2d:a7:
e9:09:d1:ab:bb:62:0a:8c:55:58:79:a8:f3:ed:2e:
74:29:d1:70:36:d3:2b:c6:cf:bd:ca:c1:23:ef:7c:
81:70:1f:d0:f1:49:54:a7:cf:a3:91:5b:6b:6d:a7:
0d:41:8c:ed:ff:df:a6:6e:5c:d0:6c:8a:98:23:03:
db:65:e3:17:3d:2e:e4:49:31:a8:67:4d:4a:b3:87:
27:b9:9f:2b:d8:ae:59:a8:73:ae:e0:c3:04:74:44:
fe:5b:e6:67:de:c7:75:76:44:06:31:78:60:53:15:
b0:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:BE:48:B8:31:CB:C9:6D:9A:EE:5B:0A:17:19:2F:12:A9:0E:29:08
X509v3 Authority Key Identifier:
keyid:46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/Db5IuDHLyW2a7lsKFxkvEqkOKQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.151.0/24
185.244.48.0/24
185.244.50.0/24
193.39.168.0/24
193.39.170.0/24
194.187.120.0/24
Signature Algorithm: sha256WithRSAEncryption
73:a5:14:5c:fd:1e:ae:ee:ac:6f:89:b7:0f:7e:d4:77:b7:7f:
a9:23:e2:c6:88:c7:ed:5e:b7:38:dc:dd:b7:27:5e:ed:99:12:
a7:7e:3f:77:20:20:6a:13:d0:01:b3:c6:e0:cb:bd:49:7d:4e:
6f:d6:13:b0:06:24:78:3b:11:f2:9d:2d:18:74:04:a3:f7:6b:
bd:a3:3f:6c:67:8f:40:a4:04:8b:29:67:76:e7:e6:fb:2c:05:
ee:64:53:d6:b2:e3:ec:3b:db:a4:8f:73:f7:b3:86:81:0b:c4:
46:74:92:8e:70:ac:e2:5c:61:ef:e9:6a:16:05:4e:65:74:13:
34:cd:2c:a6:81:3b:74:74:df:5e:f1:a0:bb:4a:0d:3c:ab:ba:
ed:31:5b:45:83:88:15:91:e6:5c:51:64:a1:ac:89:37:61:c0:
62:64:06:79:07:f1:36:a0:ba:95:1d:42:78:45:be:b4:15:c7:
3b:75:4d:73:d4:69:65:c3:66:41:2b:88:ad:bd:51:8c:40:75:
a1:65:57:ef:bf:88:5a:54:53:2f:27:19:be:06:d7:9f:ce:da:
f6:a4:84:39:45:11:22:2a:d7:1f:db:b8:b6:56:f9:90:37:38:
d5:0b:aa:1e:3a:07:88:d3:95:f7:69:fe:9f:5f:6d:f5:89:4e:
7b:08:55:cb
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYV7sHxofHZAC4bdZJ6WL5oPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NWViYTVjMWE4MGY4NmE0NTg5Mjc4ZWRkOTMwNGIzZjUx
NjlmODMwHhcNMjMwMTA0MDczMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGJlNDhiODMxY2JjOTZkOWFlZTViMGExNzE5MmYxMmE5MGUyOTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqXbWfqTIV87QHI26fAWOllWsryC
eWLDTJ4Smg0wcSMGSddbUui7DORbqyAFb5znA1cFSd0o2At7nhwfmUpji9vmyMM+
4sLRj++h36gr3RYxJwc8o/wz3w22pvdGuVpHe4Eab5L4q4dkF0PquLbrKqMTHxal
+lgcIw4yhEw5KgX3o+YPAYjhZO1kaQaGUltO3bhkLafpCdGru2IKjFVYeajz7S50
KdFwNtMrxs+9ysEj73yBcB/Q8UlUp8+jkVtrbacNQYzt/9+mblzQbIqYIwPbZeMX
PS7kSTGoZ01Ks4cnuZ8r2K5ZqHOu4MMEdET+W+Zn3sd1dkQGMXhgUxWwIwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFA2+SLgxy8ltmu5bChcZLxKpDikIMB8GA1UdIwQY
MBaAFEZeulwagPhqRYknjt2TBLP1Fp+DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQt
NWM0NzZlMzMyNWY1LzEvRGI1SXVESEx5VzJhN2xzS0Z4a3ZFcWtPS1FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQtNWM0NzZlMzMyNWY1
LzEvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAW8iXAwQA
ufQwAwQAufQyAwQAwSeoAwQAwSeqAwQAwrt4MA0GCSqGSIb3DQEBCwUAA4IBAQBz
pRRc/R6u7qxvibcPftR3t3+pI+LGiMftXrc43N23J17tmRKnfj93ICBqE9ABs8bg
y71JfU5v1hOwBiR4OxHynS0YdASj92u9oz9sZ49ApASLKWd25+b7LAXuZFPWsuPs
O9ukj3P3s4aBC8RGdJKOcKziXGHv6WoWBU5ldBM0zSymgTt0dN9e8aC7Sg08q7rt
MVtFg4gVkeZcUWShrIk3YcBiZAZ5B/E2oLqVHUJ4Rb60Fcc7dU1z1Gllw2ZBK4it
vVGMQHWhZVfvv4haVFMvJxm+Btefztr2pIQ5RREiKtcf27i2VvmQNzjVC6oeOgeI
05X3af6fX231iU57CFXL
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:19 2023 by rpki-client on console-ams.rpki-client.org