Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/TpLGE2QTE6mNlViJo9OXdsI6SzI.roa
File: TpLGE2QTE6mNlViJo9OXdsI6SzI.roa (raw, json)
Hash identifier: pe7ymGcBpDrhC4X3OjQmyouSLxYiDhRqzGRK903G1Zs=
Subject key identifier: 4E:92:C6:13:64:13:13:A9:8D:95:58:89:A3:D3:97:76:C2:3A:4B:32
Certificate issuer: /CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Certificate serial: 01884D1C0FBD7C92C385A05C07FB7CF7CAD1
Authority key identifier: 46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/TpLGE2QTE6mNlViJo9OXdsI6SzI.roa
Signing time: Wed 24 May 2023 09:34:24 +0000
ROA not before: Wed 24 May 2023 09:34:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41789
IP address blocks: 45.82.14.0/23 maxlen: 23
185.239.48.0/23 maxlen: 23
185.239.49.0/24 maxlen: 24
185.239.48.0/24 maxlen: 24
185.250.44.0/23 maxlen: 23
185.250.46.0/23 maxlen: 23
193.39.168.0/24 maxlen: 24
193.39.171.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:4d:1c:0f:bd:7c:92:c3:85:a0:5c:07:fb:7c:f7:ca:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Validity
Not Before: May 24 09:34:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e92c613641313a98d955889a3d39776c23a4b32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:30:c6:26:03:99:c3:1d:61:60:d7:43:21:8c:
eb:35:9b:50:7b:d4:23:b3:a0:72:38:be:40:54:fe:
41:3b:13:01:4e:f6:bf:89:52:e3:dc:82:0d:f9:81:
8d:5c:cf:af:f8:e8:c1:41:f9:65:a5:f3:68:12:a7:
4a:a7:c0:e7:80:31:60:b5:04:62:39:43:26:87:82:
c1:69:05:89:f0:d2:43:3a:13:66:a7:11:4f:21:75:
f4:d0:ed:37:6d:78:ce:a7:e2:11:6c:41:b1:0b:e3:
34:47:43:21:d5:f1:82:10:2a:28:0c:fe:c6:19:61:
76:ea:e5:8b:45:3a:3a:ac:90:13:52:cc:55:66:79:
a8:0e:fa:29:ea:f0:79:ce:9d:31:52:0c:d9:86:43:
1c:50:f2:07:ee:fe:78:9e:cf:c8:c2:e4:06:4c:06:
1a:8c:63:de:1d:1d:38:75:ce:e6:44:ca:e2:cd:78:
93:2b:55:78:f5:69:70:4c:69:a4:77:19:59:ff:6c:
d5:b3:96:04:30:e2:ff:cf:9b:d7:a1:a0:98:1b:de:
40:9a:f4:f2:5f:19:c1:88:fa:15:91:c7:60:7a:49:
88:a9:ff:17:63:c8:62:ff:d3:21:db:ab:bb:4c:a1:
2b:7e:16:16:d0:d4:76:2f:c5:ca:92:96:12:5e:e8:
b7:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:92:C6:13:64:13:13:A9:8D:95:58:89:A3:D3:97:76:C2:3A:4B:32
X509v3 Authority Key Identifier:
keyid:46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/TpLGE2QTE6mNlViJo9OXdsI6SzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.14.0/23
185.239.48.0/23
185.250.44.0/22
193.39.168.0/24
193.39.171.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:9d:88:c7:13:63:ec:b8:17:07:4f:fd:84:1f:4c:be:64:46:
08:a8:2e:fe:0e:89:1a:66:fa:65:ec:a7:c5:90:5f:ea:23:5f:
30:8f:08:45:de:db:28:3a:cf:40:22:2a:b9:4e:48:87:0c:1d:
e5:7e:d5:6d:32:6f:cb:52:91:56:7a:56:61:9a:6d:be:89:0b:
6c:74:f0:5b:57:1c:c9:8e:dc:26:65:2b:5a:4c:e6:e6:f7:59:
8b:51:a5:0a:68:2d:00:43:0b:88:46:5d:ce:04:a5:d9:30:2b:
64:6e:ef:1d:17:3f:c3:ca:68:92:6d:bd:4c:9a:02:8e:3b:75:
0f:b5:77:17:27:42:f9:27:d6:74:63:b3:70:6e:5d:46:bb:91:
3c:cc:21:d4:69:25:59:eb:89:21:38:52:3b:bd:c5:b1:73:2f:
0b:ef:ef:2e:19:d0:69:70:07:58:7e:33:b9:bb:70:cd:5c:09:
3d:6b:cf:30:79:6a:7a:b8:da:63:7f:50:b0:d9:44:65:a8:1b:
16:d9:93:81:5b:63:73:f3:ca:bb:c1:59:63:36:f3:c6:a9:3f:
d4:51:d0:65:0f:61:49:c3:a5:e7:25:6a:88:81:16:de:fe:82:
f8:71:62:95:cf:a1:a6:7d:a3:0d:8a:c5:45:a1:0a:f9:35:b1:
f7:93:c0:6e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYhNHA+9fJLDhaBcB/t898rRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NWViYTVjMWE4MGY4NmE0NTg5Mjc4ZWRkOTMwNGIzZjUx
NjlmODMwHhcNMjMwNTI0MDkzNDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTkyYzYxMzY0MTMxM2E5OGQ5NTU4ODlhM2QzOTc3NmMyM2E0YjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0jDGJgOZwx1hYNdDIYzrNZtQe9Qj
s6ByOL5AVP5BOxMBTva/iVLj3IIN+YGNXM+v+OjBQfllpfNoEqdKp8DngDFgtQRi
OUMmh4LBaQWJ8NJDOhNmpxFPIXX00O03bXjOp+IRbEGxC+M0R0Mh1fGCECooDP7G
GWF26uWLRTo6rJATUsxVZnmoDvop6vB5zp0xUgzZhkMcUPIH7v54ns/IwuQGTAYa
jGPeHR04dc7mRMrizXiTK1V49WlwTGmkdxlZ/2zVs5YEMOL/z5vXoaCYG95AmvTy
XxnBiPoVkcdgekmIqf8XY8hi/9Mh26u7TKErfhYW0NR2L8XKkpYSXui3WQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFE6SxhNkExOpjZVYiaPTl3bCOksyMB8GA1UdIwQY
MBaAFEZeulwagPhqRYknjt2TBLP1Fp+DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQt
NWM0NzZlMzMyNWY1LzEvVHBMR0UyUVRFNm1ObFZpSm85T1hkc0k2U3pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQtNWM0NzZlMzMyNWY1
LzEvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBLVIOAwQB
ue8wAwQCufosAwQAwSeoAwQAwSerMA0GCSqGSIb3DQEBCwUAA4IBAQC4nYjHE2Ps
uBcHT/2EH0y+ZEYIqC7+DokaZvpl7KfFkF/qI18wjwhF3tsoOs9AIiq5TkiHDB3l
ftVtMm/LUpFWelZhmm2+iQtsdPBbVxzJjtwmZStaTObm91mLUaUKaC0AQwuIRl3O
BKXZMCtkbu8dFz/DymiSbb1MmgKOO3UPtXcXJ0L5J9Z0Y7Nwbl1Gu5E8zCHUaSVZ
64khOFI7vcWxcy8L7+8uGdBpcAdYfjO5u3DNXAk9a88weWp6uNpjf1Cw2URlqBsW
2ZOBW2Nz88q7wVljNvPGqT/UUdBlD2FJw6XnJWqIgRbe/oL4cWKVz6GmfaMNisVF
oQr5NbH3k8Bu
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:33 2023 by rpki-client on console-fra.rpki-client.org