Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/W_6X8e49bz7ZWf9XWgesvEWwruY.roa
File: W_6X8e49bz7ZWf9XWgesvEWwruY.roa (raw, json)
Hash identifier: Dc6bSbKqbj3lea/EiZNKiSrKJoTJaCIVLmcKfY6Zk74=
Subject key identifier: 5B:FE:97:F1:EE:3D:6F:3E:D9:59:FF:57:5A:07:AC:BC:45:B0:AE:E6
Certificate issuer: /CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Certificate serial: 058D927E
Authority key identifier: 46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/W_6X8e49bz7ZWf9XWgesvEWwruY.roa
Signing time: Wed 02 Feb 2022 16:52:52 +0000
ROA not before: Wed 02 Feb 2022 16:52:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 45.82.13.0/24 maxlen: 24
193.39.171.0/24 maxlen: 24
194.187.122.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93164158 (0x58d927e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Validity
Not Before: Feb 2 16:52:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5bfe97f1ee3d6f3ed959ff575a07acbc45b0aee6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:74:66:c6:75:d3:1c:fc:e3:70:de:80:ae:8a:
16:06:10:78:75:b9:e6:73:9a:1c:f1:c3:d0:1a:99:
f6:b9:13:ec:29:33:3f:c2:97:3a:5a:59:29:65:b7:
ff:06:dd:69:df:73:da:c6:87:5a:3a:0f:90:a7:45:
f0:a2:80:f1:eb:13:ae:75:3a:fe:53:61:58:f2:00:
6e:59:35:5d:49:fd:d8:0d:8d:8b:5e:6f:7b:19:ad:
06:22:e0:92:48:d1:ef:86:82:55:15:57:ec:6d:10:
e7:8e:8a:08:3e:df:3c:5d:4f:9e:7d:23:e2:a5:b5:
76:70:61:b4:81:4a:55:dd:3e:c5:78:ca:27:72:3d:
9f:77:0b:ef:ee:a2:16:2f:9b:25:ee:68:47:40:18:
fe:f1:d5:e4:c0:b2:8f:de:58:0c:ce:91:4e:c4:09:
38:12:8c:22:30:f8:c3:84:d0:b4:cb:f8:0d:76:fb:
5f:fc:1f:0b:6e:2d:0b:43:01:a9:75:23:ef:3f:a6:
ec:e7:d5:58:71:85:ca:cf:03:17:57:97:61:cf:35:
9b:72:1b:2e:6f:53:01:c1:f0:a6:41:e3:33:1c:f9:
6a:97:3f:d8:d9:2f:2e:80:9e:b9:0e:97:dd:63:15:
65:b2:b8:3d:37:a3:7b:c1:d0:e2:40:b3:34:26:c3:
44:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:FE:97:F1:EE:3D:6F:3E:D9:59:FF:57:5A:07:AC:BC:45:B0:AE:E6
X509v3 Authority Key Identifier:
keyid:46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/W_6X8e49bz7ZWf9XWgesvEWwruY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.13.0/24
193.39.171.0/24
194.187.122.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:c8:e0:46:ff:2e:48:93:b7:7e:af:8e:b2:91:bd:01:fb:7a:
93:3a:aa:9b:52:c8:67:f3:20:1c:bc:91:6c:ca:06:54:9f:82:
34:a6:d0:d8:15:a4:0b:33:bb:38:ef:ed:3d:fc:89:13:7b:15:
fc:bd:5f:46:59:3a:c4:eb:91:24:15:60:75:b4:7d:62:ad:ae:
c2:6e:db:7e:16:16:e8:5f:ef:f6:68:48:fe:25:a2:3c:87:19:
ec:f0:4d:e4:74:80:27:6c:c5:5b:93:f6:9d:4d:b5:9b:8f:e1:
95:20:61:5f:e5:cd:ae:12:a1:3e:f1:2c:6d:1f:21:d5:fe:58:
29:5e:22:c1:33:2c:8f:1c:c1:f8:e4:58:aa:ac:7a:ca:e0:fe:
6a:c7:5e:39:2b:e6:17:46:07:17:65:d3:9a:86:67:b3:20:3d:
47:94:89:8f:c0:8d:4e:37:c9:2c:e6:50:c7:aa:b6:0b:f6:af:
e9:65:8d:69:09:74:d3:40:38:5b:28:66:78:e3:fa:58:8f:54:
ef:e4:3d:33:83:cc:6b:68:96:55:f3:4a:e0:00:70:49:f9:ec:
14:9d:9b:a9:43:11:8a:ea:6f:42:01:ed:4e:30:85:f9:99:f7:
b4:76:03:8c:e7:eb:75:33:ec:70:24:0b:8d:9b:8b:9f:51:46:
09:e3:a9:96
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEBY2SfjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NjVlYmE1YzFhODBmODZhNDU4OTI3OGVkZDkzMDRiM2Y1MTY5ZjgzMB4XDTIyMDIw
MjE2NTI1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWJmZTk3ZjFlZTNk
NmYzZWQ5NTlmZjU3NWEwN2FjYmM0NWIwYWVlNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKp0ZsZ10xz843DegK6KFgYQeHW55nOaHPHD0BqZ9rkT7Ckz
P8KXOlpZKWW3/wbdad9z2saHWjoPkKdF8KKA8esTrnU6/lNhWPIAblk1XUn92A2N
i15vexmtBiLgkkjR74aCVRVX7G0Q546KCD7fPF1Pnn0j4qW1dnBhtIFKVd0+xXjK
J3I9n3cL7+6iFi+bJe5oR0AY/vHV5MCyj95YDM6RTsQJOBKMIjD4w4TQtMv4DXb7
X/wfC24tC0MBqXUj7z+m7OfVWHGFys8DF1eXYc81m3IbLm9TAcHwpkHjMxz5apc/
2NkvLoCeuQ6X3WMVZbK4PTeje8HQ4kCzNCbDRI0CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBRb/pfx7j1vPtlZ/1daB6y8RbCu5jAfBgNVHSMEGDAWgBRGXrpcGoD4akWJ
J47dkwSz9RafgzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JsNjZYQnFBLUdwRmlTZU8zWk1Fc19VV240TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTIvYzEyYTdiLTVjYWYtNGU3Yy05NzBkLTVjNDc2ZTMzMjVmNS8x
L1dfNlg4ZTQ5Yno3WldmOVhXZ2VzdkVXd3J1WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTIv
YzEyYTdiLTVjYWYtNGU3Yy05NzBkLTVjNDc2ZTMzMjVmNS8xL1JsNjZYQnFBLUdw
RmlTZU8zWk1Fc19VV240TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAC1SDQMEAMEnqwMEAMK7ejANBgkq
hkiG9w0BAQsFAAOCAQEAo8jgRv8uSJO3fq+OspG9Aft6kzqqm1LIZ/MgHLyRbMoG
VJ+CNKbQ2BWkCzO7OO/tPfyJE3sV/L1fRlk6xOuRJBVgdbR9Yq2uwm7bfhYW6F/v
9mhI/iWiPIcZ7PBN5HSAJ2zFW5P2nU21m4/hlSBhX+XNrhKhPvEsbR8h1f5YKV4i
wTMsjxzB+ORYqqx6yuD+asdeOSvmF0YHF2XTmoZnsyA9R5SJj8CNTjfJLOZQx6q2
C/av6WWNaQl000A4WyhmeOP6WI9U7+Q9M4PMa2iWVfNK4ABwSfnsFJ2bqUMRiupv
QgHtTjCF+Zn3tHYDjOfrdTPscCQLjZuLn1FGCeOplg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:33 2023 by rpki-client on console-fra.rpki-client.org