Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/rAqshNr0Gy5iQ8Sxlkq2GVSAIJY.roa
File: rAqshNr0Gy5iQ8Sxlkq2GVSAIJY.roa (raw, json)
Hash identifier: 2tNT0vcWSdVc28stizYBcahzRZYhYE1lVPeSBhDvk6Q=
Subject key identifier: AC:0A:AC:84:DA:F4:1B:2E:62:43:C4:B1:96:4A:B6:19:54:80:20:96
Certificate issuer: /CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Certificate serial: 01857BB07B945C726CD1DA365AC89CA591F6
Authority key identifier: 46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/rAqshNr0Gy5iQ8Sxlkq2GVSAIJY.roa
Signing time: Wed 04 Jan 2023 07:30:41 +0000
ROA not before: Wed 04 Jan 2023 07:30:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 26636
IP address blocks: 45.91.65.0/24 maxlen: 24
45.82.15.0/24 maxlen: 24
45.82.14.0/24 maxlen: 24
185.244.50.0/24 maxlen: 24
185.244.48.0/24 maxlen: 24
193.39.170.0/24 maxlen: 24
193.39.168.0/24 maxlen: 24
194.187.120.0/24 maxlen: 24
91.200.151.0/24 maxlen: 24
91.200.148.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:7b:b0:7b:94:5c:72:6c:d1:da:36:5a:c8:9c:a5:91:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Validity
Not Before: Jan 4 07:30:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac0aac84daf41b2e6243c4b1964ab61954802096
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:04:c0:98:bc:23:01:2c:14:11:17:06:31:39:
4c:7c:60:48:ae:0b:3d:71:89:78:c9:87:f1:52:de:
59:b0:f7:2e:8f:fe:d2:24:1a:4d:3a:87:0d:7d:02:
d6:bf:6c:2b:b6:7b:7c:cd:93:a9:c0:87:56:dc:32:
77:4b:f4:93:0a:e3:18:71:7a:5f:c4:cb:76:f3:34:
0f:61:ea:23:8b:b4:af:5a:d3:2f:a0:6b:a0:d0:eb:
99:b7:67:0a:58:56:b5:33:c4:27:41:78:05:77:f1:
4e:8c:c5:ee:e2:de:58:93:22:c9:13:64:81:65:ac:
0f:6c:1b:a2:0a:54:fa:04:bc:d0:85:03:25:69:ee:
9e:44:4f:0c:29:68:8d:99:9e:ca:cc:08:b2:55:6b:
6c:43:85:c2:c2:04:2b:26:c5:0e:26:7f:de:91:e5:
f1:eb:2c:47:76:7f:d4:44:96:56:8b:24:59:ad:20:
f3:10:3a:53:e7:cf:f2:40:e0:86:50:95:28:f1:25:
73:20:a3:66:47:c7:8c:19:53:98:4c:44:41:32:57:
a6:9f:28:f8:ab:a1:8c:9f:03:dd:ad:f4:e3:28:ac:
fe:1e:b4:cd:69:52:58:6d:70:68:ab:1e:dc:2f:18:
3c:a7:38:5b:40:b9:44:ab:f4:99:cb:63:94:b0:b2:
60:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:0A:AC:84:DA:F4:1B:2E:62:43:C4:B1:96:4A:B6:19:54:80:20:96
X509v3 Authority Key Identifier:
keyid:46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/rAqshNr0Gy5iQ8Sxlkq2GVSAIJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.14.0/23
45.91.65.0/24
91.200.148.0/24
91.200.151.0/24
185.244.48.0/24
185.244.50.0/24
193.39.168.0/24
193.39.170.0/24
194.187.120.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:d2:66:7e:d4:38:6a:18:9e:f8:26:36:d6:05:f1:5c:9f:55:
88:b3:67:7f:3b:e8:09:86:fb:c4:37:b5:30:bb:a5:43:68:d6:
af:73:d3:5a:4c:85:3b:5a:b4:4b:1d:a5:5e:bd:64:f4:2b:01:
37:c7:3f:2a:be:43:d5:9b:e8:d7:2d:81:32:de:7b:b7:9f:44:
16:f7:4a:7c:a0:15:1f:91:b2:b2:e8:cb:b6:f4:0d:90:c5:cf:
b1:81:0c:67:69:92:14:ee:02:58:ed:cf:01:2f:e7:69:ce:b7:
09:1b:4a:41:96:26:6b:3b:b8:36:36:df:5d:30:ce:dd:43:fd:
18:aa:18:64:d1:86:b5:c3:06:e0:2b:99:d9:93:81:7b:66:b6:
cb:f1:86:2a:3b:76:b2:d4:ad:a1:f0:10:7e:db:39:10:f2:2e:
88:ba:ae:16:b2:b8:51:b1:0b:4d:17:d2:86:42:11:85:fb:55:
3b:3e:13:20:f8:f3:a0:9d:12:f5:c4:6f:5c:ce:3e:28:10:4f:
b6:75:9a:a5:0b:b7:16:42:72:c4:3c:4b:97:c8:d6:7c:00:37:
9b:41:7f:41:43:bb:21:b3:ea:ba:48:5a:e5:f8:c7:4c:f5:65:
9c:ba:18:9b:9a:14:2b:09:15:ac:f6:7a:01:07:98:ff:de:62:
87:db:bd:ca
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYV7sHuUXHJs0do2WsicpZH2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NWViYTVjMWE4MGY4NmE0NTg5Mjc4ZWRkOTMwNGIzZjUx
NjlmODMwHhcNMjMwMTA0MDczMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzBhYWM4NGRhZjQxYjJlNjI0M2M0YjE5NjRhYjYxOTU0ODAyMDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwTAmLwjASwUERcGMTlMfGBIrgs9
cYl4yYfxUt5ZsPcuj/7SJBpNOocNfQLWv2wrtnt8zZOpwIdW3DJ3S/STCuMYcXpf
xMt28zQPYeoji7SvWtMvoGug0OuZt2cKWFa1M8QnQXgFd/FOjMXu4t5YkyLJE2SB
ZawPbBuiClT6BLzQhQMlae6eRE8MKWiNmZ7KzAiyVWtsQ4XCwgQrJsUOJn/ekeXx
6yxHdn/URJZWiyRZrSDzEDpT58/yQOCGUJUo8SVzIKNmR8eMGVOYTERBMlemnyj4
q6GMnwPdrfTjKKz+HrTNaVJYbXBoqx7cLxg8pzhbQLlEq/SZy2OUsLJguQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFKwKrITa9BsuYkPEsZZKthlUgCCWMB8GA1UdIwQY
MBaAFEZeulwagPhqRYknjt2TBLP1Fp+DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQt
NWM0NzZlMzMyNWY1LzEvckFxc2hOcjBHeTVpUThTeGxrcTJHVlNBSUpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQtNWM0NzZlMzMyNWY1
LzEvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQBLVIOAwQA
LVtBAwQAW8iUAwQAW8iXAwQAufQwAwQAufQyAwQAwSeoAwQAwSeqAwQAwrt4MA0G
CSqGSIb3DQEBCwUAA4IBAQAb0mZ+1DhqGJ74JjbWBfFcn1WIs2d/O+gJhvvEN7Uw
u6VDaNavc9NaTIU7WrRLHaVevWT0KwE3xz8qvkPVm+jXLYEy3nu3n0QW90p8oBUf
kbKy6Mu29A2Qxc+xgQxnaZIU7gJY7c8BL+dpzrcJG0pBliZrO7g2Nt9dMM7dQ/0Y
qhhk0Ya1wwbgK5nZk4F7ZrbL8YYqO3ay1K2h8BB+2zkQ8i6Iuq4WsrhRsQtNF9KG
QhGF+1U7PhMg+POgnRL1xG9czj4oEE+2dZqlC7cWQnLEPEuXyNZ8ADebQX9BQ7sh
s+q6SFrl+MdM9WWcuhibmhQrCRWs9noBB5j/3mKH273K
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:19 2023 by rpki-client on console-ams.rpki-client.org