Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/WncjtXbk8cQgrrf-Nud_msemXNc.roa
File: WncjtXbk8cQgrrf-Nud_msemXNc.roa (raw, json)
Hash identifier: pIUKvXwHYuNo18O2HdqdUyC7enVYytSI8804fo0Pasc=
Subject key identifier: 5A:77:23:B5:76:E4:F1:C4:20:AE:B7:FE:36:E7:7F:9A:C7:A6:5C:D7
Certificate issuer: /CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Certificate serial: 0A2C9AB2
Authority key identifier: A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/WncjtXbk8cQgrrf-Nud_msemXNc.roa
Signing time: Tue 18 Jan 2022 18:10:56 +0000
ROA not before: Tue 18 Jan 2022 18:10:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201453
IP address blocks: 185.228.118.0/24 maxlen: 24
185.228.117.0/24 maxlen: 24
185.228.116.0/22 maxlen: 22
185.228.116.0/24 maxlen: 24
185.228.119.0/24 maxlen: 24
185.226.231.0/24 maxlen: 24
185.226.229.0/24 maxlen: 24
185.220.166.0/24 maxlen: 24
185.220.167.0/24 maxlen: 24
185.160.231.0/24 maxlen: 24
185.160.230.0/24 maxlen: 24
185.160.229.0/24 maxlen: 24
185.160.228.0/24 maxlen: 24
185.160.228.0/22 maxlen: 22
185.232.132.0/24 maxlen: 24
185.232.132.0/22 maxlen: 22
185.232.133.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 170695346 (0xa2c9ab2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Validity
Not Before: Jan 18 18:10:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5a7723b576e4f1c420aeb7fe36e77f9ac7a65cd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:05:96:ac:90:8e:84:b2:13:ae:6b:0d:46:67:
15:36:ff:be:54:0d:1c:37:97:33:85:11:6a:9a:20:
a4:a6:96:99:bb:cf:b7:65:51:33:2d:4b:2e:5e:75:
ba:5d:3a:ef:73:85:6a:df:69:cc:ec:65:bc:d6:a6:
e3:33:40:4c:47:72:44:94:4e:4c:1c:24:4f:8b:fe:
d1:f7:f3:09:6e:d5:6a:ac:0f:81:96:86:af:c2:be:
b7:dd:11:c2:34:a4:ea:be:9f:6f:64:64:d8:c2:b9:
ce:99:67:3f:5b:b9:c6:64:9b:b6:fb:a8:7f:34:36:
71:61:76:04:6a:96:d3:56:57:55:89:54:ac:5f:b3:
4d:26:e8:13:ac:2b:ae:1e:e6:4a:b8:bb:64:83:23:
95:d7:70:17:7c:ac:7e:04:cd:d9:10:24:65:19:41:
bf:0c:2e:bd:75:e3:41:81:68:de:ae:c1:d7:3f:a3:
f7:cf:d7:2c:79:8f:3c:45:fb:c0:d3:a1:08:a4:17:
ca:69:e5:d8:a0:47:3b:e1:bd:84:b8:5a:9e:1b:12:
10:f7:65:62:8b:dd:dc:b9:dc:8e:dc:6d:e5:f4:75:
d9:bf:75:f8:48:4e:55:ea:14:68:b0:68:87:59:28:
bf:b1:d2:ed:c9:40:bc:95:34:f6:b9:76:4a:c7:95:
32:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:77:23:B5:76:E4:F1:C4:20:AE:B7:FE:36:E7:7F:9A:C7:A6:5C:D7
X509v3 Authority Key Identifier:
keyid:A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/WncjtXbk8cQgrrf-Nud_msemXNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/qEkgTKTw605W4I4Jn-N4XOBv_qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.160.228.0/22
185.220.166.0/23
185.226.229.0/24
185.226.231.0/24
185.228.116.0/22
185.232.132.0/22
Signature Algorithm: sha256WithRSAEncryption
2d:2e:57:6d:e5:5d:5e:58:2b:79:9c:ed:a7:fc:50:2c:80:5e:
43:96:24:51:0d:82:28:31:cd:3a:f8:b2:6c:b5:8d:86:48:09:
ff:2f:d9:86:e9:14:d6:b4:da:49:5d:58:91:b5:56:11:bd:74:
c5:b8:aa:32:60:6a:24:1c:16:3f:b1:10:01:a1:0c:25:b2:59:
3c:f0:c6:82:87:eb:8b:ec:ab:73:32:58:27:16:e0:61:da:40:
dc:b6:71:c1:ca:76:17:d6:17:70:60:59:e1:e5:f8:56:61:03:
3b:b8:e8:01:ea:14:a9:cd:28:4e:66:3d:6f:b1:8b:d3:01:98:
d1:d9:1e:23:8a:22:0c:5d:c1:c9:c9:42:d3:de:72:3d:64:19:
6e:28:61:cc:40:d7:60:02:47:31:9e:c0:2d:87:c6:08:1e:69:
65:2d:44:fb:a1:0a:5c:3b:2e:fe:24:5d:68:28:70:e6:2e:7a:
3e:96:9f:d7:42:da:f8:80:9b:18:3d:a5:69:4a:fb:b7:63:95:
c4:c8:ba:18:ba:a4:58:af:22:39:8b:c7:8e:7a:76:d5:f8:ed:
b1:b5:98:0e:45:f1:e5:9a:29:82:37:45:7c:11:c5:d3:01:e3:
f8:84:b9:21:7c:d1:99:17:88:17:e0:6a:0e:20:13:98:1d:23:
27:62:0a:d8
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIECiyasjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ODQ5MjA0Y2E0ZjBlYjRlNTZlMDhlMDk5ZmUzNzg1Y2UwNmZmZWFhMB4XDTIyMDEx
ODE4MTA1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWE3NzIzYjU3NmU0
ZjFjNDIwYWViN2ZlMzZlNzdmOWFjN2E2NWNkNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMkFlqyQjoSyE65rDUZnFTb/vlQNHDeXM4URapogpKaWmbvP
t2VRMy1LLl51ul0673OFat9pzOxlvNam4zNATEdyRJROTBwkT4v+0ffzCW7VaqwP
gZaGr8K+t90RwjSk6r6fb2Rk2MK5zplnP1u5xmSbtvuofzQ2cWF2BGqW01ZXVYlU
rF+zTSboE6wrrh7mSri7ZIMjlddwF3ysfgTN2RAkZRlBvwwuvXXjQYFo3q7B1z+j
98/XLHmPPEX7wNOhCKQXymnl2KBHO+G9hLhanhsSEPdlYovd3Lncjtxt5fR12b91
+EhOVeoUaLBoh1kov7HS7clAvJU09rl2SseVMt0CAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBRadyO1duTxxCCut/4253+ax6Zc1zAfBgNVHSMEGDAWgBSoSSBMpPDrTlbg
jgmf43hc4G/+qjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FFa2dUS1R3NjA1VzRJNEpuLU40WE9Cdl9xby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTIvNDViMjNmLTMwMmItNDFmMi05NDk2LTljY2JiMDg0MjhmYS8x
L1duY2p0WGJrOGNRZ3JyZi1OdWRfbXNlbVhOYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIv
NDViMjNmLTMwMmItNDFmMi05NDk2LTljY2JiMDg0MjhmYS8xL3FFa2dUS1R3NjA1
VzRJNEpuLU40WE9Cdl9xby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEArmg5AMEAbncpgMEALni5QMEALni
5wMEArnkdAMEArnohDANBgkqhkiG9w0BAQsFAAOCAQEALS5XbeVdXlgreZztp/xQ
LIBeQ5YkUQ2CKDHNOviybLWNhkgJ/y/ZhukU1rTaSV1YkbVWEb10xbiqMmBqJBwW
P7EQAaEMJbJZPPDGgofri+yrczJYJxbgYdpA3LZxwcp2F9YXcGBZ4eX4VmEDO7jo
AeoUqc0oTmY9b7GL0wGY0dkeI4oiDF3ByclC095yPWQZbihhzEDXYAJHMZ7ALYfG
CB5pZS1E+6EKXDsu/iRdaChw5i56Ppaf10La+ICbGD2laUr7t2OVxMi6GLqkWK8i
OYvHjnp21fjtsbWYDkXx5ZopgjdFfBHF0wHj+IS5IXzRmReIF+BqDiATmB0jJ2IK
2A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:06 2024 by rpki-client on console-ams.rpki-client.org