Route Origin Authorization
$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/707ec026-3cf9-315c-a194-ad456fb2d106.roa
File: 707ec026-3cf9-315c-a194-ad456fb2d106.roa (raw, json)
Hash identifier: eSvelwoL4wcGVBIA0fS5ofactlDKQS6shgI3vgM4tHU=
Subject key identifier: 05:16:28:70:A8:51:EE:FA:10:66:FA:7D:AE:8B:86:1F:C0:52:A5:5F
Certificate issuer: /CN=18800324-5150-4981-a144-bdb80e6bcb7c
Certificate serial: 010D0C9F43285843281A0663412177A7E9AA9EC0
Authority key identifier: 11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer
Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/707ec026-3cf9-315c-a194-ad456fb2d106.roa
Signing time: Fri 08 Sep 2023 16:56:58 +0000
ROA not before: Fri 08 Sep 2023 16:56:58 +0000
ROA not after: Thu 07 Dec 2023 17:56:58 +0000
asID: 12271
IP address blocks: 45.39.239.0/24 maxlen: 24
45.39.171.0/24 maxlen: 24
45.38.250.0/24 maxlen: 24
45.39.52.0/24 maxlen: 24
45.39.87.0/24 maxlen: 24
45.39.178.0/24 maxlen: 24
45.39.185.0/24 maxlen: 24
45.39.188.0/24 maxlen: 24
104.165.16.0/24 maxlen: 24
104.252.51.0/24 maxlen: 24
104.252.158.0/24 maxlen: 24
104.252.240.0/24 maxlen: 24
104.253.49.0/24 maxlen: 24
107.165.213.0/24 maxlen: 24
107.165.230.0/24 maxlen: 24
107.186.6.0/24 maxlen: 24
107.186.54.0/24 maxlen: 24
107.186.65.0/24 maxlen: 24
107.186.232.0/24 maxlen: 24
107.187.126.0/24 maxlen: 24
136.0.68.0/24 maxlen: 24
136.0.83.0/24 maxlen: 24
136.0.209.0/24 maxlen: 24
142.111.143.0/24 maxlen: 24
142.252.3.0/24 maxlen: 24
142.252.154.0/24 maxlen: 24
166.88.78.0/24 maxlen: 24
172.120.23.0/24 maxlen: 24
205.164.42.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:0d:0c:9f:43:28:58:43:28:1a:06:63:41:21:77:a7:e9:aa:9e:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18800324-5150-4981-a144-bdb80e6bcb7c
Validity
Not Before: Sep 8 16:56:58 2023 GMT
Not After : Dec 7 17:56:58 2023 GMT
Subject: CN=e4f8df27-843d-4d9e-899a-9238298b564e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:49:c4:3f:34:dc:9d:c1:ab:6c:9b:1f:4f:11:
6d:30:0a:17:e3:64:22:99:7a:94:67:a8:cc:8e:31:
10:28:fc:36:52:01:a7:f3:34:22:16:0d:fb:6e:bd:
7f:11:67:0e:1c:01:70:cd:7d:9a:48:28:54:2e:41:
92:99:0d:37:0a:a5:55:e8:f1:33:c0:eb:cb:57:b7:
f7:90:9f:dc:62:85:1c:5f:e5:2d:ba:2e:34:a5:8c:
df:af:1c:b0:ea:3c:ab:d2:52:8e:1d:60:d8:7e:17:
76:ad:e7:38:f8:1b:43:5d:46:14:68:24:13:c5:17:
5c:82:b2:59:1c:e5:9a:a1:55:81:ba:62:c5:c7:9c:
0a:6c:44:50:c7:90:e8:bc:4a:9e:c5:24:4f:23:04:
32:7f:cf:72:be:26:12:c0:cd:ab:55:a9:19:e4:1a:
dd:c1:84:f0:31:ee:3c:9c:e4:08:fe:b3:4d:22:4e:
32:7d:82:a5:65:ea:df:05:fc:42:70:5a:f4:b3:73:
75:a0:76:9d:02:d9:ce:3e:e6:97:db:a0:7e:96:b9:
01:57:c8:03:d9:48:3f:1d:0c:93:11:d5:93:e4:e8:
e3:de:aa:f6:49:ac:eb:e7:4b:d6:9f:05:e7:d7:8d:
45:fe:19:97:41:9d:d6:cf:f0:66:d7:11:74:bd:3a:
38:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:16:28:70:A8:51:EE:FA:10:66:FA:7D:AE:8B:86:1F:C0:52:A5:5F
Subject Information Access:
Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/707ec026-3cf9-315c-a194-ad456fb2d106.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/18800324-5150-4981-a144-bdb80e6bcb7c.crl
X509v3 Authority Key Identifier:
keyid:11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer
sbgp-ipAddrBlock: critical
IPv4:
45.38.250.0/24
45.39.52.0/24
45.39.87.0/24
45.39.171.0/24
45.39.178.0/24
45.39.185.0/24
45.39.188.0/24
45.39.239.0/24
104.165.16.0/24
104.252.51.0/24
104.252.158.0/24
104.252.240.0/24
104.253.49.0/24
107.165.213.0/24
107.165.230.0/24
107.186.6.0/24
107.186.54.0/24
107.186.65.0/24
107.186.232.0/24
107.187.126.0/24
136.0.68.0/24
136.0.83.0/24
136.0.209.0/24
142.111.143.0/24
142.252.3.0/24
142.252.154.0/24
166.88.78.0/24
172.120.23.0/24
205.164.42.0/24
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.arin.net/resources/rpki/cps.html
Signature Algorithm: sha256WithRSAEncryption
1c:b7:f1:32:96:f5:f8:5e:99:fe:2f:fc:b2:2d:e3:9f:d9:37:
64:1a:16:ff:56:87:88:d0:55:f1:32:37:66:05:b0:67:55:8d:
ca:8b:3a:12:82:18:3e:ae:5e:0d:89:d8:66:3b:5a:35:05:69:
32:d2:a9:5f:07:0e:9e:14:a9:53:49:b9:b7:49:f1:b9:0f:09:
62:0a:b7:7d:1c:15:f1:8e:81:6f:da:e1:ed:97:4e:81:8d:b9:
3d:04:35:6f:39:19:5e:33:56:de:d6:56:81:6f:75:d4:0a:3f:
75:d4:99:08:f7:ed:b5:02:fa:30:30:50:43:47:1a:af:0d:ad:
b2:7f:ea:a0:1f:97:fa:ae:da:f6:8f:59:0b:da:04:21:a1:cb:
2e:aa:6d:ff:be:fa:6d:ac:c5:e1:83:52:93:12:65:ca:48:9a:
97:1b:d9:57:76:43:95:58:43:34:d8:22:b2:37:90:8b:26:25:
c2:cf:d9:95:56:ee:c2:15:cc:11:ed:72:3f:0c:0a:07:4d:e2:
e3:50:89:08:16:3f:41:47:35:c7:97:b0:61:7c:b1:e9:d5:f8:
af:c4:56:36:c6:91:38:0d:cb:59:b9:d9:7b:ac:08:29:bf:bd:
4b:69:cd:50:a3:7e:e6:ed:37:68:ed:03:27:7c:f3:0b:d3:de:
fa:1c:f2:50
-----BEGIN CERTIFICATE-----
MIIG8DCCBdigAwIBAgIUAQ0Mn0MoWEMoGgZjQSF3p+mqnsAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkMTg4MDAzMjQtNTE1MC00OTgxLWExNDQtYmRiODBlNmJj
YjdjMB4XDTIzMDkwODE2NTY1OFoXDTIzMTIwNzE3NTY1OFowLzEtMCsGA1UEAxMk
ZTRmOGRmMjctODQzZC00ZDllLTg5OWEtOTIzODI5OGI1NjRlMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2EnEPzTcncGrbJsfTxFtMAoX42QimXqUZ6jM
jjEQKPw2UgGn8zQiFg37br1/EWcOHAFwzX2aSChULkGSmQ03CqVV6PEzwOvLV7f3
kJ/cYoUcX+Utui40pYzfrxyw6jyr0lKOHWDYfhd2rec4+BtDXUYUaCQTxRdcgrJZ
HOWaoVWBumLFx5wKbERQx5DovEqexSRPIwQyf89yviYSwM2rVakZ5BrdwYTwMe48
nOQI/rNNIk4yfYKlZerfBfxCcFr0s3N1oHadAtnOPuaX26B+lrkBV8gD2Ug/HQyT
EdWT5Ojj3qr2Sazr50vWnwXn141F/hmXQZ3Wz/Bm1xF0vTo4kwIDAQABo4IEAjCC
A/4wHQYDVR0OBBYEFAUWKHCoUe76EGb6fa6Lhh/AUqVfMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlhOC8xODgw
MDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4MGU2YmNiN2MvNzA3ZWMwMjYtM2NmOS0z
MTVjLWExOTQtYWQ0NTZmYjJkMTA2LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NDZlMDExMS1m
YWZiLTQzMGYtYjc3OC1kMjA0Y2ZjZDk5YTgvMTg4MDAzMjQtNTE1MC00OTgxLWEx
NDQtYmRiODBlNmJjYjdjLzE4ODAwMzI0LTUxNTAtNDk4MS1hMTQ0LWJkYjgwZTZi
Y2I3Yy5jcmwwHwYDVR0jBBgwFoAUEWtHMzbZ6J21lhte76NAIq7eabYwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc0NmUwMTExLWZhZmItNDMw
Zi1iNzc4LWQyMDRjZmNkOTlhOC8xODgwMDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4
MGU2YmNiN2MuY2VyMIHLBggrBgEFBQcBBwEB/wSBuzCBuDCBtQQCAAEwga4DBAAt
JvoDBAAtJzQDBAAtJ1cDBAAtJ6sDBAAtJ7IDBAAtJ7kDBAAtJ7wDBAAtJ+8DBABo
pRADBABo/DMDBABo/J4DBABo/PADBABo/TEDBABrpdUDBABrpeYDBABrugYDBABr
ujYDBABrukEDBABruugDBABru34DBACIAEQDBACIAFMDBACIANEDBACOb48DBACO
/AMDBACO/JoDBACmWE4DBACseBcDBADNpCowVAYDVR0gAQH/BEowSDBGBggrBgEF
BQcOAjA6MDgGCCsGAQUFBwIBFixodHRwczovL3d3dy5hcmluLm5ldC9yZXNvdXJj
ZXMvcnBraS9jcHMuaHRtbDANBgkqhkiG9w0BAQsFAAOCAQEAHLfxMpb1+F6Z/i/8
si3jn9k3ZBoW/1aHiNBV8TI3ZgWwZ1WNyos6EoIYPq5eDYnYZjtaNQVpMtKpXwcO
nhSpU0m5t0nxuQ8JYgq3fRwV8Y6Bb9rh7ZdOgY25PQQ1bzkZXjNW3tZWgW911Ao/
ddSZCPfttQL6MDBQQ0carw2tsn/qoB+X+q7a9o9ZC9oEIaHLLqpt/776bazF4YNS
kxJlykialxvZV3ZDlVhDNNgisjeQiyYlws/ZlVbuwhXMEe1yPwwKB03i41CJCBY/
QUc1x5ewYXyx6dX4r8RWNsaROA3LWbnZe6wIKb+9S2nNUKN+5u03aO0DJ3zzC9Pe
+hzyUA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:10:25 2024 by rpki-client on console-fra.rpki-client.org