Route Origin Authorization
$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/85aa1c35-c329-307f-9164-220ef1c78b5e.roa
File: 85aa1c35-c329-307f-9164-220ef1c78b5e.roa (raw, json)
Hash identifier: 1N1Ysqkicu/N5AaIyYUbeSiNghxUCdT11S3HS1UDx4I=
Subject key identifier: 94:EA:2B:F0:FE:6B:0E:81:7F:D7:92:19:D9:0A:9D:33:B6:25:04:D7
Certificate issuer: /CN=18800324-5150-4981-a144-bdb80e6bcb7c
Certificate serial: 010D0C9F43285844D9DFC9B1D42DC7338DC7AF40
Authority key identifier: 11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer
Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/85aa1c35-c329-307f-9164-220ef1c78b5e.roa
Signing time: Sun 11 Feb 2024 02:00:25 +0000
ROA not before: Sun 11 Feb 2024 02:00:25 +0000
ROA not after: Sat 11 May 2024 01:00:25 +0000
asID: 12271
IP address blocks: 45.39.185.0/24 maxlen: 24
45.39.52.0/24 maxlen: 24
45.39.87.0/24 maxlen: 24
45.39.178.0/24 maxlen: 24
107.165.213.0/24 maxlen: 24
104.252.240.0/24 maxlen: 24
104.252.158.0/24 maxlen: 24
104.252.51.0/24 maxlen: 24
45.38.250.0/24 maxlen: 24
45.39.239.0/24 maxlen: 24
45.39.171.0/24 maxlen: 24
104.165.16.0/24 maxlen: 24
45.39.188.0/24 maxlen: 24
107.187.126.0/24 maxlen: 24
107.165.230.0/24 maxlen: 24
107.186.232.0/24 maxlen: 24
107.186.65.0/24 maxlen: 24
107.186.54.0/24 maxlen: 24
107.186.6.0/24 maxlen: 24
205.164.42.0/24 maxlen: 24
142.111.143.0/24 maxlen: 24
136.0.209.0/24 maxlen: 24
136.0.68.0/24 maxlen: 24
172.120.23.0/24 maxlen: 24
166.88.78.0/24 maxlen: 24
142.252.154.0/24 maxlen: 24
142.252.3.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:0d:0c:9f:43:28:58:44:d9:df:c9:b1:d4:2d:c7:33:8d:c7:af:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18800324-5150-4981-a144-bdb80e6bcb7c
Validity
Not Before: Feb 11 02:00:25 2024 GMT
Not After : May 11 01:00:25 2024 GMT
Subject: CN=828c18e5-06a9-451f-91f5-19fe348e03b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:ce:2c:a1:e2:d1:cc:66:ca:8a:97:89:e6:af:
9e:d7:f3:b5:2f:ae:f5:57:b4:ae:47:5a:16:f6:fd:
8c:07:1a:12:e5:9f:4b:06:74:b5:d9:82:52:c5:19:
95:36:aa:b9:38:9d:f6:d4:5d:62:70:26:b1:4b:68:
9e:72:f1:ba:78:80:ee:58:1b:25:c1:44:88:17:b3:
90:ec:0e:58:3b:75:4c:35:dd:0a:27:9f:ba:0e:8c:
fd:ce:ba:63:d2:5e:23:2a:42:bf:53:c4:d4:c0:c4:
dd:35:d9:ba:4a:14:b2:a6:30:5b:15:30:a8:46:5b:
76:b9:67:be:99:cd:94:5a:5c:e7:4f:62:01:86:e9:
3f:c2:93:32:4a:58:3e:5c:4b:71:bf:38:f7:b0:2b:
cd:56:a1:4c:a9:ca:07:b9:17:63:13:00:54:6f:3c:
16:42:f9:68:05:dc:3d:e0:8b:5d:4a:69:5e:9c:94:
5d:c9:0c:76:c8:28:ec:34:d2:1c:d5:67:9b:fb:f8:
94:ac:af:2c:d5:12:3a:69:68:55:48:44:7c:e5:2b:
2d:ec:5a:71:6e:61:57:1b:de:4e:7c:e1:91:43:ed:
e5:bc:a0:2e:2e:6a:2f:e4:c5:1a:e6:a4:c9:3f:9f:
3d:79:44:d6:a3:c1:2c:8c:65:74:5e:b4:15:e4:14:
7e:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:EA:2B:F0:FE:6B:0E:81:7F:D7:92:19:D9:0A:9D:33:B6:25:04:D7
Subject Information Access:
Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/85aa1c35-c329-307f-9164-220ef1c78b5e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/18800324-5150-4981-a144-bdb80e6bcb7c.crl
X509v3 Authority Key Identifier:
keyid:11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer
sbgp-ipAddrBlock: critical
IPv4:
45.38.250.0/24
45.39.52.0/24
45.39.87.0/24
45.39.171.0/24
45.39.178.0/24
45.39.185.0/24
45.39.188.0/24
45.39.239.0/24
104.165.16.0/24
104.252.51.0/24
104.252.158.0/24
104.252.240.0/24
107.165.213.0/24
107.165.230.0/24
107.186.6.0/24
107.186.54.0/24
107.186.65.0/24
107.186.232.0/24
107.187.126.0/24
136.0.68.0/24
136.0.209.0/24
142.111.143.0/24
142.252.3.0/24
142.252.154.0/24
166.88.78.0/24
172.120.23.0/24
205.164.42.0/24
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.arin.net/resources/rpki/cps.html
Signature Algorithm: sha256WithRSAEncryption
52:0f:bd:3e:7b:45:66:3e:28:3b:bd:e8:cf:ec:90:89:d6:17:
82:72:c7:1a:93:e2:cb:79:9f:0f:be:3c:cd:03:0f:3f:38:51:
68:2d:a9:fa:1a:ea:59:b9:81:76:31:5d:b0:a1:41:32:8d:01:
4c:6b:1f:bf:b9:8d:91:86:75:70:50:ed:9d:2f:5c:96:5b:25:
0f:02:49:a9:00:50:b1:06:21:d0:d5:7d:e0:06:66:49:89:e4:
16:17:f8:55:2e:c2:59:35:76:ba:c9:8c:3b:fa:67:a2:80:81:
56:10:e9:06:b9:a1:2c:18:06:a3:de:8c:7a:5a:35:fa:f1:24:
37:d4:cd:7d:ff:c2:e7:3a:c4:17:a9:7f:6b:1f:6b:16:42:b1:
53:a4:cf:e1:08:59:29:a4:78:87:87:99:96:51:72:8f:12:11:
4c:ca:b4:26:1c:f6:ed:c4:27:1f:7e:7f:9d:44:2d:6c:e1:c1:
96:cb:4c:6e:4c:12:ec:35:a2:1e:b4:3c:bb:c1:35:74:3a:14:
18:82:3b:d1:cd:84:c4:00:44:e2:69:58:10:ba:04:9a:10:ea:
c2:35:4c:5b:89:2c:a5:22:54:66:20:84:5b:75:db:d3:da:12:
cb:39:0f:d6:18:bf:e7:9e:73:e1:5a:cc:20:fe:db:56:dd:c8:
a2:ca:5d:2f
-----BEGIN CERTIFICATE-----
MIIG5DCCBcygAwIBAgIUAQ0Mn0MoWETZ38mx1C3HM43Hr0AwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkMTg4MDAzMjQtNTE1MC00OTgxLWExNDQtYmRiODBlNmJj
YjdjMB4XDTI0MDIxMTAyMDAyNVoXDTI0MDUxMTAxMDAyNVowLzEtMCsGA1UEAxMk
ODI4YzE4ZTUtMDZhOS00NTFmLTkxZjUtMTlmZTM0OGUwM2IzMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw84soeLRzGbKipeJ5q+e1/O1L671V7SuR1oW
9v2MBxoS5Z9LBnS12YJSxRmVNqq5OJ321F1icCaxS2iecvG6eIDuWBslwUSIF7OQ
7A5YO3VMNd0KJ5+6Doz9zrpj0l4jKkK/U8TUwMTdNdm6ShSypjBbFTCoRlt2uWe+
mc2UWlznT2IBhuk/wpMySlg+XEtxvzj3sCvNVqFMqcoHuRdjEwBUbzwWQvloBdw9
4ItdSmlenJRdyQx2yCjsNNIc1Web+/iUrK8s1RI6aWhVSER85Sst7FpxbmFXG95O
fOGRQ+3lvKAuLmov5MUa5qTJP589eUTWo8EsjGV0XrQV5BR+uQIDAQABo4ID9jCC
A/IwHQYDVR0OBBYEFJTqK/D+aw6Bf9eSGdkKnTO2JQTXMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlhOC8xODgw
MDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4MGU2YmNiN2MvODVhYTFjMzUtYzMyOS0z
MDdmLTkxNjQtMjIwZWYxYzc4YjVlLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NDZlMDExMS1m
YWZiLTQzMGYtYjc3OC1kMjA0Y2ZjZDk5YTgvMTg4MDAzMjQtNTE1MC00OTgxLWEx
NDQtYmRiODBlNmJjYjdjLzE4ODAwMzI0LTUxNTAtNDk4MS1hMTQ0LWJkYjgwZTZi
Y2I3Yy5jcmwwHwYDVR0jBBgwFoAUEWtHMzbZ6J21lhte76NAIq7eabYwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc0NmUwMTExLWZhZmItNDMw
Zi1iNzc4LWQyMDRjZmNkOTlhOC8xODgwMDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4
MGU2YmNiN2MuY2VyMIG/BggrBgEFBQcBBwEB/wSBrzCBrDCBqQQCAAEwgaIDBAAt
JvoDBAAtJzQDBAAtJ1cDBAAtJ6sDBAAtJ7IDBAAtJ7kDBAAtJ7wDBAAtJ+8DBABo
pRADBABo/DMDBABo/J4DBABo/PADBABrpdUDBABrpeYDBABrugYDBABrujYDBABr
ukEDBABruugDBABru34DBACIAEQDBACIANEDBACOb48DBACO/AMDBACO/JoDBACm
WE4DBACseBcDBADNpCowVAYDVR0gAQH/BEowSDBGBggrBgEFBQcOAjA6MDgGCCsG
AQUFBwIBFixodHRwczovL3d3dy5hcmluLm5ldC9yZXNvdXJjZXMvcnBraS9jcHMu
aHRtbDANBgkqhkiG9w0BAQsFAAOCAQEAUg+9PntFZj4oO73oz+yQidYXgnLHGpPi
y3mfD748zQMPPzhRaC2p+hrqWbmBdjFdsKFBMo0BTGsfv7mNkYZ1cFDtnS9cllsl
DwJJqQBQsQYh0NV94AZmSYnkFhf4VS7CWTV2usmMO/pnooCBVhDpBrmhLBgGo96M
elo1+vEkN9TNff/C5zrEF6l/ax9rFkKxU6TP4QhZKaR4h4eZllFyjxIRTMq0Jhz2
7cQnH35/nUQtbOHBlstMbkwS7DWiHrQ8u8E1dDoUGII70c2ExABE4mlYELoEmhDq
wjVMW4kspSJUZiCEW3Xb09oSyzkP1hi/555z4VrMIP7bVt3IospdLw==
-----END CERTIFICATE-----
Generated at Fri Apr 12 19:21:38 2024 by rpki-client on console-fra.rpki-client.org