Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/BEEVPP6tnP_2sHYjhLEHQRdXjMs.roa
File: BEEVPP6tnP_2sHYjhLEHQRdXjMs.roa (raw, json)
Hash identifier: 8W7nfQytr+kMvZO6Hjitbm1tqIC/qInv4JYctavUDcc=
Subject key identifier: 04:41:15:3C:FE:AD:9C:FF:F6:B0:76:23:84:B1:07:41:17:57:8C:CB
Certificate issuer: /CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Certificate serial: 01871E3F261F2B4C59F71739780BFADF13DA
Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/BEEVPP6tnP_2sHYjhLEHQRdXjMs.roa
Signing time: Sun 26 Mar 2023 14:07:47 +0000
ROA not before: Sun 26 Mar 2023 14:07:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20853
IP address blocks: 194.113.34.0/24 maxlen: 24
45.83.180.0/22 maxlen: 22
45.150.109.0/24 maxlen: 24
45.150.110.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:1e:3f:26:1f:2b:4c:59:f7:17:39:78:0b:fa:df:13:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Validity
Not Before: Mar 26 14:07:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0441153cfead9cfff6b0762384b1074117578ccb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:c6:3f:e3:4e:53:09:d3:ec:25:e3:ef:be:7a:
5e:a5:ca:e0:f1:09:74:8b:8f:cb:87:15:db:3c:d0:
e5:60:11:27:35:7c:50:98:f4:41:98:ee:3b:c3:8e:
2d:0b:6c:f7:e4:0b:7d:20:10:7b:4b:40:a6:e3:72:
58:1e:50:45:9f:9a:45:7d:42:a4:d1:45:60:9d:e4:
d1:d3:c4:23:be:cd:ca:fe:13:8d:88:16:3e:89:04:
90:e1:fd:b3:7e:da:58:b5:fa:b3:16:c5:89:e8:2b:
0c:0b:74:d6:35:95:3f:9e:8d:e9:1e:da:de:b8:0f:
7e:bc:16:53:8a:00:fb:a0:04:cc:f7:37:05:0c:3f:
04:bd:b7:93:d6:09:32:71:e8:d9:aa:7a:45:b6:9a:
32:c4:17:73:92:e5:4a:8f:80:43:12:53:8c:3a:00:
fb:f8:e7:e7:02:47:03:18:50:9a:30:ee:8b:e8:c9:
21:50:a9:b8:9d:bc:bb:39:6b:92:ef:17:83:19:43:
42:01:dd:0a:88:18:5a:f7:80:75:90:6a:18:98:89:
e6:d6:9d:dc:aa:ea:75:51:be:5a:76:69:4d:96:b3:
4a:c4:52:6e:41:ad:a8:9e:7d:ee:54:d3:5a:1a:ad:
5a:55:be:29:c3:f2:23:1d:87:55:d9:ff:5e:c6:60:
22:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:41:15:3C:FE:AD:9C:FF:F6:B0:76:23:84:B1:07:41:17:57:8C:CB
X509v3 Authority Key Identifier:
keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/BEEVPP6tnP_2sHYjhLEHQRdXjMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.180.0/22
45.150.109.0-45.150.111.255
194.113.34.0/24
Signature Algorithm: sha256WithRSAEncryption
40:9f:b2:bc:f3:04:d0:11:59:d8:a6:9c:f6:dd:ee:3e:f6:f6:
60:81:0f:55:35:eb:31:0a:5f:55:25:0f:a1:5c:26:08:90:da:
b8:94:f8:e7:8b:5d:06:2e:cb:2e:f9:b4:ff:46:e7:56:11:53:
cd:ef:c6:09:81:b1:6e:b6:78:06:ff:be:ef:94:97:e6:20:ae:
3c:b3:ba:63:8e:77:ad:4d:56:8e:04:a8:6d:22:5e:9c:a6:75:
2a:d1:17:34:73:eb:95:51:03:0c:b9:5c:81:e4:fc:5a:06:34:
89:03:7e:bc:ef:44:67:e6:0a:01:fe:87:d0:59:ca:70:11:80:
da:7a:d2:7f:69:82:db:76:6c:94:bf:d8:39:51:3c:c3:39:01:
1c:62:69:b6:69:76:f9:84:3d:51:50:a8:9c:c1:ee:8c:d0:ff:
0b:51:8a:72:9f:36:d1:09:e2:8d:12:14:78:3f:24:9d:1e:cb:
79:c9:c2:bd:01:26:9a:47:e4:34:32:3e:a2:df:2b:aa:b1:9d:
ca:c0:d6:46:36:17:b0:65:bb:8e:a1:9c:ee:19:77:7f:3b:25:
35:95:09:59:d6:17:76:1d:d1:4b:17:2b:fb:b6:6d:92:36:d6:
40:04:74:c9:85:bb:ef:ab:07:5e:27:53:b6:c1:a9:af:92:3e:
d8:48:06:c8
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYcePyYfK0xZ9xc5eAv63xPaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMjBkZGQzOThkYWM4ZjYyY2MxMjUyNjMyNWYxODIxZmI3
MjRmNzUwHhcNMjMwMzI2MTQwNzQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDQxMTUzY2ZlYWQ5Y2ZmZjZiMDc2MjM4NGIxMDc0MTE3NTc4Y2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl8Y/405TCdPsJePvvnpepcrg8Ql0
i4/LhxXbPNDlYBEnNXxQmPRBmO47w44tC2z35At9IBB7S0Cm43JYHlBFn5pFfUKk
0UVgneTR08Qjvs3K/hONiBY+iQSQ4f2zftpYtfqzFsWJ6CsMC3TWNZU/no3pHtre
uA9+vBZTigD7oATM9zcFDD8EvbeT1gkycejZqnpFtpoyxBdzkuVKj4BDElOMOgD7
+OfnAkcDGFCaMO6L6MkhUKm4nby7OWuS7xeDGUNCAd0KiBha94B1kGoYmInm1p3c
qup1Ub5admlNlrNKxFJuQa2onn3uVNNaGq1aVb4pw/IjHYdV2f9exmAinwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFARBFTz+rZz/9rB2I4SxB0EXV4zLMB8GA1UdIwQY
MBaAFG0g3dOY2sj2LMElJjJfGCH7ck91MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmIt
MzZkZTY1NzIzMmJlLzEvQkVFVlBQNnRuUF8yc0hZamhMRUhRUmRYak1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmItMzZkZTY1NzIzMmJl
LzEvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCLVO0MAwD
BAAtlm0DBAQtlmADBADCcSIwDQYJKoZIhvcNAQELBQADggEBAECfsrzzBNARWdim
nPbd7j729mCBD1U16zEKX1UlD6FcJgiQ2riU+OeLXQYuyy75tP9G51YRU83vxgmB
sW62eAb/vu+Ul+YgrjyzumOOd61NVo4EqG0iXpymdSrRFzRz65VRAwy5XIHk/FoG
NIkDfrzvRGfmCgH+h9BZynARgNp60n9pgtt2bJS/2DlRPMM5ARxiabZpdvmEPVFQ
qJzB7ozQ/wtRinKfNtEJ4o0SFHg/JJ0ey3nJwr0BJppH5DQyPqLfK6qxncrA1kY2
F7Blu46hnO4Zd387JTWVCVnWF3Yd0UsXK/u2bZI21kAEdMmFu++rB14nU7bBqa+S
PthIBsg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:00 2024 by rpki-client on console-ams.rpki-client.org