Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/PNOE-7h64AypToX0qftAoJ1l5Ns.roa
File: PNOE-7h64AypToX0qftAoJ1l5Ns.roa (raw, json)
Hash identifier: YDFwEIDjbLCFQnHCJe2IUH3BbI+0oEwI4UDX63yJUds=
Subject key identifier: 3C:D3:84:FB:B8:7A:E0:0C:A9:4E:85:F4:A9:FB:40:A0:9D:65:E4:DB
Certificate issuer: /CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Certificate serial: 01857054CD49D377CC0CDD1EA18C9E3180DD
Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/PNOE-7h64AypToX0qftAoJ1l5Ns.roa
Signing time: Mon 02 Jan 2023 02:34:43 +0000
ROA not before: Mon 02 Jan 2023 02:34:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57844
IP address blocks: 194.113.34.0/24 maxlen: 24
45.83.180.0/24 maxlen: 24
45.83.181.0/24 maxlen: 24
45.83.182.0/24 maxlen: 24
45.83.183.0/24 maxlen: 24
2.58.124.0/22 maxlen: 22
139.28.73.0/24 maxlen: 24
139.28.74.0/24 maxlen: 24
139.28.75.0/24 maxlen: 24
139.28.72.0/24 maxlen: 24
45.150.109.0/24 maxlen: 24
45.150.110.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:54:cd:49:d3:77:cc:0c:dd:1e:a1:8c:9e:31:80:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Validity
Not Before: Jan 2 02:34:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3cd384fbb87ae00ca94e85f4a9fb40a09d65e4db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:be:eb:fe:0b:b9:4b:83:02:de:a5:9c:74:9c:
99:94:d5:74:8b:f5:39:1b:aa:91:ec:dd:be:10:24:
42:18:53:95:8e:9b:1f:52:a8:37:2f:d1:e5:a8:b1:
60:95:61:f1:b8:f8:c7:c6:a9:84:1f:ae:19:61:d8:
51:63:3a:1b:84:27:df:38:a0:36:f1:58:2c:ad:a1:
f8:16:e0:20:3b:42:e6:b7:9f:2f:84:36:78:a3:8b:
24:c4:cc:59:6c:57:e2:f6:cf:0b:b1:5d:34:0b:5b:
76:10:d5:ea:28:61:37:fd:c2:b1:92:a4:0c:9d:8e:
86:f9:64:84:5d:f1:7d:2e:6c:e0:d1:54:e9:3f:8e:
0a:64:3a:12:f0:07:d0:55:be:63:56:6a:67:c9:98:
ba:ce:0c:b5:ce:52:a6:a1:17:a8:4e:38:51:ae:fe:
b7:4e:50:80:8e:7e:e9:07:b8:f1:d5:18:dd:cb:b9:
29:26:b1:1c:2a:6a:f7:c1:a9:57:3e:8c:f8:26:f9:
b0:bd:20:9d:e3:30:7d:80:a0:f3:de:92:b0:77:9d:
89:14:fe:d8:b9:13:cd:e5:3b:f7:77:fd:29:9a:52:
18:c3:4a:05:75:45:03:a8:43:6c:c1:f8:44:79:f4:
0d:eb:57:42:a0:70:f5:17:fa:58:28:45:f5:ba:64:
05:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:D3:84:FB:B8:7A:E0:0C:A9:4E:85:F4:A9:FB:40:A0:9D:65:E4:DB
X509v3 Authority Key Identifier:
keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/PNOE-7h64AypToX0qftAoJ1l5Ns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.124.0/22
45.83.180.0/22
45.150.109.0-45.150.111.255
139.28.72.0/22
194.113.34.0/24
Signature Algorithm: sha256WithRSAEncryption
03:03:00:7a:de:cb:26:ad:9f:e9:5d:76:f6:65:a0:0d:4f:dc:
da:d1:0a:64:44:d2:ce:69:02:97:76:6e:41:48:1a:df:5a:a0:
71:19:71:14:62:e3:ef:bd:de:40:17:a8:a1:d2:47:8f:c9:e1:
c8:1d:ec:a9:a2:4a:47:9b:6a:48:96:76:d4:70:d8:7a:51:83:
67:13:ed:ca:44:e7:f8:ae:26:91:d0:e2:c2:21:28:50:9e:bb:
c6:ec:ed:1e:b2:8b:7f:c3:05:f0:13:85:a7:b0:40:5a:de:42:
5c:d5:2b:83:f9:09:63:f8:41:51:6e:d3:20:73:ee:1a:06:14:
82:da:2a:4e:a1:d1:09:b9:db:00:cf:09:22:9f:9b:c9:91:e9:
0f:5d:38:30:10:af:64:87:9d:89:68:07:63:98:ac:0e:ee:1c:
d0:b8:73:dc:49:1f:58:62:20:59:3f:03:4f:ea:ae:70:01:57:
c0:1f:c3:68:f3:d7:f4:89:64:cd:d6:ab:47:26:d5:a2:bb:63:
4a:eb:fd:df:2f:46:b9:7e:fc:4f:5f:e1:92:22:d9:ab:99:78:
64:11:31:df:dc:5c:84:a8:01:65:6e:c2:57:1b:e2:a4:16:f5:
d7:6f:fa:e1:d2:ca:c7:30:d8:7e:33:7e:a6:de:04:c1:ce:c7:
5b:3c:3e:ec
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVwVM1J03fMDN0eoYyeMYDdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMjBkZGQzOThkYWM4ZjYyY2MxMjUyNjMyNWYxODIxZmI3
MjRmNzUwHhcNMjMwMTAyMDIzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2QzODRmYmI4N2FlMDBjYTk0ZTg1ZjRhOWZiNDBhMDlkNjVlNGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnL7r/gu5S4MC3qWcdJyZlNV0i/U5
G6qR7N2+ECRCGFOVjpsfUqg3L9HlqLFglWHxuPjHxqmEH64ZYdhRYzobhCffOKA2
8VgsraH4FuAgO0Lmt58vhDZ4o4skxMxZbFfi9s8LsV00C1t2ENXqKGE3/cKxkqQM
nY6G+WSEXfF9Lmzg0VTpP44KZDoS8AfQVb5jVmpnyZi6zgy1zlKmoReoTjhRrv63
TlCAjn7pB7jx1Rjdy7kpJrEcKmr3walXPoz4JvmwvSCd4zB9gKDz3pKwd52JFP7Y
uRPN5Tv3d/0pmlIYw0oFdUUDqENswfhEefQN61dCoHD1F/pYKEX1umQFDwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFDzThPu4euAMqU6F9Kn7QKCdZeTbMB8GA1UdIwQY
MBaAFG0g3dOY2sj2LMElJjJfGCH7ck91MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmIt
MzZkZTY1NzIzMmJlLzEvUE5PRS03aDY0QXlwVG9YMHFmdEFvSjFsNU5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmItMzZkZTY1NzIzMmJl
LzEvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCAjp8AwQC
LVO0MAwDBAAtlm0DBAQtlmADBAKLHEgDBADCcSIwDQYJKoZIhvcNAQELBQADggEB
AAMDAHreyyatn+lddvZloA1P3NrRCmRE0s5pApd2bkFIGt9aoHEZcRRi4++93kAX
qKHSR4/J4cgd7KmiSkebakiWdtRw2HpRg2cT7cpE5/iuJpHQ4sIhKFCeu8bs7R6y
i3/DBfAThaewQFreQlzVK4P5CWP4QVFu0yBz7hoGFILaKk6h0Qm52wDPCSKfm8mR
6Q9dODAQr2SHnYloB2OYrA7uHNC4c9xJH1hiIFk/A0/qrnABV8Afw2jz1/SJZM3W
q0cm1aK7Y0rr/d8vRrl+/E9f4ZIi2auZeGQRMd/cXISoAWVuwlcb4qQW9ddv+uHS
yscw2H4zfqbeBMHOx1s8Puw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:37 2024 by rpki-client on console-fra.rpki-client.org