Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/_uwGL9FLCuWdvApNIYc6ApGorB8.roa
File: _uwGL9FLCuWdvApNIYc6ApGorB8.roa (raw, json)
Hash identifier: //JqBgyIFPk0zCn0yJhCNzObx8QT8i3k2j192TAgbDE=
Subject key identifier: FE:EC:06:2F:D1:4B:0A:E5:9D:BC:0A:4D:21:87:3A:02:91:A8:AC:1F
Certificate issuer: /CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Certificate serial: 0181FE46A17B674A325EC7721ECBE142CDA1
Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/_uwGL9FLCuWdvApNIYc6ApGorB8.roa
Signing time: Thu 14 Jul 2022 19:54:10 +0000
ROA not before: Thu 14 Jul 2022 19:54:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57844
IP address blocks: 194.113.34.0/24 maxlen: 24
45.83.180.0/24 maxlen: 24
45.83.181.0/24 maxlen: 24
45.83.182.0/24 maxlen: 24
45.83.183.0/24 maxlen: 24
2.58.124.0/22 maxlen: 22
194.110.246.0/24 maxlen: 24
5.181.0.0/22 maxlen: 22
45.66.250.0/23 maxlen: 23
45.143.165.0/24 maxlen: 24
139.28.73.0/24 maxlen: 24
139.28.74.0/24 maxlen: 24
139.28.75.0/24 maxlen: 24
139.28.72.0/24 maxlen: 24
45.150.109.0/24 maxlen: 24
45.150.110.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:fe:46:a1:7b:67:4a:32:5e:c7:72:1e:cb:e1:42:cd:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Validity
Not Before: Jul 14 19:54:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=feec062fd14b0ae59dbc0a4d21873a0291a8ac1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:8d:94:ef:85:b9:b1:4e:ed:b1:d1:1f:bb:0e:
f8:83:04:77:79:fb:72:b7:9f:66:09:63:38:c3:9c:
c3:88:b2:46:c9:d4:84:59:7f:a9:c1:eb:87:6b:47:
f0:d2:8e:31:41:c3:81:7c:89:4a:da:2e:3a:89:1e:
4f:79:78:6d:ee:8d:44:bd:00:f7:85:cc:fa:65:19:
83:32:c3:6d:63:b0:72:a7:e1:bd:49:a0:ca:2e:52:
a4:69:ee:22:70:6b:61:82:2a:5a:37:0f:bd:50:a5:
7a:30:d8:0e:dd:03:ec:a1:2f:6d:3e:45:31:8c:95:
09:76:01:70:a3:1d:b2:d1:cf:ef:80:51:21:f4:13:
2c:12:bd:ac:77:a6:9a:39:89:0a:34:e8:d5:66:a5:
ee:14:1c:03:5d:6c:e3:86:44:53:5e:25:38:f5:c6:
64:93:e8:e7:57:b3:fe:21:22:63:09:7b:00:45:ea:
05:05:41:09:e9:9f:a2:f3:42:6b:4f:e0:70:ba:1e:
53:b8:a8:da:0d:e4:c0:b1:4a:60:c6:d2:43:7b:c4:
c9:a1:4c:4f:d2:e3:f7:09:6c:ef:b0:80:76:88:6b:
f6:0d:81:f9:a2:45:4a:44:fc:8b:d0:a4:3f:5d:c9:
8f:e8:3d:54:81:9c:d1:4e:28:2b:12:9a:36:83:c3:
59:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:EC:06:2F:D1:4B:0A:E5:9D:BC:0A:4D:21:87:3A:02:91:A8:AC:1F
X509v3 Authority Key Identifier:
keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/_uwGL9FLCuWdvApNIYc6ApGorB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.124.0/22
5.181.0.0/22
45.66.250.0/23
45.83.180.0/22
45.143.165.0/24
45.150.109.0-45.150.111.255
139.28.72.0/22
194.110.246.0/24
194.113.34.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:81:e3:cc:03:53:34:bc:01:82:0e:9a:de:10:4a:33:37:56:
6e:67:c2:b7:32:62:fe:d1:fa:cd:b4:e2:84:0b:f8:f4:04:c4:
83:3e:66:c1:0e:67:b5:65:b3:4f:af:a0:86:c9:7a:6f:52:48:
54:5d:5e:bd:ae:8b:f9:6d:42:1e:b3:6b:2f:58:52:79:f9:5a:
b2:f2:67:2f:c5:ad:83:d1:2c:69:57:57:64:20:36:0f:c3:31:
d6:e0:42:54:fa:86:be:83:96:37:3d:18:a9:f8:c6:f4:6b:a0:
d2:26:5b:5e:e1:7c:3a:08:f1:f1:3b:4d:ff:7a:90:00:a2:98:
0a:6d:3f:0d:2b:f3:04:0a:fc:c6:78:36:58:93:a8:40:8a:74:
8d:ed:32:86:f9:e6:8a:b3:1c:37:3d:c0:22:73:37:a6:a4:1c:
c9:53:98:c5:21:83:89:53:ab:50:73:23:97:07:2f:a5:8c:f4:
ba:b8:ee:85:23:3b:5a:d0:84:86:76:4c:2a:f6:0d:8f:c3:37:
ce:6f:cb:aa:d1:50:25:ba:89:0c:fb:ea:a4:45:08:14:79:0e:
94:fa:cb:89:60:c3:5b:f9:3d:30:9d:cb:25:b2:17:11:dc:bc:
9f:88:c0:b0:3d:77:ab:9f:82:5e:2b:12:c7:06:38:71:69:d2:
b6:26:ec:3f
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYH+RqF7Z0oyXsdyHsvhQs2hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMjBkZGQzOThkYWM4ZjYyY2MxMjUyNjMyNWYxODIxZmI3
MjRmNzUwHhcNMjIwNzE0MTk1NDEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWVjMDYyZmQxNGIwYWU1OWRiYzBhNGQyMTg3M2EwMjkxYThhYzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg42U74W5sU7tsdEfuw74gwR3efty
t59mCWM4w5zDiLJGydSEWX+pweuHa0fw0o4xQcOBfIlK2i46iR5PeXht7o1EvQD3
hcz6ZRmDMsNtY7Byp+G9SaDKLlKkae4icGthgipaNw+9UKV6MNgO3QPsoS9tPkUx
jJUJdgFwox2y0c/vgFEh9BMsEr2sd6aaOYkKNOjVZqXuFBwDXWzjhkRTXiU49cZk
k+jnV7P+ISJjCXsAReoFBUEJ6Z+i80JrT+Bwuh5TuKjaDeTAsUpgxtJDe8TJoUxP
0uP3CWzvsIB2iGv2DYH5okVKRPyL0KQ/XcmP6D1UgZzRTigrEpo2g8NZbwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFP7sBi/RSwrlnbwKTSGHOgKRqKwfMB8GA1UdIwQY
MBaAFG0g3dOY2sj2LMElJjJfGCH7ck91MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmIt
MzZkZTY1NzIzMmJlLzEvX3V3R0w5RkxDdVdkdkFwTklZYzZBcEdvckI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmItMzZkZTY1NzIzMmJl
LzEvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQCAjp8AwQC
BbUAAwQBLUL6AwQCLVO0AwQALY+lMAwDBAAtlm0DBAQtlmADBAKLHEgDBADCbvYD
BADCcSIwDQYJKoZIhvcNAQELBQADggEBAC+B48wDUzS8AYIOmt4QSjM3Vm5nwrcy
Yv7R+s204oQL+PQExIM+ZsEOZ7Vls0+voIbJem9SSFRdXr2ui/ltQh6zay9YUnn5
WrLyZy/FrYPRLGlXV2QgNg/DMdbgQlT6hr6Dljc9GKn4xvRroNImW17hfDoI8fE7
Tf96kACimAptPw0r8wQK/MZ4NliTqECKdI3tMob55oqzHDc9wCJzN6akHMlTmMUh
g4lTq1BzI5cHL6WM9Lq47oUjO1rQhIZ2TCr2DY/DN85vy6rRUCW6iQz76qRFCBR5
DpT6y4lgw1v5PTCdyyWyFxHcvJ+IwLA9d6ufgl4rEscGOHFp0rYm7D8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:37 2024 by rpki-client on console-fra.rpki-client.org