Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/k_7Bk9Eq7COt1tbxPWWSqe7LDPs.roa
File: k_7Bk9Eq7COt1tbxPWWSqe7LDPs.roa (raw, json)
Hash identifier: fH1pX4xKl3olxrMYycUXuLTcaevfFLm3GIQ+8iFvPeA=
Subject key identifier: 93:FE:C1:93:D1:2A:EC:23:AD:D6:D6:F1:3D:65:92:A9:EE:CB:0C:FB
Certificate issuer: /CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Certificate serial: 0184136C2D3BA72AED8B9BC36694E1A790F8
Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/k_7Bk9Eq7COt1tbxPWWSqe7LDPs.roa
Signing time: Wed 26 Oct 2022 08:32:47 +0000
ROA not before: Wed 26 Oct 2022 08:32:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57844
IP address blocks: 194.113.34.0/24 maxlen: 24
45.83.180.0/24 maxlen: 24
45.83.181.0/24 maxlen: 24
45.83.182.0/24 maxlen: 24
45.83.183.0/24 maxlen: 24
2.58.124.0/22 maxlen: 22
194.110.246.0/24 maxlen: 24
45.66.250.0/23 maxlen: 23
45.143.165.0/24 maxlen: 24
139.28.73.0/24 maxlen: 24
139.28.74.0/24 maxlen: 24
139.28.75.0/24 maxlen: 24
139.28.72.0/24 maxlen: 24
45.150.109.0/24 maxlen: 24
45.150.110.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:13:6c:2d:3b:a7:2a:ed:8b:9b:c3:66:94:e1:a7:90:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Validity
Not Before: Oct 26 08:32:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=93fec193d12aec23add6d6f13d6592a9eecb0cfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:03:05:4c:3e:4d:95:b8:de:eb:24:00:fd:01:
bb:e0:1c:e7:97:17:c2:12:c6:2b:96:67:6a:82:5f:
ab:16:2c:48:78:c7:76:d8:33:11:03:be:23:ba:e7:
eb:b9:4f:a0:a5:4c:6a:0b:09:0d:41:57:4c:59:f8:
30:7a:80:19:61:5c:7d:6d:9e:0c:9c:da:7a:28:7f:
a2:f1:a9:ca:43:fb:db:7e:21:35:8e:fd:28:ad:03:
3c:70:cb:62:6d:0f:c1:43:7f:9e:99:36:a1:5b:6e:
6c:3f:09:01:37:74:5f:bd:1d:26:da:19:7a:4a:1f:
1a:80:9b:5b:a4:e7:2f:ad:90:fb:03:cc:30:50:99:
e4:d1:91:05:fd:30:9e:69:fe:81:18:b0:19:09:ba:
6e:94:68:71:5e:d2:d1:c8:27:23:1b:7d:b7:7c:c1:
3a:ce:bd:ed:6f:98:4c:f8:80:47:9a:98:a6:d0:d2:
14:33:af:a5:3e:33:f5:96:d0:fa:39:15:fb:ca:33:
31:f0:7b:91:d5:78:60:fc:f7:a9:3e:e4:af:f6:55:
ee:1e:5c:3d:61:a5:29:c7:55:e7:ed:ea:07:70:ea:
d2:20:42:9f:95:a2:97:43:fd:af:aa:bc:f5:91:87:
81:2b:40:f5:a7:7a:d1:b3:e9:49:cd:7c:25:4b:9c:
b2:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:FE:C1:93:D1:2A:EC:23:AD:D6:D6:F1:3D:65:92:A9:EE:CB:0C:FB
X509v3 Authority Key Identifier:
keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/k_7Bk9Eq7COt1tbxPWWSqe7LDPs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.124.0/22
45.66.250.0/23
45.83.180.0/22
45.143.165.0/24
45.150.109.0-45.150.111.255
139.28.72.0/22
194.110.246.0/24
194.113.34.0/24
Signature Algorithm: sha256WithRSAEncryption
08:85:74:f8:93:72:90:35:53:8c:e8:69:65:95:be:89:82:6f:
89:c8:4b:6b:12:b6:e4:5d:91:d7:ad:be:28:74:0c:f0:bd:20:
06:70:3a:f3:30:26:3d:49:8f:7a:fe:92:6f:ec:bb:34:be:48:
47:3b:eb:94:32:9d:71:b8:59:fb:6e:74:f9:49:c8:10:f6:59:
6e:c8:50:76:41:56:78:28:62:ae:ca:e9:5b:f2:78:eb:a1:a3:
2b:57:6f:d3:dc:68:f8:aa:9e:f9:c4:66:dc:80:8a:46:6b:f6:
1b:ed:51:48:1c:72:2e:4a:52:b9:81:66:dd:c6:2d:3c:19:8c:
35:86:6f:c8:9d:5b:d6:d8:c9:1c:62:73:a5:5e:92:df:04:e1:
b2:c1:12:41:16:6e:cd:91:9f:10:5d:eb:1c:34:3a:c1:db:a5:
64:16:f1:53:dc:91:94:26:83:f4:40:e8:bd:34:1c:27:82:fa:
51:60:47:19:52:50:55:9d:07:26:51:31:fd:bc:05:10:6b:1a:
4d:f5:14:ed:a1:ec:0a:98:3a:b0:42:09:35:04:35:c0:91:26:
43:e4:c1:b8:e0:c4:b4:b8:84:ff:72:aa:fa:17:7c:0f:e9:82:
3a:0f:0b:d6:32:f1:53:fb:9d:56:39:55:d8:e5:73:7c:a5:42:
ae:b5:b9:39
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYQTbC07pyrti5vDZpThp5D4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMjBkZGQzOThkYWM4ZjYyY2MxMjUyNjMyNWYxODIxZmI3
MjRmNzUwHhcNMjIxMDI2MDgzMjQ3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2ZlYzE5M2QxMmFlYzIzYWRkNmQ2ZjEzZDY1OTJhOWVlY2IwY2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQMFTD5Nlbje6yQA/QG74BznlxfC
EsYrlmdqgl+rFixIeMd22DMRA74juufruU+gpUxqCwkNQVdMWfgweoAZYVx9bZ4M
nNp6KH+i8anKQ/vbfiE1jv0orQM8cMtibQ/BQ3+emTahW25sPwkBN3RfvR0m2hl6
Sh8agJtbpOcvrZD7A8wwUJnk0ZEF/TCeaf6BGLAZCbpulGhxXtLRyCcjG323fME6
zr3tb5hM+IBHmpim0NIUM6+lPjP1ltD6ORX7yjMx8HuR1Xhg/PepPuSv9lXuHlw9
YaUpx1Xn7eoHcOrSIEKflaKXQ/2vqrz1kYeBK0D1p3rRs+lJzXwlS5yyBQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFJP+wZPRKuwjrdbW8T1lkqnuywz7MB8GA1UdIwQY
MBaAFG0g3dOY2sj2LMElJjJfGCH7ck91MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmIt
MzZkZTY1NzIzMmJlLzEva183Qms5RXE3Q090MXRieFBXV1NxZTdMRFBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmItMzZkZTY1NzIzMmJl
LzEvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQCAjp8AwQB
LUL6AwQCLVO0AwQALY+lMAwDBAAtlm0DBAQtlmADBAKLHEgDBADCbvYDBADCcSIw
DQYJKoZIhvcNAQELBQADggEBAAiFdPiTcpA1U4zoaWWVvomCb4nIS2sStuRdkdet
vih0DPC9IAZwOvMwJj1Jj3r+km/suzS+SEc765QynXG4WftudPlJyBD2WW7IUHZB
VngoYq7K6VvyeOuhoytXb9PcaPiqnvnEZtyAikZr9hvtUUgcci5KUrmBZt3GLTwZ
jDWGb8idW9bYyRxic6Vekt8E4bLBEkEWbs2RnxBd6xw0OsHbpWQW8VPckZQmg/RA
6L00HCeC+lFgRxlSUFWdByZRMf28BRBrGk31FO2h7AqYOrBCCTUENcCRJkPkwbjg
xLS4hP9yqvoXfA/pgjoPC9Yy8VP7nVY5Vdjlc3ylQq61uTk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:37 2024 by rpki-client on console-fra.rpki-client.org