Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/rCEgiMW9GV4Bacda6tPXX5PVQWI.roa
File: rCEgiMW9GV4Bacda6tPXX5PVQWI.roa (raw, json)
Hash identifier: eboVO3VDDvTD7lkOzz37JAbA5vFx/499iWLH8nTBOWg=
Subject key identifier: AC:21:20:88:C5:BD:19:5E:01:69:C7:5A:EA:D3:D7:5F:93:D5:41:62
Certificate issuer: /CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Certificate serial: 018557D911814942C34EB324FAEA0E677C49
Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/rCEgiMW9GV4Bacda6tPXX5PVQWI.roa
Signing time: Wed 28 Dec 2022 08:28:41 +0000
ROA not before: Wed 28 Dec 2022 08:28:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57844
IP address blocks: 194.113.34.0/24 maxlen: 24
45.83.180.0/24 maxlen: 24
45.83.181.0/24 maxlen: 24
45.83.182.0/24 maxlen: 24
45.83.183.0/24 maxlen: 24
2.58.124.0/22 maxlen: 22
139.28.73.0/24 maxlen: 24
139.28.74.0/24 maxlen: 24
139.28.75.0/24 maxlen: 24
139.28.72.0/24 maxlen: 24
45.150.109.0/24 maxlen: 24
45.150.110.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:57:d9:11:81:49:42:c3:4e:b3:24:fa:ea:0e:67:7c:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Validity
Not Before: Dec 28 08:28:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ac212088c5bd195e0169c75aead3d75f93d54162
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:72:3d:21:54:78:73:79:b4:56:f7:10:78:0c:
77:5e:e4:bb:fe:a3:67:46:d2:98:45:19:11:5b:e1:
a5:e2:6d:23:d4:26:f4:c2:ec:5a:8c:22:6b:74:a9:
76:7a:aa:20:34:dc:b1:2b:83:f5:84:b9:df:31:98:
bd:8b:8d:7f:f9:76:a0:74:fc:d2:fc:d1:13:47:11:
a8:be:39:bc:43:57:15:eb:c3:bd:36:d2:4e:3e:ff:
0d:c9:e2:84:c9:02:c7:29:ae:af:c2:6f:08:7c:18:
a8:3a:c9:14:cf:fb:58:53:e0:fd:91:4b:5d:86:14:
48:bd:ad:f0:33:11:7f:71:ea:fc:84:af:d7:21:09:
bc:46:9f:fb:2d:88:0f:39:7b:81:8f:5a:92:b7:8d:
f9:00:79:9e:6c:06:06:89:da:a9:4d:16:94:a6:7e:
f9:07:12:6c:83:8c:d3:6d:63:d1:22:f5:6a:f4:c9:
1a:c6:25:81:75:db:f6:d1:9b:d6:9f:2b:69:c9:65:
a3:15:0f:cf:7e:85:e3:94:9f:8f:4f:7e:f6:80:8c:
16:03:d9:2c:9e:d6:d5:bd:17:4d:a4:1b:0c:46:16:
ec:8e:68:02:36:ca:41:9b:1c:56:9a:67:17:55:53:
1e:e4:5d:50:6b:4b:b0:12:c9:76:9a:fa:ae:87:8d:
33:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:21:20:88:C5:BD:19:5E:01:69:C7:5A:EA:D3:D7:5F:93:D5:41:62
X509v3 Authority Key Identifier:
keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/rCEgiMW9GV4Bacda6tPXX5PVQWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.124.0/22
45.83.180.0/22
45.150.109.0-45.150.111.255
139.28.72.0/22
194.113.34.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:c9:3b:7b:da:08:c2:28:9c:91:83:a3:dd:40:b1:6a:c9:ca:
3f:77:f0:c2:34:5c:e3:16:0f:6f:12:18:3e:de:00:65:75:91:
f6:86:11:df:df:b2:5c:9d:08:18:fb:d0:eb:38:c0:44:f1:47:
16:dd:f6:19:41:b7:fc:7d:e1:18:ab:22:8c:a1:92:cb:86:aa:
3a:b6:c4:ae:02:f2:50:c6:17:91:75:f9:8d:d0:a0:83:96:77:
7d:c6:bf:a4:67:cc:de:24:8c:12:44:8a:b4:79:29:1f:f2:7c:
b7:06:42:ee:12:f2:f3:86:cc:83:82:e4:da:2b:ac:98:20:2f:
be:b1:29:13:25:74:d9:0e:91:38:d6:20:b5:27:46:8f:19:08:
82:7d:32:dd:50:10:7b:72:16:12:1c:18:52:95:d7:6c:a6:08:
f7:36:e1:e5:cd:88:bf:e1:3e:9c:ec:19:1f:0b:13:d4:46:eb:
95:04:30:2e:24:4c:d9:ca:55:d1:9f:c9:36:7e:0a:8e:6a:6b:
8f:2f:d2:64:21:59:6b:fc:17:4c:23:f8:79:8b:c7:1e:21:60:
2d:19:39:8a:23:82:81:75:da:a4:b1:f9:0a:18:ef:1f:1a:29:
eb:6d:87:f4:30:47:38:69:ea:b2:68:35:16:bf:49:80:49:65:
ec:93:e0:3c
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVX2RGBSULDTrMk+uoOZ3xJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMjBkZGQzOThkYWM4ZjYyY2MxMjUyNjMyNWYxODIxZmI3
MjRmNzUwHhcNMjIxMjI4MDgyODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzIxMjA4OGM1YmQxOTVlMDE2OWM3NWFlYWQzZDc1ZjkzZDU0MTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA03I9IVR4c3m0VvcQeAx3XuS7/qNn
RtKYRRkRW+Gl4m0j1Cb0wuxajCJrdKl2eqogNNyxK4P1hLnfMZi9i41/+XagdPzS
/NETRxGovjm8Q1cV68O9NtJOPv8NyeKEyQLHKa6vwm8IfBioOskUz/tYU+D9kUtd
hhRIva3wMxF/cer8hK/XIQm8Rp/7LYgPOXuBj1qSt435AHmebAYGidqpTRaUpn75
BxJsg4zTbWPRIvVq9MkaxiWBddv20ZvWnytpyWWjFQ/PfoXjlJ+PT372gIwWA9ks
ntbVvRdNpBsMRhbsjmgCNspBmxxWmmcXVVMe5F1Qa0uwEsl2mvquh40zDQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFKwhIIjFvRleAWnHWurT11+T1UFiMB8GA1UdIwQY
MBaAFG0g3dOY2sj2LMElJjJfGCH7ck91MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmIt
MzZkZTY1NzIzMmJlLzEvckNFZ2lNVzlHVjRCYWNkYTZ0UFhYNVBWUVdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmItMzZkZTY1NzIzMmJl
LzEvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCAjp8AwQC
LVO0MAwDBAAtlm0DBAQtlmADBAKLHEgDBADCcSIwDQYJKoZIhvcNAQELBQADggEB
AAzJO3vaCMIonJGDo91AsWrJyj938MI0XOMWD28SGD7eAGV1kfaGEd/fslydCBj7
0Os4wETxRxbd9hlBt/x94RirIoyhksuGqjq2xK4C8lDGF5F1+Y3QoIOWd33Gv6Rn
zN4kjBJEirR5KR/yfLcGQu4S8vOGzIOC5NorrJggL76xKRMldNkOkTjWILUnRo8Z
CIJ9Mt1QEHtyFhIcGFKV12ymCPc24eXNiL/hPpzsGR8LE9RG65UEMC4kTNnKVdGf
yTZ+Co5qa48v0mQhWWv8F0wj+HmLxx4hYC0ZOYojgoF12qSx+QoY7x8aKetth/Qw
Rzhp6rJoNRa/SYBJZeyT4Dw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:00 2024 by rpki-client on console-ams.rpki-client.org