Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/0ZB0fAr9dqB0X_hTggqWrFAog0E.roa
File: 0ZB0fAr9dqB0X_hTggqWrFAog0E.roa (raw, json)
Hash identifier: MhDHbdLlXvb/FGiZrsmdOF0hq/96oN+foJxcBpnMBDQ=
Subject key identifier: D1:90:74:7C:0A:FD:76:A0:74:5F:F8:53:82:0A:96:AC:50:28:83:41
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 0183672DA618927D57DEB1911FEB56712315
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/0ZB0fAr9dqB0X_hTggqWrFAog0E.roa
Signing time: Thu 22 Sep 2022 21:49:48 +0000
ROA not before: Thu 22 Sep 2022 21:49:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 185.123.156.0/22 maxlen: 23
185.130.40.0/22 maxlen: 23
94.232.244.0/22 maxlen: 23
46.161.210.0/23 maxlen: 23
46.161.216.0/22 maxlen: 23
2a0c:9e04::/32 maxlen: 32
2a0c:9e03::/32 maxlen: 40
2a0c:9e07::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:67:2d:a6:18:92:7d:57:de:b1:91:1f:eb:56:71:23:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Sep 22 21:49:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d190747c0afd76a0745ff853820a96ac50288341
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:3f:80:97:e6:96:43:b0:72:d2:ba:a6:70:21:
43:c8:fe:88:3a:0d:2e:59:28:a1:b7:5e:e0:d3:9c:
c8:98:e2:11:9e:ad:ce:bb:0c:8a:58:24:1a:40:dd:
f3:55:e9:10:1a:8c:cd:06:02:2b:7c:9f:dd:0a:d1:
b6:aa:0c:f6:ab:5b:6f:ea:1d:b7:48:3e:5c:f1:4d:
2c:87:90:5d:57:72:56:2f:9e:4d:a8:96:87:f2:67:
58:88:23:fc:c1:80:9e:0d:39:67:01:8a:a1:ef:5b:
f6:e8:23:54:10:ec:87:17:fc:d4:24:60:19:7f:be:
90:db:a0:31:b8:da:a4:18:78:31:5c:07:8e:e7:d7:
f6:0a:83:1e:60:7a:ff:70:9e:ee:ae:7c:42:37:aa:
2e:e8:d4:4c:41:5f:1a:06:a0:43:77:d9:c1:22:6c:
3e:df:25:51:c5:d4:0b:45:fe:13:3b:97:a9:54:05:
e3:9e:95:79:d3:7f:66:a5:70:39:27:1e:ea:4d:41:
98:a9:6f:48:ec:0a:e0:cc:07:39:ab:98:bb:42:cb:
e8:83:d6:c8:ba:ef:54:0d:0d:79:4b:6f:d0:9f:e6:
e4:40:93:66:a5:e9:17:68:15:41:75:f2:b2:eb:e4:
a8:6a:94:a2:f8:0f:44:7b:31:ac:fa:84:a2:c0:03:
20:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:90:74:7C:0A:FD:76:A0:74:5F:F8:53:82:0A:96:AC:50:28:83:41
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/0ZB0fAr9dqB0X_hTggqWrFAog0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.161.210.0/23
46.161.216.0/22
94.232.244.0/22
185.123.156.0/22
185.130.40.0/22
IPv6:
2a0c:9e03::-2a0c:9e04:ffff:ffff:ffff:ffff:ffff:ffff
2a0c:9e07::/32
Signature Algorithm: sha256WithRSAEncryption
29:e7:6f:0d:2c:a8:30:81:4f:d3:55:72:03:22:d5:82:d2:c2:
62:15:c5:5c:8f:77:00:d0:23:91:0b:d2:88:30:0f:eb:54:a4:
cf:f1:a2:36:07:55:cf:d2:d4:e9:db:ef:e7:6e:70:b4:7a:ac:
14:43:b4:27:3f:dd:6f:90:71:2c:b7:48:6a:0c:3c:8d:5c:d9:
2e:e9:90:54:31:79:23:20:f3:8a:31:6c:31:0a:a0:36:4e:16:
a4:3a:3f:a8:bd:8c:09:b0:29:45:10:06:26:8b:69:c2:ea:ef:
26:82:11:ed:24:e4:24:96:a3:ae:f5:9f:ab:f5:90:64:d0:03:
38:07:4f:ac:bd:70:75:76:52:7b:36:c9:70:c7:6c:4d:b5:2d:
8a:3a:de:86:4e:d9:76:40:a7:86:74:2c:da:b2:cc:b9:cc:95:
f3:20:5d:de:a4:9f:e1:20:49:7b:d5:48:f2:5e:d5:c3:8a:c8:
03:16:d2:10:0f:fa:a3:83:94:4e:73:84:35:42:2c:3f:31:13:
42:1a:a7:5c:17:95:88:ce:30:d0:19:53:25:5f:a9:30:32:4f:
fd:3b:ac:4a:ed:ed:9b:07:10:1f:5c:1e:41:04:11:9b:e6:6b:
e1:7a:41:5d:63:9c:f0:ef:cc:e5:51:c1:b0:7a:35:f4:c7:5b:
6f:1d:40:55
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAYNnLaYYkn1X3rGRH+tWcSMVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjIwOTIyMjE0OTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTkwNzQ3YzBhZmQ3NmEwNzQ1ZmY4NTM4MjBhOTZhYzUwMjg4MzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArT+Al+aWQ7By0rqmcCFDyP6IOg0u
WSiht17g05zImOIRnq3OuwyKWCQaQN3zVekQGozNBgIrfJ/dCtG2qgz2q1tv6h23
SD5c8U0sh5BdV3JWL55NqJaH8mdYiCP8wYCeDTlnAYqh71v26CNUEOyHF/zUJGAZ
f76Q26AxuNqkGHgxXAeO59f2CoMeYHr/cJ7urnxCN6ou6NRMQV8aBqBDd9nBImw+
3yVRxdQLRf4TO5epVAXjnpV5039mpXA5Jx7qTUGYqW9I7ArgzAc5q5i7Qsvog9bI
uu9UDQ15S2/Qn+bkQJNmpekXaBVBdfKy6+SoapSi+A9EezGs+oSiwAMg6QIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFNGQdHwK/XagdF/4U4IKlqxQKINBMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvMFpCMGZBcjlkcUIwWF9oVGdncVdyRkFvZzBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTAkBAIAATAeAwQBLqHSAwQC
LqHYAwQCXuj0AwQCuXucAwQCuYIoMB0EAgACMBcwDgMFACoMngMDBQAqDJ4EAwUA
KgyeBzANBgkqhkiG9w0BAQsFAAOCAQEAKedvDSyoMIFP01VyAyLVgtLCYhXFXI93
ANAjkQvSiDAP61Skz/GiNgdVz9LU6dvv525wtHqsFEO0Jz/db5BxLLdIagw8jVzZ
LumQVDF5IyDzijFsMQqgNk4WpDo/qL2MCbApRRAGJotpwurvJoIR7STkJJajrvWf
q/WQZNADOAdPrL1wdXZSezbJcMdsTbUtijrehk7ZdkCnhnQs2rLMucyV8yBd3qSf
4SBJe9VI8l7Vw4rIAxbSEA/6o4OUTnOENUIsPzETQhqnXBeViM4w0BlTJV+pMDJP
/TusSu3tmwcQH1weQQQRm+Zr4XpBXWOc8O/M5VHBsHo19Mdbbx1AVQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:25 2024 by rpki-client on console-fra.rpki-client.org