Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/SRY67iAnDB5p8ccmtepjzwCzdrE.roa
File: SRY67iAnDB5p8ccmtepjzwCzdrE.roa (raw, json)
Hash identifier: Kdtl3ThLYkbkd/lNnPjKKWcmkAzMEcKqxnicKGmmaTM=
Subject key identifier: 49:16:3A:EE:20:27:0C:1E:69:F1:C7:26:B5:EA:63:CF:00:B3:76:B1
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 0183429F72F5FD7A7856787831D6924DAC25
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/SRY67iAnDB5p8ccmtepjzwCzdrE.roa
Signing time: Thu 15 Sep 2022 19:28:09 +0000
ROA not before: Thu 15 Sep 2022 19:28:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 185.123.156.0/22 maxlen: 23
185.130.40.0/22 maxlen: 23
94.232.244.0/22 maxlen: 23
46.161.210.0/23 maxlen: 23
46.161.216.0/22 maxlen: 23
2a0c:9e04::/32 maxlen: 32
2a0c:9e03::/32 maxlen: 40
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:42:9f:72:f5:fd:7a:78:56:78:78:31:d6:92:4d:ac:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Sep 15 19:28:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=49163aee20270c1e69f1c726b5ea63cf00b376b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ca:27:65:b1:96:e9:b6:64:17:0d:73:9f:6f:
a3:97:e8:6d:7d:c5:6c:cb:e0:fe:c2:6a:c1:32:ff:
26:9a:d1:d7:3a:84:74:37:60:5e:4c:af:28:1f:64:
41:e9:fc:bc:ef:5e:f5:67:2e:7f:48:ab:ce:5f:f5:
ae:6b:ad:18:24:8d:aa:9d:b8:bd:8e:0a:b2:4f:68:
64:b0:c0:80:c2:27:f8:43:e0:f9:15:51:0c:8e:6f:
0d:0e:27:bd:ac:8c:ab:16:dd:ff:b1:81:e8:1d:5d:
f1:ec:a4:d1:bf:c2:90:50:39:c8:18:e5:3b:b7:6f:
e6:d7:53:b4:ca:45:99:1f:fb:9c:98:e9:8f:09:e8:
aa:a9:97:3d:87:9b:cb:84:08:9f:cd:96:65:6c:7a:
96:da:12:e4:bf:56:e1:04:87:e8:6f:ec:91:76:26:
a5:60:05:ae:f0:13:b9:54:0d:5c:c9:4a:96:cf:d5:
ef:95:23:07:7d:d7:5d:70:22:2c:7d:f6:55:e9:8e:
a5:79:93:81:2d:aa:62:ec:bf:b1:92:5a:4e:a0:db:
33:f1:48:d9:43:95:18:f2:d9:97:e9:64:fc:16:cd:
84:cb:b2:67:f5:e4:f5:2d:eb:ed:77:be:50:95:ed:
6f:95:ec:b4:6e:2f:9d:98:8e:91:8d:23:60:01:03:
df:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:16:3A:EE:20:27:0C:1E:69:F1:C7:26:B5:EA:63:CF:00:B3:76:B1
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/SRY67iAnDB5p8ccmtepjzwCzdrE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.161.210.0/23
46.161.216.0/22
94.232.244.0/22
185.123.156.0/22
185.130.40.0/22
IPv6:
2a0c:9e03::-2a0c:9e04:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
2d:f3:00:a8:22:23:bf:0f:3d:30:d9:f1:7a:c4:ac:00:97:5c:
06:1a:61:08:5f:92:5d:b9:49:b0:77:65:00:96:c9:9f:c9:82:
8c:86:fc:77:29:70:91:9d:cd:f8:6b:f6:cd:9c:ca:4d:d2:2c:
d8:22:c3:6a:69:78:ad:e2:da:19:43:c5:28:9b:b3:c5:0f:d8:
a0:0b:50:8e:47:00:97:1b:2a:33:52:69:7e:b3:d2:4f:6c:27:
cc:da:fa:04:05:c3:7b:e7:79:be:8a:5e:b8:67:9f:a8:cd:23:
ff:08:10:85:de:90:af:23:19:ae:65:c2:cf:02:73:e7:e0:4c:
43:93:ea:59:92:a6:28:40:56:1a:c2:55:98:e4:ee:a0:cc:1b:
55:25:96:0c:e4:82:60:0e:d0:a7:a4:1f:1d:ea:92:3f:93:c4:
db:ef:59:b8:20:93:36:7b:91:cc:a4:4b:d9:76:3b:9e:62:b3:
c5:fd:df:af:75:a9:d6:14:72:75:87:fc:8c:bc:db:32:08:3e:
9b:95:b8:17:53:4a:ab:46:6a:ef:7a:db:e2:3e:e3:ec:d2:3d:
bd:07:c5:27:ac:19:f1:b8:44:ff:18:e9:60:e1:e3:c1:38:04:
8d:ab:8d:fc:04:92:5c:23:f8:8f:32:96:e3:08:cf:40:74:d1:
a0:c0:7e:5d
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYNCn3L1/Xp4Vnh4MdaSTawlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjIwOTE1MTkyODA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTE2M2FlZTIwMjcwYzFlNjlmMWM3MjZiNWVhNjNjZjAwYjM3NmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8onZbGW6bZkFw1zn2+jl+htfcVs
y+D+wmrBMv8mmtHXOoR0N2BeTK8oH2RB6fy87171Zy5/SKvOX/Wua60YJI2qnbi9
jgqyT2hksMCAwif4Q+D5FVEMjm8NDie9rIyrFt3/sYHoHV3x7KTRv8KQUDnIGOU7
t2/m11O0ykWZH/ucmOmPCeiqqZc9h5vLhAifzZZlbHqW2hLkv1bhBIfob+yRdial
YAWu8BO5VA1cyUqWz9XvlSMHfdddcCIsffZV6Y6leZOBLapi7L+xklpOoNsz8UjZ
Q5UY8tmX6WT8Fs2Ey7Jn9eT1Levtd75Qle1vley0bi+dmI6RjSNgAQPfEwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFEkWOu4gJwweafHHJrXqY88As3axMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvU1JZNjdpQW5EQjVwOGNjbXRlcGp6d0N6ZHJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAkBAIAATAeAwQBLqHSAwQC
LqHYAwQCXuj0AwQCuXucAwQCuYIoMBYEAgACMBAwDgMFACoMngMDBQAqDJ4EMA0G
CSqGSIb3DQEBCwUAA4IBAQAt8wCoIiO/Dz0w2fF6xKwAl1wGGmEIX5JduUmwd2UA
lsmfyYKMhvx3KXCRnc34a/bNnMpN0izYIsNqaXit4toZQ8Uom7PFD9igC1CORwCX
GyozUml+s9JPbCfM2voEBcN753m+il64Z5+ozSP/CBCF3pCvIxmuZcLPAnPn4ExD
k+pZkqYoQFYawlWY5O6gzBtVJZYM5IJgDtCnpB8d6pI/k8Tb71m4IJM2e5HMpEvZ
djueYrPF/d+vdanWFHJ1h/yMvNsyCD6blbgXU0qrRmrvetviPuPs0j29B8UnrBnx
uET/GOlg4ePBOASNq438BJJcI/iPMpbjCM9AdNGgwH5d
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:25 2024 by rpki-client on console-fra.rpki-client.org