Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/U_36la6_gPE5ZGvfDTVw4e2nG3g.roa
File: U_36la6_gPE5ZGvfDTVw4e2nG3g.roa (raw, json)
Hash identifier: IAOxuU2wL80r2Ha4gVibst5IqqBTOt4Hmekdyc/MTVo=
Subject key identifier: 53:FD:FA:95:AE:BF:80:F1:39:64:6B:DF:0D:35:70:E1:ED:A7:1B:78
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 08AD2A31
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/U_36la6_gPE5ZGvfDTVw4e2nG3g.roa
Signing time: Wed 02 Mar 2022 12:02:32 +0000
ROA not before: Wed 02 Mar 2022 12:02:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 185.123.156.0/22 maxlen: 23
185.130.40.0/22 maxlen: 23
94.232.244.0/22 maxlen: 23
46.161.210.0/23 maxlen: 23
46.161.216.0/22 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 145566257 (0x8ad2a31)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Mar 2 12:02:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=53fdfa95aebf80f139646bdf0d3570e1eda71b78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:3b:18:d9:fb:47:14:d4:fe:11:bb:83:ab:a0:
0b:63:77:23:04:17:30:91:2c:4d:01:39:03:99:55:
4c:5c:c1:6d:18:ee:e1:83:e8:38:90:7f:17:f0:ee:
e6:15:e3:e6:b6:e3:57:41:6f:c6:6f:9a:f3:58:ba:
e9:e3:65:41:73:5c:49:f7:03:5e:67:65:d5:cd:56:
af:2e:7f:c6:13:59:ff:59:e9:46:3a:6c:a1:54:6f:
73:e4:70:34:4b:08:ee:c3:32:f5:3c:1a:30:89:9b:
65:68:38:0e:cc:48:ee:08:54:69:d1:6f:cb:d1:d3:
da:1d:85:66:d8:aa:f5:d9:02:2d:d3:31:39:fb:57:
1c:c2:7e:03:71:d9:6c:fd:90:5e:f2:e8:9b:32:e9:
14:5a:51:e0:45:ae:9b:2b:36:f6:e8:9b:3b:0a:79:
ab:77:41:dc:8a:ab:ac:dc:c0:5a:c0:54:0e:3f:a7:
32:c0:a4:d9:6b:a2:a5:d1:a9:2b:22:af:0b:f0:56:
c3:60:fa:24:4f:15:05:be:81:d3:8c:47:e3:43:6a:
b6:9c:00:6f:a8:f8:ff:f0:2e:27:32:9e:62:3f:b4:
2d:84:40:26:82:4f:26:3d:00:81:0f:20:ad:eb:3a:
04:f5:89:53:e9:dd:45:7d:42:2c:4a:2e:d3:d0:50:
f6:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:FD:FA:95:AE:BF:80:F1:39:64:6B:DF:0D:35:70:E1:ED:A7:1B:78
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/U_36la6_gPE5ZGvfDTVw4e2nG3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.161.210.0/23
46.161.216.0/22
94.232.244.0/22
185.123.156.0/22
185.130.40.0/22
Signature Algorithm: sha256WithRSAEncryption
50:47:b2:86:70:28:3c:42:2c:09:8e:ed:50:90:ba:fa:50:0c:
0e:6a:ff:fa:af:98:04:fa:10:aa:2c:49:d8:d7:81:d6:4b:1c:
86:fc:ca:5f:9d:41:a8:5a:96:e3:26:47:e6:71:03:52:dc:69:
f5:cb:09:8d:a1:29:7c:02:2d:06:93:ee:f8:55:d3:e0:bf:14:
dc:72:82:6f:7a:db:52:05:88:84:ca:c7:cd:61:30:fe:6d:0f:
f2:d8:50:ed:80:61:6c:66:6a:1e:26:ad:ac:2d:67:13:42:4b:
fe:b1:51:a3:ae:d7:eb:56:2a:6e:6d:7b:f3:12:49:9f:31:52:
a5:8a:49:22:53:03:32:55:f5:2c:a8:b0:ef:d4:c8:c2:42:2c:
ff:65:12:82:cf:0c:4e:0a:a9:8b:bc:2b:84:d0:03:cf:0e:cd:
36:98:78:db:0a:c9:a0:51:89:14:93:5f:2e:4b:63:04:9c:ec:
be:ef:a5:27:d4:09:37:55:b4:92:48:0e:14:4e:3d:b0:14:0e:
f4:cd:6d:30:49:c4:09:42:20:e5:d2:62:0f:21:f4:bc:13:d9:
d1:e1:4c:63:b3:9a:01:63:08:5d:ea:9e:d3:cb:c7:81:6b:d0:
30:2a:e3:5c:45:a7:97:bf:ef:9b:50:07:cb:e7:47:62:43:9a:
56:0c:44:b2
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIECK0qMTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NTU3Y2NkNDNhZmU4MTZlNDk1MzIyOGJmMTRhNzVkYzI5MDE0YjhkMB4XDTIyMDMw
MjEyMDIzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTNmZGZhOTVhZWJm
ODBmMTM5NjQ2YmRmMGQzNTcwZTFlZGE3MWI3ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK07GNn7RxTU/hG7g6ugC2N3IwQXMJEsTQE5A5lVTFzBbRju
4YPoOJB/F/Du5hXj5rbjV0Fvxm+a81i66eNlQXNcSfcDXmdl1c1Wry5/xhNZ/1np
RjpsoVRvc+RwNEsI7sMy9TwaMImbZWg4DsxI7ghUadFvy9HT2h2FZtiq9dkCLdMx
OftXHMJ+A3HZbP2QXvLomzLpFFpR4EWumys29uibOwp5q3dB3IqrrNzAWsBUDj+n
MsCk2WuipdGpKyKvC/BWw2D6JE8VBb6B04xH40NqtpwAb6j4//AuJzKeYj+0LYRA
JoJPJj0AgQ8gres6BPWJU+ndRX1CLEou09BQ9jECAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBRT/fqVrr+A8Tlka98NNXDh7acbeDAfBgNVHSMEGDAWgBS1V8zUOv6BbklT
IovxSnXcKQFLjTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RWZk0xRHItZ1c1SlV5S0w4VXAxM0NrQlM0MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGIvMTkwODQzLTE4MDMtNDQ2Mi1hNzk1LTZiYzc1NTc4YjRjMy8x
L1VfMzZsYTZfZ1BFNVpHdmZEVFZ3NGUybkczZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGIv
MTkwODQzLTE4MDMtNDQ2Mi1hNzk1LTZiYzc1NTc4YjRjMy8xL3RWZk0xRHItZ1c1
SlV5S0w4VXAxM0NrQlM0MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAS6h0gMEAi6h2AMEAl7o9AMEArl7
nAMEArmCKDANBgkqhkiG9w0BAQsFAAOCAQEAUEeyhnAoPEIsCY7tUJC6+lAMDmr/
+q+YBPoQqixJ2NeB1kschvzKX51BqFqW4yZH5nEDUtxp9csJjaEpfAItBpPu+FXT
4L8U3HKCb3rbUgWIhMrHzWEw/m0P8thQ7YBhbGZqHiatrC1nE0JL/rFRo67X61Yq
bm178xJJnzFSpYpJIlMDMlX1LKiw79TIwkIs/2USgs8MTgqpi7wrhNADzw7NNph4
2wrJoFGJFJNfLktjBJzsvu+lJ9QJN1W0kkgOFE49sBQO9M1tMEnECUIg5dJiDyH0
vBPZ0eFMY7OaAWMIXeqe08vHgWvQMCrjXEWnl7/vm1AHy+dHYkOaVgxEsg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:17 2024 by rpki-client on console-ams.rpki-client.org