Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/Wo_YrBHRqxCdkt7CnWrCgJ4Fj34.roa
File: Wo_YrBHRqxCdkt7CnWrCgJ4Fj34.roa (raw, json)
Hash identifier: DVnb2Yghu+qzlshtpuKkXXzaXv66NMsMDvU/mDr/PgE=
Subject key identifier: 5A:8F:D8:AC:11:D1:AB:10:9D:92:DE:C2:9D:6A:C2:80:9E:05:8F:7E
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 08E7EB13
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/Wo_YrBHRqxCdkt7CnWrCgJ4Fj34.roa
Signing time: Thu 24 Mar 2022 09:56:40 +0000
ROA not before: Thu 24 Mar 2022 09:56:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 22773
IP address blocks: 195.88.190.0/24 maxlen: 24
195.88.191.0/24 maxlen: 24
195.88.210.0/24 maxlen: 24
195.88.211.0/24 maxlen: 24
213.185.86.0/23 maxlen: 24
45.152.58.0/24 maxlen: 24
45.152.59.0/24 maxlen: 24
185.232.86.0/24 maxlen: 24
185.232.87.0/24 maxlen: 24
45.134.179.0/24 maxlen: 24
45.134.178.0/24 maxlen: 24
45.152.36.0/24 maxlen: 24
45.152.37.0/24 maxlen: 24
193.57.9.0/24 maxlen: 24
193.57.8.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 149416723 (0x8e7eb13)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Mar 24 09:56:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5a8fd8ac11d1ab109d92dec29d6ac2809e058f7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:67:d6:34:45:42:45:31:00:91:1e:ff:34:90:
05:d8:f3:1d:ef:0d:ba:ae:aa:fb:e3:4a:45:2b:3b:
db:95:0b:1e:2d:cf:1a:3a:58:d9:c4:0b:fe:56:69:
39:38:c9:59:6c:79:22:81:ef:11:b4:fa:80:7e:e8:
17:4e:ce:a4:01:d9:56:c0:6b:88:35:ad:04:16:fe:
ae:9e:9a:11:bb:92:75:91:ac:0e:23:e5:24:cf:58:
01:a9:af:79:8f:91:a6:50:7d:21:10:42:68:17:0b:
79:33:67:6b:eb:96:fd:dc:06:ef:b4:82:ca:42:73:
74:3d:86:91:c7:f2:f1:19:63:2b:d8:2a:3b:e4:29:
70:10:ca:4e:18:c4:de:e7:ca:97:67:03:f6:de:76:
18:b0:e6:29:62:4d:6b:f6:a6:a1:cd:77:4b:ed:73:
9b:81:33:aa:7f:56:7f:4a:27:15:db:4d:fd:66:6e:
eb:b4:63:c6:43:f1:5a:d3:c4:1a:a2:04:a2:d0:51:
66:19:1e:bd:01:51:07:79:ca:bd:14:45:9e:65:09:
a9:57:ce:ff:73:5f:62:22:89:8e:b4:fe:75:04:34:
4f:7e:53:4c:53:4c:a2:71:a9:25:74:62:3b:09:1d:
8f:7e:5e:65:bb:cc:b5:b2:4d:3e:a3:18:bc:30:f6:
ae:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:8F:D8:AC:11:D1:AB:10:9D:92:DE:C2:9D:6A:C2:80:9E:05:8F:7E
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/Wo_YrBHRqxCdkt7CnWrCgJ4Fj34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.178.0/23
45.152.36.0/23
45.152.58.0/23
185.232.86.0/23
193.57.8.0/23
195.88.190.0/23
195.88.210.0/23
213.185.86.0/23
Signature Algorithm: sha256WithRSAEncryption
09:9b:72:c5:d4:f6:7e:53:88:af:c3:b7:c8:97:09:04:98:ad:
39:ef:f8:c2:81:d8:f1:cc:15:65:cb:28:76:19:f5:62:44:92:
b6:d9:87:b9:91:1e:3c:5e:e7:f7:f4:6e:48:09:56:de:53:2a:
59:ae:a9:ad:73:a4:93:f6:29:d0:40:e4:e6:2d:87:c2:72:d4:
3c:5a:dc:52:e7:16:3c:42:ac:62:a4:b3:7f:88:7a:c0:9a:93:
cb:7b:a4:f2:19:e6:a4:63:37:de:c1:44:e1:cf:aa:80:ed:ca:
f4:f7:c2:c1:71:2f:70:d8:4f:e0:ee:71:32:0e:0a:55:05:48:
99:8e:15:d2:8c:aa:94:a9:bd:33:8d:89:1a:24:e9:e9:f8:55:
b8:ee:bc:ab:83:58:59:9f:17:60:42:3f:c5:84:23:c9:9a:be:
b7:fb:a5:8d:f9:1d:f4:05:b4:9b:bd:77:84:ea:9e:17:d8:9e:
d7:34:c3:f4:74:17:fa:f1:00:77:9a:2b:da:5e:25:e0:46:fa:
07:66:5d:bd:f1:c1:db:18:2e:96:fd:59:a5:de:e1:f3:6b:9c:
6d:8f:8e:ca:99:4e:41:8a:91:88:e2:c1:33:c3:a4:5f:d8:e4:
5f:8b:19:32:75:70:03:e4:b3:b0:a1:2e:22:51:af:14:3a:bc:
c8:ee:bd:7d
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIECOfrEzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NTU3Y2NkNDNhZmU4MTZlNDk1MzIyOGJmMTRhNzVkYzI5MDE0YjhkMB4XDTIyMDMy
NDA5NTY0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWE4ZmQ4YWMxMWQx
YWIxMDlkOTJkZWMyOWQ2YWMyODA5ZTA1OGY3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK1n1jRFQkUxAJEe/zSQBdjzHe8Nuq6q++NKRSs725ULHi3P
GjpY2cQL/lZpOTjJWWx5IoHvEbT6gH7oF07OpAHZVsBriDWtBBb+rp6aEbuSdZGs
DiPlJM9YAamveY+RplB9IRBCaBcLeTNna+uW/dwG77SCykJzdD2Gkcfy8RljK9gq
O+QpcBDKThjE3ufKl2cD9t52GLDmKWJNa/amoc13S+1zm4Ezqn9Wf0onFdtN/WZu
67RjxkPxWtPEGqIEotBRZhkevQFRB3nKvRRFnmUJqVfO/3NfYiKJjrT+dQQ0T35T
TFNMonGpJXRiOwkdj35eZbvMtbJNPqMYvDD2rlUCAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBRaj9isEdGrEJ2S3sKdasKAngWPfjAfBgNVHSMEGDAWgBS1V8zUOv6BbklT
IovxSnXcKQFLjTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RWZk0xRHItZ1c1SlV5S0w4VXAxM0NrQlM0MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGIvMTkwODQzLTE4MDMtNDQ2Mi1hNzk1LTZiYzc1NTc4YjRjMy8x
L1dvX1lyQkhScXhDZGt0N0NuV3JDZ0o0RmozNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGIv
MTkwODQzLTE4MDMtNDQ2Mi1hNzk1LTZiYzc1NTc4YjRjMy8xL3RWZk0xRHItZ1c1
SlV5S0w4VXAxM0NrQlM0MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEAS2GsgMEAS2YJAMEAS2YOgMEAbno
VgMEAcE5CAMEAcNYvgMEAcNY0gMEAdW5VjANBgkqhkiG9w0BAQsFAAOCAQEACZty
xdT2flOIr8O3yJcJBJitOe/4woHY8cwVZcsodhn1YkSSttmHuZEePF7n9/RuSAlW
3lMqWa6prXOkk/Yp0EDk5i2HwnLUPFrcUucWPEKsYqSzf4h6wJqTy3uk8hnmpGM3
3sFE4c+qgO3K9PfCwXEvcNhP4O5xMg4KVQVImY4V0oyqlKm9M42JGiTp6fhVuO68
q4NYWZ8XYEI/xYQjyZq+t/uljfkd9AW0m713hOqeF9ie1zTD9HQX+vEAd5or2l4l
4Eb6B2ZdvfHB2xgulv1Zpd7h82ucbY+OyplOQYqRiOLBM8OkX9jkX4sZMnVwA+Sz
sKEuIlGvFDq8yO69fQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:17 2024 by rpki-client on console-ams.rpki-client.org