Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/cKQHuuICnvDBwdZ1DHlNssE72Qw.roa
File: cKQHuuICnvDBwdZ1DHlNssE72Qw.roa (raw, json)
Hash identifier: 2ablaXa2z04R6KuR5m4VcocUad9SIovmpGcdl0uWdSU=
Subject key identifier: 70:A4:07:BA:E2:02:9E:F0:C1:C1:D6:75:0C:79:4D:B2:C1:3B:D9:0C
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 0185706764E9DFC1834E9F990D0EB13A078E
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/cKQHuuICnvDBwdZ1DHlNssE72Qw.roa
Signing time: Mon 02 Jan 2023 02:55:02 +0000
ROA not before: Mon 02 Jan 2023 02:55:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 185.123.156.0/22 maxlen: 23
185.130.40.0/22 maxlen: 23
94.232.244.0/22 maxlen: 23
46.161.210.0/23 maxlen: 23
46.161.208.0/23 maxlen: 23
46.161.216.0/22 maxlen: 23
2a0c:9e04::/32 maxlen: 32
2a0c:9e03::/32 maxlen: 32
2a0c:9e07::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:64:e9:df:c1:83:4e:9f:99:0d:0e:b1:3a:07:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Jan 2 02:55:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70a407bae2029ef0c1c1d6750c794db2c13bd90c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:d5:15:76:62:91:0f:24:b7:05:74:d3:15:0f:
bd:d0:ea:e3:e9:70:f1:25:c6:10:d7:c5:2a:02:e0:
32:8d:5e:ba:9d:79:ac:3f:d1:37:50:e2:2c:f1:3e:
b7:2c:d6:e2:0a:f7:f6:04:9d:87:2c:df:61:86:db:
03:f5:e6:d4:bc:c4:cb:61:9e:dc:9f:3c:61:99:14:
ad:f6:f0:b1:07:2a:c2:3c:03:fb:63:cc:ff:34:12:
66:8c:ab:5d:0c:ed:ad:db:4c:a6:59:0b:88:b4:d0:
fa:2a:53:5e:72:fa:ba:02:2c:ac:ed:95:4b:aa:4d:
d9:ca:6b:c4:04:a3:f0:5d:20:6a:1b:8f:a8:8d:82:
3b:21:88:cf:6e:7c:4c:48:93:20:a3:23:75:7a:d3:
8d:80:71:33:7c:85:7b:b6:ac:82:71:b0:19:0b:b4:
d8:c4:fe:03:1c:b4:fc:a0:0b:db:e6:8e:3b:17:98:
88:f8:eb:dc:88:0b:aa:34:e2:af:46:00:cb:4e:96:
50:4f:59:69:e0:43:de:2c:28:ac:87:14:c1:f4:d1:
d4:68:83:e8:85:df:c6:6e:9a:2f:3b:b6:9e:34:2c:
c9:fa:61:cb:a4:a8:c6:51:82:97:83:5a:ff:00:ac:
90:0e:c8:b6:97:73:15:b2:09:95:3a:40:d2:20:1b:
44:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:A4:07:BA:E2:02:9E:F0:C1:C1:D6:75:0C:79:4D:B2:C1:3B:D9:0C
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/cKQHuuICnvDBwdZ1DHlNssE72Qw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.161.208.0/22
46.161.216.0/22
94.232.244.0/22
185.123.156.0/22
185.130.40.0/22
IPv6:
2a0c:9e03::-2a0c:9e04:ffff:ffff:ffff:ffff:ffff:ffff
2a0c:9e07::/32
Signature Algorithm: sha256WithRSAEncryption
3b:4f:45:c2:18:f9:7a:05:04:48:60:20:75:8b:e1:6e:96:09:
a6:69:49:08:e3:46:bb:ef:d1:5a:b0:ad:5a:2b:f2:fc:94:5d:
5d:51:99:5f:eb:a3:01:d1:91:16:74:a7:5d:36:11:18:d2:73:
8b:9d:25:27:72:d3:4b:74:47:d2:8d:af:66:25:27:83:3c:18:
2a:d0:af:61:2a:32:05:18:ff:69:75:18:3b:2f:a1:a5:10:b6:
5f:39:38:98:24:62:2d:10:5b:0a:b0:65:c8:74:b1:15:67:6c:
42:a6:3d:6d:f9:71:b8:2d:02:0b:b1:8f:66:31:42:97:38:81:
2e:4f:2d:70:78:77:99:18:a2:54:fd:23:96:24:69:98:53:57:
59:cb:37:66:70:1e:b1:5f:c8:82:c6:1a:13:bd:33:9f:23:f8:
e9:12:5c:5e:ed:ac:45:3e:12:1f:da:3a:3d:35:8e:f0:25:3c:
d5:10:4b:5f:25:f0:4f:b3:40:5e:d4:34:d9:4f:67:30:cf:1e:
fe:d0:33:73:23:6d:59:d7:0e:68:d0:a2:1d:82:9f:76:77:68:
90:09:6b:aa:a9:e7:3a:b5:b4:d7:45:a6:04:40:0a:0e:35:be:
95:da:12:ef:a6:7d:1e:f3:34:fb:66:e5:04:68:c2:0f:51:dd:
af:c5:86:17
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAYVwZ2Tp38GDTp+ZDQ6xOgeOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjMwMTAyMDI1NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGE0MDdiYWUyMDI5ZWYwYzFjMWQ2NzUwYzc5NGRiMmMxM2JkOTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltUVdmKRDyS3BXTTFQ+90Orj6XDx
JcYQ18UqAuAyjV66nXmsP9E3UOIs8T63LNbiCvf2BJ2HLN9hhtsD9ebUvMTLYZ7c
nzxhmRSt9vCxByrCPAP7Y8z/NBJmjKtdDO2t20ymWQuItND6KlNecvq6Aiys7ZVL
qk3ZymvEBKPwXSBqG4+ojYI7IYjPbnxMSJMgoyN1etONgHEzfIV7tqyCcbAZC7TY
xP4DHLT8oAvb5o47F5iI+OvciAuqNOKvRgDLTpZQT1lp4EPeLCishxTB9NHUaIPo
hd/GbpovO7aeNCzJ+mHLpKjGUYKXg1r/AKyQDsi2l3MVsgmVOkDSIBtEIQIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFHCkB7riAp7wwcHWdQx5TbLBO9kMMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvY0tRSHV1SUNudkRCd2RaMURIbE5zc0U3MlF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTAkBAIAATAeAwQCLqHQAwQC
LqHYAwQCXuj0AwQCuXucAwQCuYIoMB0EAgACMBcwDgMFACoMngMDBQAqDJ4EAwUA
KgyeBzANBgkqhkiG9w0BAQsFAAOCAQEAO09Fwhj5egUESGAgdYvhbpYJpmlJCONG
u+/RWrCtWivy/JRdXVGZX+ujAdGRFnSnXTYRGNJzi50lJ3LTS3RH0o2vZiUngzwY
KtCvYSoyBRj/aXUYOy+hpRC2Xzk4mCRiLRBbCrBlyHSxFWdsQqY9bflxuC0CC7GP
ZjFClziBLk8tcHh3mRiiVP0jliRpmFNXWcs3ZnAesV/IgsYaE70znyP46RJcXu2s
RT4SH9o6PTWO8CU81RBLXyXwT7NAXtQ02U9nMM8e/tAzcyNtWdcOaNCiHYKfdndo
kAlrqqnnOrW010WmBEAKDjW+ldoS76Z9HvM0+2blBGjCD1Hdr8WGFw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:25 2024 by rpki-client on console-fra.rpki-client.org