Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/iZ8rHLPbThHGFQv5KYaRZP6dkME.roa
File: iZ8rHLPbThHGFQv5KYaRZP6dkME.roa (raw, json)
Hash identifier: Gv73m6/xkhQkoNDXLqRiBZvUsixO4VLmr0K0aqEY+0I=
Subject key identifier: 89:9F:2B:1C:B3:DB:4E:11:C6:15:0B:F9:29:86:91:64:FE:9D:90:C1
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 018570676548F03DBFC3A09DD9B503A9D902
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/iZ8rHLPbThHGFQv5KYaRZP6dkME.roa
Signing time: Mon 02 Jan 2023 02:55:02 +0000
ROA not before: Mon 02 Jan 2023 02:55:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7029
IP address blocks: 185.232.86.0/23 maxlen: 23
45.134.178.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:65:48:f0:3d:bf:c3:a0:9d:d9:b5:03:a9:d9:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Jan 2 02:55:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=899f2b1cb3db4e11c6150bf929869164fe9d90c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:cf:f5:b4:ea:06:46:1e:83:52:ce:ea:93:03:
0f:39:c4:b1:56:cc:a4:5b:8d:4e:34:95:bb:66:e1:
aa:fd:97:ea:3a:b6:18:e4:76:2f:4e:e0:d6:6e:8c:
ce:53:52:ca:1f:58:fe:23:9b:2f:f6:14:f4:75:a3:
95:e4:e8:26:a4:32:60:70:dd:9a:ae:0f:88:98:93:
c9:23:70:5c:47:30:79:73:f8:f3:f3:b9:c9:fc:15:
4d:31:4b:ed:97:59:d8:96:51:5f:2b:ff:86:cb:bf:
79:86:c3:97:10:f9:36:6f:bc:99:3f:b9:4b:ed:42:
f3:c4:e7:b3:29:e1:6d:b7:28:da:3b:5e:9a:c4:51:
d1:6c:44:35:b0:46:f3:f9:3e:49:97:7d:5c:72:48:
e4:7e:40:c2:7d:93:c9:25:4e:af:b8:64:28:f4:9d:
c7:ac:a8:af:b6:fb:df:c6:25:33:9d:32:16:fa:df:
ef:87:61:c8:5b:26:26:ba:54:de:cb:4c:75:6b:f6:
30:74:a1:ce:25:b7:50:64:8f:c5:ae:bf:3b:df:d2:
c9:fa:0a:8c:ed:db:65:7d:71:11:71:b3:77:e7:d8:
89:81:02:6e:d9:6f:28:8a:18:86:0e:f4:20:e3:2d:
72:dc:64:8e:f8:05:92:ae:e9:d1:7d:41:0b:95:1f:
80:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:9F:2B:1C:B3:DB:4E:11:C6:15:0B:F9:29:86:91:64:FE:9D:90:C1
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/iZ8rHLPbThHGFQv5KYaRZP6dkME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.178.0/23
185.232.86.0/23
Signature Algorithm: sha256WithRSAEncryption
54:7f:d8:02:84:3b:91:ef:b4:36:62:ac:67:dd:9b:41:a5:d9:
63:89:da:05:c0:b9:e4:3e:08:30:f0:f9:a4:e6:06:f2:9a:ca:
3f:d5:5a:50:e6:b9:d9:84:4a:33:41:c2:72:be:55:c7:50:a7:
45:d1:e8:ef:48:e2:d8:0d:75:51:69:10:ac:69:e5:cc:7f:07:
c6:ec:1a:f5:25:de:64:27:82:ef:26:ca:b0:e0:a0:d7:35:de:
57:fa:1e:cd:fe:09:8e:d6:16:9c:01:5a:d2:d9:d8:71:c3:5f:
de:ec:a8:38:79:82:6c:3a:ff:94:ac:45:2f:6d:cf:af:83:6b:
b4:82:1a:ec:e5:39:97:a0:f6:97:c4:59:27:b3:65:0d:47:53:
e9:ab:48:d3:bc:8e:bc:e7:49:15:4a:f7:9f:98:42:6b:16:6a:
c5:3a:82:b2:a5:25:2a:d1:87:60:92:f0:46:c5:4a:d7:73:10:
aa:d5:d2:bf:8b:a5:64:1b:91:27:ef:d7:c6:0b:1e:74:4c:e6:
40:55:b5:ce:78:e0:34:4e:36:0d:96:f0:71:3a:2a:61:85:a8:
32:91:01:80:5d:3b:b4:ae:4c:2d:79:fe:51:14:67:fb:30:9d:
ed:f4:b5:47:9b:26:0f:68:a3:bc:a5:a9:ee:15:ae:de:49:f9:
b4:07:34:f7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwZ2VI8D2/w6Cd2bUDqdkCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjMwMTAyMDI1NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTlmMmIxY2IzZGI0ZTExYzYxNTBiZjkyOTg2OTE2NGZlOWQ5MGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8/1tOoGRh6DUs7qkwMPOcSxVsyk
W41ONJW7ZuGq/ZfqOrYY5HYvTuDWbozOU1LKH1j+I5sv9hT0daOV5OgmpDJgcN2a
rg+ImJPJI3BcRzB5c/jz87nJ/BVNMUvtl1nYllFfK/+Gy795hsOXEPk2b7yZP7lL
7ULzxOezKeFttyjaO16axFHRbEQ1sEbz+T5Jl31cckjkfkDCfZPJJU6vuGQo9J3H
rKivtvvfxiUznTIW+t/vh2HIWyYmulTey0x1a/YwdKHOJbdQZI/Frr8739LJ+gqM
7dtlfXERcbN359iJgQJu2W8oihiGDvQg4y1y3GSO+AWSrunRfUELlR+ANwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFImfKxyz204RxhUL+SmGkWT+nZDBMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvaVo4ckhMUGJUaEhHRlF2NUtZYVJaUDZka01FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLYayAwQB
uehWMA0GCSqGSIb3DQEBCwUAA4IBAQBUf9gChDuR77Q2Yqxn3ZtBpdljidoFwLnk
Pggw8Pmk5gbymso/1VpQ5rnZhEozQcJyvlXHUKdF0ejvSOLYDXVRaRCsaeXMfwfG
7Br1Jd5kJ4LvJsqw4KDXNd5X+h7N/gmO1hacAVrS2dhxw1/e7Kg4eYJsOv+UrEUv
bc+vg2u0ghrs5TmXoPaXxFkns2UNR1Ppq0jTvI6850kVSvefmEJrFmrFOoKypSUq
0YdgkvBGxUrXcxCq1dK/i6VkG5En79fGCx50TOZAVbXOeOA0TjYNlvBxOiphhagy
kQGAXTu0rkwtef5RFGf7MJ3t9LVHmyYPaKO8panuFa7eSfm0BzT3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:25 2024 by rpki-client on console-fra.rpki-client.org