Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/pDTiK5gW8_5MXLXnBw5LLxCopjM.roa
File: pDTiK5gW8_5MXLXnBw5LLxCopjM.roa (raw, json)
Hash identifier: 90rl5/zBql01OthuVNXV1j2b51yJPb4u0VLGyVjgUYg=
Subject key identifier: A4:34:E2:2B:98:16:F3:FE:4C:5C:B5:E7:07:0E:4B:2F:10:A8:A6:33
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 0183B1C62FFD0A3E0750E436C48B999E96D3
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/pDTiK5gW8_5MXLXnBw5LLxCopjM.roa
Signing time: Fri 07 Oct 2022 09:28:19 +0000
ROA not before: Fri 07 Oct 2022 09:28:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 185.123.156.0/22 maxlen: 23
185.130.40.0/22 maxlen: 23
94.232.244.0/22 maxlen: 23
46.161.210.0/23 maxlen: 23
46.161.216.0/22 maxlen: 23
2a0c:9e04::/32 maxlen: 32
2a0c:9e03::/32 maxlen: 32
2a0c:9e07::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:b1:c6:2f:fd:0a:3e:07:50:e4:36:c4:8b:99:9e:96:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Oct 7 09:28:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a434e22b9816f3fe4c5cb5e7070e4b2f10a8a633
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:6f:a7:05:32:68:fa:cc:5c:75:1e:47:40:e1:
59:43:e9:17:77:68:b3:6a:4b:f8:64:10:68:d8:1e:
1e:f5:b9:14:06:14:d6:c7:e6:58:fc:6b:7c:60:56:
76:34:fe:c1:29:bc:53:95:80:e1:b3:f6:1b:18:78:
44:7c:fd:0d:77:c3:bd:ed:6e:47:9b:f0:67:2f:41:
6f:ad:96:ba:0c:f9:9a:e7:24:b3:88:48:0b:b8:dd:
8b:85:2e:4a:62:65:7b:b1:d7:7c:68:c0:20:71:ca:
c9:fd:e8:ab:20:ab:97:48:34:08:4f:f1:ca:45:f3:
99:fc:64:9b:5b:48:6b:0c:f9:d1:aa:b2:a4:4f:e0:
6d:22:13:7f:f6:b7:68:89:96:4e:00:b3:cb:48:14:
42:68:4d:d8:94:a0:c2:d9:43:3b:2d:80:bf:0b:ec:
5e:fa:07:cf:41:6d:de:62:3d:42:c5:c2:55:65:f2:
9b:ef:68:73:60:51:9d:d3:aa:ef:af:ac:3b:ec:91:
90:87:dd:8a:78:e5:55:30:4a:cd:d8:cc:fe:26:9a:
17:27:cd:43:7c:2b:e7:47:79:13:e0:2c:16:41:9e:
d0:a2:ad:9f:9c:89:af:49:ae:a2:9a:2f:cc:8b:3c:
2a:70:a4:d7:ab:9e:3a:32:a0:53:1f:b2:85:f8:e8:
ef:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:34:E2:2B:98:16:F3:FE:4C:5C:B5:E7:07:0E:4B:2F:10:A8:A6:33
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/pDTiK5gW8_5MXLXnBw5LLxCopjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.161.210.0/23
46.161.216.0/22
94.232.244.0/22
185.123.156.0/22
185.130.40.0/22
IPv6:
2a0c:9e03::-2a0c:9e04:ffff:ffff:ffff:ffff:ffff:ffff
2a0c:9e07::/32
Signature Algorithm: sha256WithRSAEncryption
51:32:d0:3d:a0:fb:7f:6b:14:e0:3c:b2:d7:61:74:89:0b:ce:
d8:e9:4e:cd:60:4e:54:e0:dd:7d:f9:87:33:6c:be:a7:29:71:
b7:14:c6:53:9b:91:82:e2:60:7f:68:cb:ff:5c:73:84:fb:03:
47:a6:e8:91:54:cf:7d:79:ff:b9:61:94:99:1d:35:ba:8f:d0:
da:06:ea:ee:02:46:71:0c:c4:70:d0:b1:81:25:50:eb:8f:8a:
c9:ca:57:ec:5a:38:96:d3:e9:37:ab:22:f5:1e:63:62:ef:69:
5d:0b:3a:e8:ed:ff:f3:e2:2d:31:39:44:01:e5:4e:e7:0f:a7:
6d:5b:0a:01:37:0d:16:fa:e3:45:98:a4:b9:27:3c:5b:34:82:
09:2d:24:6c:2d:1f:84:8b:f9:35:e7:b3:70:0d:51:87:83:1f:
78:e9:14:1a:e3:89:06:e7:90:36:af:a2:40:7f:bf:40:dd:8b:
0d:7b:c9:fa:ca:47:43:bf:8d:08:1d:6d:dc:ec:aa:22:b8:e7:
be:d2:b6:18:52:71:64:42:74:ca:b0:1a:5e:18:13:af:36:c9:
96:a6:98:1e:53:6a:44:69:80:e3:c5:40:51:20:59:6e:17:07:
59:ac:d7:e8:6f:9b:6f:5b:4d:24:53:c7:9e:95:3f:3b:d2:51:
2f:f6:8e:82
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAYOxxi/9Cj4HUOQ2xIuZnpbTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjIxMDA3MDkyODE5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDM0ZTIyYjk4MTZmM2ZlNGM1Y2I1ZTcwNzBlNGIyZjEwYThhNjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgm+nBTJo+sxcdR5HQOFZQ+kXd2iz
akv4ZBBo2B4e9bkUBhTWx+ZY/Gt8YFZ2NP7BKbxTlYDhs/YbGHhEfP0Nd8O97W5H
m/BnL0FvrZa6DPma5ySziEgLuN2LhS5KYmV7sdd8aMAgccrJ/eirIKuXSDQIT/HK
RfOZ/GSbW0hrDPnRqrKkT+BtIhN/9rdoiZZOALPLSBRCaE3YlKDC2UM7LYC/C+xe
+gfPQW3eYj1CxcJVZfKb72hzYFGd06rvr6w77JGQh92KeOVVMErN2Mz+JpoXJ81D
fCvnR3kT4CwWQZ7Qoq2fnImvSa6imi/MizwqcKTXq546MqBTH7KF+OjvHwIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFKQ04iuYFvP+TFy15wcOSy8QqKYzMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvcERUaUs1Z1c4XzVNWExYbkJ3NUxMeENvcGpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTAkBAIAATAeAwQBLqHSAwQC
LqHYAwQCXuj0AwQCuXucAwQCuYIoMB0EAgACMBcwDgMFACoMngMDBQAqDJ4EAwUA
KgyeBzANBgkqhkiG9w0BAQsFAAOCAQEAUTLQPaD7f2sU4Dyy12F0iQvO2OlOzWBO
VODdffmHM2y+pylxtxTGU5uRguJgf2jL/1xzhPsDR6bokVTPfXn/uWGUmR01uo/Q
2gbq7gJGcQzEcNCxgSVQ64+KycpX7Fo4ltPpN6si9R5jYu9pXQs66O3/8+ItMTlE
AeVO5w+nbVsKATcNFvrjRZikuSc8WzSCCS0kbC0fhIv5NeezcA1Rh4MfeOkUGuOJ
BueQNq+iQH+/QN2LDXvJ+spHQ7+NCB1t3OyqIrjnvtK2GFJxZEJ0yrAaXhgTrzbJ
lqaYHlNqRGmA48VAUSBZbhcHWazX6G+bb1tNJFPHnpU/O9JRL/aOgg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:17 2024 by rpki-client on console-ams.rpki-client.org