Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/cttd78CauFyozzkZgez2LgUgBkk.roa
File: cttd78CauFyozzkZgez2LgUgBkk.roa (raw, json)
Hash identifier: FmC+G9/COhL+psy6fsLb/5Mw4EeSDx6ahjfy8wqFKuM=
Subject key identifier: 72:DB:5D:EF:C0:9A:B8:5C:A8:CF:39:19:81:EC:F6:2E:05:20:06:49
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 01922B07905099B0B7E583D267297CFF1277
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/cttd78CauFyozzkZgez2LgUgBkk.roa
Signing time: Wed 25 Sep 2024 21:12:48 +0000
ROA not before: Wed 25 Sep 2024 21:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7489
IP address blocks: 2.56.164.0/22 maxlen: 24
45.81.20.0/22 maxlen: 24
45.90.144.0/22 maxlen: 24
45.140.220.0/22 maxlen: 24
45.154.196.0/22 maxlen: 24
77.83.240.0/22 maxlen: 24
77.83.243.0/24 maxlen: 24
78.108.216.0/22 maxlen: 24
78.108.217.0/24 maxlen: 24
83.143.116.0/22 maxlen: 24
83.143.116.0/24 maxlen: 24
85.202.160.0/22 maxlen: 24
89.190.156.0/22 maxlen: 24
178.218.144.0/22 maxlen: 24
185.185.40.0/22 maxlen: 24
185.186.64.0/22 maxlen: 24
185.227.68.0/22 maxlen: 24
185.227.71.0/24 maxlen: 24
185.234.72.0/22 maxlen: 24
185.242.224.0/22 maxlen: 24
185.242.225.0/24 maxlen: 24
193.31.28.0/22 maxlen: 24
193.31.30.0/24 maxlen: 24
193.34.76.0/22 maxlen: 24
193.34.77.0/24 maxlen: 24
193.105.184.0/24 maxlen: 24
193.105.207.0/24 maxlen: 24
193.221.192.0/22 maxlen: 24
194.31.141.0/24 maxlen: 24
194.50.16.0/22 maxlen: 24
194.56.224.0/22 maxlen: 24
212.107.12.0/22 maxlen: 24
212.107.14.0/24 maxlen: 24
2a0b:b82::/44 maxlen: 44
2a0b:b84::/32 maxlen: 32
2a0b:b85::/32 maxlen: 32
2a0b:b86::/40 maxlen: 48
2a0b:b87:ff12::/48 maxlen: 48
2a0b:b87:ffb4::/48 maxlen: 48
2a0b:b87:ffd2::/48 maxlen: 48
2a0b:b87:ffda::/48 maxlen: 48
2a0b:b87:ffec::/48 maxlen: 48
2a0b:b87:fff0::/44 maxlen: 44
2a0b:7080:10::/44 maxlen: 44
2a0b:7080:10::/45 maxlen: 45
2a0b:7080:10::/48 maxlen: 48
2a0b:7080:20::/44 maxlen: 48
2a0b:7080:20::/48 maxlen: 48
2a0b:7080:30::/44 maxlen: 48
2a0d:77c0::/29 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:2b:07:90:50:99:b0:b7:e5:83:d2:67:29:7c:ff:12:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Sep 25 21:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=72db5defc09ab85ca8cf391981ecf62e05200649
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:b5:88:90:91:86:0d:f3:4a:3c:b9:9f:56:55:
f5:09:51:3c:4d:8d:61:cd:a8:c3:47:f5:95:9e:5a:
cc:84:2f:c6:54:b7:89:49:6b:ed:98:da:7a:86:53:
05:4c:79:51:02:5a:a3:7d:69:97:c7:a6:02:d9:b2:
ee:2c:0f:84:d1:83:41:7b:e6:19:17:48:84:7c:3b:
6d:f2:4b:9f:3d:24:c1:f9:be:18:4f:08:7f:65:cd:
38:f5:6d:78:24:ac:eb:04:5b:9f:c7:86:6d:8b:fd:
a0:cf:a4:a3:15:9a:f1:f9:cb:df:aa:fa:c1:00:a9:
a3:66:40:ac:0d:17:0b:98:4f:d6:4c:e9:20:78:fb:
48:6a:2e:2d:27:54:de:5e:81:1f:56:b9:48:b5:3a:
1b:12:54:f1:0d:64:41:c0:26:7c:ec:be:a4:1c:1f:
89:a5:c5:38:55:33:4b:02:a4:cb:0c:19:bf:75:4f:
0b:f2:fc:cf:e0:f9:73:c1:4f:2a:f5:65:fc:2f:1c:
db:3a:28:ff:62:45:a5:30:5e:29:d7:66:7e:95:5b:
e9:f3:43:73:c7:45:ed:55:75:f6:a5:0d:29:c0:88:
ac:33:44:10:94:76:a5:ee:64:22:2a:6e:5e:c4:fd:
94:c7:1f:17:20:c2:f6:2a:07:5e:31:2b:5a:c9:61:
b8:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:DB:5D:EF:C0:9A:B8:5C:A8:CF:39:19:81:EC:F6:2E:05:20:06:49
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/cttd78CauFyozzkZgez2LgUgBkk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.164.0/22
45.81.20.0/22
45.90.144.0/22
45.140.220.0/22
45.154.196.0/22
77.83.240.0/22
78.108.216.0/22
83.143.116.0/22
85.202.160.0/22
89.190.156.0/22
178.218.144.0/22
185.185.40.0/22
185.186.64.0/22
185.227.68.0/22
185.234.72.0/22
185.242.224.0/22
193.31.28.0/22
193.34.76.0/22
193.105.184.0/24
193.105.207.0/24
193.221.192.0/22
194.31.141.0/24
194.50.16.0/22
194.56.224.0/22
212.107.12.0/22
IPv6:
2a0b:b82::/44
2a0b:b84::-2a0b:b86:ff:ffff:ffff:ffff:ffff:ffff
2a0b:b87:ff12::/48
2a0b:b87:ffb4::/48
2a0b:b87:ffd2::/48
2a0b:b87:ffda::/48
2a0b:b87:ffec::/48
2a0b:b87:fff0::/44
2a0b:7080:10::-2a0b:7080:3f:ffff:ffff:ffff:ffff:ffff
2a0d:77c0::/29
Signature Algorithm: sha256WithRSAEncryption
11:7c:6a:5c:51:68:2e:02:17:68:bd:7b:80:d7:ef:f6:4b:8f:
30:38:0c:91:97:eb:e9:24:d3:70:16:f5:35:a4:ec:71:71:6e:
c8:8c:6d:19:9c:a7:b3:36:17:a4:7b:1c:32:7b:97:38:cd:68:
d9:3b:c1:49:d7:2d:ea:04:be:32:a9:28:2e:fd:2d:36:fa:b9:
f8:f6:7c:0c:e7:c2:7a:86:45:39:1b:94:b7:1a:c9:ec:c9:a9:
fe:57:8e:65:c7:43:4c:3b:9c:01:d2:c3:39:2a:ab:4b:fc:57:
b7:26:92:6b:ec:74:78:64:dd:f0:2d:58:35:4d:50:6e:da:b7:
40:37:64:49:08:9a:f8:52:26:6d:e9:6d:be:0a:9d:5a:79:8c:
47:9d:80:18:1f:9b:30:b1:bd:45:5e:5c:f6:85:c0:23:8c:ca:
b8:3f:a9:e0:7b:67:c2:2a:2d:94:7c:15:5c:c9:63:fa:dc:4d:
bc:88:99:97:37:27:81:ec:0a:1b:d6:00:ed:67:7f:71:bf:ba:
19:c1:95:16:f9:2d:c8:d2:99:d0:36:41:5a:e4:6e:e0:8b:cc:
18:0b:ed:56:a6:e6:6c:f3:28:21:6c:2e:88:39:7a:f5:36:74:
98:91:97:09:9d:6c:a7:98:ad:9e:eb:b1:8c:b2:1f:c7:79:4f:
5a:31:4a:e1
-----BEGIN CERTIFICATE-----
MIIGCDCCBPCgAwIBAgISAZIrB5BQmbC35YPSZyl8/xJ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjQwOTI1MjExMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmRiNWRlZmMwOWFiODVjYThjZjM5MTk4MWVjZjYyZTA1MjAwNjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLWIkJGGDfNKPLmfVlX1CVE8TY1h
zajDR/WVnlrMhC/GVLeJSWvtmNp6hlMFTHlRAlqjfWmXx6YC2bLuLA+E0YNBe+YZ
F0iEfDtt8kufPSTB+b4YTwh/Zc049W14JKzrBFufx4Zti/2gz6SjFZrx+cvfqvrB
AKmjZkCsDRcLmE/WTOkgePtIai4tJ1TeXoEfVrlItTobElTxDWRBwCZ87L6kHB+J
pcU4VTNLAqTLDBm/dU8L8vzP4PlzwU8q9WX8LxzbOij/YkWlMF4p12Z+lVvp80Nz
x0XtVXX2pQ0pwIisM0QQlHal7mQiKm5exP2Uxx8XIML2KgdeMStayWG4ZQIDAQAB
o4IDFDCCAxAwHQYDVR0OBBYEFHLbXe/AmrhcqM85GYHs9i4FIAZJMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvY3R0ZDc4Q2F1RnlvenprWmdlejJMZ1VnQmtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKAYIKwYBBQUHAQcBAf8EggEXMIIBEzCBnQQCAAEwgZYD
BAICOKQDBAItURQDBAItWpADBAItjNwDBAItmsQDBAJNU/ADBAJObNgDBAJTj3QD
BAJVyqADBAJZvpwDBAKy2pADBAK5uSgDBAK5ukADBAK540QDBAK56kgDBAK58uAD
BALBHxwDBALBIkwDBADBabgDBADBac8DBALB3cADBADCH40DBALCMhADBALCOOAD
BALUawwwcQQCAAIwawMHBCoLC4IAADAPAwUCKgsLhAMGACoLC4YAAwcAKgsLh/8S
AwcAKgsLh/+0AwcAKgsLh//SAwcAKgsLh//aAwcAKgsLh//sAwcEKgsLh//wMBID
BwQqC3CAABADBwYqC3CAAAADBQMqDXfAMA0GCSqGSIb3DQEBCwUAA4IBAQARfGpc
UWguAhdovXuA1+/2S48wOAyRl+vpJNNwFvU1pOxxcW7IjG0ZnKezNhekexwye5c4
zWjZO8FJ1y3qBL4yqSgu/S02+rn49nwM58J6hkU5G5S3Gsnsyan+V45lx0NMO5wB
0sM5KqtL/Fe3JpJr7HR4ZN3wLVg1TVBu2rdAN2RJCJr4UiZt6W2+Cp1aeYxHnYAY
H5swsb1FXlz2hcAjjMq4P6nge2fCKi2UfBVcyWP63E28iJmXNyeB7Aob1gDtZ39x
v7oZwZUW+S3I0pnQNkFa5G7gi8wYC+1WpuZs8yghbC6IOXr1NnSYkZcJnWynmK2e
67GMsh/HeU9aMUrh
-----END CERTIFICATE-----
Generated at Thu Nov 7 13:09:04 2024 by rpki-client on console-fra.rpki-client.org