Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/VlC1sEZ7MaLumMDwC2L7heEEU3c.roa
File: VlC1sEZ7MaLumMDwC2L7heEEU3c.roa (raw, json)
Hash identifier: owdM/DKUO6uL9dNTCy6XFKfhnPfXy8EO82uzxQiDwg4=
Subject key identifier: 56:50:B5:B0:46:7B:31:A2:EE:98:C0:F0:0B:62:FB:85:E1:04:53:77
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 1386D2E3
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/VlC1sEZ7MaLumMDwC2L7heEEU3c.roa
Signing time: Sat 01 Jan 2022 05:56:17 +0000
ROA not before: Sat 01 Jan 2022 05:56:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 64470
IP address blocks: 45.140.32.0/22 maxlen: 22
193.46.204.0/24 maxlen: 24
193.46.211.0/24 maxlen: 24
193.46.214.0/24 maxlen: 24
193.46.220.0/24 maxlen: 24
45.149.160.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 327602915 (0x1386d2e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 1 05:56:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5650b5b0467b31a2ee98c0f00b62fb85e1045377
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:76:2d:1d:2b:32:83:46:7b:51:b0:6a:d8:25:
e3:bf:32:df:f3:2d:d0:f8:dc:0a:41:b7:0d:aa:12:
fe:7b:dd:bf:27:9a:85:88:70:f4:19:b9:48:fa:3f:
f8:77:e8:b8:b5:07:ac:8a:66:be:52:ee:15:8c:5d:
ea:80:81:8a:a9:dd:39:d8:43:ea:ad:c8:6c:b8:13:
a1:20:59:6f:ef:fa:01:19:1d:50:b8:5e:68:ac:39:
6b:08:0b:34:fc:d7:2b:2a:73:7d:ac:cf:10:02:3a:
76:90:1e:ce:7e:ad:92:db:0c:f4:02:9f:bf:c5:82:
4e:d1:c4:9f:2b:d8:7e:d8:ec:1d:3b:77:82:7b:89:
47:53:6c:49:b8:52:1f:3d:d5:d6:cc:54:3a:90:cb:
a2:81:da:a3:6c:48:11:92:67:62:92:6f:5a:db:b4:
e0:98:f6:43:f0:f5:cf:4f:cd:d4:91:05:cd:13:bd:
d3:f7:a3:eb:f0:e5:1c:46:7f:c9:aa:9d:04:27:6a:
ef:6c:99:37:68:ab:6b:79:fa:f9:1c:82:52:69:a7:
b7:5a:e0:30:69:bc:2c:67:d5:d6:7d:a9:09:f1:cc:
e0:88:d7:b2:e2:35:e5:d9:07:e3:86:c1:ab:d4:4f:
6a:4d:9b:4e:f7:f5:5b:14:83:93:ec:29:d3:cd:16:
a1:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:50:B5:B0:46:7B:31:A2:EE:98:C0:F0:0B:62:FB:85:E1:04:53:77
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/VlC1sEZ7MaLumMDwC2L7heEEU3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.32.0/22
45.149.160.0/22
193.46.204.0/24
193.46.211.0/24
193.46.214.0/24
193.46.220.0/24
Signature Algorithm: sha256WithRSAEncryption
25:d9:7a:5d:1b:3b:13:b1:59:25:27:ec:b8:6e:9b:34:cf:88:
28:1f:e5:b8:e2:2c:4d:1c:01:29:e9:c5:7b:14:5b:ae:3f:b7:
29:1f:3b:6a:c3:55:43:c4:57:f9:da:96:1a:6e:03:56:b8:ad:
a0:b8:1a:de:b0:f0:b5:c7:00:e1:b6:09:73:6b:2e:2d:19:7d:
fe:48:2c:51:d8:e0:ec:61:01:0f:42:19:2b:5a:2f:b9:60:1f:
e5:80:fc:44:cc:96:b0:01:b2:89:d5:fc:07:c0:ff:c4:9c:e9:
81:2f:00:8d:87:c8:8e:99:12:60:65:b9:b6:84:d8:14:99:4b:
8d:91:7b:83:64:3f:69:28:e6:b4:61:fb:f3:c0:93:51:9f:40:
e8:bb:41:7f:10:38:65:a4:fa:37:0d:99:81:5d:62:8b:76:c3:
54:e9:38:59:7b:89:c6:30:50:88:15:9a:94:a2:15:3a:2c:95:
3a:53:07:25:40:e4:b3:11:aa:26:ea:d8:2a:88:1c:c0:65:e6:
c6:4b:89:59:70:c1:fb:8e:78:be:d0:63:02:66:35:3f:bf:e4:
5f:56:a7:4f:ab:6a:e7:e8:90:ee:09:34:5f:df:8b:53:f6:52:
4b:8d:a9:ed:a9:b2:f2:21:bd:5f:6a:59:c8:1f:9e:50:c0:86:
91:fd:59:d2
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEE4bS4zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmFiMzA2ODM4NTllYzdlMDIwNmZlOTI2NTM2M2U4ZTM5NzFhOWE4MB4XDTIyMDEw
MTA1NTYxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTY1MGI1YjA0Njdi
MzFhMmVlOThjMGYwMGI2MmZiODVlMTA0NTM3NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOZ2LR0rMoNGe1Gwatgl478y3/Mt0PjcCkG3DaoS/nvdvyea
hYhw9Bm5SPo/+HfouLUHrIpmvlLuFYxd6oCBiqndOdhD6q3IbLgToSBZb+/6ARkd
ULheaKw5awgLNPzXKypzfazPEAI6dpAezn6tktsM9AKfv8WCTtHEnyvYftjsHTt3
gnuJR1NsSbhSHz3V1sxUOpDLooHao2xIEZJnYpJvWtu04Jj2Q/D1z0/N1JEFzRO9
0/ej6/DlHEZ/yaqdBCdq72yZN2ira3n6+RyCUmmnt1rgMGm8LGfV1n2pCfHM4IjX
suI15dkH44bBq9RPak2bTvf1WxSDk+wp080WoYMCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBRWULWwRnsxou6YwPALYvuF4QRTdzAfBgNVHSMEGDAWgBSLqzBoOFnsfgIG
/pJlNj6OOXGpqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k2c3dhRGhaN0g0Q0J2NlNaVFktampseHFhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8x
L1ZsQzFzRVo3TWFMdW1NRHdDMkw3aGVFRVUzYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
ODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8xL2k2c3dhRGhaN0g0
Q0J2NlNaVFktampseHFhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAi2MIAMEAi2VoAMEAMEuzAMEAMEu
0wMEAMEu1gMEAMEu3DANBgkqhkiG9w0BAQsFAAOCAQEAJdl6XRs7E7FZJSfsuG6b
NM+IKB/luOIsTRwBKenFexRbrj+3KR87asNVQ8RX+dqWGm4DVritoLga3rDwtccA
4bYJc2suLRl9/kgsUdjg7GEBD0IZK1ovuWAf5YD8RMyWsAGyidX8B8D/xJzpgS8A
jYfIjpkSYGW5toTYFJlLjZF7g2Q/aSjmtGH788CTUZ9A6LtBfxA4ZaT6Nw2ZgV1i
i3bDVOk4WXuJxjBQiBWalKIVOiyVOlMHJUDksxGqJurYKogcwGXmxkuJWXDB+454
vtBjAmY1P7/kX1anT6tq5+iQ7gk0X9+LU/ZSS42p7amy8iG9X2pZyB+eUMCGkf1Z
0g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:26 2024 by rpki-client on console-ams.rpki-client.org