Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/g3wCllOl7uE3Kk3PUkIIMkSL_Lo.roa
File: g3wCllOl7uE3Kk3PUkIIMkSL_Lo.roa (raw, json)
Hash identifier: pw30ucBRCabcFY2TymVbnfKmiKaZZXeYyuto5gXARpw=
Subject key identifier: 83:7C:02:96:53:A5:EE:E1:37:2A:4D:CF:52:42:08:32:44:8B:FC:BA
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018571A7A935E3FA528B9705B16119B8DD01
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/g3wCllOl7uE3Kk3PUkIIMkSL_Lo.roa
Signing time: Mon 02 Jan 2023 08:44:51 +0000
ROA not before: Mon 02 Jan 2023 08:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 64470
IP address blocks: 45.140.32.0/22 maxlen: 22
193.46.204.0/24 maxlen: 24
193.46.211.0/24 maxlen: 24
193.46.214.0/24 maxlen: 24
193.46.220.0/24 maxlen: 24
45.149.160.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:a7:a9:35:e3:fa:52:8b:97:05:b1:61:19:b8:dd:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 2 08:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=837c029653a5eee1372a4dcf52420832448bfcba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:9e:3f:51:4d:41:d7:4a:c4:15:9c:1c:60:bd:
8f:de:ff:6a:43:74:eb:80:86:9b:61:da:99:66:8b:
07:de:4a:44:3a:92:ac:99:7d:0c:5b:54:f7:cb:d0:
a9:7b:66:9d:bd:17:47:22:77:36:ec:19:09:80:55:
b3:89:6c:3d:49:e2:a4:69:c2:91:a7:14:5a:ac:d6:
20:64:c8:50:50:bc:7a:ce:f0:4c:df:67:35:90:54:
03:d5:48:9b:3e:8a:42:4a:be:0a:64:e7:e1:18:04:
46:9f:dd:27:f5:88:36:88:91:90:b1:89:6c:50:a4:
2a:51:21:5e:68:7e:32:f0:59:ab:f7:d3:7b:e6:60:
79:32:17:2d:bd:82:49:de:12:cd:6e:46:5e:84:0c:
a9:fa:cb:52:08:ce:af:7f:b2:8c:60:2f:c9:85:9c:
cf:e1:ce:28:ce:15:4b:8d:50:4c:fd:1d:dc:a0:79:
3e:06:73:52:6b:d3:db:37:cd:4e:39:f6:df:51:e6:
68:ae:ed:92:b8:7c:c7:5b:87:07:06:01:65:bf:d1:
d4:4c:2f:b1:8d:ab:01:a8:67:5f:e7:d9:f8:69:4b:
80:77:a4:51:ad:a0:7a:b2:46:83:c6:26:67:ce:be:
45:03:2d:b3:55:fc:77:ac:e6:e8:d2:a2:b6:b5:43:
d3:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:7C:02:96:53:A5:EE:E1:37:2A:4D:CF:52:42:08:32:44:8B:FC:BA
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/g3wCllOl7uE3Kk3PUkIIMkSL_Lo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.32.0/22
45.149.160.0/22
193.46.204.0/24
193.46.211.0/24
193.46.214.0/24
193.46.220.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:c5:50:6a:e6:9a:39:49:85:81:10:56:94:09:94:2b:1f:ee:
b8:17:91:b3:7f:e9:6a:26:83:1b:29:16:56:aa:41:f4:f9:9e:
3d:b8:cf:03:a9:de:b6:bc:86:b1:fd:c2:5a:49:47:91:ef:ce:
de:34:db:3a:60:ab:56:93:93:95:9a:8f:48:96:51:51:30:0a:
83:13:5c:76:30:7c:b4:a6:65:78:62:37:49:d8:c7:5b:8b:09:
82:ff:6a:b0:40:fb:24:8b:3e:84:37:9f:d7:ea:0b:bd:fd:52:
72:95:10:ce:95:fc:6a:0f:02:c5:b0:7f:95:03:8b:4a:92:fc:
0b:6b:5e:34:cd:ed:04:fd:08:3f:f2:08:3d:24:b6:98:4b:92:
f1:65:fe:4a:05:8c:69:88:87:8b:40:e6:0d:d5:a8:3a:69:d6:
73:39:f6:32:48:4e:12:e2:9e:bc:0d:57:03:29:05:79:72:e5:
4b:fa:2b:23:2c:4f:b5:35:cb:35:65:12:e9:a3:e2:1a:da:df:
67:16:82:bd:62:69:2b:5f:f9:65:7c:64:59:79:55:c6:67:ec:
ba:92:b0:26:b3:18:38:d8:61:e0:e7:74:78:34:3b:30:a0:52:
10:b3:12:3b:20:51:ca:d3:77:6e:ff:62:c8:51:b1:60:fd:0d:
75:a8:8e:04
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVxp6k14/pSi5cFsWEZuN0BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwMTAyMDg0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzdjMDI5NjUzYTVlZWUxMzcyYTRkY2Y1MjQyMDgzMjQ0OGJmY2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZ4/UU1B10rEFZwcYL2P3v9qQ3Tr
gIabYdqZZosH3kpEOpKsmX0MW1T3y9Cpe2advRdHInc27BkJgFWziWw9SeKkacKR
pxRarNYgZMhQULx6zvBM32c1kFQD1UibPopCSr4KZOfhGARGn90n9Yg2iJGQsYls
UKQqUSFeaH4y8Fmr99N75mB5MhctvYJJ3hLNbkZehAyp+stSCM6vf7KMYC/JhZzP
4c4ozhVLjVBM/R3coHk+BnNSa9PbN81OOfbfUeZoru2SuHzHW4cHBgFlv9HUTC+x
jasBqGdf59n4aUuAd6RRraB6skaDxiZnzr5FAy2zVfx3rObo0qK2tUPT1wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIN8ApZTpe7hNypNz1JCCDJEi/y6MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvZzN3Q2xsT2w3dUUzS2szUFVrSUlNa1NMX0xvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCLYwgAwQC
LZWgAwQAwS7MAwQAwS7TAwQAwS7WAwQAwS7cMA0GCSqGSIb3DQEBCwUAA4IBAQCL
xVBq5po5SYWBEFaUCZQrH+64F5Gzf+lqJoMbKRZWqkH0+Z49uM8Dqd62vIax/cJa
SUeR787eNNs6YKtWk5OVmo9IllFRMAqDE1x2MHy0pmV4YjdJ2MdbiwmC/2qwQPsk
iz6EN5/X6gu9/VJylRDOlfxqDwLFsH+VA4tKkvwLa140ze0E/Qg/8gg9JLaYS5Lx
Zf5KBYxpiIeLQOYN1ag6adZzOfYySE4S4p68DVcDKQV5cuVL+isjLE+1Ncs1ZRLp
o+Ia2t9nFoK9YmkrX/llfGRZeVXGZ+y6krAmsxg42GHg53R4NDswoFIQsxI7IFHK
03du/2LIUbFg/Q11qI4E
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:41 2024 by rpki-client on console-fra.rpki-client.org