Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/ZpzORuVHqSM_I02ExV8kN53R1oY.roa
File: ZpzORuVHqSM_I02ExV8kN53R1oY.roa (raw, json)
Hash identifier: 4myr+cWyf8/dlI7djwqForY4h5sHY4X/HHPmhqykp2Y=
Subject key identifier: 66:9C:CE:46:E5:47:A9:23:3F:23:4D:84:C5:5F:24:37:9D:D1:D6:86
Certificate issuer: /CN=b6c167dfa9882b2aa8f84595f58a97c305ca43c5
Certificate serial: 275D05CD
Authority key identifier: B6:C1:67:DF:A9:88:2B:2A:A8:F8:45:95:F5:8A:97:C3:05:CA:43:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tsFn36mIKyqo-EWV9YqXwwXKQ8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/ZpzORuVHqSM_I02ExV8kN53R1oY.roa
Signing time: Sat 01 Jan 2022 14:02:23 +0000
ROA not before: Sat 01 Jan 2022 14:02:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57497
IP address blocks: 45.135.240.0/24 maxlen: 24
45.135.243.0/24 maxlen: 24
45.135.241.0/24 maxlen: 24
45.135.242.0/24 maxlen: 24
45.93.168.0/24 maxlen: 24
45.93.169.0/24 maxlen: 24
45.93.170.0/24 maxlen: 24
158.58.191.0/24 maxlen: 24
158.58.190.0/23 maxlen: 23
158.58.189.0/24 maxlen: 24
158.58.190.0/24 maxlen: 24
158.58.188.0/24 maxlen: 24
158.58.188.0/23 maxlen: 23
158.58.187.0/24 maxlen: 24
158.58.184.0/24 maxlen: 24
158.58.185.0/24 maxlen: 24
158.58.184.0/22 maxlen: 22
158.58.186.0/24 maxlen: 24
185.2.14.0/23 maxlen: 24
185.2.12.0/22 maxlen: 22
185.2.12.0/23 maxlen: 24
5.63.10.0/24 maxlen: 24
5.63.11.0/24 maxlen: 24
5.63.8.0/24 maxlen: 24
5.63.10.0/23 maxlen: 23
5.63.9.0/24 maxlen: 24
5.63.13.0/24 maxlen: 24
5.63.14.0/24 maxlen: 24
5.63.14.0/23 maxlen: 23
5.63.12.0/24 maxlen: 24
2a01:4ac0:3::/48 maxlen: 48
2a01:4ac0:2::/48 maxlen: 48
2a01:4ac0::/48 maxlen: 48
2a01:4ac0:1::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 660407757 (0x275d05cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6c167dfa9882b2aa8f84595f58a97c305ca43c5
Validity
Not Before: Jan 1 14:02:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=669cce46e547a9233f234d84c55f24379dd1d686
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:2e:29:58:be:09:6c:94:34:cd:87:76:a3:14:
c5:40:25:66:2c:9b:5b:d2:8d:51:2f:9d:0a:2c:8a:
ac:d0:c2:7f:65:71:1d:c6:54:58:0d:b4:e8:3f:ba:
2f:a3:03:9a:14:34:cf:8e:78:a7:1b:4e:cc:98:e5:
0b:03:5b:25:ce:8b:40:08:66:a4:56:d6:ce:1f:01:
74:d0:66:52:cd:2c:80:70:62:4f:a8:13:09:65:d0:
5d:84:ec:74:1a:67:6f:d0:97:17:dc:07:e7:b5:92:
71:f5:ca:6b:3b:b3:cc:62:fd:29:77:7f:d9:b6:0b:
76:7d:43:63:d4:21:6b:d6:d2:9e:ce:c4:07:ca:53:
63:53:b7:35:21:0a:67:d3:b5:56:65:77:43:ea:41:
bc:13:50:84:e2:35:fa:17:77:33:3c:b8:a2:fa:84:
24:3e:f3:24:53:22:1c:c9:0d:29:be:7c:c9:e8:9f:
72:30:fe:1a:02:9b:1c:04:ab:6e:2c:5a:3f:30:e1:
08:01:de:88:0b:0e:d0:94:ca:bd:be:0e:ce:40:09:
8b:cb:6e:be:6a:b5:b8:91:cb:57:59:00:6c:f6:5a:
d2:ac:0e:e5:f5:63:27:c2:c5:3a:43:09:40:68:57:
25:18:01:29:18:f0:55:ff:48:78:75:61:79:31:d4:
19:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:9C:CE:46:E5:47:A9:23:3F:23:4D:84:C5:5F:24:37:9D:D1:D6:86
X509v3 Authority Key Identifier:
keyid:B6:C1:67:DF:A9:88:2B:2A:A8:F8:45:95:F5:8A:97:C3:05:CA:43:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tsFn36mIKyqo-EWV9YqXwwXKQ8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/ZpzORuVHqSM_I02ExV8kN53R1oY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/tsFn36mIKyqo-EWV9YqXwwXKQ8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.8.0/21
45.93.168.0-45.93.170.255
45.135.240.0/22
158.58.184.0/21
185.2.12.0/22
IPv6:
2a01:4ac0::/46
Signature Algorithm: sha256WithRSAEncryption
42:af:c2:1f:24:f9:ad:f2:67:79:d1:42:0e:10:25:ad:9c:ba:
17:e6:c8:2a:03:05:4c:51:82:9a:67:b2:12:6f:82:ec:25:18:
f8:26:1a:7a:bf:6a:8c:ee:c9:a7:b5:6d:16:8e:68:55:ff:3f:
cd:56:e4:80:4a:54:e8:d1:71:25:4b:ca:fd:b0:87:a8:62:5a:
1b:87:c3:b5:7f:33:ad:f3:4c:8c:ad:ec:18:10:c5:d9:98:ac:
db:04:b0:8b:98:21:ed:82:55:10:ca:44:7b:bc:3b:06:e0:3c:
a6:96:4b:37:f3:e9:9d:0b:06:6e:9a:08:f7:dc:32:e5:52:60:
55:06:a7:41:1a:f4:c8:4b:92:0a:64:f3:ec:59:01:b5:28:26:
8b:4d:2f:7b:58:d1:4f:11:84:98:94:46:7e:4b:c6:58:e1:ba:
09:9d:68:01:43:04:b9:54:31:a7:39:d0:02:3a:56:8f:51:2e:
8a:a2:ab:28:56:c5:f2:aa:5c:3c:eb:b5:46:6d:32:37:d2:e0:
67:8f:db:7b:53:52:fc:92:26:f0:cd:45:62:45:2e:93:bd:86:
03:8f:77:e4:2e:ea:eb:ee:1a:c7:fb:c6:fe:ec:cf:34:8c:3f:
f5:9a:4e:3d:90:5f:10:87:a6:31:8d:95:8c:da:3e:cc:b4:de:
90:0f:2c:96
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgIEJ10FzTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NmMxNjdkZmE5ODgyYjJhYThmODQ1OTVmNThhOTdjMzA1Y2E0M2M1MB4XDTIyMDEw
MTE0MDIyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjY5Y2NlNDZlNTQ3
YTkyMzNmMjM0ZDg0YzU1ZjI0Mzc5ZGQxZDY4NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOMuKVi+CWyUNM2HdqMUxUAlZiybW9KNUS+dCiyKrNDCf2Vx
HcZUWA206D+6L6MDmhQ0z454pxtOzJjlCwNbJc6LQAhmpFbWzh8BdNBmUs0sgHBi
T6gTCWXQXYTsdBpnb9CXF9wH57WScfXKazuzzGL9KXd/2bYLdn1DY9Qha9bSns7E
B8pTY1O3NSEKZ9O1VmV3Q+pBvBNQhOI1+hd3Mzy4ovqEJD7zJFMiHMkNKb58yeif
cjD+GgKbHASrbixaPzDhCAHeiAsO0JTKvb4OzkAJi8tuvmq1uJHLV1kAbPZa0qwO
5fVjJ8LFOkMJQGhXJRgBKRjwVf9IeHVheTHUGU8CAwEAAaOCAjowggI2MB0GA1Ud
DgQWBBRmnM5G5UepIz8jTYTFXyQ3ndHWhjAfBgNVHSMEGDAWgBS2wWffqYgrKqj4
RZX1ipfDBcpDxTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RzRm4zNm1JS3lxby1FV1Y5WXFYd3dYS1E4VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmMvNzNiZWViLTZhMDUtNGNjYS04NmJlLWFjZmMzZDJjMjUyMi8x
L1pwek9SdVZIcVNNX0kwMkV4VjhrTjUzUjFvWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmMv
NzNiZWViLTZhMDUtNGNjYS04NmJlLWFjZmMzZDJjMjUyMi8xL3RzRm4zNm1JS3lx
by1FV1Y5WXFYd3dYS1E4VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBQ
BggrBgEFBQcBBwEB/wRBMD8wLAQCAAEwJgMEAwU/CDAMAwQDLV2oAwQALV2qAwQC
LYfwAwQDnjq4AwQCuQIMMA8EAgACMAkDBwIqAUrAAAAwDQYJKoZIhvcNAQELBQAD
ggEBAEKvwh8k+a3yZ3nRQg4QJa2cuhfmyCoDBUxRgppnshJvguwlGPgmGnq/aozu
yae1bRaOaFX/P81W5IBKVOjRcSVLyv2wh6hiWhuHw7V/M63zTIyt7BgQxdmYrNsE
sIuYIe2CVRDKRHu8OwbgPKaWSzfz6Z0LBm6aCPfcMuVSYFUGp0Ea9MhLkgpk8+xZ
AbUoJotNL3tY0U8RhJiURn5LxljhugmdaAFDBLlUMac50AI6Vo9RLoqiqyhWxfKq
XDzrtUZtMjfS4GeP23tTUvySJvDNRWJFLpO9hgOPd+Qu6uvuGsf7xv7szzSMP/Wa
Tj2QXxCHpjGNlYzaPsy03pAPLJY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:48 2024 by rpki-client on console-fra.rpki-client.org