Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/mBnCy0sy7-aZE438a6V67er19Cg.roa
File: mBnCy0sy7-aZE438a6V67er19Cg.roa (raw, json)
Hash identifier: 7CE/qFQWwYmtSoBCdykFltsbpK8I58xtyGbWF1+Q910=
Subject key identifier: 98:19:C2:CB:4B:32:EF:E6:99:13:8D:FC:6B:A5:7A:ED:EA:F5:F4:28
Certificate issuer: /CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Certificate serial: 018D2D6E2E30BF7989B4208286E4E97CF690
Authority key identifier: 26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/mBnCy0sy7-aZE438a6V67er19Cg.roa
Signing time: Sun 21 Jan 2024 19:10:11 +0000
ROA not before: Sun 21 Jan 2024 19:10:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212667
IP address blocks: 45.90.44.0/24 maxlen: 24
45.90.47.0/24 maxlen: 24
45.128.130.0/24 maxlen: 24
45.128.131.0/24 maxlen: 24
46.149.174.0/24 maxlen: 24
62.204.32.0/24 maxlen: 24
185.253.2.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:2d:6e:2e:30:bf:79:89:b4:20:82:86:e4:e9:7c:f6:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Validity
Not Before: Jan 21 19:10:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9819c2cb4b32efe699138dfc6ba57aedeaf5f428
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:b3:83:ea:8c:76:44:a7:61:5f:f8:c8:da:54:
1c:3c:50:0a:ea:19:6f:9c:f8:63:19:33:d7:24:4c:
87:04:1f:fb:e8:e2:77:4c:0f:5a:11:d9:c6:0b:a6:
5c:8a:ee:e0:4f:be:d5:df:ae:17:b0:2a:39:f6:79:
c7:42:fc:03:2c:59:03:79:3c:0f:18:8d:b8:48:4c:
72:b7:09:7b:72:4b:dd:53:4a:0f:b0:f8:b9:e4:59:
c0:48:a6:c5:a5:d8:7d:77:bb:6f:d1:3b:b6:de:14:
65:43:08:4e:af:ae:5d:97:12:f3:16:6d:a3:00:b9:
36:47:59:e7:17:b7:a9:92:62:1f:78:47:7e:79:0b:
f1:f2:b2:e9:3d:0c:f1:a5:e2:e8:3d:01:dc:c8:b7:
94:e4:43:cf:ee:fa:2e:ad:09:e7:d4:e6:78:af:95:
67:eb:67:0e:d0:8f:c8:c2:1e:1a:5c:03:bd:40:f3:
06:4e:e4:60:e5:6a:f5:bd:66:db:bd:fc:59:c8:f9:
7f:9a:df:4a:9b:b8:84:b8:32:db:1d:46:f5:9a:c0:
9f:ec:a9:6d:ff:89:aa:c7:94:6e:08:ee:f1:8a:39:
a3:8a:c9:5d:16:45:11:b9:03:75:3e:dc:7b:c5:cb:
0e:a0:95:af:0a:75:44:df:9a:1a:46:23:e5:2c:82:
8a:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:19:C2:CB:4B:32:EF:E6:99:13:8D:FC:6B:A5:7A:ED:EA:F5:F4:28
X509v3 Authority Key Identifier:
keyid:26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/mBnCy0sy7-aZE438a6V67er19Cg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.44.0/24
45.90.47.0/24
45.128.130.0/23
46.149.174.0/24
62.204.32.0/24
185.253.2.0/24
Signature Algorithm: sha256WithRSAEncryption
c9:ff:8b:e2:2b:3a:dc:21:92:53:ae:ea:3d:d2:58:b7:3a:04:
d9:6a:8a:45:3e:3d:e0:dc:d5:41:f0:6b:2d:07:9f:b8:cf:2a:
fa:4a:52:9a:81:e3:db:55:0f:df:f9:56:51:a2:2e:0e:36:f8:
b2:aa:0e:38:f6:fe:f2:fb:b8:e3:e6:b2:4f:63:34:6d:b7:a9:
f1:03:39:67:c0:36:95:e3:5b:26:d6:cc:c0:f7:75:9b:4a:6f:
4b:16:37:e3:db:82:3a:29:55:e2:6b:87:51:a5:f2:bf:9f:74:
ea:5d:39:76:87:c6:bf:0a:d0:60:0c:ce:3a:06:c2:cb:62:58:
e2:9e:8b:f1:18:4b:43:6f:4a:c7:ef:1c:76:3e:02:2c:f7:e1:
2a:6c:02:c6:70:ff:59:bc:fa:97:cd:84:fc:d6:d6:da:c2:bd:
04:4d:e3:ac:ae:72:38:1a:58:01:b2:9e:17:69:ed:65:65:17:
1a:f1:47:e8:db:32:eb:b8:14:60:02:d4:69:d1:1c:f6:44:d6:
ce:75:e3:d4:a0:ed:94:af:46:ef:99:cd:9b:7a:5e:86:7d:f6:
74:2e:a4:89:52:1a:b9:1f:96:ee:a2:6f:50:40:5c:76:11:44:
0c:3f:e1:f1:19:34:a1:e1:d6:24:c1:c2:bc:45:9e:91:a0:99:
b6:9d:f7:88
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY0tbi4wv3mJtCCChuTpfPaQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MGIyYmM0NTQ3N2M4MWQ3NzRkYWEwYzI4YWI0NGI3NzRi
YTA5MjAwHhcNMjQwMTIxMTkxMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODE5YzJjYjRiMzJlZmU2OTkxMzhkZmM2YmE1N2FlZGVhZjVmNDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg7OD6ox2RKdhX/jI2lQcPFAK6hlv
nPhjGTPXJEyHBB/76OJ3TA9aEdnGC6Zciu7gT77V364XsCo59nnHQvwDLFkDeTwP
GI24SExytwl7ckvdU0oPsPi55FnASKbFpdh9d7tv0Tu23hRlQwhOr65dlxLzFm2j
ALk2R1nnF7epkmIfeEd+eQvx8rLpPQzxpeLoPQHcyLeU5EPP7vourQnn1OZ4r5Vn
62cO0I/Iwh4aXAO9QPMGTuRg5Wr1vWbbvfxZyPl/mt9Km7iEuDLbHUb1msCf7Klt
/4mqx5RuCO7xijmjisldFkURuQN1Ptx7xcsOoJWvCnVE35oaRiPlLIKKLQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJgZwstLMu/mmRON/Guleu3q9fQoMB8GA1UdIwQY
MBaAFCYLK8RUd8gdd02qDCirRLd0ugkgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQt
MTdlNjZjMWZkM2QxLzEvbUJuQ3kwc3k3LWFaRTQzOGE2VjY3ZXIxOUNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQtMTdlNjZjMWZkM2Qx
LzEvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALVosAwQA
LVovAwQBLYCCAwQALpWuAwQAPswgAwQAuf0CMA0GCSqGSIb3DQEBCwUAA4IBAQDJ
/4viKzrcIZJTruo90li3OgTZaopFPj3g3NVB8GstB5+4zyr6SlKagePbVQ/f+VZR
oi4ONviyqg449v7y+7jj5rJPYzRtt6nxAzlnwDaV41sm1szA93WbSm9LFjfj24I6
KVXia4dRpfK/n3TqXTl2h8a/CtBgDM46BsLLYljinovxGEtDb0rH7xx2PgIs9+Eq
bALGcP9ZvPqXzYT81tbawr0ETeOsrnI4GlgBsp4Xae1lZRca8Ufo2zLruBRgAtRp
0Rz2RNbOdePUoO2Ur0bvmc2bel6GffZ0LqSJUhq5H5buom9QQFx2EUQMP+HxGTSh
4dYkwcK8RZ6RoJm2nfeI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:02 2024 by rpki-client on console-fra.rpki-client.org