Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/4527r9F2G-FfZDeIUQdY7yH1fHc.roa
File: 4527r9F2G-FfZDeIUQdY7yH1fHc.roa (raw, json)
Hash identifier: YG+lidA7DSwZO24hH2D1DBgK6PwOERyFhCmbVM75QHg=
Subject key identifier: E3:9D:BB:AF:D1:76:1B:E1:5F:64:37:88:51:07:58:EF:21:F5:7C:77
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 01896499DB9569756A942123A4C5DD435B67
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/4527r9F2G-FfZDeIUQdY7yH1fHc.roa
Signing time: Mon 17 Jul 2023 16:05:52 +0000
ROA not before: Mon 17 Jul 2023 16:05:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49505
IP address blocks: 212.60.7.0/24 maxlen: 24
45.130.144.0/24 maxlen: 24
194.156.106.0/24 maxlen: 24
194.156.107.0/24 maxlen: 24
94.154.191.0/24 maxlen: 24
94.154.188.0/24 maxlen: 24
94.154.189.0/24 maxlen: 24
45.95.28.0/24 maxlen: 24
45.87.255.0/24 maxlen: 24
45.129.79.0/24 maxlen: 24
193.187.106.0/24 maxlen: 24
194.156.104.0/24 maxlen: 24
194.156.105.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:64:99:db:95:69:75:6a:94:21:23:a4:c5:dd:43:5b:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jul 17 16:05:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e39dbbafd1761be15f643788510758ef21f57c77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:22:fb:81:b0:ab:85:39:87:3a:ee:01:75:a3:
f8:c0:1e:f2:33:ab:b2:89:62:44:42:bc:35:c8:fd:
3b:2a:60:75:db:88:3b:c6:7d:04:e3:b0:80:52:76:
a1:9a:8e:ac:9b:fd:29:af:a8:c8:34:e6:cf:3e:72:
3c:ef:7c:86:af:b2:de:80:65:1f:68:6e:c1:12:90:
a4:0d:0b:ff:4f:46:3f:7a:4f:26:21:68:e4:b2:05:
bb:d1:3b:3b:3d:e9:2c:20:14:68:65:b2:1a:c2:be:
0e:f0:ec:6d:05:ef:26:76:cb:33:e0:88:82:30:6b:
d9:67:d1:df:d3:7d:9a:2b:11:b6:39:b5:83:ed:e7:
36:5c:82:b0:41:11:3f:d5:03:3f:39:cd:c3:41:f0:
b2:7c:a2:e7:55:4a:bd:93:c3:22:03:f3:38:a4:ed:
49:52:f7:b8:c2:31:77:5e:5a:eb:82:87:ac:9e:32:
44:e9:50:da:69:21:c7:97:5e:83:e0:ef:c0:00:a5:
6f:e1:a9:4e:ef:26:a2:53:42:0e:ce:63:e1:5f:3f:
fd:bb:5d:85:d7:82:f2:c5:94:1a:42:4e:75:f8:d4:
a2:45:00:d9:2c:e9:c7:21:ec:3f:6e:31:98:d0:1d:
e7:e7:43:a9:6e:33:71:d3:35:71:2b:7d:53:40:32:
bc:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:9D:BB:AF:D1:76:1B:E1:5F:64:37:88:51:07:58:EF:21:F5:7C:77
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/4527r9F2G-FfZDeIUQdY7yH1fHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.255.0/24
45.95.28.0/24
45.129.79.0/24
45.130.144.0/24
94.154.188.0/23
94.154.191.0/24
193.187.106.0/24
194.156.104.0/22
212.60.7.0/24
Signature Algorithm: sha256WithRSAEncryption
cc:d0:eb:1b:68:70:62:05:7e:e6:05:17:19:3c:a5:0b:26:93:
68:17:45:cc:f0:09:03:80:55:7b:e6:7a:4f:c8:87:33:a2:cf:
af:fe:f8:ea:e8:15:84:47:5a:10:f9:fd:af:db:51:c1:4e:44:
83:0a:fd:17:f7:b1:45:cc:54:e7:2e:ca:9d:b6:aa:86:ff:1d:
e7:5f:90:4e:94:31:34:f6:a0:46:ea:fa:b1:8b:b5:b9:d0:a4:
6f:65:cd:36:ce:a0:e5:6c:04:a2:6b:bc:58:af:98:74:a8:5d:
25:86:71:53:6c:1d:76:74:71:db:54:27:e3:aa:e6:b7:04:a4:
a8:03:d3:c4:71:78:45:a1:4d:fa:f4:d4:68:35:6a:be:ea:8a:
c6:c3:0c:ed:77:3c:87:fa:bd:25:3b:1e:b1:ec:f2:b3:26:b7:
a2:92:da:2a:7e:a0:f7:17:65:be:c9:38:fe:cf:58:dd:98:aa:
f4:fa:72:96:fe:9c:74:39:db:cb:80:98:64:44:70:4e:9e:ce:
d4:c1:d7:66:96:f9:ee:00:20:44:96:f9:c1:86:3c:d5:c8:c9:
51:4a:9d:a5:b3:f2:da:87:49:88:e3:e9:34:e5:18:94:76:ca:
c7:52:49:5f:1f:f9:2e:de:6e:8b:6e:ea:e2:c4:95:d4:eb:6e:
94:4b:1b:20
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYlkmduVaXVqlCEjpMXdQ1tnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjMwNzE3MTYwNTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzlkYmJhZmQxNzYxYmUxNWY2NDM3ODg1MTA3NThlZjIxZjU3Yzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCL7gbCrhTmHOu4BdaP4wB7yM6uy
iWJEQrw1yP07KmB124g7xn0E47CAUnahmo6sm/0pr6jINObPPnI873yGr7LegGUf
aG7BEpCkDQv/T0Y/ek8mIWjksgW70Ts7PeksIBRoZbIawr4O8OxtBe8mdssz4IiC
MGvZZ9Hf032aKxG2ObWD7ec2XIKwQRE/1QM/Oc3DQfCyfKLnVUq9k8MiA/M4pO1J
Uve4wjF3XlrrgoesnjJE6VDaaSHHl16D4O/AAKVv4alO7yaiU0IOzmPhXz/9u12F
14LyxZQaQk51+NSiRQDZLOnHIew/bjGY0B3n50OpbjNx0zVxK31TQDK8mQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFOOdu6/RdhvhX2Q3iFEHWO8h9Xx3MB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvNDUyN3I5RjJHLUZmWkRlSVVRZFk3eUgxZkhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALVf/AwQA
LV8cAwQALYFPAwQALYKQAwQBXpq8AwQAXpq/AwQAwbtqAwQCwpxoAwQA1DwHMA0G
CSqGSIb3DQEBCwUAA4IBAQDM0OsbaHBiBX7mBRcZPKULJpNoF0XM8AkDgFV75npP
yIczos+v/vjq6BWER1oQ+f2v21HBTkSDCv0X97FFzFTnLsqdtqqG/x3nX5BOlDE0
9qBG6vqxi7W50KRvZc02zqDlbASia7xYr5h0qF0lhnFTbB12dHHbVCfjqua3BKSo
A9PEcXhFoU369NRoNWq+6orGwwztdzyH+r0lOx6x7PKzJreiktoqfqD3F2W+yTj+
z1jdmKr0+nKW/px0OdvLgJhkRHBOns7UwddmlvnuACBElvnBhjzVyMlRSp2ls/La
h0mI4+k05RiUdsrHUklfH/ku3m6LburixJXU626USxsg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:17 2024 by rpki-client on console-fra.rpki-client.org