Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/Rc7TeePDmv_SddYujF_r2KtDDRs.roa
File: Rc7TeePDmv_SddYujF_r2KtDDRs.roa (raw, json)
Hash identifier: B+4TvfdbMXCzz215r5sK3OSA4gAF4tIICP6OWRKUBAs=
Subject key identifier: 45:CE:D3:79:E3:C3:9A:FF:D2:75:D6:2E:8C:5F:EB:D8:AB:43:0D:1B
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 018CC8DE2F22A98FE2F0C1DD63391E627116
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/Rc7TeePDmv_SddYujF_r2KtDDRs.roa
Signing time: Tue 02 Jan 2024 06:30:53 +0000
ROA not before: Tue 02 Jan 2024 06:30:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34665
IP address blocks: 45.81.138.0/24 maxlen: 24
91.188.245.0/24 maxlen: 24
45.95.31.0/24 maxlen: 24
176.119.143.0/24 maxlen: 24
193.187.104.0/24 maxlen: 24
193.187.107.0/24 maxlen: 24
84.252.70.0/23 maxlen: 23
45.91.239.0/24 maxlen: 24
78.142.239.0/24 maxlen: 24
176.53.172.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:2f:22:a9:8f:e2:f0:c1:dd:63:39:1e:62:71:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 2 06:30:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=45ced379e3c39affd275d62e8c5febd8ab430d1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:34:ab:d4:a1:00:31:d1:9a:fe:74:a5:81:a4:
23:74:58:bc:20:b3:16:2e:28:e6:02:be:5d:82:d5:
24:fb:86:57:7f:c6:c1:a3:00:1e:7d:2b:35:4b:ef:
31:42:90:9d:c0:d8:b0:2b:7b:40:2e:2b:8a:a2:ea:
a4:d2:12:fc:ec:3e:e2:a0:18:86:8b:92:9f:70:23:
72:d3:14:1e:6b:e0:97:3d:87:5c:de:99:16:0c:ca:
24:2a:5d:16:46:3f:0b:6d:b1:0e:50:c4:8b:d0:85:
02:17:f9:81:40:d0:ea:32:0f:94:7b:52:3f:38:b6:
79:fe:9d:b0:eb:cc:9c:1c:70:30:ce:6e:c2:38:dc:
53:77:28:c8:d0:8f:bd:aa:f4:f5:06:70:e6:cc:88:
6a:32:78:fd:f8:59:6f:e3:19:a9:e8:d8:27:8a:ab:
30:f4:24:2d:8f:f4:52:91:3d:cc:b7:10:33:7a:a4:
e7:4e:d2:c4:82:9e:8a:16:e0:3e:54:30:dc:02:60:
17:de:4b:2e:ba:8c:b4:e4:3e:6c:25:52:85:89:41:
24:db:7c:0d:48:54:62:c0:53:88:3e:de:66:bf:b7:
68:3d:31:c6:03:d2:5f:7e:db:4d:2c:48:25:9c:b6:
99:9a:a2:80:d7:f7:81:29:29:94:76:35:a7:c7:f2:
60:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:CE:D3:79:E3:C3:9A:FF:D2:75:D6:2E:8C:5F:EB:D8:AB:43:0D:1B
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/Rc7TeePDmv_SddYujF_r2KtDDRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.138.0/24
45.91.239.0/24
45.95.31.0/24
78.142.239.0/24
84.252.70.0/23
91.188.245.0/24
176.53.172.0/22
176.119.143.0/24
193.187.104.0/24
193.187.107.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:a2:5d:ef:3d:3e:8e:c2:80:54:fd:46:d7:b3:4d:48:c8:f7:
f5:89:30:13:46:f2:60:14:5c:f6:fa:52:44:37:b6:da:aa:b5:
00:73:fb:a8:c9:eb:37:61:31:5e:f9:bc:e3:35:e5:f4:46:f5:
a0:b0:64:86:47:67:5e:74:6b:3b:7f:12:3a:87:53:89:59:e0:
5f:9a:40:56:34:b1:6b:2a:b9:5f:3b:5b:03:c9:43:76:d6:73:
df:90:ec:3b:06:14:b7:56:53:52:07:31:df:47:c0:84:b3:31:
9e:91:09:f4:a7:65:e6:77:40:fe:b4:01:38:72:4c:a0:fd:f3:
86:65:56:02:eb:6c:5a:e6:bc:3f:ce:eb:a8:86:e4:72:f9:ad:
5f:26:04:a9:13:a8:2b:07:3c:6e:1d:30:e2:93:2d:1e:79:af:
74:80:39:d5:1f:2a:45:e8:8d:30:bb:4b:f6:a4:af:2b:2d:90:
9d:0e:c2:b0:b1:16:2c:6c:96:95:5d:26:fe:16:8f:db:a9:4e:
48:9e:f8:47:86:e0:18:fd:c5:5d:09:31:70:9f:33:b7:49:2c:
f2:5e:9f:b7:43:d5:94:e6:06:c1:da:ba:50:12:80:37:ea:90:
70:d6:57:e3:fa:49:65:01:b9:31:94:7a:a2:d7:cc:d2:9f:d6:
6a:ab:ae:fa
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYzI3i8iqY/i8MHdYzkeYnEWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjQwMTAyMDYzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWNlZDM3OWUzYzM5YWZmZDI3NWQ2MmU4YzVmZWJkOGFiNDMwZDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDSr1KEAMdGa/nSlgaQjdFi8ILMW
LijmAr5dgtUk+4ZXf8bBowAefSs1S+8xQpCdwNiwK3tALiuKouqk0hL87D7ioBiG
i5KfcCNy0xQea+CXPYdc3pkWDMokKl0WRj8LbbEOUMSL0IUCF/mBQNDqMg+Ue1I/
OLZ5/p2w68ycHHAwzm7CONxTdyjI0I+9qvT1BnDmzIhqMnj9+Flv4xmp6Ngniqsw
9CQtj/RSkT3MtxAzeqTnTtLEgp6KFuA+VDDcAmAX3ksuuoy05D5sJVKFiUEk23wN
SFRiwFOIPt5mv7doPTHGA9JffttNLEglnLaZmqKA1/eBKSmUdjWnx/JgKQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFEXO03njw5r/0nXWLoxf69irQw0bMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvUmM3VGVlUERtdl9TZGRZdWpGX3IyS3RERFJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALVGKAwQA
LVvvAwQALV8fAwQATo7vAwQBVPxGAwQAW7z1AwQCsDWsAwQAsHePAwQAwbtoAwQA
wbtrMA0GCSqGSIb3DQEBCwUAA4IBAQAKol3vPT6OwoBU/UbXs01IyPf1iTATRvJg
FFz2+lJEN7baqrUAc/uoyes3YTFe+bzjNeX0RvWgsGSGR2dedGs7fxI6h1OJWeBf
mkBWNLFrKrlfO1sDyUN21nPfkOw7BhS3VlNSBzHfR8CEszGekQn0p2Xmd0D+tAE4
ckyg/fOGZVYC62xa5rw/zuuohuRy+a1fJgSpE6grBzxuHTDiky0eea90gDnVHypF
6I0wu0v2pK8rLZCdDsKwsRYsbJaVXSb+Fo/bqU5InvhHhuAY/cVdCTFwnzO3SSzy
Xp+3Q9WU5gbB2rpQEoA36pBw1lfj+kllAbkxlHqi18zSn9Zqq676
-----END CERTIFICATE-----
Generated at Thu Mar 28 19:00:54 2024 by rpki-client on console-fra.rpki-client.org