Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/udHdSSKveLvqtd6V-JlJHAoPQjs.roa
File: udHdSSKveLvqtd6V-JlJHAoPQjs.roa (raw, json)
Hash identifier: mq+NesG2Qt/7wsrhP4bXKF+J2j8naOFNEiWi2WOvQeU=
Subject key identifier: B9:D1:DD:49:22:AF:78:BB:EA:B5:DE:95:F8:99:49:1C:0A:0F:42:3B
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 0188542E11F64AAB25BC47405C6D6B402471
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/udHdSSKveLvqtd6V-JlJHAoPQjs.roa
Signing time: Thu 25 May 2023 18:31:25 +0000
ROA not before: Thu 25 May 2023 18:31:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202656
IP address blocks: 94.154.190.0/24 maxlen: 24
45.86.171.0/24 maxlen: 24
194.59.187.0/24 maxlen: 24
45.95.29.0/24 maxlen: 24
193.187.105.0/24 maxlen: 24
45.128.125.0/24 maxlen: 24
45.128.127.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:54:2e:11:f6:4a:ab:25:bc:47:40:5c:6d:6b:40:24:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: May 25 18:31:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b9d1dd4922af78bbeab5de95f899491c0a0f423b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:36:f5:15:be:a6:1d:7b:0b:97:9b:e6:fd:23:
96:df:4b:c2:c4:95:64:e8:8e:26:a2:ac:d4:c4:15:
11:9f:33:02:a2:09:db:2b:ca:76:44:31:76:16:c2:
ee:e2:e0:4c:ae:a1:07:de:0a:5f:1a:12:fa:2f:bb:
01:71:5e:dc:9a:1d:12:40:2d:78:30:00:91:72:0e:
43:d9:be:40:c4:b7:3a:0b:2e:0a:a4:32:8f:bd:4e:
1e:93:b0:18:4f:2b:b2:95:72:f4:d6:e8:be:06:b7:
85:04:c8:9b:e7:a3:3b:3e:70:10:4d:45:9d:f9:8c:
23:7e:de:22:7a:4f:93:97:30:a5:c8:74:8c:83:32:
1c:7d:41:9d:01:f4:e6:86:20:12:af:38:62:81:5b:
95:1c:c8:f9:c4:f0:45:e8:45:df:c5:14:89:c0:f6:
1e:2c:70:09:7f:8a:9b:03:ea:59:f0:0b:f7:f1:13:
e5:58:8e:8c:55:88:a4:1c:ce:5b:2b:ee:77:3a:b1:
dd:0d:ba:bb:a1:14:41:92:51:88:3f:c9:c8:c5:a0:
a3:53:fc:bc:29:a5:c0:13:fb:5c:15:95:8e:7e:db:
21:61:3d:7a:91:de:08:af:d6:9f:67:42:f9:e3:fd:
9f:99:43:10:27:2b:da:27:15:d6:22:db:d9:a9:18:
1b:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:D1:DD:49:22:AF:78:BB:EA:B5:DE:95:F8:99:49:1C:0A:0F:42:3B
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/udHdSSKveLvqtd6V-JlJHAoPQjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.171.0/24
45.95.29.0/24
45.128.125.0/24
45.128.127.0/24
94.154.190.0/24
193.187.105.0/24
194.59.187.0/24
Signature Algorithm: sha256WithRSAEncryption
55:0d:81:31:05:c2:98:04:ee:79:08:e0:31:5b:50:58:80:95:
ee:64:9f:04:5d:7b:a8:4f:b6:6f:26:80:76:41:51:41:2c:9e:
44:3a:75:f9:bb:13:4e:13:9c:c8:bc:41:50:51:a6:d0:6e:a2:
6a:1f:4f:af:b8:64:e2:b0:79:a2:08:a5:ed:ec:1a:9a:9a:fc:
5f:a3:85:be:f0:23:86:ca:2b:60:e3:e2:a1:fc:8a:4d:5e:e6:
70:95:f6:5a:4a:bd:26:8e:5f:e1:9b:05:ed:cb:3e:d2:1c:41:
b2:36:50:65:22:0d:b5:09:81:c8:53:c9:08:69:cc:7b:dc:c8:
ef:7d:4e:2e:84:19:6e:bc:ef:cb:92:47:2a:44:10:56:f0:ad:
87:b0:07:51:d1:58:48:ea:ba:b6:00:45:31:db:0d:30:23:64:
ce:cc:7b:fd:01:e9:0d:6e:e9:74:8a:00:93:0c:2a:d5:6d:7c:
c6:1e:2a:22:d5:1f:0c:1f:20:3b:de:ed:2f:4a:56:b2:25:12:
1b:33:5f:39:57:c3:3f:26:09:08:6d:d1:6b:44:73:c0:40:12:
eb:c0:2e:ec:6f:61:84:64:fd:5e:db:92:7f:80:e1:25:8f:fe:
24:e2:e7:8c:a3:98:59:9a:76:19:05:4b:bc:70:c0:1c:2b:7a:
70:78:1b:7e
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYhULhH2SqslvEdAXG1rQCRxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjMwNTI1MTgzMTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWQxZGQ0OTIyYWY3OGJiZWFiNWRlOTVmODk5NDkxYzBhMGY0MjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jb1Fb6mHXsLl5vm/SOW30vCxJVk
6I4moqzUxBURnzMCognbK8p2RDF2FsLu4uBMrqEH3gpfGhL6L7sBcV7cmh0SQC14
MACRcg5D2b5AxLc6Cy4KpDKPvU4ek7AYTyuylXL01ui+BreFBMib56M7PnAQTUWd
+Ywjft4iek+TlzClyHSMgzIcfUGdAfTmhiASrzhigVuVHMj5xPBF6EXfxRSJwPYe
LHAJf4qbA+pZ8Av38RPlWI6MVYikHM5bK+53OrHdDbq7oRRBklGIP8nIxaCjU/y8
KaXAE/tcFZWOftshYT16kd4Ir9afZ0L54/2fmUMQJyvaJxXWItvZqRgbXwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFLnR3Ukir3i76rXelfiZSRwKD0I7MB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvdWRIZFNTS3ZlTHZxdGQ2Vi1KbEpIQW9QUWpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALVarAwQA
LV8dAwQALYB9AwQALYB/AwQAXpq+AwQAwbtpAwQAwju7MA0GCSqGSIb3DQEBCwUA
A4IBAQBVDYExBcKYBO55COAxW1BYgJXuZJ8EXXuoT7ZvJoB2QVFBLJ5EOnX5uxNO
E5zIvEFQUabQbqJqH0+vuGTisHmiCKXt7Bqamvxfo4W+8COGyitg4+Kh/IpNXuZw
lfZaSr0mjl/hmwXtyz7SHEGyNlBlIg21CYHIU8kIacx73MjvfU4uhBluvO/Lkkcq
RBBW8K2HsAdR0VhI6rq2AEUx2w0wI2TOzHv9AekNbul0igCTDCrVbXzGHioi1R8M
HyA73u0vSlayJRIbM185V8M/JgkIbdFrRHPAQBLrwC7sb2GEZP1e25J/gOElj/4k
4ueMo5hZmnYZBUu8cMAcK3pweBt+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:17 2024 by rpki-client on console-fra.rpki-client.org