Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/dd55e8-febd-49d0-a5a7-1cf15b2ba7be/1/dlr8SqhxW9ruN6UFMaSimO9v2xo.roa
File: dlr8SqhxW9ruN6UFMaSimO9v2xo.roa (raw, json)
Hash identifier: WweyGc2V4JjUHjRR3LejZxe/ScFqktt80Nqbkw6uVV0=
Subject key identifier: 76:5A:FC:4A:A8:71:5B:DA:EE:37:A5:05:31:A4:A2:98:EF:6F:DB:1A
Certificate issuer: /CN=ac7cc334f51d2b6eb4e27d6d56b9bce3e85560cc
Certificate serial: 01830E67EAE0BA15E89D905CB53066B9EE23
Authority key identifier: AC:7C:C3:34:F5:1D:2B:6E:B4:E2:7D:6D:56:B9:BC:E3:E8:55:60:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rHzDNPUdK2604n1tVrm84-hVYMw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/dd55e8-febd-49d0-a5a7-1cf15b2ba7be/1/dlr8SqhxW9ruN6UFMaSimO9v2xo.roa
Signing time: Mon 05 Sep 2022 16:07:14 +0000
ROA not before: Mon 05 Sep 2022 16:07:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50316
IP address blocks: 92.245.184.0/24 maxlen: 24
92.245.185.0/24 maxlen: 24
92.245.186.0/24 maxlen: 24
92.245.187.0/24 maxlen: 24
147.123.112.0/24 maxlen: 24
147.123.118.0/24 maxlen: 24
147.123.116.0/24 maxlen: 24
147.123.117.0/24 maxlen: 24
147.123.115.0/24 maxlen: 24
147.123.113.0/24 maxlen: 24
147.123.114.0/24 maxlen: 24
147.123.119.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:0e:67:ea:e0:ba:15:e8:9d:90:5c:b5:30:66:b9:ee:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac7cc334f51d2b6eb4e27d6d56b9bce3e85560cc
Validity
Not Before: Sep 5 16:07:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=765afc4aa8715bdaee37a50531a4a298ef6fdb1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:1f:53:c0:56:a6:7e:1d:e9:01:06:d7:46:72:
3d:61:9c:5f:c9:f2:3f:a0:d3:31:19:e9:f0:23:10:
fa:08:f7:99:73:7d:90:e5:52:5b:57:84:76:2e:31:
bb:ae:ed:da:d0:07:7d:78:f4:75:4b:8b:e0:91:35:
75:a2:48:cb:12:8d:3e:12:c9:75:9a:2d:d0:30:d1:
34:66:1b:b0:51:7d:63:be:4c:de:a5:9e:3f:e5:d0:
e2:91:aa:54:16:a3:f4:ec:d1:a6:bd:4c:6a:10:9e:
e4:d5:d0:a6:50:94:35:07:9c:80:4f:ec:f1:3f:de:
69:db:44:20:48:3a:f9:c3:5c:7c:73:e9:65:89:2f:
eb:24:cf:96:6e:d6:05:c8:08:dc:45:33:e7:a4:c8:
8f:e1:e7:2e:59:29:ff:7e:31:5c:52:a7:bc:ef:d1:
f8:0c:cf:b4:a2:91:e5:f0:9f:b0:a2:81:cc:cf:c3:
7b:ae:29:47:58:2d:b7:a2:ae:9f:89:e7:14:2e:f8:
89:8b:68:22:57:07:7d:c1:42:43:ae:7f:bc:65:bb:
b7:dc:13:9d:b5:b1:15:43:ea:00:c2:25:fd:fb:fe:
76:96:33:46:1e:63:c1:fa:3c:b7:2a:0d:d6:f1:2e:
65:58:0f:07:d9:3c:6c:83:c3:1d:0b:39:3f:99:55:
cc:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:5A:FC:4A:A8:71:5B:DA:EE:37:A5:05:31:A4:A2:98:EF:6F:DB:1A
X509v3 Authority Key Identifier:
keyid:AC:7C:C3:34:F5:1D:2B:6E:B4:E2:7D:6D:56:B9:BC:E3:E8:55:60:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rHzDNPUdK2604n1tVrm84-hVYMw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/dd55e8-febd-49d0-a5a7-1cf15b2ba7be/1/dlr8SqhxW9ruN6UFMaSimO9v2xo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/dd55e8-febd-49d0-a5a7-1cf15b2ba7be/1/rHzDNPUdK2604n1tVrm84-hVYMw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.245.184.0/22
147.123.112.0/21
Signature Algorithm: sha256WithRSAEncryption
56:6c:fc:59:20:c3:1f:2c:15:65:c8:8f:7d:dd:7e:f7:be:a7:
b6:84:c7:f1:7b:dc:a2:d3:7a:72:8f:9a:7f:4c:b0:2f:97:ff:
72:67:7a:4e:b7:ed:36:d6:f5:b5:91:8c:3b:d6:fd:b8:2e:58:
09:ab:e2:a7:59:e1:37:8c:ef:46:33:da:aa:2e:e9:2a:4e:1f:
f7:f6:64:f5:8c:74:ac:36:99:88:5c:b2:7d:00:48:50:e5:41:
dc:48:32:24:79:29:ee:79:bb:5d:0c:24:40:73:74:d9:bd:c0:
e8:27:a2:75:c7:cd:56:34:f3:19:4a:73:d5:c1:01:16:61:fe:
71:6f:7e:22:b6:e4:5f:8f:0f:0e:be:57:ba:0a:7d:46:c7:be:
c3:ba:4c:68:8e:45:40:7c:4d:90:a3:b8:84:1e:1d:c6:67:e1:
83:1a:1d:cd:8a:e3:2b:47:fd:b8:be:b5:24:3e:8e:41:33:dc:
73:8e:5a:53:5a:cf:f4:31:5b:60:86:24:1f:87:ed:94:5f:43:
d1:c6:74:f3:e8:c7:42:35:d2:e1:dd:95:71:4a:83:01:40:12:
4e:5c:31:46:1c:7c:d8:69:d6:4b:09:14:24:88:bc:50:33:56:
32:10:28:3c:1f:48:1f:fa:63:fc:f5:bb:c7:26:d5:c4:6a:82:
d1:ab:cc:56
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYMOZ+rguhXonZBctTBmue4jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjN2NjMzM0ZjUxZDJiNmViNGUyN2Q2ZDU2YjliY2UzZTg1
NTYwY2MwHhcNMjIwOTA1MTYwNzE0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjVhZmM0YWE4NzE1YmRhZWUzN2E1MDUzMWE0YTI5OGVmNmZkYjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzR9TwFamfh3pAQbXRnI9YZxfyfI/
oNMxGenwIxD6CPeZc32Q5VJbV4R2LjG7ru3a0Ad9ePR1S4vgkTV1okjLEo0+Esl1
mi3QMNE0ZhuwUX1jvkzepZ4/5dDikapUFqP07NGmvUxqEJ7k1dCmUJQ1B5yAT+zx
P95p20QgSDr5w1x8c+lliS/rJM+WbtYFyAjcRTPnpMiP4ecuWSn/fjFcUqe879H4
DM+0opHl8J+wooHMz8N7rilHWC23oq6fiecULviJi2giVwd9wUJDrn+8Zbu33BOd
tbEVQ+oAwiX9+/52ljNGHmPB+jy3Kg3W8S5lWA8H2Txsg8MdCzk/mVXMeQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHZa/EqocVva7jelBTGkopjvb9saMB8GA1UdIwQY
MBaAFKx8wzT1HStutOJ9bVa5vOPoVWDMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckh6RE5QVWRLMjYwNG4xdFZybTg0LWhWWU13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9kZDU1ZTgtZmViZC00OWQwLWE1YTct
MWNmMTViMmJhN2JlLzEvZGxyOFNxaHhXOXJ1TjZVRk1hU2ltTzl2MnhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9kZDU1ZTgtZmViZC00OWQwLWE1YTctMWNmMTViMmJhN2Jl
LzEvckh6RE5QVWRLMjYwNG4xdFZybTg0LWhWWU13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCXPW4AwQD
k3twMA0GCSqGSIb3DQEBCwUAA4IBAQBWbPxZIMMfLBVlyI993X73vqe2hMfxe9yi
03pyj5p/TLAvl/9yZ3pOt+021vW1kYw71v24LlgJq+KnWeE3jO9GM9qqLukqTh/3
9mT1jHSsNpmIXLJ9AEhQ5UHcSDIkeSnuebtdDCRAc3TZvcDoJ6J1x81WNPMZSnPV
wQEWYf5xb34ituRfjw8Ovle6Cn1Gx77DukxojkVAfE2Qo7iEHh3GZ+GDGh3NiuMr
R/24vrUkPo5BM9xzjlpTWs/0MVtghiQfh+2UX0PRxnTz6MdCNdLh3ZVxSoMBQBJO
XDFGHHzYadZLCRQkiLxQM1YyECg8H0gf+mP89bvHJtXEaoLRq8xW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:14 2024 by rpki-client on console-fra.rpki-client.org