Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/97acqNZRhRF0jG5WcIfOtHz98mY.roa
File: 97acqNZRhRF0jG5WcIfOtHz98mY.roa (raw, json)
Hash identifier: 9qxrkquBj/GkNuCkIGZPpj+pBol074HOoNhOVHWOM0s=
Subject key identifier: F7:B6:9C:A8:D6:51:85:11:74:8C:6E:56:70:87:CE:B4:7C:FD:F2:66
Certificate issuer: /CN=f8203a0c04b81fe1766fa41bd31b73b588188ac7
Certificate serial: 01936862B016EF834DB4635F4DBF5F649CA1
Authority key identifier: F8:20:3A:0C:04:B8:1F:E1:76:6F:A4:1B:D3:1B:73:B5:88:18:8A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-CA6DAS4H-F2b6Qb0xtztYgYisc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/97acqNZRhRF0jG5WcIfOtHz98mY.roa
Signing time: Tue 26 Nov 2024 12:11:58 +0000
ROA not before: Tue 26 Nov 2024 12:11:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 45.136.104.0/24 maxlen: 24
45.136.105.0/24 maxlen: 24
45.136.107.0/24 maxlen: 24
185.26.144.0/24 maxlen: 24
185.26.145.0/24 maxlen: 24
185.26.146.0/24 maxlen: 24
185.26.147.0/24 maxlen: 24
185.126.176.0/24 maxlen: 24
185.126.177.0/24 maxlen: 24
185.126.178.0/24 maxlen: 24
185.126.179.0/24 maxlen: 24
185.153.228.0/24 maxlen: 24
185.153.229.0/24 maxlen: 24
185.153.230.0/24 maxlen: 24
185.153.231.0/24 maxlen: 24
185.162.144.0/24 maxlen: 24
185.162.147.0/24 maxlen: 24
185.171.24.0/24 maxlen: 24
185.171.25.0/24 maxlen: 24
185.171.26.0/24 maxlen: 24
185.171.27.0/24 maxlen: 24
185.247.136.0/24 maxlen: 24
185.247.138.0/24 maxlen: 24
185.247.139.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:68:62:b0:16:ef:83:4d:b4:63:5f:4d:bf:5f:64:9c:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8203a0c04b81fe1766fa41bd31b73b588188ac7
Validity
Not Before: Nov 26 12:11:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f7b69ca8d6518511748c6e567087ceb47cfdf266
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:09:33:a9:42:4b:94:9f:08:e9:6a:2d:7f:fc:
1d:a4:73:71:03:cb:8c:cd:56:c1:3c:97:c2:08:54:
4b:d6:16:c6:2d:ef:29:62:47:08:d1:c0:04:e9:ee:
df:e0:89:e7:9f:53:a7:e8:32:43:61:b4:9d:f5:d8:
4a:18:fb:28:48:c8:8d:0f:e4:9b:b6:ac:05:b4:67:
ba:48:c4:a1:84:af:e8:80:26:7d:54:39:63:96:f3:
4c:34:da:af:1e:9d:5d:c4:e6:20:4a:17:95:8d:30:
a1:af:01:89:93:0a:c8:1e:8d:c4:cd:0b:9f:52:70:
bb:e9:38:23:47:1f:0b:d4:e7:08:79:73:93:e5:a2:
65:6d:aa:5a:80:a2:ef:4f:45:3d:2c:fb:ec:9b:2e:
e7:dc:0d:54:ff:9b:e0:91:3b:c7:5f:dd:ae:bd:4b:
6e:fe:ca:5e:96:f9:27:46:0c:44:eb:16:d1:9a:3a:
a7:73:27:9b:da:33:3c:5a:1d:26:8f:e6:05:b7:8f:
5e:0b:e2:f8:af:cc:84:b0:23:ba:ee:2b:52:a5:9e:
55:67:06:af:48:c3:80:eb:bc:d1:1d:ba:72:62:65:
f0:39:63:d8:6e:91:66:3d:99:db:3e:53:46:c7:06:
69:81:7e:bc:82:ce:ed:d8:c2:ae:ab:55:49:b5:5e:
5d:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:B6:9C:A8:D6:51:85:11:74:8C:6E:56:70:87:CE:B4:7C:FD:F2:66
X509v3 Authority Key Identifier:
keyid:F8:20:3A:0C:04:B8:1F:E1:76:6F:A4:1B:D3:1B:73:B5:88:18:8A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-CA6DAS4H-F2b6Qb0xtztYgYisc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/97acqNZRhRF0jG5WcIfOtHz98mY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/1-CA6DAS4H-F2b6Qb0xtztYgYisc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.104.0/23
45.136.107.0/24
185.26.144.0/22
185.126.176.0/22
185.153.228.0/22
185.162.144.0/24
185.162.147.0/24
185.171.24.0/22
185.247.136.0/24
185.247.138.0/23
Signature Algorithm: sha256WithRSAEncryption
ca:5f:05:3d:94:26:01:06:f7:d9:6c:b2:6f:9d:a6:cf:d9:5a:
ec:0b:24:10:af:3c:dc:5d:8f:d3:f6:ca:4e:b3:77:88:33:d6:
8a:6f:8f:94:1e:c8:e5:39:31:47:bd:7f:ec:a4:17:c7:8f:5a:
47:e9:28:db:b0:14:6c:fd:43:d8:42:4f:94:7e:0f:4c:89:c5:
91:d1:bc:b5:9d:64:89:4d:99:44:9f:b8:78:33:90:bc:36:6c:
fc:26:e9:62:74:da:84:e7:49:19:96:23:91:43:9d:b8:87:b8:
45:39:32:84:ac:f2:6d:35:05:7a:75:44:10:a9:34:2f:df:29:
dd:a8:df:53:b3:2d:68:02:0f:20:fe:1a:85:2a:d7:d2:a0:4f:
1e:cd:06:47:fe:7a:95:ba:f9:87:a3:41:b9:b4:b7:0b:76:02:
4d:9b:44:18:1e:aa:19:9e:8c:5d:23:fb:04:43:9b:1e:5f:bf:
60:4d:ec:4c:47:17:a2:74:c5:98:81:43:d2:24:74:43:3b:32:
cc:0d:cd:df:76:2a:cf:7d:c5:de:57:da:27:fd:48:08:1a:19:
7b:2f:20:b1:fe:6b:dd:d0:79:f8:16:43:a6:50:73:4f:30:b9:
0a:35:9b:d7:7b:1a:8f:54:d3:f1:0d:9d:05:48:a3:01:0b:f5:
62:f6:9b:71
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZNoYrAW74NNtGNfTb9fZJyhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MjAzYTBjMDRiODFmZTE3NjZmYTQxYmQzMWI3M2I1ODgx
ODhhYzcwHhcNMjQxMTI2MTIxMTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2I2OWNhOGQ2NTE4NTExNzQ4YzZlNTY3MDg3Y2ViNDdjZmRmMjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgkzqUJLlJ8I6Wotf/wdpHNxA8uM
zVbBPJfCCFRL1hbGLe8pYkcI0cAE6e7f4Innn1On6DJDYbSd9dhKGPsoSMiND+Sb
tqwFtGe6SMShhK/ogCZ9VDljlvNMNNqvHp1dxOYgSheVjTChrwGJkwrIHo3EzQuf
UnC76TgjRx8L1OcIeXOT5aJlbapagKLvT0U9LPvsmy7n3A1U/5vgkTvHX92uvUtu
/spelvknRgxE6xbRmjqncyeb2jM8Wh0mj+YFt49eC+L4r8yEsCO67itSpZ5VZwav
SMOA67zRHbpyYmXwOWPYbpFmPZnbPlNGxwZpgX68gs7t2MKuq1VJtV5dSQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFPe2nKjWUYURdIxuVnCHzrR8/fJmMB8GA1UdIwQY
MBaAFPggOgwEuB/hdm+kG9Mbc7WIGIrHMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1DQTZEQVM0SC1GMmI2UWIweHR6dFlnWWlzYy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWIvZTE0Y2EzLWRhOGUtNGI1OC04NjNh
LTMzODk2MjBjMWJkNy8xLzk3YWNxTlpSaFJGMGpHNVdjSWZPdEh6OThtWS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNWIvZTE0Y2EzLWRhOGUtNGI1OC04NjNhLTMzODk2MjBjMWJk
Ny8xLzEtQ0E2REFTNEgtRjJiNlFiMHh0enRZZ1lpc2MuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwVQYIKwYBBQUHAQcBAf8ERjBEMEIEAgABMDwDBAEtiGgD
BAAtiGsDBAK5GpADBAK5frADBAK5meQDBAC5opADBAC5opMDBAK5qxgDBAC594gD
BAG594owDQYJKoZIhvcNAQELBQADggEBAMpfBT2UJgEG99lssm+dps/ZWuwLJBCv
PNxdj9P2yk6zd4gz1opvj5QeyOU5MUe9f+ykF8ePWkfpKNuwFGz9Q9hCT5R+D0yJ
xZHRvLWdZIlNmUSfuHgzkLw2bPwm6WJ02oTnSRmWI5FDnbiHuEU5MoSs8m01BXp1
RBCpNC/fKd2o31OzLWgCDyD+GoUq19KgTx7NBkf+epW6+YejQbm0twt2Ak2bRBge
qhmejF0j+wRDmx5fv2BN7ExHF6J0xZiBQ9IkdEM7MswNzd92Ks99xd5X2if9SAga
GXsvILH+a93QefgWQ6ZQc08wuQo1m9d7Go9U0/ENnQVIowEL9WL2m3E=
-----END CERTIFICATE-----
Generated at Sun Apr 13 20:54:58 2025 by rpki-client