Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/BeEEgY32aFd5ZjeECkDVv464YME.roa
File: BeEEgY32aFd5ZjeECkDVv464YME.roa (raw, json)
Hash identifier: wm9V0LZ2ueS/ceksDrQRNGkJEWimudapwNi5qS5nAc8=
Subject key identifier: 05:E1:04:81:8D:F6:68:57:79:66:37:84:0A:40:D5:BF:8E:B8:60:C1
Certificate issuer: /CN=a04845af1dc0087b274cee52a4a9e0880335435d
Certificate serial: 018CC9BA5FF310360022743F55A4BFA8C2FD
Authority key identifier: A0:48:45:AF:1D:C0:08:7B:27:4C:EE:52:A4:A9:E0:88:03:35:43:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oEhFrx3ACHsnTO5SpKngiAM1Q10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/BeEEgY32aFd5ZjeECkDVv464YME.roa
Signing time: Tue 02 Jan 2024 10:31:23 +0000
ROA not before: Tue 02 Jan 2024 10:31:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42910
IP address blocks: 46.235.11.0/24 maxlen: 32
46.235.9.0/24 maxlen: 24
46.235.8.0/24 maxlen: 32
46.235.10.0/24 maxlen: 32
46.235.15.0/24 maxlen: 24
178.210.162.0/24 maxlen: 24
178.210.161.0/24 maxlen: 24
178.210.160.0/24 maxlen: 24
178.210.165.0/24 maxlen: 24
178.210.164.0/24 maxlen: 24
178.210.163.0/24 maxlen: 24
178.210.166.0/24 maxlen: 24
178.210.172.0/24 maxlen: 24
178.210.171.0/24 maxlen: 24
178.210.170.0/24 maxlen: 24
178.210.169.0/24 maxlen: 24
178.210.168.0/24 maxlen: 24
178.210.167.0/24 maxlen: 24
178.210.176.0/24 maxlen: 24
178.210.175.0/24 maxlen: 24
178.210.174.0/24 maxlen: 24
178.210.173.0/24 maxlen: 24
178.210.177.0/24 maxlen: 24
178.210.178.0/24 maxlen: 32
178.210.179.0/24 maxlen: 32
178.210.181.0/24 maxlen: 24
178.210.180.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:ba:5f:f3:10:36:00:22:74:3f:55:a4:bf:a8:c2:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a04845af1dc0087b274cee52a4a9e0880335435d
Validity
Not Before: Jan 2 10:31:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=05e104818df66857796637840a40d5bf8eb860c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:91:ca:bc:d7:d8:20:45:3e:c2:76:34:db:3f:
64:cc:3f:0e:6e:64:5f:44:ee:22:9b:35:ab:21:13:
da:94:dc:29:16:0b:54:92:c3:45:a1:62:2e:57:cf:
fb:c1:6c:50:0f:d4:93:7a:9e:a9:a3:41:2b:02:2b:
7b:f9:2d:5f:24:c2:b4:54:68:4b:52:5a:b2:87:f9:
2c:4c:9f:1b:79:02:d2:d9:be:93:ca:1a:b6:09:99:
d7:d5:4d:de:48:82:3f:8e:03:91:8a:28:c2:58:a7:
02:d1:a8:cf:b1:a2:83:d9:df:d8:b7:0a:01:58:e6:
78:eb:9c:9e:6e:3e:3f:c2:c0:c5:ea:4b:e6:08:e7:
97:09:c0:38:05:99:46:1b:b6:f3:8b:28:e7:ed:b5:
b3:01:c5:ea:35:7c:73:8a:fb:07:48:56:9e:11:ee:
3f:c5:f1:4b:25:4f:5e:cf:d5:8a:f7:1c:94:c5:8d:
a4:af:8d:63:89:66:59:4d:ce:12:43:47:2d:c8:09:
25:e7:f9:dd:bb:1f:aa:8d:59:c0:bc:7b:90:ee:d5:
09:bb:bc:e1:9a:88:b5:af:c7:46:cb:71:bd:c6:29:
cf:0c:57:0a:65:c2:db:77:20:1e:22:e4:e0:c2:e4:
b0:77:dd:cf:6c:7a:af:e5:d9:73:e9:b8:83:7e:56:
d1:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:E1:04:81:8D:F6:68:57:79:66:37:84:0A:40:D5:BF:8E:B8:60:C1
X509v3 Authority Key Identifier:
keyid:A0:48:45:AF:1D:C0:08:7B:27:4C:EE:52:A4:A9:E0:88:03:35:43:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oEhFrx3ACHsnTO5SpKngiAM1Q10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/BeEEgY32aFd5ZjeECkDVv464YME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/oEhFrx3ACHsnTO5SpKngiAM1Q10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.8.0/22
46.235.15.0/24
178.210.160.0-178.210.181.255
Signature Algorithm: sha256WithRSAEncryption
51:6e:63:fd:ae:ac:35:ad:62:a8:dd:8c:bb:bc:15:aa:37:b9:
a5:cd:a2:0c:14:7f:67:40:6a:22:31:99:f2:fe:0a:10:2a:7c:
74:c1:92:e4:5c:2b:e6:88:4b:fd:e7:9c:9e:5b:0c:56:e3:5c:
73:2f:c9:ab:49:8b:ce:d6:0d:81:19:8f:b1:c3:79:c0:6e:28:
5b:9f:4c:36:2c:b9:c3:e8:28:7f:fe:06:71:d1:72:93:13:45:
c4:2d:c9:fc:56:6c:9a:3b:70:35:a4:7d:b7:a8:db:c6:34:f3:
7e:09:ce:60:c7:e3:07:f8:d6:dd:b6:48:a4:7b:8e:61:9b:a2:
4c:12:12:a9:95:7a:95:86:cd:4b:e2:19:cb:c1:81:69:2c:45:
48:a1:6d:09:26:26:94:d2:b0:ca:2f:ae:16:22:65:fa:cd:61:
77:a8:3f:ae:4b:97:00:d3:f7:22:e2:6e:33:cd:fe:66:80:9e:
95:b4:77:6c:31:cc:c8:fa:92:c9:49:43:cc:9e:7d:91:36:6a:
20:d8:89:fd:de:da:11:65:25:40:9b:e0:54:7a:51:83:43:d8:
90:4c:5d:7b:30:ec:81:19:18:fc:ae:10:fc:39:13:92:e1:dd:
5d:a5:0c:c7:ee:e6:0f:89:35:41:9d:e2:7e:58:99:f4:67:57:
5a:e6:f6:a4
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzJul/zEDYAInQ/VaS/qML9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNDg0NWFmMWRjMDA4N2IyNzRjZWU1MmE0YTllMDg4MDMz
NTQzNWQwHhcNMjQwMTAyMTAzMTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWUxMDQ4MThkZjY2ODU3Nzk2NjM3ODQwYTQwZDViZjhlYjg2MGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzJHKvNfYIEU+wnY02z9kzD8ObmRf
RO4imzWrIRPalNwpFgtUksNFoWIuV8/7wWxQD9STep6po0ErAit7+S1fJMK0VGhL
Ulqyh/ksTJ8beQLS2b6Tyhq2CZnX1U3eSII/jgORiijCWKcC0ajPsaKD2d/YtwoB
WOZ465yebj4/wsDF6kvmCOeXCcA4BZlGG7bziyjn7bWzAcXqNXxzivsHSFaeEe4/
xfFLJU9ez9WK9xyUxY2kr41jiWZZTc4SQ0ctyAkl5/ndux+qjVnAvHuQ7tUJu7zh
moi1r8dGy3G9xinPDFcKZcLbdyAeIuTgwuSwd93PbHqv5dlz6biDflbRJQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFAXhBIGN9mhXeWY3hApA1b+OuGDBMB8GA1UdIwQY
MBaAFKBIRa8dwAh7J0zuUqSp4IgDNUNdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0VoRnJ4M0FDSHNuVE81U3BLbmdpQU0xUTEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9lNTVlMzAtOTdjNi00MGU2LTgxYjct
NTA3MDExNTcwZWU2LzEvQmVFRWdZMzJhRmQ1WmplRUNrRFZ2NDY0WU1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9lNTVlMzAtOTdjNi00MGU2LTgxYjctNTA3MDExNTcwZWU2
LzEvb0VoRnJ4M0FDSHNuVE81U3BLbmdpQU0xUTEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCLusIAwQA
LusPMAwDBAWy0qADBAGy0rQwDQYJKoZIhvcNAQELBQADggEBAFFuY/2urDWtYqjd
jLu8Fao3uaXNogwUf2dAaiIxmfL+ChAqfHTBkuRcK+aIS/3nnJ5bDFbjXHMvyatJ
i87WDYEZj7HDecBuKFufTDYsucPoKH/+BnHRcpMTRcQtyfxWbJo7cDWkfbeo28Y0
834JzmDH4wf41t22SKR7jmGbokwSEqmVepWGzUviGcvBgWksRUihbQkmJpTSsMov
rhYiZfrNYXeoP65LlwDT9yLibjPN/maAnpW0d2wxzMj6kslJQ8yefZE2aiDYif3e
2hFlJUCb4FR6UYND2JBMXXsw7IEZGPyuEPw5E5Lh3V2lDMfu5g+JNUGd4n5YmfRn
V1rm9qQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:56 2024 by rpki-client on console-ams.rpki-client.org