Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/G9DV_K6Xg77CtrKVuj5HRkANN4k.roa
File: G9DV_K6Xg77CtrKVuj5HRkANN4k.roa (raw, json)
Hash identifier: LO7MfqmOXENo8L3vSj0Ox5JFyUL8Mzpw1QIqW+fEhWY=
Subject key identifier: 1B:D0:D5:FC:AE:97:83:BE:C2:B6:B2:95:BA:3E:47:46:40:0D:37:89
Certificate issuer: /CN=a04845af1dc0087b274cee52a4a9e0880335435d
Certificate serial: 018E65420FDF7F2CC8F06C4056EE294C16C8
Authority key identifier: A0:48:45:AF:1D:C0:08:7B:27:4C:EE:52:A4:A9:E0:88:03:35:43:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oEhFrx3ACHsnTO5SpKngiAM1Q10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/G9DV_K6Xg77CtrKVuj5HRkANN4k.roa
Signing time: Fri 22 Mar 2024 08:23:31 +0000
ROA not before: Fri 22 Mar 2024 08:23:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42910
IP address blocks: 46.235.8.0/24 maxlen: 32
46.235.9.0/24 maxlen: 24
46.235.10.0/24 maxlen: 32
46.235.11.0/24 maxlen: 32
178.210.160.0/24 maxlen: 24
178.210.161.0/24 maxlen: 24
178.210.162.0/24 maxlen: 24
178.210.163.0/24 maxlen: 24
178.210.164.0/24 maxlen: 24
178.210.165.0/24 maxlen: 24
178.210.166.0/24 maxlen: 24
178.210.168.0/24 maxlen: 24
178.210.169.0/24 maxlen: 24
178.210.170.0/24 maxlen: 24
178.210.171.0/24 maxlen: 24
178.210.172.0/24 maxlen: 24
178.210.173.0/24 maxlen: 24
178.210.174.0/24 maxlen: 24
178.210.175.0/24 maxlen: 24
178.210.176.0/24 maxlen: 24
178.210.177.0/24 maxlen: 24
178.210.178.0/24 maxlen: 32
178.210.179.0/24 maxlen: 32
178.210.180.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:65:42:0f:df:7f:2c:c8:f0:6c:40:56:ee:29:4c:16:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a04845af1dc0087b274cee52a4a9e0880335435d
Validity
Not Before: Mar 22 08:23:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1bd0d5fcae9783bec2b6b295ba3e4746400d3789
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:24:34:13:ca:14:59:a1:28:8d:4d:33:2f:81:
ad:69:f1:90:2d:93:41:06:16:d0:b0:0c:83:46:70:
fe:61:27:08:01:13:f5:36:89:1b:0c:59:05:ba:83:
2c:84:5b:b5:84:f1:b5:55:67:72:05:1a:39:4c:c7:
a9:5e:54:ee:9f:f7:76:57:65:ac:7c:03:67:45:3a:
26:80:45:73:90:92:f6:d3:45:42:b5:15:1c:f8:3b:
6c:6a:67:9a:af:ac:68:be:ea:03:43:6c:5e:01:c2:
bc:df:eb:4f:42:7f:34:3e:15:b5:72:10:0f:f1:24:
0e:3f:04:72:8a:30:af:ad:2b:52:56:3d:47:f7:f2:
01:2b:7f:45:3e:d0:72:0c:05:bd:01:9e:d5:6f:ba:
07:f6:fa:9c:e5:4c:b8:df:5c:44:08:99:7c:6f:ab:
38:5f:7c:9e:57:8c:b7:8c:13:03:ff:e3:93:b2:d5:
a6:b8:88:69:5f:a4:e0:23:da:c2:eb:fe:cd:4d:ac:
5d:28:0d:9e:54:a1:7d:5b:e2:9b:0a:ce:d5:33:84:
46:56:2e:8c:86:be:bb:38:da:8e:b5:e3:c5:79:84:
da:f1:39:75:af:97:53:4e:e6:0b:58:22:92:2c:77:
02:bc:51:c6:da:80:3d:d8:7d:90:e4:eb:0c:ca:06:
85:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:D0:D5:FC:AE:97:83:BE:C2:B6:B2:95:BA:3E:47:46:40:0D:37:89
X509v3 Authority Key Identifier:
keyid:A0:48:45:AF:1D:C0:08:7B:27:4C:EE:52:A4:A9:E0:88:03:35:43:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oEhFrx3ACHsnTO5SpKngiAM1Q10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/G9DV_K6Xg77CtrKVuj5HRkANN4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/oEhFrx3ACHsnTO5SpKngiAM1Q10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.8.0/22
178.210.160.0-178.210.166.255
178.210.168.0-178.210.180.255
Signature Algorithm: sha256WithRSAEncryption
67:17:a8:01:e9:9d:aa:ce:1b:be:c4:2e:fa:a1:5d:8e:c4:c4:
44:8d:d0:44:da:d2:9c:cb:20:27:2a:88:cc:96:c5:ef:02:51:
98:b1:74:d6:77:e7:43:d0:d0:17:84:c3:63:fd:95:1e:db:c4:
d7:05:8e:a4:ae:57:52:21:a8:85:e3:0d:ea:f1:50:0e:85:52:
58:e9:87:3f:38:3a:3f:39:6c:68:0a:dd:e7:67:3a:4b:5b:ba:
1f:9f:14:7c:5d:60:25:89:22:a5:49:85:a3:73:6f:43:be:9d:
e1:5a:0e:48:07:9c:b1:cb:77:1d:b8:3b:39:7d:8c:3f:96:4b:
7a:6b:4b:45:e3:53:3d:c0:16:f0:e0:e7:9a:eb:3d:60:38:20:
21:c7:85:95:03:dd:06:82:2b:69:70:03:55:36:b2:85:3c:38:
a5:82:69:97:31:75:7c:a0:82:34:1e:64:06:59:23:f7:f1:f0:
73:b2:19:3b:da:e2:3e:16:5d:3d:67:58:1a:19:b7:33:85:b4:
6b:16:88:a9:77:e8:51:fe:c7:7f:b0:bb:7d:59:74:9a:2d:71:
a9:4b:ea:6f:42:d3:16:0a:6b:d2:b4:68:94:7d:54:2a:ad:43:
ce:b9:b1:80:92:ff:8c:2d:5a:ef:fe:2a:52:d3:a4:48:42:8d:
e4:e5:64:64
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAY5lQg/ffyzI8GxAVu4pTBbIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNDg0NWFmMWRjMDA4N2IyNzRjZWU1MmE0YTllMDg4MDMz
NTQzNWQwHhcNMjQwMzIyMDgyMzMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmQwZDVmY2FlOTc4M2JlYzJiNmIyOTViYTNlNDc0NjQwMGQzNzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAriQ0E8oUWaEojU0zL4GtafGQLZNB
BhbQsAyDRnD+YScIARP1NokbDFkFuoMshFu1hPG1VWdyBRo5TMepXlTun/d2V2Ws
fANnRTomgEVzkJL200VCtRUc+Dtsamear6xovuoDQ2xeAcK83+tPQn80PhW1chAP
8SQOPwRyijCvrStSVj1H9/IBK39FPtByDAW9AZ7Vb7oH9vqc5Uy431xECJl8b6s4
X3yeV4y3jBMD/+OTstWmuIhpX6TgI9rC6/7NTaxdKA2eVKF9W+KbCs7VM4RGVi6M
hr67ONqOtePFeYTa8Tl1r5dTTuYLWCKSLHcCvFHG2oA92H2Q5OsMygaFzwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFBvQ1fyul4O+wraylbo+R0ZADTeJMB8GA1UdIwQY
MBaAFKBIRa8dwAh7J0zuUqSp4IgDNUNdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0VoRnJ4M0FDSHNuVE81U3BLbmdpQU0xUTEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9lNTVlMzAtOTdjNi00MGU2LTgxYjct
NTA3MDExNTcwZWU2LzEvRzlEVl9LNlhnNzdDdHJLVnVqNUhSa0FOTjRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9lNTVlMzAtOTdjNi00MGU2LTgxYjctNTA3MDExNTcwZWU2
LzEvb0VoRnJ4M0FDSHNuVE81U3BLbmdpQU0xUTEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQCLusIMAwD
BAWy0qADBACy0qYwDAMEA7LSqAMEALLStDANBgkqhkiG9w0BAQsFAAOCAQEAZxeo
Aemdqs4bvsQu+qFdjsTERI3QRNrSnMsgJyqIzJbF7wJRmLF01nfnQ9DQF4TDY/2V
HtvE1wWOpK5XUiGoheMN6vFQDoVSWOmHPzg6PzlsaArd52c6S1u6H58UfF1gJYki
pUmFo3NvQ76d4VoOSAecsct3Hbg7OX2MP5ZLemtLReNTPcAW8ODnmus9YDggIceF
lQPdBoIraXADVTayhTw4pYJplzF1fKCCNB5kBlkj9/Hwc7IZO9riPhZdPWdYGhm3
M4W0axaIqXfoUf7Hf7C7fVl0mi1xqUvqb0LTFgpr0rRolH1UKq1DzrmxgJL/jC1a
7/4qUtOkSEKN5OVkZA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:56 2024 by rpki-client on console-ams.rpki-client.org