Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/d37915-6a39-44d1-8e21-4ba3fc3484ce/1/E6f-I9hdzRkiAgHcYn0Pt2M3OZc.roa
File: E6f-I9hdzRkiAgHcYn0Pt2M3OZc.roa (raw, json)
Hash identifier: PVVNjZCrv9VpuZjSeBR65g8MyGUAdBFDCvLnMLBZhIA=
Subject key identifier: 13:A7:FE:23:D8:5D:CD:19:22:02:01:DC:62:7D:0F:B7:63:37:39:97
Certificate issuer: /CN=064983d3a4a1c26aa295034869c584f757380b2b
Certificate serial: 01821BD1FE586CD00A9BE797E4D55D0B62E6
Authority key identifier: 06:49:83:D3:A4:A1:C2:6A:A2:95:03:48:69:C5:84:F7:57:38:0B:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BkmD06ShwmqilQNIacWE91c4Cys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/d37915-6a39-44d1-8e21-4ba3fc3484ce/1/E6f-I9hdzRkiAgHcYn0Pt2M3OZc.roa
Signing time: Wed 20 Jul 2022 13:35:23 +0000
ROA not before: Wed 20 Jul 2022 13:35:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31500
IP address blocks: 178.18.232.0/24 maxlen: 24
178.18.231.0/24 maxlen: 24
178.18.229.0/24 maxlen: 24
178.18.228.0/24 maxlen: 24
2a03:5f80:2:10::/64 maxlen: 64
2a03:5f80::/46 maxlen: 46
2a03:5f80:8::/46 maxlen: 46
2a03:5f80:a::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:1b:d1:fe:58:6c:d0:0a:9b:e7:97:e4:d5:5d:0b:62:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=064983d3a4a1c26aa295034869c584f757380b2b
Validity
Not Before: Jul 20 13:35:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=13a7fe23d85dcd19220201dc627d0fb763373997
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:e7:3b:f5:07:b3:49:fa:d8:f0:6f:c5:4b:05:
f6:72:6a:94:83:bf:7f:44:23:e3:09:9b:f2:f2:b9:
dc:12:2e:a0:14:8e:78:46:04:fb:a6:55:e9:8d:a2:
54:a5:a4:a6:9e:a0:65:93:01:f8:91:0a:04:1e:fe:
73:a9:20:c7:f7:9a:fe:6c:50:5a:2f:9b:2c:b8:f1:
7e:fb:44:d1:7a:fb:01:b7:08:e1:f5:c9:8a:9e:43:
13:3d:d7:bd:37:7b:55:48:63:41:80:0a:7f:72:6d:
69:4e:12:f3:ea:b8:f5:10:ad:d1:8c:7b:68:3f:57:
ef:c4:4b:9b:f7:bb:ef:e9:65:31:32:07:4b:f8:86:
1a:79:a7:6c:6f:1c:50:d1:b6:6d:17:19:1d:ea:d9:
ac:a6:dc:6c:c6:f7:5d:c7:dd:f4:60:b0:de:b4:41:
14:88:e0:ae:41:a6:82:11:5f:48:46:ba:d1:82:75:
e7:2a:40:18:83:29:9d:b2:d6:fc:c0:73:5f:19:b8:
d9:11:a3:a1:ed:23:1d:c5:97:4b:be:4a:72:dd:92:
04:0b:46:5f:72:0a:56:ba:0a:a8:13:8d:22:c8:aa:
7e:f2:2d:07:bd:5b:e5:f4:b6:56:bf:a2:76:19:5a:
e6:f5:47:4c:22:78:19:e0:e2:49:d8:85:4b:11:ec:
b8:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:A7:FE:23:D8:5D:CD:19:22:02:01:DC:62:7D:0F:B7:63:37:39:97
X509v3 Authority Key Identifier:
keyid:06:49:83:D3:A4:A1:C2:6A:A2:95:03:48:69:C5:84:F7:57:38:0B:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BkmD06ShwmqilQNIacWE91c4Cys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/d37915-6a39-44d1-8e21-4ba3fc3484ce/1/E6f-I9hdzRkiAgHcYn0Pt2M3OZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/d37915-6a39-44d1-8e21-4ba3fc3484ce/1/BkmD06ShwmqilQNIacWE91c4Cys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.18.228.0/23
178.18.231.0-178.18.232.255
IPv6:
2a03:5f80::/46
2a03:5f80:8::/46
Signature Algorithm: sha256WithRSAEncryption
22:c2:c8:4f:3a:20:1d:aa:a3:a7:d0:ea:1c:45:46:59:12:ea:
b9:e7:fe:7d:23:e4:ca:97:f6:5a:26:d0:cd:55:da:3f:01:15:
1e:c3:d7:ae:55:90:e9:b6:fd:24:3b:23:29:3d:a5:81:e1:66:
6e:98:e0:79:a9:10:41:cb:5a:b2:9b:c3:e8:97:59:12:72:d5:
3d:94:d2:0e:50:79:55:7e:8c:91:e9:88:9e:86:b8:cc:33:2b:
90:73:a7:99:65:14:59:f2:b2:84:9f:28:17:31:81:d7:83:81:
4a:ad:39:97:cd:59:b3:c5:38:84:28:d1:b7:24:73:62:4f:36:
41:1e:96:fd:d8:72:21:9d:f0:43:b3:18:f5:28:51:b7:48:9c:
75:83:3c:92:3f:08:00:a2:96:10:5d:b6:14:7b:47:13:ef:43:
70:8d:91:f9:11:50:b0:dc:e5:e3:fa:84:9e:df:04:49:42:ca:
55:e6:08:8f:31:5f:46:89:96:4c:c8:6f:d3:be:35:90:ff:57:
09:74:e6:8f:6e:a3:e5:90:7c:5c:2c:87:00:cd:60:5b:06:72:
82:bc:c5:33:a0:06:d1:d1:48:8e:ba:b8:8f:fd:b1:56:69:9c:
b1:98:b0:09:18:bf:a5:77:d9:71:e7:ae:2e:b9:8a:e8:17:c1:
48:b5:92:bc
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYIb0f5YbNAKm+eX5NVdC2LmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NDk4M2QzYTRhMWMyNmFhMjk1MDM0ODY5YzU4NGY3NTcz
ODBiMmIwHhcNMjIwNzIwMTMzNTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2E3ZmUyM2Q4NWRjZDE5MjIwMjAxZGM2MjdkMGZiNzYzMzczOTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+c79QezSfrY8G/FSwX2cmqUg79/
RCPjCZvy8rncEi6gFI54RgT7plXpjaJUpaSmnqBlkwH4kQoEHv5zqSDH95r+bFBa
L5ssuPF++0TRevsBtwjh9cmKnkMTPde9N3tVSGNBgAp/cm1pThLz6rj1EK3RjHto
P1fvxEub97vv6WUxMgdL+IYaeadsbxxQ0bZtFxkd6tmsptxsxvddx930YLDetEEU
iOCuQaaCEV9IRrrRgnXnKkAYgymdstb8wHNfGbjZEaOh7SMdxZdLvkpy3ZIEC0Zf
cgpWugqoE40iyKp+8i0HvVvl9LZWv6J2GVrm9UdMIngZ4OJJ2IVLEey4kQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFBOn/iPYXc0ZIgIB3GJ9D7djNzmXMB8GA1UdIwQY
MBaAFAZJg9OkocJqopUDSGnFhPdXOAsrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmttRDA2U2h3bXFpbFFOSWFjV0U5MWM0Q3lzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi9kMzc5MTUtNmEzOS00NGQxLThlMjEt
NGJhM2ZjMzQ4NGNlLzEvRTZmLUk5aGR6UmtpQWdIY1luMFB0Mk0zT1pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi9kMzc5MTUtNmEzOS00NGQxLThlMjEtNGJhM2ZjMzQ4NGNl
LzEvQmttRDA2U2h3bXFpbFFOSWFjV0U5MWM0Q3lzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAaBAIAATAUAwQBshLkMAwD
BACyEucDBACyEugwGAQCAAIwEgMHAioDX4AAAAMHAioDX4AACDANBgkqhkiG9w0B
AQsFAAOCAQEAIsLITzogHaqjp9DqHEVGWRLquef+fSPkypf2WibQzVXaPwEVHsPX
rlWQ6bb9JDsjKT2lgeFmbpjgeakQQctaspvD6JdZEnLVPZTSDlB5VX6MkemInoa4
zDMrkHOnmWUUWfKyhJ8oFzGB14OBSq05l81Zs8U4hCjRtyRzYk82QR6W/dhyIZ3w
Q7MY9ShRt0icdYM8kj8IAKKWEF22FHtHE+9DcI2R+RFQsNzl4/qEnt8ESULKVeYI
jzFfRomWTMhv0741kP9XCXTmj26j5ZB8XCyHAM1gWwZygrzFM6AG0dFIjrq4j/2x
VmmcsZiwCRi/pXfZceeuLrmK6BfBSLWSvA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:30 2023 by rpki-client on console-fra.rpki-client.org