Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/d37915-6a39-44d1-8e21-4ba3fc3484ce/1/cLgyvD1vyGxaomNQ108krdrN_Ls.roa
File: cLgyvD1vyGxaomNQ108krdrN_Ls.roa (raw, json)
Hash identifier: aVv2JKB1Dnz/LwFUzJvgHcP38GxKERHRkDNr2qjceWk=
Subject key identifier: 70:B8:32:BC:3D:6F:C8:6C:5A:A2:63:50:D7:4F:24:AD:DA:CD:FC:BB
Certificate issuer: /CN=064983d3a4a1c26aa295034869c584f757380b2b
Certificate serial: 01856D0AE4EBA91D38575376D94CC6D9D937
Authority key identifier: 06:49:83:D3:A4:A1:C2:6A:A2:95:03:48:69:C5:84:F7:57:38:0B:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BkmD06ShwmqilQNIacWE91c4Cys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/d37915-6a39-44d1-8e21-4ba3fc3484ce/1/cLgyvD1vyGxaomNQ108krdrN_Ls.roa
Signing time: Sun 01 Jan 2023 11:15:08 +0000
ROA not before: Sun 01 Jan 2023 11:15:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50952
IP address blocks: 178.18.231.0/24 maxlen: 24
178.18.233.0/24 maxlen: 24
178.18.230.0/24 maxlen: 24
178.18.235.0/24 maxlen: 24
2a03:5f80:8::/46 maxlen: 46
2a03:5f80:4:1::/64 maxlen: 64
2a03:5f80:7::/64 maxlen: 64
2a03:5f80:4:4::/64 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:e4:eb:a9:1d:38:57:53:76:d9:4c:c6:d9:d9:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=064983d3a4a1c26aa295034869c584f757380b2b
Validity
Not Before: Jan 1 11:15:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70b832bc3d6fc86c5aa26350d74f24addacdfcbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:dd:5c:dc:cd:d3:b0:ed:5a:d4:a3:c3:73:4b:
a3:12:ee:01:33:d3:77:7f:06:f6:67:d1:91:bf:43:
dd:cd:5e:ec:c9:5f:cd:40:9f:b7:15:98:14:25:e6:
4a:b0:ac:8f:d6:e4:dd:ba:2c:7f:a9:08:f2:d4:a6:
ec:03:5e:1d:95:38:62:78:ff:1a:21:60:37:7f:60:
fd:24:82:9b:6a:49:c6:bb:01:6a:30:d2:a9:cf:12:
46:63:4f:dc:66:dc:dd:81:66:fd:9c:58:fd:6a:4c:
73:5c:fc:b8:cb:39:a6:5d:01:28:35:61:57:65:2b:
4d:1f:e6:fb:bf:d1:40:a6:59:8a:a9:4a:f4:3b:fa:
aa:03:32:c2:7c:2a:cf:15:bc:b6:0d:0a:d8:80:70:
17:83:b0:66:b7:da:49:a6:d0:23:94:31:f1:74:a7:
9e:56:77:29:4f:d3:d8:34:ad:96:f2:95:76:d1:4b:
04:47:7e:3b:ad:8a:ff:bc:77:bf:0b:72:36:a4:6b:
b0:71:47:5b:b1:ea:d4:df:09:80:32:31:1a:d0:3d:
92:5c:fa:8f:9a:8a:29:d7:10:3a:31:b9:ca:ea:85:
53:cb:1b:c2:f7:be:85:02:b3:5b:dc:1e:2f:7c:4c:
5c:35:27:df:b2:3f:98:78:af:22:18:ec:95:15:47:
8c:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:B8:32:BC:3D:6F:C8:6C:5A:A2:63:50:D7:4F:24:AD:DA:CD:FC:BB
X509v3 Authority Key Identifier:
keyid:06:49:83:D3:A4:A1:C2:6A:A2:95:03:48:69:C5:84:F7:57:38:0B:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BkmD06ShwmqilQNIacWE91c4Cys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/d37915-6a39-44d1-8e21-4ba3fc3484ce/1/cLgyvD1vyGxaomNQ108krdrN_Ls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/d37915-6a39-44d1-8e21-4ba3fc3484ce/1/BkmD06ShwmqilQNIacWE91c4Cys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.18.230.0/23
178.18.233.0/24
178.18.235.0/24
IPv6:
2a03:5f80:4:1::/64
2a03:5f80:4:4::/64
2a03:5f80:7::/64
2a03:5f80:8::/46
Signature Algorithm: sha256WithRSAEncryption
1c:28:34:e4:f4:21:05:e7:f7:ff:ed:6b:dd:b5:7e:c5:6f:c5:
7a:3f:cc:fe:ca:99:00:a7:01:6e:00:b1:ac:35:f5:75:14:d3:
55:d9:65:17:c3:f1:2a:1d:95:91:6f:a1:5c:71:bb:43:8b:55:
4f:a6:a0:a5:b6:cb:71:4a:f9:8f:54:e8:2c:2c:7d:e3:9e:46:
56:7a:18:87:af:21:af:03:4f:37:fd:4d:07:34:dc:64:10:ae:
f5:0a:8e:34:de:35:64:a5:6f:fa:5a:db:7c:94:3f:cd:cf:4e:
5b:aa:30:a9:c6:58:d0:c5:9c:75:05:c3:fa:fe:23:3a:96:a4:
f4:38:4a:70:dc:7a:f1:56:ff:d6:bb:d7:0b:2a:e7:e5:7f:bd:
fa:70:2d:bd:8b:9a:80:9b:b8:65:92:5b:d3:3a:b5:6f:d6:2c:
21:ee:8b:8e:4b:07:f2:ee:60:f2:b3:9c:d0:35:54:55:4b:84:
1b:9d:43:2e:d9:73:1f:f3:28:dc:d4:4d:76:e6:1a:d2:7f:e5:
f1:ec:dc:49:93:e2:5f:36:51:3e:d6:c6:1b:4c:80:5b:22:53:
17:16:9a:af:ba:b2:aa:c1:63:21:38:b2:30:9d:71:68:09:f3:
67:14:26:cd:13:dd:d7:b6:35:c6:23:73:d6:a6:da:30:6e:9f:
c8:ec:c7:f2
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYVtCuTrqR04V1N22UzG2dk3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NDk4M2QzYTRhMWMyNmFhMjk1MDM0ODY5YzU4NGY3NTcz
ODBiMmIwHhcNMjMwMTAxMTExNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGI4MzJiYzNkNmZjODZjNWFhMjYzNTBkNzRmMjRhZGRhY2RmY2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgd1c3M3TsO1a1KPDc0ujEu4BM9N3
fwb2Z9GRv0PdzV7syV/NQJ+3FZgUJeZKsKyP1uTduix/qQjy1KbsA14dlThieP8a
IWA3f2D9JIKbaknGuwFqMNKpzxJGY0/cZtzdgWb9nFj9akxzXPy4yzmmXQEoNWFX
ZStNH+b7v9FAplmKqUr0O/qqAzLCfCrPFby2DQrYgHAXg7Bmt9pJptAjlDHxdKee
VncpT9PYNK2W8pV20UsER347rYr/vHe/C3I2pGuwcUdbserU3wmAMjEa0D2SXPqP
moop1xA6MbnK6oVTyxvC976FArNb3B4vfExcNSffsj+YeK8iGOyVFUeM6wIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFHC4Mrw9b8hsWqJjUNdPJK3azfy7MB8GA1UdIwQY
MBaAFAZJg9OkocJqopUDSGnFhPdXOAsrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmttRDA2U2h3bXFpbFFOSWFjV0U5MWM0Q3lzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi9kMzc5MTUtNmEzOS00NGQxLThlMjEt
NGJhM2ZjMzQ4NGNlLzEvY0xneXZEMXZ5R3hhb21OUTEwOGtyZHJOX0xzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi9kMzc5MTUtNmEzOS00NGQxLThlMjEtNGJhM2ZjMzQ4NGNl
LzEvQmttRDA2U2h3bXFpbFFOSWFjV0U5MWM0Q3lzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDAYBAIAATASAwQBshLmAwQA
shLpAwQAshLrMDAEAgACMCoDCQAqA1+AAAQAAQMJACoDX4AABAAEAwkAKgNfgAAH
AAADBwIqA1+AAAgwDQYJKoZIhvcNAQELBQADggEBABwoNOT0IQXn9//ta921fsVv
xXo/zP7KmQCnAW4Asaw19XUU01XZZRfD8SodlZFvoVxxu0OLVU+moKW2y3FK+Y9U
6CwsfeOeRlZ6GIevIa8DTzf9TQc03GQQrvUKjjTeNWSlb/pa23yUP83PTluqMKnG
WNDFnHUFw/r+IzqWpPQ4SnDcevFW/9a71wsq5+V/vfpwLb2LmoCbuGWSW9M6tW/W
LCHui45LB/LuYPKznNA1VFVLhBudQy7Zcx/zKNzUTXbmGtJ/5fHs3EmT4l82UT7W
xhtMgFsiUxcWmq+6sqrBYyE4sjCdcWgJ82cUJs0T3de2NcYjc9am2jBun8jsx/I=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:30 2023 by rpki-client on console-fra.rpki-client.org