Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/1-7FuvyFmzN9LLkXCe3lpDRHvvvs.roa
File: 1-7FuvyFmzN9LLkXCe3lpDRHvvvs.roa (raw, json)
Hash identifier: maNZxUxmpzN449ebcQ5PNtb11/wCINzSRFQPDTZNC+4=
Subject key identifier: FB:B1:6E:BF:21:66:CC:DF:4B:2E:45:C2:7B:79:69:0D:11:EF:BE:FB
Certificate issuer: /CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Certificate serial: 018B5D84C0CDA2F28FAD8F97E05842A44337
Authority key identifier: 1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/1-7FuvyFmzN9LLkXCe3lpDRHvvvs.roa
Signing time: Mon 23 Oct 2023 17:11:03 +0000
ROA not before: Mon 23 Oct 2023 17:11:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.213.174.0/24 maxlen: 24
91.213.186.0/24 maxlen: 24
194.156.151.0/24 maxlen: 24
45.150.197.0/24 maxlen: 24
45.83.238.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:5d:84:c0:cd:a2:f2:8f:ad:8f:97:e0:58:42:a4:43:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Validity
Not Before: Oct 23 17:11:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fbb16ebf2166ccdf4b2e45c27b79690d11efbefb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:04:12:6f:b8:41:47:50:0c:4a:16:b2:41:87:
13:98:29:81:22:b6:e2:31:be:16:06:96:37:12:09:
69:ab:89:15:4c:d9:c7:e4:e3:1d:7b:87:8e:0b:1d:
90:cc:18:13:1b:84:be:41:87:42:19:c9:b6:ff:0c:
13:eb:d4:82:1a:db:b4:9b:18:fb:58:8b:74:ca:4a:
7a:be:2a:3a:e4:8d:78:c4:fe:8b:1d:bd:31:ba:9a:
71:ee:27:b1:62:15:cd:ec:ca:24:59:ab:8b:40:f3:
db:77:ba:a2:a0:17:f7:9e:ae:ad:53:60:5a:a7:f8:
51:c2:6f:47:c9:4e:39:92:42:ca:44:48:14:6d:8c:
26:d6:fb:21:d0:a1:ce:31:e8:95:70:dd:fe:bd:1a:
92:37:23:96:d6:22:f7:a9:94:af:61:d5:fd:a5:10:
8f:4a:eb:b6:54:52:a0:d6:1c:2b:d2:ff:99:02:d1:
0e:cd:0d:2f:05:cb:57:2a:72:60:a9:50:bf:d0:23:
24:0e:87:1c:d7:c8:46:38:67:87:12:c3:7d:c1:9d:
6c:03:3b:a8:4f:f0:43:65:36:15:48:49:e2:6a:f8:
09:1e:46:c8:f9:57:e1:44:d3:12:8f:6b:22:97:5c:
b7:5c:45:9a:25:12:73:7d:37:4f:7d:55:b7:fd:0c:
69:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:B1:6E:BF:21:66:CC:DF:4B:2E:45:C2:7B:79:69:0D:11:EF:BE:FB
X509v3 Authority Key Identifier:
keyid:1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/1-7FuvyFmzN9LLkXCe3lpDRHvvvs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.238.0/24
45.150.197.0/24
91.213.174.0/24
91.213.186.0/24
194.156.151.0/24
Signature Algorithm: sha256WithRSAEncryption
41:8a:53:0b:b6:16:cb:4f:b4:75:7b:9a:67:8c:24:38:68:94:
8d:89:7a:07:cf:05:59:85:26:5a:95:36:77:bd:33:97:76:70:
17:9c:40:96:f4:17:34:52:eb:58:12:ee:5c:a0:31:99:98:b5:
5b:c4:5b:d6:f9:3f:7e:31:9e:08:2a:7e:40:b0:25:7a:30:17:
59:ac:75:94:ff:77:70:c5:0c:36:74:d2:d0:0b:50:1f:1b:87:
9d:95:0a:8c:91:19:67:ac:4a:8c:4e:6a:bf:41:49:8f:a4:fe:
c5:ea:71:cc:61:b3:ce:86:65:3c:96:be:2c:8b:73:08:cd:d3:
9b:9d:55:39:f7:72:0f:10:e1:59:9d:02:34:5a:6f:12:55:7a:
f5:af:57:e7:2a:c9:ec:ba:0f:39:9a:04:1a:b1:38:fc:ad:7d:
9e:a1:c0:75:d0:e5:6f:07:a1:ab:00:43:a5:d0:ae:69:67:c6:
d4:97:d9:56:49:e7:77:f9:23:76:b8:83:24:b8:16:d1:3d:cc:
c0:b1:97:d3:22:43:6d:4b:d0:86:da:8a:b5:26:d4:13:dd:5a:
31:97:38:7c:df:d1:49:bd:c5:ee:3a:1a:bb:cd:af:14:6e:a2:
0e:b4:ce:f1:39:1c:7d:1d:9f:b5:cd:68:73:fd:df:71:23:a1:
0a:7d:7c:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYtdhMDNovKPrY+X4FhCpEM3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDczODM4OWNiM2I5OThlYzRmYTZkNDI3MmY4ZGQ3OTlm
YmM0YTkwHhcNMjMxMDIzMTcxMTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmIxNmViZjIxNjZjY2RmNGIyZTQ1YzI3Yjc5NjkwZDExZWZiZWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjAQSb7hBR1AMShayQYcTmCmBIrbi
Mb4WBpY3Eglpq4kVTNnH5OMde4eOCx2QzBgTG4S+QYdCGcm2/wwT69SCGtu0mxj7
WIt0ykp6vio65I14xP6LHb0xuppx7iexYhXN7MokWauLQPPbd7qioBf3nq6tU2Ba
p/hRwm9HyU45kkLKREgUbYwm1vsh0KHOMeiVcN3+vRqSNyOW1iL3qZSvYdX9pRCP
Suu2VFKg1hwr0v+ZAtEOzQ0vBctXKnJgqVC/0CMkDocc18hGOGeHEsN9wZ1sAzuo
T/BDZTYVSEniavgJHkbI+VfhRNMSj2sil1y3XEWaJRJzfTdPfVW3/QxpyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPuxbr8hZszfSy5Fwnt5aQ0R7777MB8GA1UdIwQY
MBaAFB9HODics7mY7E+m1CcvjdeZ+8SpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjIt
NmM3ZTU2ODU4OTBjLzEvMS03RnV2eUZtek45TExrWENlM2xwRFJIdnZ2cy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzUvNTE3Njk0LWM4YTEtNDU4Yi05Y2YyLTZjN2U1Njg1ODkw
Yy8xL0gwYzRPSnl6dVpqc1Q2YlVKeS1OMTVuN3hLay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAC1T7gME
AC2WxQMEAFvVrgMEAFvVugMEAMKclzANBgkqhkiG9w0BAQsFAAOCAQEAQYpTC7YW
y0+0dXuaZ4wkOGiUjYl6B88FWYUmWpU2d70zl3ZwF5xAlvQXNFLrWBLuXKAxmZi1
W8Rb1vk/fjGeCCp+QLAlejAXWax1lP93cMUMNnTS0AtQHxuHnZUKjJEZZ6xKjE5q
v0FJj6T+xepxzGGzzoZlPJa+LItzCM3Tm51VOfdyDxDhWZ0CNFpvElV69a9X5yrJ
7LoPOZoEGrE4/K19nqHAddDlbwehqwBDpdCuaWfG1JfZVknnd/kjdriDJLgW0T3M
wLGX0yJDbUvQhtqKtSbUE91aMZc4fN/RSb3F7joau82vFG6iDrTO8TkcfR2ftc1o
c/3fcSOhCn185w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:14 2024 by rpki-client on console-ams.rpki-client.org