Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/o8HbxlVxCmLqRvpAnWsDOVL5OnY.roa
File: o8HbxlVxCmLqRvpAnWsDOVL5OnY.roa (raw, json)
Hash identifier: ZtT06hQ3jLhNjnQ2rlglNj3RdaXH8i0bzU8fOiRCAV8=
Subject key identifier: A3:C1:DB:C6:55:71:0A:62:EA:46:FA:40:9D:6B:03:39:52:F9:3A:76
Certificate issuer: /CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Certificate serial: 018A6FE8FB5D71F812A2C76186B1E9AE8162
Authority key identifier: 1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/o8HbxlVxCmLqRvpAnWsDOVL5OnY.roa
Signing time: Thu 07 Sep 2023 13:50:54 +0000
ROA not before: Thu 07 Sep 2023 13:50:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.213.174.0/24 maxlen: 24
91.213.186.0/24 maxlen: 24
194.156.151.0/24 maxlen: 24
45.150.197.0/24 maxlen: 24
45.150.198.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6f:e8:fb:5d:71:f8:12:a2:c7:61:86:b1:e9:ae:81:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Validity
Not Before: Sep 7 13:50:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a3c1dbc655710a62ea46fa409d6b033952f93a76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:0d:fd:8d:49:f1:8a:98:35:7f:20:b9:07:1f:
67:ca:1c:8c:25:61:e9:a0:c7:50:e4:cd:73:9d:50:
a3:c7:e3:73:b8:34:66:49:43:2b:f6:69:61:bd:88:
63:e2:18:dd:39:b0:00:63:f9:76:fc:61:fb:09:69:
b5:2d:e8:a2:28:a1:62:7b:06:2e:85:fa:20:30:49:
a5:0b:d5:e3:d2:89:cb:5e:05:e3:20:bb:b7:6f:c4:
2d:ea:1c:75:85:61:61:05:2a:86:85:92:b8:19:23:
23:e9:b8:6a:c9:5a:32:ef:fd:a2:d5:fc:2b:a7:f4:
45:ae:b5:de:2b:d1:18:1a:e9:62:f4:2d:e1:1f:ee:
62:9c:4e:47:65:aa:5a:69:bb:e4:13:f0:77:e2:84:
9f:fb:14:f4:59:1b:2e:9d:66:2c:df:68:b1:0d:f4:
12:8b:8f:cd:92:aa:89:71:b8:8f:a7:18:99:55:8b:
c4:7e:3d:89:1c:bb:4f:0b:be:29:9b:ea:dd:49:2d:
79:75:26:0e:2a:1a:a5:bc:87:c2:0d:28:b3:da:28:
61:f2:13:bc:31:98:ea:d4:ac:cc:95:9a:0c:08:57:
cf:ba:b6:cb:ce:b5:dc:67:df:b8:49:37:ef:9f:1c:
84:ae:60:d2:13:cc:e3:9a:ee:86:7e:ed:e5:4e:a7:
db:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:C1:DB:C6:55:71:0A:62:EA:46:FA:40:9D:6B:03:39:52:F9:3A:76
X509v3 Authority Key Identifier:
keyid:1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/o8HbxlVxCmLqRvpAnWsDOVL5OnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.197.0-45.150.199.255
91.213.174.0/24
91.213.186.0/24
194.156.151.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:c3:cc:f6:29:3c:37:79:61:5f:47:33:46:1d:53:21:71:a5:
cc:d8:68:ad:3f:43:52:67:e6:89:fd:c8:a2:1e:aa:56:47:94:
5c:93:9a:8c:74:59:af:06:e1:ed:06:b2:af:12:a9:a7:52:f0:
5d:b9:49:c2:46:57:38:87:de:c2:6d:94:86:b0:4e:ee:df:83:
ad:72:69:c6:e9:0f:e9:b4:1f:99:2f:2e:d9:f3:00:20:58:32:
bc:9a:5a:85:3a:3a:dc:47:4d:75:ca:c6:89:d1:b5:9a:05:ff:
41:d5:8b:c3:c2:72:04:dc:80:de:0e:c4:d4:e6:d4:d8:3d:94:
99:97:f3:28:62:ea:d6:76:81:f1:69:58:79:76:35:d0:9c:1e:
70:f7:8b:84:65:35:7f:8a:93:c2:69:41:4b:14:d5:d3:58:88:
dd:16:88:e6:85:70:14:a2:52:80:8d:8d:59:06:f5:68:6d:9d:
22:79:a0:fb:da:7b:ce:2f:71:d8:67:40:e4:3c:18:08:15:c2:
8d:7f:29:7c:8b:34:11:ec:bd:5d:2e:56:7d:32:64:22:f8:4f:
d5:ba:0c:f0:ab:e1:ee:6b:24:82:6a:90:df:99:8b:ab:3c:07:
3c:8b:84:27:2f:cc:20:79:ff:c6:97:c1:2a:aa:90:c4:15:93:
5a:d1:47:da
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYpv6PtdcfgSosdhhrHproFiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDczODM4OWNiM2I5OThlYzRmYTZkNDI3MmY4ZGQ3OTlm
YmM0YTkwHhcNMjMwOTA3MTM1MDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2MxZGJjNjU1NzEwYTYyZWE0NmZhNDA5ZDZiMDMzOTUyZjkzYTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmw39jUnxipg1fyC5Bx9nyhyMJWHp
oMdQ5M1znVCjx+NzuDRmSUMr9mlhvYhj4hjdObAAY/l2/GH7CWm1LeiiKKFiewYu
hfogMEmlC9Xj0onLXgXjILu3b8Qt6hx1hWFhBSqGhZK4GSMj6bhqyVoy7/2i1fwr
p/RFrrXeK9EYGuli9C3hH+5inE5HZapaabvkE/B34oSf+xT0WRsunWYs32ixDfQS
i4/NkqqJcbiPpxiZVYvEfj2JHLtPC74pm+rdSS15dSYOKhqlvIfCDSiz2ihh8hO8
MZjq1KzMlZoMCFfPurbLzrXcZ9+4STfvnxyErmDSE8zjmu6Gfu3lTqfbPQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFKPB28ZVcQpi6kb6QJ1rAzlS+Tp2MB8GA1UdIwQY
MBaAFB9HODics7mY7E+m1CcvjdeZ+8SpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjIt
NmM3ZTU2ODU4OTBjLzEvbzhIYnhsVnhDbUxxUnZwQW5Xc0RPVkw1T25ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjItNmM3ZTU2ODU4OTBj
LzEvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAAtlsUD
BAMtlsADBABb1a4DBABb1boDBADCnJcwDQYJKoZIhvcNAQELBQADggEBAKjDzPYp
PDd5YV9HM0YdUyFxpczYaK0/Q1Jn5on9yKIeqlZHlFyTmox0Wa8G4e0Gsq8SqadS
8F25ScJGVziH3sJtlIawTu7fg61yacbpD+m0H5kvLtnzACBYMryaWoU6OtxHTXXK
xonRtZoF/0HVi8PCcgTcgN4OxNTm1Ng9lJmX8yhi6tZ2gfFpWHl2NdCcHnD3i4Rl
NX+Kk8JpQUsU1dNYiN0WiOaFcBSiUoCNjVkG9WhtnSJ5oPvae84vcdhnQOQ8GAgV
wo1/KXyLNBHsvV0uVn0yZCL4T9W6DPCr4e5rJIJqkN+Zi6s8BzyLhCcvzCB5/8aX
wSqqkMQVk1rRR9o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:13 2024 by rpki-client on console-fra.rpki-client.org