Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/_B4CZCuq_LaJcPlMo5hEevoxLwc.roa
File: _B4CZCuq_LaJcPlMo5hEevoxLwc.roa (raw, json)
Hash identifier: bjbSsiu/HqvOt1buNioIs/GYOASKjXSqqcXH4m75foQ=
Subject key identifier: FC:1E:02:64:2B:AA:FC:B6:89:70:F9:4C:A3:98:44:7A:FA:31:2F:07
Certificate issuer: /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Certificate serial: 018A912E118D550BE7041C91A739EA06E2CE
Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/_B4CZCuq_LaJcPlMo5hEevoxLwc.roa
Signing time: Thu 14 Sep 2023 00:53:50 +0000
ROA not before: Thu 14 Sep 2023 00:53:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6079
IP address blocks: 192.46.184.0/22 maxlen: 22
192.46.184.0/21 maxlen: 21
198.151.95.0/24 maxlen: 24
198.151.93.0/24 maxlen: 24
198.151.96.0/20 maxlen: 20
198.151.112.0/20 maxlen: 20
192.46.188.0/24 maxlen: 24
192.46.200.0/22 maxlen: 22
198.151.71.0/24 maxlen: 24
198.151.67.0/24 maxlen: 24
198.151.65.0/24 maxlen: 24
198.151.69.0/24 maxlen: 24
198.151.73.0/24 maxlen: 24
198.151.77.0/24 maxlen: 24
198.151.75.0/24 maxlen: 24
198.151.81.0/24 maxlen: 24
198.151.79.0/24 maxlen: 24
198.151.83.0/24 maxlen: 24
198.151.85.0/24 maxlen: 24
198.151.87.0/24 maxlen: 24
198.151.91.0/24 maxlen: 24
198.151.89.0/24 maxlen: 24
158.120.53.0/24 maxlen: 24
158.120.57.0/24 maxlen: 24
158.120.55.0/24 maxlen: 24
158.120.61.0/24 maxlen: 24
158.120.59.0/24 maxlen: 24
158.120.63.0/24 maxlen: 24
158.120.51.0/24 maxlen: 24
158.120.49.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:91:2e:11:8d:55:0b:e7:04:1c:91:a7:39:ea:06:e2:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Validity
Not Before: Sep 14 00:53:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fc1e02642baafcb68970f94ca398447afa312f07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:1a:a2:2b:ee:6a:7f:8b:61:d3:84:e2:aa:2c:
46:e2:9d:8e:d1:90:95:54:a2:de:9a:29:a8:cd:de:
5d:10:35:b2:bb:d3:9f:d6:d3:5e:dc:6c:09:d1:58:
1f:a3:53:d9:6b:9e:57:2a:8d:31:9f:5a:e4:3d:1e:
86:95:81:a3:36:85:14:8a:eb:8d:99:e8:6c:ea:6a:
93:05:a2:6c:7c:01:02:d4:3d:39:1b:ca:b0:a9:e9:
f6:c9:c7:a6:30:64:e1:b4:a0:2f:bc:91:ae:45:ff:
ab:5e:d7:87:e5:b1:8b:dc:86:c3:83:5b:f3:15:12:
81:6a:90:f4:6e:bc:c3:e5:3a:77:e2:10:9d:8a:31:
be:eb:6e:3d:da:85:3a:d3:90:4f:87:1b:cb:82:a7:
1e:9f:6e:65:c4:96:bd:6c:32:da:5f:42:d2:e9:73:
08:2d:74:20:ef:27:bc:cf:9e:e8:15:57:f5:0d:b1:
45:3c:a5:0b:e4:71:77:a1:70:bb:59:49:97:b3:e6:
29:74:51:39:19:02:0c:33:80:22:98:54:f5:14:7a:
cf:5c:2c:89:9d:a5:ad:80:ae:d9:12:02:b3:de:08:
e7:2b:e2:3f:ca:f4:ed:22:7b:c2:46:63:7a:07:ad:
f0:e1:0f:7f:56:e4:59:a5:62:5a:89:48:c8:17:e9:
05:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:1E:02:64:2B:AA:FC:B6:89:70:F9:4C:A3:98:44:7A:FA:31:2F:07
X509v3 Authority Key Identifier:
keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/_B4CZCuq_LaJcPlMo5hEevoxLwc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.120.49.0/24
158.120.51.0/24
158.120.53.0/24
158.120.55.0/24
158.120.57.0/24
158.120.59.0/24
158.120.61.0/24
158.120.63.0/24
192.46.184.0/21
192.46.200.0/22
198.151.65.0/24
198.151.67.0/24
198.151.69.0/24
198.151.71.0/24
198.151.73.0/24
198.151.75.0/24
198.151.77.0/24
198.151.79.0/24
198.151.81.0/24
198.151.83.0/24
198.151.85.0/24
198.151.87.0/24
198.151.89.0/24
198.151.91.0/24
198.151.93.0/24
198.151.95.0-198.151.127.255
Signature Algorithm: sha256WithRSAEncryption
53:d0:9a:91:b1:0d:d4:d0:81:42:2d:c1:3c:8c:3d:b3:86:a3:
78:e0:57:c5:b6:c0:45:94:e1:4a:fd:d9:75:c5:ea:c9:93:17:
c2:bb:a9:46:2f:79:22:24:7b:fa:09:69:63:16:c1:d2:75:25:
ae:80:c9:56:e5:73:3c:9a:99:3c:74:6c:b7:4e:8d:5c:51:fc:
87:ba:cc:83:49:53:f6:94:b8:20:52:7f:25:75:85:49:a7:81:
4f:16:96:cf:ab:07:e1:8e:91:4d:80:5d:48:8e:66:48:80:06:
41:ec:92:40:8e:31:2d:1a:fe:9a:c0:5b:e8:f5:64:2e:b0:96:
d3:1d:b2:42:ac:10:84:b6:72:fb:48:e5:4a:45:6b:de:24:60:
de:1b:1f:08:50:88:7b:81:01:95:07:21:a9:7e:f3:63:2e:f3:
69:b1:a1:fa:56:05:bb:97:7e:a3:53:80:1d:82:9d:07:a8:e9:
5d:fa:09:2e:55:6c:28:44:c3:c8:c3:d8:11:b9:98:ad:ed:66:
b5:54:a3:7b:5c:22:b8:01:7e:4a:d3:ee:b0:37:72:2f:ab:c4:
77:96:d6:26:98:ed:5a:79:e9:3b:6d:b6:ef:cf:b4:b9:d6:bc:
0d:d0:83:f4:bc:e3:8c:af:89:bb:6a:39:9a:52:52:7d:14:46:
0b:9f:89:a6
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAYqRLhGNVQvnBByRpznqBuLOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0M2U0NDdlZGI4YTVlMGUxYjFkN2Y1Y2RjMjg3YzM2NGE1
ZmIwYjUwHhcNMjMwOTE0MDA1MzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzFlMDI2NDJiYWFmY2I2ODk3MGY5NGNhMzk4NDQ3YWZhMzEyZjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBqiK+5qf4th04TiqixG4p2O0ZCV
VKLemimozd5dEDWyu9Of1tNe3GwJ0Vgfo1PZa55XKo0xn1rkPR6GlYGjNoUUiuuN
mehs6mqTBaJsfAEC1D05G8qwqen2ycemMGThtKAvvJGuRf+rXteH5bGL3IbDg1vz
FRKBapD0brzD5Tp34hCdijG+62492oU605BPhxvLgqcen25lxJa9bDLaX0LS6XMI
LXQg7ye8z57oFVf1DbFFPKUL5HF3oXC7WUmXs+YpdFE5GQIMM4AimFT1FHrPXCyJ
naWtgK7ZEgKz3gjnK+I/yvTtInvCRmN6B63w4Q9/VuRZpWJaiUjIF+kF7QIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFPweAmQrqvy2iXD5TKOYRHr6MS8HMB8GA1UdIwQY
MBaAFHQ+RH7bil4OGx1/XNwofDZKX7C1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDct
NWUwZjRhYjgwOWJiLzEvX0I0Q1pDdXFfTGFKY1BsTW81aEVldm94THdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDctNWUwZjRhYjgwOWJi
LzEvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHBBggrBgEFBQcBBwEB/wSBsTCBrjCBqwQCAAEwgaQDBACe
eDEDBACeeDMDBACeeDUDBACeeDcDBACeeDkDBACeeDsDBACeeD0DBACeeD8DBAPA
LrgDBALALsgDBADGl0EDBADGl0MDBADGl0UDBADGl0cDBADGl0kDBADGl0sDBADG
l00DBADGl08DBADGl1EDBADGl1MDBADGl1UDBADGl1cDBADGl1kDBADGl1sDBADG
l10wDAMEAMaXXwMEB8aXADANBgkqhkiG9w0BAQsFAAOCAQEAU9CakbEN1NCBQi3B
PIw9s4ajeOBXxbbARZThSv3ZdcXqyZMXwrupRi95IiR7+glpYxbB0nUlroDJVuVz
PJqZPHRst06NXFH8h7rMg0lT9pS4IFJ/JXWFSaeBTxaWz6sH4Y6RTYBdSI5mSIAG
QeySQI4xLRr+msBb6PVkLrCW0x2yQqwQhLZy+0jlSkVr3iRg3hsfCFCIe4EBlQch
qX7zYy7zabGh+lYFu5d+o1OAHYKdB6jpXfoJLlVsKETDyMPYEbmYre1mtVSje1wi
uAF+StPusDdyL6vEd5bWJpjtWnnpO22278+0uda8DdCD9LzjjK+Ju2o5mlJSfRRG
C5+Jpg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:15 2024 by rpki-client on console-fra.rpki-client.org