Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/_oIaCxqCC7MOXmJlMF_Qw0iDwZU.roa
File: _oIaCxqCC7MOXmJlMF_Qw0iDwZU.roa (raw, json)
Hash identifier: SQ4ACzZSe9rCMtiHRHhk3eQSpPUr83Owva35S/dMN90=
Subject key identifier: FE:82:1A:0B:1A:82:0B:B3:0E:5E:62:65:30:5F:D0:C3:48:83:C1:95
Certificate issuer: /CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Certificate serial: 0184B9101AA7BEBFCF2F3AD3047C4050A62B
Authority key identifier: 21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/_oIaCxqCC7MOXmJlMF_Qw0iDwZU.roa
Signing time: Sun 27 Nov 2022 12:29:11 +0000
ROA not before: Sun 27 Nov 2022 12:29:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201194
IP address blocks: 45.81.17.0/24 maxlen: 24
45.81.16.0/24 maxlen: 24
45.81.18.0/24 maxlen: 24
45.81.19.0/24 maxlen: 24
185.201.49.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:b9:10:1a:a7:be:bf:cf:2f:3a:d3:04:7c:40:50:a6:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Validity
Not Before: Nov 27 12:29:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fe821a0b1a820bb30e5e6265305fd0c34883c195
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:2d:d9:0d:d5:ed:e7:f9:29:3f:6c:a1:9c:6a:
22:df:2e:2e:3f:c6:8e:a2:98:fd:67:3b:56:da:b1:
35:50:47:98:2c:60:5a:f9:60:a4:91:fc:00:30:cc:
86:d3:cd:27:fe:4c:2f:3b:c5:7e:cc:a1:67:ab:a3:
58:c2:9c:49:ac:eb:8d:b8:27:bf:3d:a2:c3:3d:b5:
0e:41:ab:ef:00:d4:ef:81:96:2d:6f:c6:86:7f:f0:
b2:ed:d5:91:ed:c2:d1:e3:13:cb:49:e5:05:06:aa:
6a:a4:9d:03:bf:41:5e:f5:f9:fd:c3:f1:25:35:39:
50:97:cf:89:89:d3:dc:ec:55:3a:7d:77:93:80:5b:
89:38:50:ef:d0:7d:4c:c1:16:f6:06:c8:65:c5:70:
81:7d:db:54:d0:3d:c3:a6:35:2d:bf:4c:3a:50:5d:
fd:46:f2:30:c0:67:5a:0f:0f:c2:1a:03:90:e4:e6:
f6:55:49:16:43:2b:2a:7d:7d:d5:e5:e9:af:97:a5:
d0:90:cf:2c:01:db:0f:a2:1f:1f:d5:60:52:03:ea:
c9:4f:ad:f6:2e:14:10:8a:40:0f:63:b5:81:fe:2c:
cb:e7:8c:de:23:06:2b:05:e1:38:fc:7e:b4:bb:22:
3a:9d:5c:de:7e:29:10:0e:fb:93:be:fa:a4:6e:dc:
7b:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:82:1A:0B:1A:82:0B:B3:0E:5E:62:65:30:5F:D0:C3:48:83:C1:95
X509v3 Authority Key Identifier:
keyid:21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/_oIaCxqCC7MOXmJlMF_Qw0iDwZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/IVJmQ1YX-g8f0oN-yAxtg7C51gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.16.0/22
185.201.49.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:29:15:64:87:58:ed:fb:74:ba:f7:6e:5e:63:b1:82:9b:b3:
d7:60:57:f6:82:95:d3:7f:1b:b6:ef:c9:ab:e4:79:d5:23:ec:
14:74:26:e6:f9:06:6d:32:af:77:3d:4a:8f:a4:69:3f:3f:dc:
90:cb:87:94:25:ed:b6:dc:5a:56:d9:e7:0d:17:1e:22:d0:1e:
0b:d2:e7:5f:f8:63:34:78:13:d6:f5:ac:90:c1:dc:7c:93:e2:
c6:ad:51:9e:f9:77:24:01:e8:7b:c4:29:c4:e7:c8:3c:4d:38:
0e:59:89:bc:20:0a:39:31:79:38:8e:ee:f2:f5:7c:ea:aa:83:
84:93:89:c6:4b:fd:ce:34:37:49:2a:a8:5f:5c:ca:d2:2b:d6:
70:7e:53:2f:99:f8:b3:4f:64:45:63:3e:a4:81:5c:a8:3e:42:
02:8b:93:bf:72:cb:cb:a9:70:28:f0:ce:a4:62:22:17:ee:6c:
16:b3:3e:31:f2:77:8a:5e:18:8e:cd:c1:86:7e:ad:bd:ca:b4:
af:32:fa:68:5a:6c:1d:ba:45:8a:94:15:a9:ca:6a:bf:3c:e1:
28:6d:ee:b3:21:58:31:e8:c6:7e:e7:e2:05:ea:ae:3d:cf:09:
aa:db:fe:db:ed:d1:d5:6c:74:74:30:d3:08:4a:78:1c:52:4c:
f6:59:30:81
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYS5EBqnvr/PLzrTBHxAUKYrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNTI2NjQzNTYxN2ZhMGYxZmQyODM3ZWM4MGM2ZDgzYjBi
OWQ2MDgwHhcNMjIxMTI3MTIyOTExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTgyMWEwYjFhODIwYmIzMGU1ZTYyNjUzMDVmZDBjMzQ4ODNjMTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAki3ZDdXt5/kpP2yhnGoi3y4uP8aO
opj9ZztW2rE1UEeYLGBa+WCkkfwAMMyG080n/kwvO8V+zKFnq6NYwpxJrOuNuCe/
PaLDPbUOQavvANTvgZYtb8aGf/Cy7dWR7cLR4xPLSeUFBqpqpJ0Dv0Fe9fn9w/El
NTlQl8+JidPc7FU6fXeTgFuJOFDv0H1MwRb2BshlxXCBfdtU0D3DpjUtv0w6UF39
RvIwwGdaDw/CGgOQ5Ob2VUkWQysqfX3V5emvl6XQkM8sAdsPoh8f1WBSA+rJT632
LhQQikAPY7WB/izL54zeIwYrBeE4/H60uyI6nVzefikQDvuTvvqkbtx7VwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP6CGgsagguzDl5iZTBf0MNIg8GVMB8GA1UdIwQY
MBaAFCFSZkNWF/oPH9KDfsgMbYOwudYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzIt
YmM5M2NhNjc5ZTFmLzEvX29JYUN4cUNDN01PWG1KbE1GX1F3MGlEd1pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzItYmM5M2NhNjc5ZTFm
LzEvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLVEQAwQA
uckxMA0GCSqGSIb3DQEBCwUAA4IBAQAOKRVkh1jt+3S6925eY7GCm7PXYFf2gpXT
fxu278mr5HnVI+wUdCbm+QZtMq93PUqPpGk/P9yQy4eUJe223FpW2ecNFx4i0B4L
0udf+GM0eBPW9ayQwdx8k+LGrVGe+XckAeh7xCnE58g8TTgOWYm8IAo5MXk4ju7y
9XzqqoOEk4nGS/3ONDdJKqhfXMrSK9ZwflMvmfizT2RFYz6kgVyoPkICi5O/csvL
qXAo8M6kYiIX7mwWsz4x8neKXhiOzcGGfq29yrSvMvpoWmwdukWKlBWpymq/POEo
be6zIVgx6MZ+5+IF6q49zwmq2/7b7dHVbHR0MNMISngcUkz2WTCB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:16 2024 by rpki-client on console-fra.rpki-client.org