Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/dg0EEQ0IxBkADK4z1Hg6FykdUlk.roa
File: dg0EEQ0IxBkADK4z1Hg6FykdUlk.roa (raw, json)
Hash identifier: 6kJop1jZL3qCFBroOpRhRytcaFZ8k3YvieCh3ozmzqc=
Subject key identifier: 76:0D:04:11:0D:08:C4:19:00:0C:AE:33:D4:78:3A:17:29:1D:52:59
Certificate issuer: /CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Certificate serial: 0185710A0B2A5495DFE694DFAA413AD63E1D
Authority key identifier: 21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/dg0EEQ0IxBkADK4z1Hg6FykdUlk.roa
Signing time: Mon 02 Jan 2023 05:52:41 +0000
ROA not before: Mon 02 Jan 2023 05:52:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201194
IP address blocks: 45.81.16.0/22 maxlen: 22
45.81.17.0/24 maxlen: 24
45.81.16.0/24 maxlen: 24
45.81.18.0/24 maxlen: 24
45.81.19.0/24 maxlen: 24
185.201.49.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0a:0b:2a:54:95:df:e6:94:df:aa:41:3a:d6:3e:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Validity
Not Before: Jan 2 05:52:41 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=760d04110d08c419000cae33d4783a17291d5259
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:4e:75:5c:75:19:68:36:a6:08:e2:29:2f:4a:
66:5d:f5:2d:b2:3c:8d:34:bb:42:06:b5:cf:91:d1:
14:4d:d7:f4:db:f1:28:4a:2f:4e:65:e2:52:24:25:
8c:0c:15:4e:79:7d:97:49:ad:5c:c5:18:9d:15:e6:
93:bc:58:f4:8c:ee:28:42:ab:f2:83:7a:bb:88:e7:
69:16:8e:03:41:72:02:52:d7:88:33:e6:ae:ae:58:
05:4b:90:8f:33:d5:38:0e:a2:3c:ea:9b:13:3d:22:
1e:bd:0f:f8:bc:f7:aa:2c:01:5f:73:5f:a5:48:1c:
57:9f:c0:82:7e:3c:9b:41:67:50:89:27:94:47:66:
82:d5:1f:f7:57:65:c8:05:2b:a6:9c:fb:dd:cd:1d:
0f:d8:9d:35:25:2a:0b:d6:62:67:cf:f6:2b:2a:1c:
e7:86:5d:b2:5e:65:98:1e:9e:fc:d4:20:b0:8d:58:
d5:f8:ec:57:83:7c:92:8b:90:7e:22:13:b7:66:5e:
64:81:12:a6:a5:d2:fd:b9:94:5e:f0:4f:b1:07:28:
4d:14:13:f1:4a:46:20:75:bd:67:8d:50:e9:b0:68:
ca:3b:34:69:aa:d9:9e:ce:ce:f3:8c:9b:b0:bb:55:
ee:d2:9d:e5:44:fb:92:8a:77:e2:0e:98:ff:35:63:
2d:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:0D:04:11:0D:08:C4:19:00:0C:AE:33:D4:78:3A:17:29:1D:52:59
X509v3 Authority Key Identifier:
keyid:21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/dg0EEQ0IxBkADK4z1Hg6FykdUlk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/IVJmQ1YX-g8f0oN-yAxtg7C51gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.16.0/22
185.201.49.0/24
Signature Algorithm: sha256WithRSAEncryption
11:0c:d8:28:eb:34:f5:76:6e:6a:28:4d:29:2f:56:38:20:03:
8b:b1:5f:8b:d6:8f:96:24:56:cb:9d:00:96:39:65:4e:42:a4:
04:01:0a:20:e6:dd:43:9c:81:22:c3:cf:2b:3d:e9:78:b8:3e:
f2:26:b4:54:6a:c4:2e:ad:83:f1:7f:57:f5:88:18:56:5b:cf:
ac:a3:e6:56:f9:e6:49:9b:42:5f:41:15:69:b3:2c:2e:64:95:
55:cf:01:68:68:c2:7f:1a:47:41:12:6f:9d:9e:2a:29:47:04:
03:0d:75:e6:8e:67:73:44:1d:a5:26:91:f1:44:e1:0f:62:ac:
e5:7c:ce:de:5a:75:29:4e:15:3b:ae:c2:6a:23:c8:71:55:12:
5c:05:cf:06:ab:9b:c0:cd:23:4c:13:43:de:16:26:1c:44:fa:
3c:1a:0b:21:db:c5:de:61:4c:2e:9a:58:18:7c:08:3e:7a:03:
4d:51:cd:d3:fb:32:dd:9c:f2:61:a0:68:bf:96:e0:38:61:ce:
83:7b:4a:a9:22:d9:4d:9a:f5:bf:3c:45:38:a0:a0:ff:40:ff:
68:1e:40:fa:bd:26:ac:06:f8:89:7c:8a:fc:47:20:40:84:b0:
2a:25:25:76:91:35:4a:e2:ce:ac:0a:76:08:ce:3e:58:25:77:
73:34:e3:d7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxCgsqVJXf5pTfqkE61j4dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNTI2NjQzNTYxN2ZhMGYxZmQyODM3ZWM4MGM2ZDgzYjBi
OWQ2MDgwHhcNMjMwMTAyMDU1MjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjBkMDQxMTBkMDhjNDE5MDAwY2FlMzNkNDc4M2ExNzI5MWQ1MjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApE51XHUZaDamCOIpL0pmXfUtsjyN
NLtCBrXPkdEUTdf02/EoSi9OZeJSJCWMDBVOeX2XSa1cxRidFeaTvFj0jO4oQqvy
g3q7iOdpFo4DQXICUteIM+aurlgFS5CPM9U4DqI86psTPSIevQ/4vPeqLAFfc1+l
SBxXn8CCfjybQWdQiSeUR2aC1R/3V2XIBSumnPvdzR0P2J01JSoL1mJnz/YrKhzn
hl2yXmWYHp781CCwjVjV+OxXg3ySi5B+IhO3Zl5kgRKmpdL9uZRe8E+xByhNFBPx
SkYgdb1njVDpsGjKOzRpqtmezs7zjJuwu1Xu0p3lRPuSinfiDpj/NWMtVwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHYNBBENCMQZAAyuM9R4OhcpHVJZMB8GA1UdIwQY
MBaAFCFSZkNWF/oPH9KDfsgMbYOwudYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzIt
YmM5M2NhNjc5ZTFmLzEvZGcwRUVRMEl4QmtBREs0ejFIZzZGeWtkVWxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzItYmM5M2NhNjc5ZTFm
LzEvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLVEQAwQA
uckxMA0GCSqGSIb3DQEBCwUAA4IBAQARDNgo6zT1dm5qKE0pL1Y4IAOLsV+L1o+W
JFbLnQCWOWVOQqQEAQog5t1DnIEiw88rPel4uD7yJrRUasQurYPxf1f1iBhWW8+s
o+ZW+eZJm0JfQRVpsywuZJVVzwFoaMJ/GkdBEm+dniopRwQDDXXmjmdzRB2lJpHx
ROEPYqzlfM7eWnUpThU7rsJqI8hxVRJcBc8Gq5vAzSNME0PeFiYcRPo8Ggsh28Xe
YUwumlgYfAg+egNNUc3T+zLdnPJhoGi/luA4Yc6De0qpItlNmvW/PEU4oKD/QP9o
HkD6vSasBviJfIr8RyBAhLAqJSV2kTVK4s6sCnYIzj5YJXdzNOPX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:16 2024 by rpki-client on console-fra.rpki-client.org