Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/pRepovZlhT3GCFSg3l1utbC1bP0.roa
File: pRepovZlhT3GCFSg3l1utbC1bP0.roa (raw, json)
Hash identifier: RDSIj0ep0FGpjRcD+EG//G10SeSJoE1GT9LoRj1G9UY=
Subject key identifier: A5:17:A9:A2:F6:65:85:3D:C6:08:54:A0:DE:5D:6E:B5:B0:B5:6C:FD
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 43183ACD
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/pRepovZlhT3GCFSg3l1utbC1bP0.roa
Signing time: Tue 24 May 2022 08:54:13 +0000
ROA not before: Tue 24 May 2022 08:54:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 40975
IP address blocks: 93.115.108.0/24 maxlen: 24
46.102.104.0/24 maxlen: 24
46.102.235.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1125661389 (0x43183acd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: May 24 08:54:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a517a9a2f665853dc60854a0de5d6eb5b0b56cfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:84:64:3b:eb:1f:61:84:82:a1:10:a0:29:0b:
17:0e:9a:9c:3e:8c:8f:96:a0:89:5f:a5:11:a1:22:
fb:24:ef:bd:1f:d5:d6:38:15:d9:9b:dd:dc:77:5b:
e6:85:cf:27:44:0d:45:a6:13:e7:2c:e1:ea:b3:74:
4e:76:ff:d0:71:31:18:78:6a:c8:d9:67:ff:5a:7a:
d4:29:f7:dc:3e:da:bc:f2:96:65:5a:ee:24:ff:39:
65:ab:f8:07:f1:71:d4:f2:5c:ed:78:5c:ed:59:3b:
2e:0a:2b:ee:b5:d3:a2:cb:51:5f:87:27:0d:c1:ed:
be:6c:4d:d9:85:69:6b:ad:a7:ac:70:5b:fb:ef:a0:
5b:d5:db:a5:f9:a3:70:8f:29:6c:41:05:85:39:74:
68:8a:24:f2:2a:de:d6:33:61:a8:1d:95:a8:f8:7b:
84:65:b5:cd:aa:e7:09:1b:51:90:86:a1:57:62:69:
be:3e:e6:52:04:86:c3:cc:1e:76:44:ea:da:8b:1b:
1e:b0:9e:9a:17:16:f8:3d:a6:d8:95:fd:b6:b2:4d:
ba:6d:c8:b3:53:62:98:30:59:a5:10:33:b6:73:ce:
44:8c:9a:30:d9:58:1c:8f:43:ca:30:83:f7:47:94:
51:5c:83:9d:d9:fa:18:f8:67:f3:98:1e:7f:29:5d:
be:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:17:A9:A2:F6:65:85:3D:C6:08:54:A0:DE:5D:6E:B5:B0:B5:6C:FD
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/pRepovZlhT3GCFSg3l1utbC1bP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.104.0/24
46.102.235.0/24
93.115.108.0/24
Signature Algorithm: sha256WithRSAEncryption
ce:0b:b5:5e:5b:eb:0d:e8:df:a7:5b:c1:db:8d:63:d5:a5:85:
e3:39:fd:e5:f8:b4:c0:6c:6a:39:07:f7:6b:0e:2b:2e:6d:7f:
b5:86:ce:fe:cf:c9:5f:e4:84:76:9b:d5:80:e5:e2:47:c1:bf:
6f:17:ef:28:55:fc:36:e8:2f:e2:3e:26:e2:80:88:8c:9e:2a:
1c:cc:36:b4:98:0f:f9:e2:14:97:d5:ed:78:34:ed:80:f6:5c:
a2:03:7d:ec:f4:76:01:4b:ad:10:34:0c:eb:3d:36:44:46:79:
39:19:e8:25:a0:65:b1:94:75:e3:01:1a:64:b8:b1:32:38:78:
71:8a:ce:81:74:24:cb:a0:82:a3:e9:65:2d:9f:30:65:85:de:
d0:3b:bb:fc:dd:a6:2c:13:46:76:8b:d8:ba:40:a6:07:87:dd:
c5:c1:cb:42:55:dd:9a:76:b1:7c:52:09:8d:79:cd:b0:1d:08:
a6:9c:31:e4:c2:d7:64:a7:8f:e3:71:a7:c8:7d:ce:71:d1:61:
8a:9e:43:ab:c0:08:24:f6:c2:87:c9:f8:f2:8f:b7:f2:76:9b:
ac:63:c6:aa:59:ba:37:73:0c:d6:2a:6f:55:14:ae:24:c6:e7:
03:16:df:cb:61:1d:99:b1:27:b7:c6:b5:16:60:c2:ca:1e:f1:
96:eb:af:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEQxg6zTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
OGU2MjYzNGUxYmQ1MTMzYTlkZTQ1MTJhZTk4Y2FkMWIyMjE5YjU5MB4XDTIyMDUy
NDA4NTQxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTUxN2E5YTJmNjY1
ODUzZGM2MDg1NGEwZGU1ZDZlYjViMGI1NmNmZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMeEZDvrH2GEgqEQoCkLFw6anD6Mj5agiV+lEaEi+yTvvR/V
1jgV2Zvd3Hdb5oXPJ0QNRaYT5yzh6rN0Tnb/0HExGHhqyNln/1p61Cn33D7avPKW
ZVruJP85Zav4B/Fx1PJc7Xhc7Vk7Lgor7rXTostRX4cnDcHtvmxN2YVpa62nrHBb
+++gW9XbpfmjcI8pbEEFhTl0aIok8ire1jNhqB2VqPh7hGW1zarnCRtRkIahV2Jp
vj7mUgSGw8wedkTq2osbHrCemhcW+D2m2JX9trJNum3Is1NimDBZpRAztnPORIya
MNlYHI9DyjCD90eUUVyDndn6GPhn85gefyldvoUCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBSlF6mi9mWFPcYIVKDeXW61sLVs/TAfBgNVHSMEGDAWgBT45iY04b1RM6ne
RRKumMrRsiGbWTAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzc4L2RhMzM5OC02Njk4LTQ1ZjItYmFhZS05MmUyNWZlMTYzMzEv
MS9wUmVwb3ZabGhUM0dDRlNnM2wxdXRiQzFiUDAucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc4
L2RhMzM5OC02Njk4LTQ1ZjItYmFhZS05MmUyNWZlMTYzMzEvMS8xLU9ZbU5PRzlV
VE9wM2tVU3JwakswYklobTFrLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALmZoAwQALmbrAwQAXXNsMA0G
CSqGSIb3DQEBCwUAA4IBAQDOC7VeW+sN6N+nW8HbjWPVpYXjOf3l+LTAbGo5B/dr
DisubX+1hs7+z8lf5IR2m9WA5eJHwb9vF+8oVfw26C/iPibigIiMnioczDa0mA/5
4hSX1e14NO2A9lyiA33s9HYBS60QNAzrPTZERnk5GegloGWxlHXjARpkuLEyOHhx
is6BdCTLoIKj6WUtnzBlhd7QO7v83aYsE0Z2i9i6QKYHh93FwctCVd2adrF8UgmN
ec2wHQimnDHkwtdkp4/jcafIfc5x0WGKnkOrwAgk9sKHyfjyj7fydpusY8aqWbo3
cwzWKm9VFK4kxucDFt/LYR2ZsSe3xrUWYMLKHvGW66/6
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:12 2023 by rpki-client on console-fra.rpki-client.org