Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/C-zmQ8rS7PG6XpmMzYQTlofAA4k.roa
File: C-zmQ8rS7PG6XpmMzYQTlofAA4k.roa (raw, json)
Hash identifier: QovRUsdaHd/4OUOEMTHRmKoBlCDf5bY9uW1/pgBOIME=
Subject key identifier: 0B:EC:E6:43:CA:D2:EC:F1:BA:5E:99:8C:CD:84:13:96:87:C0:03:89
Certificate issuer: /CN=c8d5e37178d8524c72660a1d796165999e586622
Certificate serial: 018CAA12A6BD2C41AF8EE7E92406290BECCC
Authority key identifier: C8:D5:E3:71:78:D8:52:4C:72:66:0A:1D:79:61:65:99:9E:58:66:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yNXjcXjYUkxyZgodeWFlmZ5YZiI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/C-zmQ8rS7PG6XpmMzYQTlofAA4k.roa
Signing time: Wed 27 Dec 2023 06:59:58 +0000
ROA not before: Wed 27 Dec 2023 06:59:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 45.151.204.0/22 maxlen: 24
94.142.164.0/22 maxlen: 22
45.12.44.0/22 maxlen: 24
45.95.140.0/22 maxlen: 24
45.86.192.0/22 maxlen: 22
45.15.52.0/22 maxlen: 22
45.67.44.0/22 maxlen: 22
45.136.60.0/22 maxlen: 24
195.244.14.0/23 maxlen: 23
91.239.24.0/24 maxlen: 24
185.57.176.0/22 maxlen: 22
2.57.180.0/22 maxlen: 24
2.59.116.0/24 maxlen: 24
91.238.217.0/24 maxlen: 24
91.227.240.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:aa:12:a6:bd:2c:41:af:8e:e7:e9:24:06:29:0b:ec:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8d5e37178d8524c72660a1d796165999e586622
Validity
Not Before: Dec 27 06:59:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0bece643cad2ecf1ba5e998ccd84139687c00389
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c1:f0:55:b8:38:70:42:b5:a4:2d:dd:05:85:
37:71:39:f3:bf:da:c2:e7:8f:e3:34:3e:b0:dd:6c:
cf:08:2b:fc:be:eb:c7:01:c1:9a:24:ba:bf:ff:98:
56:c2:de:59:25:b6:9d:8b:04:c5:3f:f7:de:0f:81:
b8:b8:43:82:64:d2:c1:fa:d1:4a:ac:3c:b8:4c:29:
7c:e5:46:5a:da:7e:79:21:61:93:ed:9d:77:48:2f:
2d:79:95:12:4b:e5:78:00:c6:b9:cf:24:d4:bd:f4:
87:ef:b5:1e:bc:0b:02:4c:cb:42:a8:c3:e5:11:35:
a4:98:b6:e0:ff:45:65:ea:9f:b5:2c:da:d7:e8:ba:
34:f8:c8:68:e7:09:2f:bb:d9:b9:91:52:1f:97:ef:
56:c3:a1:30:eb:93:f9:9b:ee:d0:c1:ef:54:cd:31:
48:d1:d4:3e:83:3a:88:ba:eb:c2:2e:9f:de:b1:3c:
1f:48:a1:f1:e6:45:34:20:32:65:3c:91:0f:cc:da:
f3:a4:73:da:12:0e:37:6c:6f:45:a1:e6:b7:57:00:
e2:ef:ca:af:6e:0b:2f:08:db:3f:8e:9a:d0:71:29:
5e:c1:83:7b:17:be:80:68:b8:f3:b0:8d:ca:a0:f1:
7b:a7:be:2e:e4:22:5d:54:a8:67:e2:cb:c3:39:c2:
12:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:EC:E6:43:CA:D2:EC:F1:BA:5E:99:8C:CD:84:13:96:87:C0:03:89
X509v3 Authority Key Identifier:
keyid:C8:D5:E3:71:78:D8:52:4C:72:66:0A:1D:79:61:65:99:9E:58:66:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yNXjcXjYUkxyZgodeWFlmZ5YZiI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/C-zmQ8rS7PG6XpmMzYQTlofAA4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/yNXjcXjYUkxyZgodeWFlmZ5YZiI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.180.0/22
2.59.116.0/24
45.12.44.0/22
45.15.52.0/22
45.67.44.0/22
45.86.192.0/22
45.95.140.0/22
45.136.60.0/22
45.151.204.0/22
91.227.240.0/23
91.238.217.0/24
91.239.24.0/24
94.142.164.0/22
185.57.176.0/22
195.244.14.0/23
Signature Algorithm: sha256WithRSAEncryption
6d:76:a6:77:d3:27:bb:68:91:7a:fe:72:61:f0:bb:e8:47:4c:
52:57:f7:0b:4c:92:7d:67:a9:76:bb:0c:2c:a9:7c:d2:42:5d:
64:03:fb:cc:f4:21:b1:9c:c6:b8:6f:ea:06:27:d3:27:88:90:
03:9e:d9:db:86:df:c0:37:c8:af:99:97:a8:64:af:43:28:fc:
d2:31:a8:7c:db:33:d3:5e:b7:c2:50:b4:00:17:d7:ad:7b:ce:
cd:f1:39:3b:dc:f5:83:d7:50:11:f5:19:61:80:9b:32:2a:e3:
76:ee:62:5e:e4:2e:d5:9f:63:2f:84:38:99:64:5b:7b:ae:a1:
cf:1b:ec:d9:3d:18:1d:55:66:81:7e:c7:1e:a6:dd:6f:e8:24:
87:cf:73:18:af:00:b2:aa:c5:59:3d:ad:dc:c1:1d:85:18:fd:
b3:53:f4:fe:5f:e2:d6:54:75:6f:f1:0a:09:70:b1:d9:2a:d3:
b1:1f:ce:fa:10:21:c3:5e:7d:23:f4:f6:19:4d:fc:22:06:b1:
95:9a:5c:4e:59:73:e7:b1:19:90:7d:0e:6d:e8:fb:5c:7f:f3:
70:15:ab:61:47:67:e8:7a:3b:f7:e5:c4:9e:05:05:ea:50:7b:
17:bb:71:1c:53:98:60:76:ce:c6:09:ce:e3:0f:7b:84:e3:f3:
70:1e:53:7a
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYyqEqa9LEGvjufpJAYpC+zMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZDVlMzcxNzhkODUyNGM3MjY2MGExZDc5NjE2NTk5OWU1
ODY2MjIwHhcNMjMxMjI3MDY1OTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmVjZTY0M2NhZDJlY2YxYmE1ZTk5OGNjZDg0MTM5Njg3YzAwMzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocHwVbg4cEK1pC3dBYU3cTnzv9rC
54/jND6w3WzPCCv8vuvHAcGaJLq//5hWwt5ZJbadiwTFP/feD4G4uEOCZNLB+tFK
rDy4TCl85UZa2n55IWGT7Z13SC8teZUSS+V4AMa5zyTUvfSH77UevAsCTMtCqMPl
ETWkmLbg/0Vl6p+1LNrX6Lo0+Mho5wkvu9m5kVIfl+9Ww6Ew65P5m+7Qwe9UzTFI
0dQ+gzqIuuvCLp/esTwfSKHx5kU0IDJlPJEPzNrzpHPaEg43bG9Foea3VwDi78qv
bgsvCNs/jprQcSlewYN7F76AaLjzsI3KoPF7p74u5CJdVKhn4svDOcISjQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFAvs5kPK0uzxul6ZjM2EE5aHwAOJMB8GA1UdIwQY
MBaAFMjV43F42FJMcmYKHXlhZZmeWGYiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU5YamNYallVa3h5WmdvZGVXRmxtWjVZWmlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9iNTRjYTMtNzNkNS00OTg0LTg3ODIt
OWUwYWVkMmZiOGVjLzEvQy16bVE4clM3UEc2WHBtTXpZUVRsb2ZBQTRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9iNTRjYTMtNzNkNS00OTg0LTg3ODItOWUwYWVkMmZiOGVj
LzEveU5YamNYallVa3h5WmdvZGVXRmxtWjVZWmlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQCAjm0AwQA
Ajt0AwQCLQwsAwQCLQ80AwQCLUMsAwQCLVbAAwQCLV+MAwQCLYg8AwQCLZfMAwQB
W+PwAwQAW+7ZAwQAW+8YAwQCXo6kAwQCuTmwAwQBw/QOMA0GCSqGSIb3DQEBCwUA
A4IBAQBtdqZ30ye7aJF6/nJh8LvoR0xSV/cLTJJ9Z6l2uwwsqXzSQl1kA/vM9CGx
nMa4b+oGJ9MniJADntnbht/AN8ivmZeoZK9DKPzSMah82zPTXrfCULQAF9ete87N
8Tk73PWD11AR9RlhgJsyKuN27mJe5C7Vn2MvhDiZZFt7rqHPG+zZPRgdVWaBfsce
pt1v6CSHz3MYrwCyqsVZPa3cwR2FGP2zU/T+X+LWVHVv8QoJcLHZKtOxH876ECHD
Xn0j9PYZTfwiBrGVmlxOWXPnsRmQfQ5t6Ptcf/NwFathR2foejv35cSeBQXqUHsX
u3EcU5hgds7GCc7jD3uE4/NwHlN6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:31 2024 by rpki-client on console-fra.rpki-client.org