Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/DwlQIiej8roWS6x1dOpYuMuxHf4.roa
File: DwlQIiej8roWS6x1dOpYuMuxHf4.roa (raw, json)
Hash identifier: g1HcQbAWvnbX7fdXZaE1ZosZ4gd/wCDwr5vYuoepi1k=
Subject key identifier: 0F:09:50:22:27:A3:F2:BA:16:4B:AC:75:74:EA:58:B8:CB:B1:1D:FE
Certificate issuer: /CN=c8d5e37178d8524c72660a1d796165999e586622
Certificate serial: 018CFD09B41DB9D185CFAEC8877A786A33CE
Authority key identifier: C8:D5:E3:71:78:D8:52:4C:72:66:0A:1D:79:61:65:99:9E:58:66:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yNXjcXjYUkxyZgodeWFlmZ5YZiI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/DwlQIiej8roWS6x1dOpYuMuxHf4.roa
Signing time: Fri 12 Jan 2024 09:38:40 +0000
ROA not before: Fri 12 Jan 2024 09:38:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.151.204.0/22 maxlen: 24
193.3.158.0/24 maxlen: 24
45.130.204.0/22 maxlen: 24
185.39.11.0/24 maxlen: 24
94.142.164.0/22 maxlen: 22
45.12.44.0/22 maxlen: 24
45.95.140.0/22 maxlen: 24
45.86.192.0/22 maxlen: 22
45.15.52.0/22 maxlen: 22
45.145.192.0/22 maxlen: 24
91.225.0.0/24 maxlen: 24
45.67.44.0/22 maxlen: 22
45.136.60.0/22 maxlen: 24
195.244.14.0/23 maxlen: 23
91.239.24.0/24 maxlen: 24
185.232.89.0/24 maxlen: 24
185.57.176.0/22 maxlen: 22
2.57.180.0/22 maxlen: 24
2.59.116.0/24 maxlen: 24
91.227.240.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:fd:09:b4:1d:b9:d1:85:cf:ae:c8:87:7a:78:6a:33:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8d5e37178d8524c72660a1d796165999e586622
Validity
Not Before: Jan 12 09:38:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f09502227a3f2ba164bac7574ea58b8cbb11dfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:f8:81:b4:57:06:14:49:92:cb:7d:eb:ed:21:
ec:23:78:d4:80:16:33:55:c1:67:f6:c4:7c:d2:b6:
1b:d9:7e:eb:21:19:b1:e7:b2:92:7f:0d:81:f0:0a:
2b:b1:60:7b:2f:e3:99:d7:13:bf:c3:92:8d:f3:5a:
f4:6c:5e:f4:ba:44:10:b3:d2:5e:f6:b2:3f:31:67:
ba:8b:95:33:84:18:c3:d6:b4:96:9e:52:2e:72:27:
af:ed:bf:ad:3d:8d:2e:14:d6:cc:ce:84:f2:f9:e0:
0a:a5:85:6f:1c:f8:bf:12:2c:78:84:78:24:f5:21:
58:21:1f:0b:fd:5b:14:dc:bd:8a:74:c8:ea:73:99:
ef:7e:01:a3:f3:30:0e:42:c5:52:d5:fc:7c:1f:06:
ac:90:af:5f:4a:59:70:4b:0f:3a:8d:24:f1:c4:78:
13:f9:c8:a6:2c:c9:65:55:6c:f1:90:c3:1a:24:30:
47:9f:bf:17:5c:66:a6:1d:3f:73:4b:3a:0f:f0:81:
01:b9:e2:46:f7:d8:44:2b:f6:fb:94:da:f0:cf:de:
34:7f:d9:92:fc:d2:be:e5:29:84:66:f7:41:f9:eb:
ed:5c:65:73:f7:cd:e6:fd:63:5b:17:6d:cd:7c:3c:
54:43:72:42:c1:a3:a3:41:6f:cc:56:93:cd:77:43:
c5:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:09:50:22:27:A3:F2:BA:16:4B:AC:75:74:EA:58:B8:CB:B1:1D:FE
X509v3 Authority Key Identifier:
keyid:C8:D5:E3:71:78:D8:52:4C:72:66:0A:1D:79:61:65:99:9E:58:66:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yNXjcXjYUkxyZgodeWFlmZ5YZiI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/DwlQIiej8roWS6x1dOpYuMuxHf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/yNXjcXjYUkxyZgodeWFlmZ5YZiI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.180.0/22
2.59.116.0/24
45.12.44.0/22
45.15.52.0/22
45.67.44.0/22
45.86.192.0/22
45.95.140.0/22
45.130.204.0/22
45.136.60.0/22
45.145.192.0/22
45.151.204.0/22
91.225.0.0/24
91.227.240.0/23
91.239.24.0/24
94.142.164.0/22
185.39.11.0/24
185.57.176.0/22
185.232.89.0/24
193.3.158.0/24
195.244.14.0/23
Signature Algorithm: sha256WithRSAEncryption
02:e9:d8:93:b8:89:a6:11:70:8b:ef:a9:3c:be:ed:d2:a7:39:
c6:ec:62:a5:2d:d9:cb:ec:db:e1:9b:08:9d:f0:97:29:cb:52:
f1:8f:de:90:36:27:fd:db:99:27:2d:ad:b5:c3:58:4c:ca:d5:
ae:0c:24:be:b4:f0:5b:98:67:da:04:b1:37:54:fc:4d:b6:34:
a9:c6:ce:a8:12:81:10:7a:3e:08:8f:c6:57:f5:06:22:8b:bb:
2c:b9:14:0c:df:64:cd:b6:c2:05:1a:8b:15:af:5f:0b:42:95:
8d:a8:b4:30:ef:51:17:d0:df:39:bf:71:67:c9:3e:20:86:bc:
5a:fc:dd:e6:e1:0a:a0:66:1d:43:86:79:0f:27:d5:8d:51:c8:
2f:f2:88:f1:f6:04:c8:57:be:19:36:e9:5e:ee:de:6b:30:d9:
29:54:d2:65:b4:fe:28:5a:1c:50:cd:37:7c:eb:db:26:00:f0:
d0:c1:ab:89:bd:22:ca:49:03:85:1b:b7:26:39:41:45:73:28:
d5:a2:4a:85:5a:c7:3f:a6:93:38:30:58:c6:66:1f:c4:55:41:
93:21:c3:f8:3e:d8:de:e9:d8:79:b0:86:10:db:73:92:ef:69:
8f:ad:99:78:50:b9:3d:c0:b3:a3:cc:67:41:2a:ad:c4:4a:8d:
87:1b:74:5e
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAYz9CbQdudGFz67Ih3p4ajPOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZDVlMzcxNzhkODUyNGM3MjY2MGExZDc5NjE2NTk5OWU1
ODY2MjIwHhcNMjQwMTEyMDkzODQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjA5NTAyMjI3YTNmMmJhMTY0YmFjNzU3NGVhNThiOGNiYjExZGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPiBtFcGFEmSy33r7SHsI3jUgBYz
VcFn9sR80rYb2X7rIRmx57KSfw2B8AorsWB7L+OZ1xO/w5KN81r0bF70ukQQs9Je
9rI/MWe6i5UzhBjD1rSWnlIuciev7b+tPY0uFNbMzoTy+eAKpYVvHPi/Eix4hHgk
9SFYIR8L/VsU3L2KdMjqc5nvfgGj8zAOQsVS1fx8HwaskK9fSllwSw86jSTxxHgT
+cimLMllVWzxkMMaJDBHn78XXGamHT9zSzoP8IEBueJG99hEK/b7lNrwz940f9mS
/NK+5SmEZvdB+evtXGVz983m/WNbF23NfDxUQ3JCwaOjQW/MVpPNd0PFnQIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFA8JUCIno/K6FkusdXTqWLjLsR3+MB8GA1UdIwQY
MBaAFMjV43F42FJMcmYKHXlhZZmeWGYiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU5YamNYallVa3h5WmdvZGVXRmxtWjVZWmlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9iNTRjYTMtNzNkNS00OTg0LTg3ODIt
OWUwYWVkMmZiOGVjLzEvRHdsUUlpZWo4cm9XUzZ4MWRPcFl1TXV4SGY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9iNTRjYTMtNzNkNS00OTg0LTg3ODItOWUwYWVkMmZiOGVj
LzEveU5YamNYallVa3h5WmdvZGVXRmxtWjVZWmlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQCAjm0
AwQAAjt0AwQCLQwsAwQCLQ80AwQCLUMsAwQCLVbAAwQCLV+MAwQCLYLMAwQCLYg8
AwQCLZHAAwQCLZfMAwQAW+EAAwQBW+PwAwQAW+8YAwQCXo6kAwQAuScLAwQCuTmw
AwQAuehZAwQAwQOeAwQBw/QOMA0GCSqGSIb3DQEBCwUAA4IBAQAC6diTuImmEXCL
76k8vu3SpznG7GKlLdnL7Nvhmwid8Jcpy1Lxj96QNif925knLa21w1hMytWuDCS+
tPBbmGfaBLE3VPxNtjSpxs6oEoEQej4Ij8ZX9QYii7ssuRQM32TNtsIFGosVr18L
QpWNqLQw71EX0N85v3FnyT4ghrxa/N3m4QqgZh1DhnkPJ9WNUcgv8ojx9gTIV74Z
Nule7t5rMNkpVNJltP4oWhxQzTd869smAPDQwauJvSLKSQOFG7cmOUFFcyjVokqF
Wsc/ppM4MFjGZh/EVUGTIcP4Ptje6dh5sIYQ23OS72mPrZl4ULk9wLOjzGdBKq3E
So2HG3Re
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:31 2024 by rpki-client on console-fra.rpki-client.org