Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/qthTn4tHR-hdPGvHj-lKEx9uEUY.roa
File: qthTn4tHR-hdPGvHj-lKEx9uEUY.roa (raw, json)
Hash identifier: sgLhfMMrZ1uO+yC2U7A2/tf33cdYb3DvGgKcYM175pE=
Subject key identifier: AA:D8:53:9F:8B:47:47:E8:5D:3C:6B:C7:8F:E9:4A:13:1F:6E:11:46
Certificate issuer: /CN=c8d5e37178d8524c72660a1d796165999e586622
Certificate serial: 018CAF7485864B6C77AC30FD2D098800F33C
Authority key identifier: C8:D5:E3:71:78:D8:52:4C:72:66:0A:1D:79:61:65:99:9E:58:66:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yNXjcXjYUkxyZgodeWFlmZ5YZiI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/qthTn4tHR-hdPGvHj-lKEx9uEUY.roa
Signing time: Thu 28 Dec 2023 08:04:58 +0000
ROA not before: Thu 28 Dec 2023 08:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 45.151.204.0/22 maxlen: 24
193.3.158.0/24 maxlen: 24
45.130.204.0/22 maxlen: 24
185.39.11.0/24 maxlen: 24
94.142.164.0/22 maxlen: 22
45.12.44.0/22 maxlen: 24
45.95.140.0/22 maxlen: 24
45.86.192.0/22 maxlen: 22
45.15.52.0/22 maxlen: 22
45.145.192.0/22 maxlen: 24
45.67.44.0/22 maxlen: 22
45.136.60.0/22 maxlen: 24
195.244.14.0/23 maxlen: 23
91.239.24.0/24 maxlen: 24
185.232.89.0/24 maxlen: 24
185.57.176.0/22 maxlen: 22
2.57.180.0/22 maxlen: 24
2.59.116.0/24 maxlen: 24
91.238.217.0/24 maxlen: 24
91.227.240.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:af:74:85:86:4b:6c:77:ac:30:fd:2d:09:88:00:f3:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8d5e37178d8524c72660a1d796165999e586622
Validity
Not Before: Dec 28 08:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aad8539f8b4747e85d3c6bc78fe94a131f6e1146
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:f7:c0:f3:f7:dc:51:a9:9d:30:83:31:7e:a5:
ad:1b:19:0a:87:0e:d3:04:f4:33:55:f3:f2:a8:26:
f9:67:4a:fd:4f:f3:e1:9c:09:b1:ba:6f:48:2c:bc:
d7:08:27:5f:a8:70:8e:c4:01:21:5e:a3:11:01:d5:
75:12:b5:6e:f5:78:04:8e:6d:eb:cf:da:81:44:19:
12:bd:29:66:23:94:7c:c9:e7:37:f5:13:c1:4a:41:
00:0e:7f:d6:28:1e:8d:b0:a0:cc:04:7a:40:ae:33:
f0:e7:67:98:a7:a7:28:24:04:bf:e2:bb:e3:cb:66:
5d:a3:fe:b3:b8:91:88:f6:40:0e:07:07:08:85:7a:
b8:8a:aa:35:cd:06:cd:87:b0:54:08:23:b5:59:14:
1f:e4:f5:e6:e7:18:30:d5:bb:09:2f:d0:27:28:fb:
43:c7:83:9e:6b:97:f7:31:4f:58:a8:05:b1:b9:85:
67:cc:01:fd:74:fa:b3:37:54:61:be:0d:11:40:eb:
60:3a:71:af:b6:72:79:f6:d4:fb:a6:6d:78:2a:89:
be:d4:1f:86:d9:63:f0:d6:a4:87:cb:be:8d:9f:a0:
62:ce:a9:34:06:dd:5f:3c:d2:96:f0:f8:54:4e:e7:
e9:42:1b:85:f5:08:f9:1c:24:0c:07:cb:b9:1a:74:
a9:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:D8:53:9F:8B:47:47:E8:5D:3C:6B:C7:8F:E9:4A:13:1F:6E:11:46
X509v3 Authority Key Identifier:
keyid:C8:D5:E3:71:78:D8:52:4C:72:66:0A:1D:79:61:65:99:9E:58:66:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yNXjcXjYUkxyZgodeWFlmZ5YZiI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/qthTn4tHR-hdPGvHj-lKEx9uEUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/yNXjcXjYUkxyZgodeWFlmZ5YZiI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.180.0/22
2.59.116.0/24
45.12.44.0/22
45.15.52.0/22
45.67.44.0/22
45.86.192.0/22
45.95.140.0/22
45.130.204.0/22
45.136.60.0/22
45.145.192.0/22
45.151.204.0/22
91.227.240.0/23
91.238.217.0/24
91.239.24.0/24
94.142.164.0/22
185.39.11.0/24
185.57.176.0/22
185.232.89.0/24
193.3.158.0/24
195.244.14.0/23
Signature Algorithm: sha256WithRSAEncryption
29:02:86:b3:d0:f6:86:a5:30:63:70:b3:e6:65:44:fc:e5:21:
29:43:d2:ed:e6:01:33:07:52:79:7c:8d:10:11:1d:bb:c6:3c:
8f:96:a8:c4:1d:a6:43:0c:f2:78:2e:8a:65:f9:7b:38:e4:32:
0e:55:35:a1:4f:26:88:33:46:9e:1a:c5:9a:5e:2a:3b:ec:64:
c1:fa:79:78:6a:d8:ac:0b:33:9c:dc:98:24:fb:5a:93:69:31:
96:7c:26:bc:df:47:d9:1e:ac:fe:25:bb:12:86:09:1b:71:f5:
bb:44:84:c8:aa:cf:53:b5:26:a6:2e:3c:c6:c8:81:7f:be:c1:
a5:d5:14:ba:c5:48:c8:5b:c3:fb:55:0a:30:6a:a2:c5:0b:3d:
4d:ad:a7:31:9c:93:42:4d:a1:65:5b:ae:99:1f:fc:74:5a:af:
8e:19:71:2a:70:35:58:c2:7b:0a:8f:20:cc:c9:81:06:5b:7b:
c7:4d:fa:42:0e:28:66:59:45:72:3c:d5:dd:ad:40:81:77:9e:
2a:b8:3c:d0:7d:f6:ba:14:88:33:98:a3:44:c3:5b:17:56:36:
7f:91:31:4e:af:bf:fa:95:d9:5a:e1:c6:f8:4c:fa:f5:69:98:
5e:08:51:0f:3b:b9:4d:28:08:03:cd:a6:c5:ed:df:76:46:1a:
e6:30:d6:ad
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAYyvdIWGS2x3rDD9LQmIAPM8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZDVlMzcxNzhkODUyNGM3MjY2MGExZDc5NjE2NTk5OWU1
ODY2MjIwHhcNMjMxMjI4MDgwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWQ4NTM5ZjhiNDc0N2U4NWQzYzZiYzc4ZmU5NGExMzFmNmUxMTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1vfA8/fcUamdMIMxfqWtGxkKhw7T
BPQzVfPyqCb5Z0r9T/PhnAmxum9ILLzXCCdfqHCOxAEhXqMRAdV1ErVu9XgEjm3r
z9qBRBkSvSlmI5R8yec39RPBSkEADn/WKB6NsKDMBHpArjPw52eYp6coJAS/4rvj
y2Zdo/6zuJGI9kAOBwcIhXq4iqo1zQbNh7BUCCO1WRQf5PXm5xgw1bsJL9AnKPtD
x4Oea5f3MU9YqAWxuYVnzAH9dPqzN1Rhvg0RQOtgOnGvtnJ59tT7pm14Kom+1B+G
2WPw1qSHy76Nn6Bizqk0Bt1fPNKW8PhUTufpQhuF9Qj5HCQMB8u5GnSpQQIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFKrYU5+LR0foXTxrx4/pShMfbhFGMB8GA1UdIwQY
MBaAFMjV43F42FJMcmYKHXlhZZmeWGYiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU5YamNYallVa3h5WmdvZGVXRmxtWjVZWmlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9iNTRjYTMtNzNkNS00OTg0LTg3ODIt
OWUwYWVkMmZiOGVjLzEvcXRoVG40dEhSLWhkUEd2SGotbEtFeDl1RVVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9iNTRjYTMtNzNkNS00OTg0LTg3ODItOWUwYWVkMmZiOGVj
LzEveU5YamNYallVa3h5WmdvZGVXRmxtWjVZWmlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQCAjm0
AwQAAjt0AwQCLQwsAwQCLQ80AwQCLUMsAwQCLVbAAwQCLV+MAwQCLYLMAwQCLYg8
AwQCLZHAAwQCLZfMAwQBW+PwAwQAW+7ZAwQAW+8YAwQCXo6kAwQAuScLAwQCuTmw
AwQAuehZAwQAwQOeAwQBw/QOMA0GCSqGSIb3DQEBCwUAA4IBAQApAoaz0PaGpTBj
cLPmZUT85SEpQ9Lt5gEzB1J5fI0QER27xjyPlqjEHaZDDPJ4Lopl+Xs45DIOVTWh
TyaIM0aeGsWaXio77GTB+nl4atisCzOc3Jgk+1qTaTGWfCa830fZHqz+JbsShgkb
cfW7RITIqs9TtSamLjzGyIF/vsGl1RS6xUjIW8P7VQowaqLFCz1NracxnJNCTaFl
W66ZH/x0Wq+OGXEqcDVYwnsKjyDMyYEGW3vHTfpCDihmWUVyPNXdrUCBd54quDzQ
ffa6FIgzmKNEw1sXVjZ/kTFOr7/6ldla4cb4TPr1aZheCFEPO7lNKAgDzabF7d92
RhrmMNat
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:02 2024 by rpki-client on console-ams.rpki-client.org