Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/C7h6RVY4tXPsAmNIgb2ljMrMY_U.roa
File: C7h6RVY4tXPsAmNIgb2ljMrMY_U.roa (raw, json)
Hash identifier: 9OA46MvH+fX8N/3pdThtSXick5+UXQOdCcdjYGVVHcw=
Subject key identifier: 0B:B8:7A:45:56:38:B5:73:EC:02:63:48:81:BD:A5:8C:CA:CC:63:F5
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 01896499DB530E7D8ACA236E470C4AC85387
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/C7h6RVY4tXPsAmNIgb2ljMrMY_U.roa
Signing time: Mon 17 Jul 2023 16:05:52 +0000
ROA not before: Mon 17 Jul 2023 16:05:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49505
IP address blocks: 45.134.25.0/24 maxlen: 24
45.132.128.0/24 maxlen: 24
45.132.129.0/24 maxlen: 24
45.146.24.0/24 maxlen: 24
45.152.116.0/24 maxlen: 24
45.152.117.0/24 maxlen: 24
2.56.138.0/24 maxlen: 24
45.134.24.0/24 maxlen: 24
45.131.47.0/24 maxlen: 24
176.222.57.0/24 maxlen: 24
176.222.56.0/24 maxlen: 24
176.222.59.0/24 maxlen: 24
45.146.27.0/24 maxlen: 24
45.146.25.0/24 maxlen: 24
45.149.129.0/24 maxlen: 24
2.59.49.0/24 maxlen: 24
45.133.31.0/24 maxlen: 24
45.89.231.0/24 maxlen: 24
91.236.121.0/24 maxlen: 24
45.138.213.0/24 maxlen: 24
45.138.214.0/24 maxlen: 24
91.206.68.0/24 maxlen: 24
45.147.15.0/24 maxlen: 24
45.147.12.0/24 maxlen: 24
45.147.13.0/24 maxlen: 24
45.147.14.0/24 maxlen: 24
45.153.224.0/24 maxlen: 24
45.153.225.0/24 maxlen: 24
45.153.226.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:64:99:db:53:0e:7d:8a:ca:23:6e:47:0c:4a:c8:53:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Jul 17 16:05:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0bb87a455638b573ec02634881bda58ccacc63f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:57:d2:e9:1f:99:24:6f:d6:a3:87:f9:e2:5c:
b6:87:11:55:a3:85:b8:bb:2b:de:6b:fb:61:a8:db:
77:ca:b4:ff:57:c5:37:25:15:94:da:3c:37:22:5c:
a2:f1:41:e5:6c:fe:90:63:4c:d2:a6:a8:15:3a:ed:
79:0f:c2:58:d3:21:36:06:e9:33:c0:4e:fe:02:fa:
44:1e:56:5b:5c:af:43:3c:01:93:76:3c:d0:55:5f:
1b:3b:db:47:b9:2c:63:cf:3a:85:14:9c:40:f5:98:
16:8b:3f:88:f2:5e:5e:e5:36:fa:6d:d9:f8:f3:ce:
f0:0a:d7:19:37:91:aa:a3:7d:64:65:0e:b5:94:33:
96:68:67:c2:de:be:61:96:43:85:f2:09:7b:07:17:
87:03:41:b4:c7:60:c9:cb:32:77:cd:ac:8e:45:38:
8a:87:8f:7b:a2:c0:00:b8:b9:80:c1:9e:85:21:83:
c4:92:2a:45:ec:97:d5:9c:c0:f0:14:02:d4:b5:cb:
9b:38:42:c1:28:e9:dd:65:f8:a1:17:7d:a6:33:17:
68:b5:c2:b6:5c:27:46:99:0b:e0:5d:f2:36:ef:c1:
a7:7b:4c:0b:b1:99:8c:13:40:13:9b:3f:a6:7e:8d:
8a:f7:5e:b3:30:47:b6:f4:f2:81:6f:2a:00:59:3e:
2a:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:B8:7A:45:56:38:B5:73:EC:02:63:48:81:BD:A5:8C:CA:CC:63:F5
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/C7h6RVY4tXPsAmNIgb2ljMrMY_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.138.0/24
2.59.49.0/24
45.89.231.0/24
45.131.47.0/24
45.132.128.0/23
45.133.31.0/24
45.134.24.0/23
45.138.213.0-45.138.214.255
45.146.24.0/23
45.146.27.0/24
45.147.12.0/22
45.149.129.0/24
45.152.116.0/23
45.153.224.0-45.153.226.255
91.206.68.0/24
91.236.121.0/24
176.222.56.0/23
176.222.59.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:d7:9e:34:2b:ee:bf:a4:3c:6f:76:53:d6:57:c7:59:ac:f1:
a9:ba:d5:b5:18:d8:d7:85:63:bd:6d:eb:ac:40:d3:0a:d3:d2:
fd:7f:68:4b:7d:4f:fa:b6:78:a9:bd:ad:f1:7b:a7:cb:dd:d7:
e8:f0:0b:09:02:ad:25:11:90:17:51:e7:29:e5:33:4e:fd:4c:
4b:d2:a2:3e:f1:5e:e0:a6:1d:ee:d9:75:98:11:84:00:0f:07:
bf:e4:d6:14:26:49:e6:27:81:87:10:61:42:ca:c5:45:6f:64:
83:c4:9f:fe:30:96:e3:81:7d:d9:ef:dc:3b:07:97:0e:bc:44:
a7:bb:22:bc:63:3d:95:ec:ff:ce:3c:df:fc:9c:77:a0:f6:3f:
be:55:f6:96:ed:da:dc:42:98:7b:ba:91:ff:d4:c4:e4:88:20:
fa:b9:60:1f:99:3e:21:e4:69:65:33:f8:69:e3:1f:50:4c:d5:
76:8b:7e:e2:7f:7f:e7:4a:7f:7f:3c:ac:8d:8d:a1:c9:41:c8:
bc:7d:fe:d5:eb:62:44:e0:5d:a5:f2:84:6b:23:e7:4e:ff:3f:
f0:c9:41:ad:70:09:ec:6a:fb:e4:aa:44:15:10:c0:be:38:9f:
ba:5e:98:dd:4d:d5:7b:ba:c2:dd:1e:c0:8f:6c:27:6f:7c:7f:
9a:a5:3f:9b
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAYlkmdtTDn2KyiNuRwxKyFOHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjMwNzE3MTYwNTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmI4N2E0NTU2MzhiNTczZWMwMjYzNDg4MWJkYTU4Y2NhY2M2M2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwVfS6R+ZJG/Wo4f54ly2hxFVo4W4
uyvea/thqNt3yrT/V8U3JRWU2jw3Ilyi8UHlbP6QY0zSpqgVOu15D8JY0yE2Bukz
wE7+AvpEHlZbXK9DPAGTdjzQVV8bO9tHuSxjzzqFFJxA9ZgWiz+I8l5e5Tb6bdn4
887wCtcZN5Gqo31kZQ61lDOWaGfC3r5hlkOF8gl7BxeHA0G0x2DJyzJ3zayORTiK
h497osAAuLmAwZ6FIYPEkipF7JfVnMDwFALUtcubOELBKOndZfihF32mMxdotcK2
XCdGmQvgXfI278Gne0wLsZmME0ATmz+mfo2K916zMEe29PKBbyoAWT4qSwIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFAu4ekVWOLVz7AJjSIG9pYzKzGP1MB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvQzdoNlJWWTR0WFBzQW1OSWdiMmxqTXJNWV9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTCBggQCAAEwfAMEAAI4
igMEAAI7MQMEAC1Z5wMEAC2DLwMEAS2EgAMEAC2FHwMEAS2GGDAMAwQALYrVAwQA
LYrWAwQBLZIYAwQALZIbAwQCLZMMAwQALZWBAwQBLZh0MAwDBAUtmeADBAAtmeID
BABbzkQDBABb7HkDBAGw3jgDBACw3jswDQYJKoZIhvcNAQELBQADggEBAD3XnjQr
7r+kPG92U9ZXx1ms8am61bUY2NeFY71t66xA0wrT0v1/aEt9T/q2eKm9rfF7p8vd
1+jwCwkCrSURkBdR5ynlM079TEvSoj7xXuCmHe7ZdZgRhAAPB7/k1hQmSeYngYcQ
YULKxUVvZIPEn/4wluOBfdnv3DsHlw68RKe7IrxjPZXs/8483/ycd6D2P75V9pbt
2txCmHu6kf/UxOSIIPq5YB+ZPiHkaWUz+GnjH1BM1XaLfuJ/f+dKf388rI2NoclB
yLx9/tXrYkTgXaXyhGsj507/P/DJQa1wCexq++SqRBUQwL44n7pemN1N1Xu6wt0e
wI9sJ298f5qlP5s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:47 2024 by rpki-client on console-fra.rpki-client.org