Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/Dnkey7uxfsMaJFCd_n2ZX_GMlOM.roa
File: Dnkey7uxfsMaJFCd_n2ZX_GMlOM.roa (raw, json)
Hash identifier: X4rnA1aRMd6QrK89SKibL2n+BUX0B7jo2pAhvz/2BNk=
Subject key identifier: 0E:79:1E:CB:BB:B1:7E:C3:1A:24:50:9D:FE:7D:99:5F:F1:8C:94:E3
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 01896499DC74FBA7A7D03488947D457A80AB
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/Dnkey7uxfsMaJFCd_n2ZX_GMlOM.roa
Signing time: Mon 17 Jul 2023 16:05:52 +0000
ROA not before: Mon 17 Jul 2023 16:05:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62240
IP address blocks: 45.80.223.0/24 maxlen: 24
45.80.222.0/24 maxlen: 24
45.80.221.0/24 maxlen: 24
92.119.192.0/24 maxlen: 24
45.159.85.0/24 maxlen: 24
45.153.227.0/24 maxlen: 24
193.32.164.0/24 maxlen: 24
193.32.166.0/24 maxlen: 24
193.32.165.0/24 maxlen: 24
45.142.37.0/24 maxlen: 24
45.129.130.0/24 maxlen: 24
45.129.129.0/24 maxlen: 24
45.129.131.0/24 maxlen: 24
193.32.167.0/24 maxlen: 24
45.136.69.0/24 maxlen: 24
193.36.231.0/24 maxlen: 24
45.138.4.0/24 maxlen: 24
176.222.58.0/24 maxlen: 24
45.138.6.0/24 maxlen: 24
45.138.5.0/24 maxlen: 24
45.146.26.0/24 maxlen: 24
81.16.140.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:64:99:dc:74:fb:a7:a7:d0:34:88:94:7d:45:7a:80:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Jul 17 16:05:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0e791ecbbbb17ec31a24509dfe7d995ff18c94e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:c0:24:4c:ba:86:dc:9f:ca:a3:b7:7c:14:86:
ed:eb:40:b4:45:65:18:1f:7d:68:e0:23:3f:c5:0a:
1b:8f:e8:82:67:0e:92:e0:ad:cd:61:09:85:60:70:
50:0f:8b:d1:08:d2:a9:76:ad:55:30:10:16:79:dc:
32:65:b6:b3:a2:0e:59:5c:3a:e6:73:00:35:04:56:
58:e4:de:cc:a6:d5:32:0b:8b:e8:26:aa:12:19:c1:
c4:dd:40:35:1a:70:c0:5f:3d:1d:89:7d:f4:6d:30:
fe:48:5b:11:ca:f6:a4:68:2b:d2:4a:fa:f9:5d:87:
55:e4:b0:e2:81:d0:45:5a:76:80:55:c6:7a:ef:d7:
46:4e:22:73:ba:f8:6a:e4:2c:1e:4a:78:e3:09:3c:
4d:71:70:5a:1f:3b:17:f6:83:28:71:3c:fb:8c:a4:
34:34:5c:82:18:9e:a9:04:d4:69:a7:0f:ca:7c:76:
25:0b:a2:5b:78:99:1f:35:d5:50:9b:e1:90:82:61:
da:29:44:0e:60:5c:bd:84:f6:37:8f:c5:e0:af:b2:
7a:00:62:6f:1b:af:94:1b:d8:d2:e9:dd:99:73:b7:
04:f1:98:8a:9b:e3:8d:5c:5d:fe:4c:fb:7b:3d:85:
fc:a6:1a:7c:e3:25:85:d6:46:b6:d6:bc:26:b3:76:
d9:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:79:1E:CB:BB:B1:7E:C3:1A:24:50:9D:FE:7D:99:5F:F1:8C:94:E3
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/Dnkey7uxfsMaJFCd_n2ZX_GMlOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.221.0-45.80.223.255
45.129.129.0-45.129.131.255
45.136.69.0/24
45.138.4.0-45.138.6.255
45.142.37.0/24
45.146.26.0/24
45.153.227.0/24
45.159.85.0/24
81.16.140.0/24
92.119.192.0/24
176.222.58.0/24
193.32.164.0/22
193.36.231.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:4e:79:ef:0c:46:ed:5c:d7:4c:5b:da:79:bf:90:78:62:6e:
44:ea:d9:fd:4e:04:13:c5:c1:2e:2a:60:73:a5:d1:15:7d:f7:
66:f2:7a:57:58:cb:32:83:03:2d:ea:95:05:ca:bb:3e:68:c7:
d6:4a:4f:a5:91:c1:d0:2b:70:07:ea:32:43:e2:84:c2:31:f0:
11:0e:68:5e:8a:54:42:2c:18:46:fd:38:9d:dc:22:6a:98:59:
56:e6:35:a3:a1:18:15:f3:7b:06:82:0c:5f:2f:cd:a8:33:9a:
af:ba:1d:8a:04:18:10:38:1b:61:f5:71:3e:67:6f:ce:c1:1a:
d6:22:e4:87:e4:e6:80:2b:ab:5d:c8:fa:0d:d0:5f:de:7c:50:
2c:89:a0:75:33:eb:5a:c3:d9:53:52:ec:16:85:70:e2:8d:d8:
8a:b3:8f:f8:d0:f0:63:01:4e:86:4a:15:a2:a3:29:b3:c3:5a:
6f:4d:21:59:59:6e:c0:52:f0:7b:41:ac:58:6d:1a:8d:ca:0d:
85:b0:b7:f2:8d:55:8a:26:53:a2:d5:4f:fc:83:41:cb:21:66:
37:32:48:f4:73:05:51:50:e0:9b:09:59:81:40:27:96:68:42:
b2:44:a1:b9:30:34:45:2f:50:7e:0d:aa:85:ef:fa:ed:61:99:
b4:69:ca:3a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYlkmdx0+6en0DSIlH1FeoCrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjMwNzE3MTYwNTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTc5MWVjYmJiYjE3ZWMzMWEyNDUwOWRmZTdkOTk1ZmYxOGM5NGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncAkTLqG3J/Ko7d8FIbt60C0RWUY
H31o4CM/xQobj+iCZw6S4K3NYQmFYHBQD4vRCNKpdq1VMBAWedwyZbazog5ZXDrm
cwA1BFZY5N7MptUyC4voJqoSGcHE3UA1GnDAXz0diX30bTD+SFsRyvakaCvSSvr5
XYdV5LDigdBFWnaAVcZ679dGTiJzuvhq5CweSnjjCTxNcXBaHzsX9oMocTz7jKQ0
NFyCGJ6pBNRppw/KfHYlC6JbeJkfNdVQm+GQgmHaKUQOYFy9hPY3j8Xgr7J6AGJv
G6+UG9jS6d2Zc7cE8ZiKm+ONXF3+TPt7PYX8php84yWF1ka21rwms3bZhQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFA55Hsu7sX7DGiRQnf59mV/xjJTjMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvRG5rZXk3dXhmc01hSkZDZF9uMlpYX0dNbE9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmMAwDBAAtUN0D
BAUtUMAwDAMEAC2BgQMEAi2BgAMEAC2IRTAMAwQCLYoEAwQALYoGAwQALY4lAwQA
LZIaAwQALZnjAwQALZ9VAwQAURCMAwQAXHfAAwQAsN46AwQCwSCkAwQAwSTnMA0G
CSqGSIb3DQEBCwUAA4IBAQCOTnnvDEbtXNdMW9p5v5B4Ym5E6tn9TgQTxcEuKmBz
pdEVffdm8npXWMsygwMt6pUFyrs+aMfWSk+lkcHQK3AH6jJD4oTCMfARDmheilRC
LBhG/Tid3CJqmFlW5jWjoRgV83sGggxfL82oM5qvuh2KBBgQOBth9XE+Z2/OwRrW
IuSH5OaAK6tdyPoN0F/efFAsiaB1M+taw9lTUuwWhXDijdiKs4/40PBjAU6GShWi
oymzw1pvTSFZWW7AUvB7QaxYbRqNyg2FsLfyjVWKJlOi1U/8g0HLIWY3Mkj0cwVR
UOCbCVmBQCeWaEKyRKG5MDRFL1B+DaqF7/rtYZm0aco6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:47 2024 by rpki-client on console-fra.rpki-client.org