Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/hIHXa3g97J7F3XJwLmfgvzOTGTw.roa
File: hIHXa3g97J7F3XJwLmfgvzOTGTw.roa (raw, json)
Hash identifier: Ro+gslYT4nI960DljIOT2WU7BNUJuXRDkLoKuEidSZA=
Subject key identifier: 84:81:D7:6B:78:3D:EC:9E:C5:DD:72:70:2E:67:E0:BF:33:93:19:3C
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 01856F1DCAEFEBD2B2C6F9D54E50F65C4C23
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/hIHXa3g97J7F3XJwLmfgvzOTGTw.roa
Signing time: Sun 01 Jan 2023 20:55:01 +0000
ROA not before: Sun 01 Jan 2023 20:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62240
IP address blocks: 193.32.164.0/24 maxlen: 24
193.32.166.0/24 maxlen: 24
193.32.165.0/24 maxlen: 24
193.32.167.0/24 maxlen: 24
45.136.69.0/24 maxlen: 24
45.159.85.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:ca:ef:eb:d2:b2:c6:f9:d5:4e:50:f6:5c:4c:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Jan 1 20:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8481d76b783dec9ec5dd72702e67e0bf3393193c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:f3:ec:d4:0d:55:9c:6a:f1:54:96:74:90:59:
4a:72:10:3c:37:cd:d9:1f:4a:c0:69:31:23:60:41:
62:2d:41:bc:a1:8f:46:65:24:13:d1:38:f3:77:6f:
5d:f5:d0:94:5c:a4:7b:70:66:33:1e:e0:a8:c8:17:
c7:c5:5f:65:eb:10:6a:cd:a6:3f:ec:0e:d1:3d:a0:
c6:4a:e8:fe:4d:ad:3f:2f:62:fe:74:dc:a4:8c:d1:
ff:29:51:35:bb:c8:05:dd:9d:4e:2c:fb:ae:81:e8:
07:2a:c8:05:a0:c6:71:68:f5:56:65:c5:aa:dd:27:
b2:12:22:22:bc:00:bd:d6:d3:2d:e5:39:45:1f:5b:
7c:6d:e3:61:9b:d2:9b:00:38:7f:c8:90:f2:47:2f:
f4:e1:2a:8b:cb:06:5c:6e:2c:cb:a8:8f:e2:41:c3:
f4:5e:a3:14:3b:db:eb:30:d0:ed:5a:f3:69:46:bc:
3e:b9:3d:81:63:50:32:bf:0a:a6:09:1d:bf:0f:ca:
cf:df:66:33:76:a6:a8:50:08:90:b1:f8:b5:ec:27:
05:5d:ff:78:f8:b3:45:81:b2:57:c3:25:fc:c4:ae:
04:89:5f:b6:29:a8:a2:a3:fe:e2:0d:af:e2:c0:e3:
77:3c:c8:d6:34:f1:7b:1f:d9:0c:6b:89:41:cf:9b:
8e:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:81:D7:6B:78:3D:EC:9E:C5:DD:72:70:2E:67:E0:BF:33:93:19:3C
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/hIHXa3g97J7F3XJwLmfgvzOTGTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.69.0/24
45.159.85.0/24
193.32.164.0/22
Signature Algorithm: sha256WithRSAEncryption
4a:e0:01:56:b7:62:d8:14:88:50:7c:a7:83:4d:5d:6f:6a:91:
57:fa:51:77:f8:58:45:f1:33:aa:68:4b:a9:d6:14:85:33:46:
b0:1d:8e:4c:0d:ce:a6:7a:15:f1:19:94:c9:58:cc:3e:3a:9c:
aa:95:b2:b7:12:91:b4:7a:0b:67:37:39:c9:52:d2:11:22:7d:
1a:af:1d:de:fb:dd:43:a5:be:c3:e1:09:b7:64:22:89:5c:41:
a8:2d:47:9f:f3:55:54:e2:bc:7f:25:52:df:aa:82:ea:49:29:
02:4c:9a:0e:a7:c7:e5:a8:18:be:56:f7:bf:b3:86:a7:3b:0c:
3c:e3:03:2a:0b:48:93:e0:57:2b:34:1c:bf:6c:b9:33:46:4f:
16:c4:8e:29:ef:c5:60:6c:d7:0b:5a:52:f6:d1:43:e8:57:10:
38:38:8d:92:56:f7:e9:ae:95:81:b9:71:d7:75:ce:c6:ca:00:
36:a7:fd:7a:eb:9d:97:f2:5a:3c:45:99:3a:e3:5a:88:ad:77:
cf:81:58:bb:1e:98:ae:9f:2c:ad:57:fc:c6:89:86:57:62:ad:
d4:1c:f7:3c:cc:63:19:1b:68:73:a5:fe:8a:aa:e2:17:59:47:
69:e5:c8:87:e4:ab:d2:07:75:63:2c:b0:7d:4d:b1:24:4e:7b:
5c:75:ec:f1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvHcrv69KyxvnVTlD2XEwjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjMwMTAxMjA1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDgxZDc2Yjc4M2RlYzllYzVkZDcyNzAyZTY3ZTBiZjMzOTMxOTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2fPs1A1VnGrxVJZ0kFlKchA8N83Z
H0rAaTEjYEFiLUG8oY9GZSQT0Tjzd29d9dCUXKR7cGYzHuCoyBfHxV9l6xBqzaY/
7A7RPaDGSuj+Ta0/L2L+dNykjNH/KVE1u8gF3Z1OLPuugegHKsgFoMZxaPVWZcWq
3SeyEiIivAC91tMt5TlFH1t8beNhm9KbADh/yJDyRy/04SqLywZcbizLqI/iQcP0
XqMUO9vrMNDtWvNpRrw+uT2BY1AyvwqmCR2/D8rP32YzdqaoUAiQsfi17CcFXf94
+LNFgbJXwyX8xK4EiV+2Kaiio/7iDa/iwON3PMjWNPF7H9kMa4lBz5uOjwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFISB12t4Peyexd1ycC5n4L8zkxk8MB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvaElIWGEzZzk3SjdGM1hKd0xtZmd2ek9UR1R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALYhFAwQA
LZ9VAwQCwSCkMA0GCSqGSIb3DQEBCwUAA4IBAQBK4AFWt2LYFIhQfKeDTV1vapFX
+lF3+FhF8TOqaEup1hSFM0awHY5MDc6mehXxGZTJWMw+OpyqlbK3EpG0egtnNznJ
UtIRIn0arx3e+91Dpb7D4Qm3ZCKJXEGoLUef81VU4rx/JVLfqoLqSSkCTJoOp8fl
qBi+Vve/s4anOww84wMqC0iT4FcrNBy/bLkzRk8WxI4p78VgbNcLWlL20UPoVxA4
OI2SVvfprpWBuXHXdc7GygA2p/16652X8lo8RZk641qIrXfPgVi7HpiunyytV/zG
iYZXYq3UHPc8zGMZG2hzpf6KquIXWUdp5ciH5KvSB3VjLLB9TbEkTntcdezx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:25 2024 by rpki-client on console-ams.rpki-client.org