Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/A26z-Itr_l-Qtxb0OORvzUddCzA.roa
File: A26z-Itr_l-Qtxb0OORvzUddCzA.roa (raw, json)
Hash identifier: YSEVDnizughjiHlmMgurY8Jx9n9LlvMoqAHLIALfZHU=
Subject key identifier: 03:6E:B3:F8:8B:6B:FE:5F:90:B7:16:F4:38:E4:6F:CD:47:5D:0B:30
Certificate issuer: /CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Certificate serial: 018728B209F63E8E74DC7A067548AB022FC5
Authority key identifier: 46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/A26z-Itr_l-Qtxb0OORvzUddCzA.roa
Signing time: Tue 28 Mar 2023 14:49:29 +0000
ROA not before: Tue 28 Mar 2023 14:49:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41789
IP address blocks: 45.82.14.0/23 maxlen: 23
185.250.44.0/23 maxlen: 23
185.250.46.0/23 maxlen: 23
193.39.168.0/24 maxlen: 24
193.39.171.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:28:b2:09:f6:3e:8e:74:dc:7a:06:75:48:ab:02:2f:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Validity
Not Before: Mar 28 14:49:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=036eb3f88b6bfe5f90b716f438e46fcd475d0b30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:1f:1b:ab:91:42:27:5a:df:32:02:ab:88:5d:
7d:be:5a:e3:d3:8a:5c:3c:33:fd:47:d7:5f:7d:df:
cc:2e:05:98:42:ea:fe:9e:61:ad:41:93:c6:1b:0f:
47:e2:7a:f3:28:44:c1:ea:76:29:8a:5e:a4:40:e7:
69:14:66:94:db:46:18:37:f7:7a:a5:6d:36:d3:fe:
e8:70:a4:47:a1:b9:44:76:0e:0e:2f:10:2e:62:fa:
8b:d7:51:ce:f8:93:46:1a:21:56:46:1d:7e:ae:86:
a6:40:31:ad:a1:da:d9:5d:01:9b:d3:99:34:52:ca:
3e:9a:c0:09:e1:d3:7b:58:80:98:58:69:d7:72:c4:
5c:ca:ea:54:ed:da:65:b4:ec:d7:08:53:0e:4f:18:
17:fd:e8:25:83:70:f0:0f:e3:83:2a:88:a7:44:5e:
5f:a2:08:98:a3:2e:94:ba:7f:6f:da:08:fa:d8:ee:
73:ee:17:8b:fc:8e:55:27:54:cb:89:9c:00:1b:42:
c9:10:09:d3:f7:56:8f:7f:45:10:b8:dd:c6:1d:b2:
1e:bf:5a:1e:38:95:e3:50:65:0b:56:66:a7:68:da:
fc:6f:30:03:50:8e:70:aa:42:28:51:2e:af:5b:f7:
e5:76:24:7a:df:51:e6:61:44:d2:17:98:78:73:d7:
5b:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:6E:B3:F8:8B:6B:FE:5F:90:B7:16:F4:38:E4:6F:CD:47:5D:0B:30
X509v3 Authority Key Identifier:
keyid:46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/A26z-Itr_l-Qtxb0OORvzUddCzA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.14.0/23
185.250.44.0/22
193.39.168.0/24
193.39.171.0/24
Signature Algorithm: sha256WithRSAEncryption
15:32:0c:66:19:71:77:ec:97:5a:19:aa:71:91:cd:af:21:bc:
ed:1e:9f:43:db:c6:5b:cf:b8:4c:ef:86:53:32:8e:fa:c1:c6:
c4:fe:a3:36:cd:1b:48:47:e0:36:33:47:ec:e1:d8:e6:5e:c0:
54:45:61:8b:36:1d:8f:c0:37:89:f0:b5:15:7b:94:61:e3:63:
60:45:19:06:9f:cc:95:d0:4a:53:64:a5:ef:f7:f0:64:6c:f8:
3b:ad:c5:7a:83:be:8c:3c:e4:31:79:cd:0a:16:3b:ce:4d:97:
56:16:c1:34:bd:ac:fb:35:01:41:5b:0b:4d:23:93:e0:d1:00:
70:5e:db:73:78:86:cb:f4:67:71:10:cd:ba:cd:3e:99:d5:42:
e3:14:80:3c:28:c3:04:13:90:16:29:90:37:4a:db:01:d4:e8:
6b:78:de:62:6c:15:94:a7:42:ea:14:cd:e6:7a:59:d6:05:41:
e4:18:60:c2:22:45:25:74:f6:68:1d:9a:d9:93:de:bd:9b:01:
2b:f0:fc:e1:63:50:dd:ee:2f:ff:ac:02:a7:92:06:da:a7:c5:
c7:37:4b:d4:f3:79:89:87:f7:1a:07:aa:aa:1a:b3:a0:5d:1b:
fc:cb:11:20:7a:11:0c:0e:c7:c9:89:11:60:f3:76:a7:90:1c:
9e:b8:ab:31
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYcosgn2Po503HoGdUirAi/FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NWViYTVjMWE4MGY4NmE0NTg5Mjc4ZWRkOTMwNGIzZjUx
NjlmODMwHhcNMjMwMzI4MTQ0OTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzZlYjNmODhiNmJmZTVmOTBiNzE2ZjQzOGU0NmZjZDQ3NWQwYjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiB8bq5FCJ1rfMgKriF19vlrj04pc
PDP9R9dffd/MLgWYQur+nmGtQZPGGw9H4nrzKETB6nYpil6kQOdpFGaU20YYN/d6
pW020/7ocKRHoblEdg4OLxAuYvqL11HO+JNGGiFWRh1+roamQDGtodrZXQGb05k0
Uso+msAJ4dN7WICYWGnXcsRcyupU7dpltOzXCFMOTxgX/eglg3DwD+ODKoinRF5f
ogiYoy6Uun9v2gj62O5z7heL/I5VJ1TLiZwAG0LJEAnT91aPf0UQuN3GHbIev1oe
OJXjUGULVmanaNr8bzADUI5wqkIoUS6vW/fldiR631HmYUTSF5h4c9dbmwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFANus/iLa/5fkLcW9Djkb81HXQswMB8GA1UdIwQY
MBaAFEZeulwagPhqRYknjt2TBLP1Fp+DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQt
NWM0NzZlMzMyNWY1LzEvQTI2ei1JdHJfbC1RdHhiME9PUnZ6VWRkQ3pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQtNWM0NzZlMzMyNWY1
LzEvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLVIOAwQC
ufosAwQAwSeoAwQAwSerMA0GCSqGSIb3DQEBCwUAA4IBAQAVMgxmGXF37JdaGapx
kc2vIbztHp9D28Zbz7hM74ZTMo76wcbE/qM2zRtIR+A2M0fs4djmXsBURWGLNh2P
wDeJ8LUVe5Rh42NgRRkGn8yV0EpTZKXv9/BkbPg7rcV6g76MPOQxec0KFjvOTZdW
FsE0vaz7NQFBWwtNI5Pg0QBwXttzeIbL9GdxEM26zT6Z1ULjFIA8KMMEE5AWKZA3
StsB1OhreN5ibBWUp0LqFM3melnWBUHkGGDCIkUldPZoHZrZk969mwEr8PzhY1Dd
7i//rAKnkgbap8XHN0vU83mJh/caB6qqGrOgXRv8yxEgehEMDsfJiRFg83ankBye
uKsx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:10 2024 by rpki-client on console-ams.rpki-client.org