Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/ahwZohZJrOjtWrAgOdNqzKIY03I.roa
File: ahwZohZJrOjtWrAgOdNqzKIY03I.roa (raw, json)
Hash identifier: MUPXpzSR61bTPEZb2svIRV8e+C65ggSj0Wcl3sPVOs0=
Subject key identifier: 6A:1C:19:A2:16:49:AC:E8:ED:5A:B0:20:39:D3:6A:CC:A2:18:D3:72
Certificate issuer: /CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
Certificate serial: 01839DC185264297193C7276D07CD0526158
Authority key identifier: 6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/ahwZohZJrOjtWrAgOdNqzKIY03I.roa
Signing time: Mon 03 Oct 2022 12:10:48 +0000
ROA not before: Mon 03 Oct 2022 12:10:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203020
IP address blocks: 91.132.114.0/23 maxlen: 32
103.53.82.0/23 maxlen: 32
193.28.237.0/24 maxlen: 32
45.114.8.0/22 maxlen: 32
45.114.12.0/22 maxlen: 32
45.134.76.0/22 maxlen: 32
193.28.182.0/24 maxlen: 32
193.28.191.0/24 maxlen: 32
170.245.40.0/22 maxlen: 32
193.28.202.0/24 maxlen: 32
188.68.0.0/22 maxlen: 32
168.205.72.0/22 maxlen: 32
103.240.180.0/22 maxlen: 32
103.53.216.0/22 maxlen: 32
95.181.216.0/22 maxlen: 32
193.19.204.0/24 maxlen: 24
193.19.205.0/24 maxlen: 32
193.19.206.0/24 maxlen: 32
193.19.207.0/24 maxlen: 32
63.141.36.0/23 maxlen: 32
45.66.48.0/22 maxlen: 32
45.131.224.0/22 maxlen: 32
63.141.34.0/23 maxlen: 32
45.145.104.0/22 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:9d:c1:85:26:42:97:19:3c:72:76:d0:7c:d0:52:61:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
Validity
Not Before: Oct 3 12:10:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6a1c19a21649ace8ed5ab02039d36acca218d372
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:07:18:5d:51:31:ca:d3:66:46:a0:f9:a1:30:
98:79:48:8b:32:a9:ec:2e:95:38:24:2e:20:2e:15:
7b:7f:1f:bd:04:12:a0:35:7a:3a:e2:de:e9:ae:ee:
b8:a4:4c:a9:f5:9e:ac:d5:66:51:b7:2c:b0:cf:f2:
95:94:db:39:06:91:bd:53:22:40:29:37:07:d0:d3:
39:01:9c:53:33:48:92:de:64:cc:0a:95:ee:4d:a3:
0f:e3:79:25:45:68:50:2b:65:55:0d:11:a1:54:8d:
8b:8e:db:02:2c:1f:9d:c8:af:82:ce:e5:65:1c:6a:
93:62:44:4a:c3:ad:57:6c:1a:58:ee:27:a7:2c:e7:
63:28:7b:df:65:8c:74:3e:2c:aa:26:39:d8:f3:a9:
72:25:65:59:42:59:f3:3d:1c:f9:eb:3f:d8:ba:f6:
17:99:b2:d9:6c:33:3d:b1:b5:de:74:a4:93:c5:27:
6f:ae:04:13:b1:7c:7a:fe:f4:d0:4b:24:e6:73:98:
7b:d7:f3:af:8b:39:9e:4d:38:ae:98:5c:f2:67:b5:
67:08:7b:40:9b:46:11:f1:c8:a0:63:f5:6c:d5:bc:
71:42:78:b2:39:73:cd:66:3c:1d:34:d9:6c:cb:a8:
0a:88:cd:47:61:f9:b3:e8:0d:ab:80:ba:38:58:e8:
78:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:1C:19:A2:16:49:AC:E8:ED:5A:B0:20:39:D3:6A:CC:A2:18:D3:72
X509v3 Authority Key Identifier:
keyid:6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/ahwZohZJrOjtWrAgOdNqzKIY03I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.48.0/22
45.114.8.0/21
45.131.224.0/22
45.134.76.0/22
45.145.104.0/22
63.141.34.0-63.141.37.255
91.132.114.0/23
95.181.216.0/22
103.53.82.0/23
103.53.216.0/22
103.240.180.0/22
168.205.72.0/22
170.245.40.0/22
188.68.0.0/22
193.19.204.0/22
193.28.182.0/24
193.28.191.0/24
193.28.202.0/24
193.28.237.0/24
Signature Algorithm: sha256WithRSAEncryption
16:8c:41:a4:70:f1:ef:08:2b:1a:b5:0d:75:fc:82:ad:6e:02:
d7:4f:0c:9e:c6:5b:aa:c0:c5:46:48:39:36:a6:fe:9e:e6:2a:
1b:bc:f4:c3:dd:8d:da:96:d5:03:05:0a:b6:a8:3d:48:b0:e7:
10:f8:01:9f:7e:34:e1:42:14:e9:a8:81:3c:a1:34:82:18:93:
c2:c1:7e:56:8c:35:18:a8:60:09:9f:c3:24:51:17:37:ab:33:
c9:6d:18:f5:71:92:8c:7f:85:f3:60:ec:d2:d8:c1:ca:c7:d2:
5a:7f:67:6e:60:be:4e:fa:fb:a1:1a:32:b5:0a:89:ea:b6:8d:
47:bc:e2:74:3b:ec:0c:7b:e7:c2:39:77:3a:94:e7:43:1b:d1:
5b:ae:ed:41:42:15:02:86:b7:06:b1:3c:89:69:d6:79:4d:77:
8b:d4:03:a3:da:00:29:5f:bb:f8:57:6f:2f:e8:70:9e:cd:d8:
7e:18:f6:fb:b9:5a:88:72:13:c6:5e:15:2f:85:a0:38:8d:5d:
30:b1:98:51:03:63:c0:9e:6a:68:82:0d:b4:af:3c:43:01:9b:
78:22:f9:d9:67:2d:25:a3:44:33:a0:19:40:2d:f0:5f:88:f5:
17:cd:b9:f4:cd:58:7f:3e:49:50:8b:ba:00:05:39:50:9d:d9:
94:7d:e2:45
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAYOdwYUmQpcZPHJ20HzQUmFYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjMDNhMmNhZjI5ODAxOWZiZDY2ODYyMTUxNmM4YzZlMWQx
MGU4M2MwHhcNMjIxMDAzMTIxMDQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTFjMTlhMjE2NDlhY2U4ZWQ1YWIwMjAzOWQzNmFjY2EyMThkMzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlAcYXVExytNmRqD5oTCYeUiLMqns
LpU4JC4gLhV7fx+9BBKgNXo64t7pru64pEyp9Z6s1WZRtyywz/KVlNs5BpG9UyJA
KTcH0NM5AZxTM0iS3mTMCpXuTaMP43klRWhQK2VVDRGhVI2LjtsCLB+dyK+CzuVl
HGqTYkRKw61XbBpY7ienLOdjKHvfZYx0PiyqJjnY86lyJWVZQlnzPRz56z/YuvYX
mbLZbDM9sbXedKSTxSdvrgQTsXx6/vTQSyTmc5h71/OvizmeTTiumFzyZ7VnCHtA
m0YR8cigY/Vs1bxxQniyOXPNZjwdNNlsy6gKiM1HYfmz6A2rgLo4WOh4nQIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFGocGaIWSazo7VqwIDnTasyiGNNyMB8GA1UdIwQY
MBaAFGwDosrymAGfvWaGIVFsjG4dEOg8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkFPaXl2S1lBWi05Wm9ZaFVXeU1iaDBRNkR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8xNmI4ZTQtMTI1My00ZDllLWJkNDkt
ZmMzN2ZiMGNkNDNiLzEvYWh3Wm9oWkpyT2p0V3JBZ09kTnF6S0lZMDNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8xNmI4ZTQtMTI1My00ZDllLWJkNDktZmMzN2ZiMGNkNDNi
LzEvYkFPaXl2S1lBWi05Wm9ZaFVXeU1iaDBRNkR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwegMEAi1C
MAMEAy1yCAMEAi2D4AMEAi2GTAMEAi2RaDAMAwQBP40iAwQBP40kAwQBW4RyAwQC
X7XYAwQBZzVSAwQCZzXYAwQCZ/C0AwQCqM1IAwQCqvUoAwQCvEQAAwQCwRPMAwQA
wRy2AwQAwRy/AwQAwRzKAwQAwRztMA0GCSqGSIb3DQEBCwUAA4IBAQAWjEGkcPHv
CCsatQ11/IKtbgLXTwyexluqwMVGSDk2pv6e5iobvPTD3Y3altUDBQq2qD1IsOcQ
+AGffjThQhTpqIE8oTSCGJPCwX5WjDUYqGAJn8MkURc3qzPJbRj1cZKMf4XzYOzS
2MHKx9Jaf2duYL5O+vuhGjK1Conqto1HvOJ0O+wMe+fCOXc6lOdDG9Fbru1BQhUC
hrcGsTyJadZ5TXeL1AOj2gApX7v4V28v6HCezdh+GPb7uVqIchPGXhUvhaA4jV0w
sZhRA2PAnmpogg20rzxDAZt4IvnZZy0lo0QzoBlALfBfiPUXzbn0zVh/PklQi7oA
BTlQndmUfeJF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:49 2024 by rpki-client on console-ams.rpki-client.org