Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/oMKW52uy8SbR98dwnqbiHm_RGcA.roa
File: oMKW52uy8SbR98dwnqbiHm_RGcA.roa (raw, json)
Hash identifier: edmjzwG+oSbdQrNsvWIMvS0DKeO0f1RpAv4B2+aNQIU=
Subject key identifier: A0:C2:96:E7:6B:B2:F1:26:D1:F7:C7:70:9E:A6:E2:1E:6F:D1:19:C0
Certificate issuer: /CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
Certificate serial: 018612763BA19DF955F3147F9E19D4D250AC
Authority key identifier: 6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/oMKW52uy8SbR98dwnqbiHm_RGcA.roa
Signing time: Thu 02 Feb 2023 14:09:43 +0000
ROA not before: Thu 02 Feb 2023 14:09:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203020
IP address blocks: 91.132.114.0/23 maxlen: 32
103.53.82.0/23 maxlen: 32
193.28.237.0/24 maxlen: 32
45.114.8.0/22 maxlen: 32
45.114.12.0/22 maxlen: 32
193.28.182.0/24 maxlen: 32
193.28.191.0/24 maxlen: 32
193.28.202.0/24 maxlen: 32
103.240.180.0/22 maxlen: 32
103.53.216.0/22 maxlen: 32
193.19.204.0/24 maxlen: 24
193.19.205.0/24 maxlen: 32
193.19.206.0/24 maxlen: 32
193.19.207.0/24 maxlen: 32
45.66.48.0/22 maxlen: 32
45.145.104.0/22 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:12:76:3b:a1:9d:f9:55:f3:14:7f:9e:19:d4:d2:50:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
Validity
Not Before: Feb 2 14:09:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0c296e76bb2f126d1f7c7709ea6e21e6fd119c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:08:63:fe:56:0b:ce:8f:2a:d7:f8:b0:6e:81:
69:32:22:9a:07:aa:d9:38:d9:66:dc:32:c1:92:aa:
37:0c:a4:11:4b:8b:30:0f:f5:52:f8:ae:49:03:1a:
60:90:bf:ab:8b:f8:a8:05:cf:0f:66:23:ea:57:c9:
07:14:7e:a1:cc:9a:5f:b8:83:d7:4a:4a:ab:65:62:
b6:f0:78:e6:8e:f6:bb:3b:e5:d2:d8:1d:4d:3b:a6:
7c:bf:28:0c:42:93:8e:6a:09:0d:4e:49:ff:14:87:
58:45:35:48:66:ef:26:52:ea:44:09:21:39:35:ff:
06:3d:8d:aa:23:3d:5e:bc:63:e3:b8:e1:06:81:7e:
0e:98:8b:fb:f0:bf:4a:cb:09:89:18:79:63:ac:ed:
f4:64:a8:f8:45:09:ab:74:e4:dc:f6:5f:04:81:f2:
32:ae:76:cc:12:51:71:5e:9f:65:3d:22:9f:18:a6:
83:c6:2e:95:b9:d3:39:04:52:d2:56:7f:d5:37:a6:
ef:db:3d:a5:30:f8:83:d2:cc:53:2f:bb:7a:cb:71:
c7:56:66:7c:58:c3:e6:20:14:f8:4b:c8:07:d6:34:
a1:99:75:6d:ca:39:c2:1f:ef:6c:11:44:03:cf:c6:
61:ef:94:0f:c2:40:f9:e9:88:1a:5e:ca:ce:4d:78:
a4:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:C2:96:E7:6B:B2:F1:26:D1:F7:C7:70:9E:A6:E2:1E:6F:D1:19:C0
X509v3 Authority Key Identifier:
keyid:6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/oMKW52uy8SbR98dwnqbiHm_RGcA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.48.0/22
45.114.8.0/21
45.145.104.0/22
91.132.114.0/23
103.53.82.0/23
103.53.216.0/22
103.240.180.0/22
193.19.204.0/22
193.28.182.0/24
193.28.191.0/24
193.28.202.0/24
193.28.237.0/24
Signature Algorithm: sha256WithRSAEncryption
36:fd:0f:88:30:66:5d:d7:0a:a8:5c:45:f7:ed:22:02:44:d5:
9b:da:a0:8f:10:af:f2:5a:52:f7:ea:bf:72:08:a7:b0:82:78:
d8:eb:19:8b:eb:87:75:f7:09:af:d9:8b:3a:c4:e6:68:ee:a2:
3f:86:ee:4e:d6:a2:24:d7:75:96:12:be:9a:be:e6:db:1d:6b:
3b:0a:4d:f4:76:35:55:2d:03:44:d6:bf:9d:0e:8f:e6:24:98:
61:1f:b9:f3:8b:4e:ba:f3:c1:da:cc:1d:0b:bb:8e:76:14:cb:
1d:00:9c:c4:28:29:8e:4a:2d:77:ae:ed:d6:53:3d:ed:d0:38:
af:dd:d0:c0:8a:47:a6:8d:64:d2:59:61:d8:23:fe:6a:c6:c2:
66:96:13:67:0c:80:74:0f:8e:4a:98:20:eb:ea:e2:a5:4a:ec:
12:c3:f2:65:fc:19:7a:5d:61:b4:db:90:5b:5c:d4:14:9b:f3:
53:c6:db:63:cf:45:4e:e9:b3:36:c2:db:0a:82:54:31:6b:54:
8a:67:40:b4:15:3b:44:c6:f8:6b:22:f6:77:a1:2f:04:1a:b2:
35:57:10:91:40:dc:5c:c9:aa:2d:dc:85:16:0b:bc:8b:3c:ff:
ba:8a:e8:b5:90:96:e0:64:04:e4:6c:43:32:81:ed:e4:7d:70:
ec:b2:ac:c5
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYYSdjuhnflV8xR/nhnU0lCsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjMDNhMmNhZjI5ODAxOWZiZDY2ODYyMTUxNmM4YzZlMWQx
MGU4M2MwHhcNMjMwMjAyMTQwOTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGMyOTZlNzZiYjJmMTI2ZDFmN2M3NzA5ZWE2ZTIxZTZmZDExOWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQhj/lYLzo8q1/iwboFpMiKaB6rZ
ONlm3DLBkqo3DKQRS4swD/VS+K5JAxpgkL+ri/ioBc8PZiPqV8kHFH6hzJpfuIPX
SkqrZWK28Hjmjva7O+XS2B1NO6Z8vygMQpOOagkNTkn/FIdYRTVIZu8mUupECSE5
Nf8GPY2qIz1evGPjuOEGgX4OmIv78L9KywmJGHljrO30ZKj4RQmrdOTc9l8EgfIy
rnbMElFxXp9lPSKfGKaDxi6VudM5BFLSVn/VN6bv2z2lMPiD0sxTL7t6y3HHVmZ8
WMPmIBT4S8gH1jShmXVtyjnCH+9sEUQDz8Zh75QPwkD56YgaXsrOTXikMwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFKDCludrsvEm0ffHcJ6m4h5v0RnAMB8GA1UdIwQY
MBaAFGwDosrymAGfvWaGIVFsjG4dEOg8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkFPaXl2S1lBWi05Wm9ZaFVXeU1iaDBRNkR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8xNmI4ZTQtMTI1My00ZDllLWJkNDkt
ZmMzN2ZiMGNkNDNiLzEvb01LVzUydXk4U2JSOThkd25xYmlIbV9SR2NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8xNmI4ZTQtMTI1My00ZDllLWJkNDktZmMzN2ZiMGNkNDNi
LzEvYkFPaXl2S1lBWi05Wm9ZaFVXeU1iaDBRNkR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQCLUIwAwQD
LXIIAwQCLZFoAwQBW4RyAwQBZzVSAwQCZzXYAwQCZ/C0AwQCwRPMAwQAwRy2AwQA
wRy/AwQAwRzKAwQAwRztMA0GCSqGSIb3DQEBCwUAA4IBAQA2/Q+IMGZd1wqoXEX3
7SICRNWb2qCPEK/yWlL36r9yCKewgnjY6xmL64d19wmv2Ys6xOZo7qI/hu5O1qIk
13WWEr6avubbHWs7Ck30djVVLQNE1r+dDo/mJJhhH7nzi06688HazB0Lu452FMsd
AJzEKCmOSi13ru3WUz3t0Div3dDAikemjWTSWWHYI/5qxsJmlhNnDIB0D45KmCDr
6uKlSuwSw/Jl/Bl6XWG025BbXNQUm/NTxttjz0VO6bM2wtsKglQxa1SKZ0C0FTtE
xvhrIvZ3oS8EGrI1VxCRQNxcyaot3IUWC7yLPP+6iui1kJbgZATkbEMyge3kfXDs
sqzF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:58 2024 by rpki-client on console-fra.rpki-client.org