Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/rjdOrAdoeY8ZXeECucrm_yUEqtE.roa
File: rjdOrAdoeY8ZXeECucrm_yUEqtE.roa (raw, json)
Hash identifier: Vz2491T5hbyWXglDTdQZTlpDYnB8ckvYYQJgv/u/LRU=
Subject key identifier: AE:37:4E:AC:07:68:79:8F:19:5D:E1:02:B9:CA:E6:FF:25:04:AA:D1
Certificate issuer: /CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
Certificate serial: 0183658A56A42A560F7A27F6A050175D1F83
Authority key identifier: 6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/rjdOrAdoeY8ZXeECucrm_yUEqtE.roa
Signing time: Thu 22 Sep 2022 14:11:48 +0000
ROA not before: Thu 22 Sep 2022 14:11:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203020
IP address blocks: 45.134.76.0/22 maxlen: 32
170.245.40.0/22 maxlen: 32
188.68.0.0/22 maxlen: 32
168.205.72.0/22 maxlen: 32
95.181.216.0/22 maxlen: 32
193.19.204.0/24 maxlen: 24
193.19.205.0/24 maxlen: 32
193.19.206.0/24 maxlen: 32
193.19.207.0/24 maxlen: 32
63.141.36.0/23 maxlen: 32
45.66.48.0/22 maxlen: 32
45.131.224.0/22 maxlen: 32
63.141.34.0/23 maxlen: 32
45.145.104.0/22 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:65:8a:56:a4:2a:56:0f:7a:27:f6:a0:50:17:5d:1f:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
Validity
Not Before: Sep 22 14:11:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ae374eac0768798f195de102b9cae6ff2504aad1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:99:d2:46:6f:f6:6f:38:d9:f3:ef:f3:9a:a7:
96:6c:54:54:d6:2c:a2:ab:56:ce:aa:39:df:2d:e6:
8f:19:80:4c:ad:bc:46:10:4c:24:34:02:df:d9:54:
7e:ba:a7:8c:74:25:f8:07:a5:3d:10:bd:11:65:77:
a9:3b:85:47:f5:ad:d7:19:87:c9:52:95:16:7c:29:
2b:6d:a0:76:02:3f:76:e4:3d:bb:d5:96:99:a7:64:
0b:14:ab:22:20:d9:26:dd:08:bd:d1:e7:81:c8:f7:
08:c2:75:1e:93:f7:bd:49:62:61:1d:3a:0b:76:49:
99:d7:65:05:2e:86:81:a2:de:0f:6e:c4:74:42:7c:
a2:02:aa:4e:ed:e8:53:18:43:d4:b8:56:aa:86:e6:
ae:4d:ad:40:9f:f8:8b:78:22:65:bc:0c:02:ab:d0:
42:0e:82:a0:48:83:70:ee:bd:ac:86:d6:77:fd:70:
21:af:f0:9b:3b:2e:78:57:89:cb:41:3e:0f:a4:37:
90:81:e9:84:1f:65:0b:5a:2a:3e:46:e9:a4:83:9a:
6b:40:6b:69:71:a3:1f:6d:65:77:da:3f:db:42:fa:
19:b2:92:b8:46:13:06:16:58:7e:de:fd:90:dd:c6:
47:b5:95:dc:22:f5:90:ad:94:e9:eb:f7:4f:b1:fd:
05:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:37:4E:AC:07:68:79:8F:19:5D:E1:02:B9:CA:E6:FF:25:04:AA:D1
X509v3 Authority Key Identifier:
keyid:6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/rjdOrAdoeY8ZXeECucrm_yUEqtE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.48.0/22
45.131.224.0/22
45.134.76.0/22
45.145.104.0/22
63.141.34.0-63.141.37.255
95.181.216.0/22
168.205.72.0/22
170.245.40.0/22
188.68.0.0/22
193.19.204.0/22
Signature Algorithm: sha256WithRSAEncryption
76:9a:d7:7b:63:fd:63:44:8b:b6:27:3a:d8:4f:6d:6b:8c:88:
b4:0f:d0:72:47:6f:67:aa:73:f3:25:ca:0a:99:02:99:8a:56:
1f:34:f6:ed:7a:35:01:7d:48:f9:22:a6:b3:e7:f7:62:5c:07:
90:d2:27:22:6f:f6:29:52:a5:04:65:47:6c:14:a1:1f:ed:b1:
18:80:47:29:f8:57:69:cf:04:f1:d8:12:43:a6:fc:82:36:09:
c3:49:46:5b:46:7b:08:32:19:e9:43:ba:79:bf:e4:55:8f:f5:
f3:24:8d:2a:e0:e2:35:a9:f5:32:f4:08:a1:43:b6:18:db:63:
df:56:b2:c9:94:40:46:8c:60:13:a8:cc:06:7d:1c:d8:3c:a9:
46:39:d7:79:25:9b:86:b8:45:1c:e4:7f:76:00:4c:f9:f5:40:
68:ce:a5:a3:73:57:31:65:35:eb:33:79:f9:45:c9:11:e5:2c:
41:83:ba:71:52:7a:e1:0e:64:b9:06:a1:52:b6:fa:2f:1f:dc:
3d:d4:39:86:e5:bb:81:83:14:46:26:e5:10:f5:5c:96:62:c2:
cc:7c:96:ae:76:a5:b6:fd:12:5f:ce:d0:bd:70:17:b9:dc:d0:
39:03:88:95:dd:e2:36:dc:db:5f:4b:9f:b3:7d:a7:f1:66:84:
4c:19:96:b7
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYNlilakKlYPeif2oFAXXR+DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjMDNhMmNhZjI5ODAxOWZiZDY2ODYyMTUxNmM4YzZlMWQx
MGU4M2MwHhcNMjIwOTIyMTQxMTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTM3NGVhYzA3Njg3OThmMTk1ZGUxMDJiOWNhZTZmZjI1MDRhYWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJnSRm/2bzjZ8+/zmqeWbFRU1iyi
q1bOqjnfLeaPGYBMrbxGEEwkNALf2VR+uqeMdCX4B6U9EL0RZXepO4VH9a3XGYfJ
UpUWfCkrbaB2Aj925D271ZaZp2QLFKsiINkm3Qi90eeByPcIwnUek/e9SWJhHToL
dkmZ12UFLoaBot4PbsR0QnyiAqpO7ehTGEPUuFaqhuauTa1An/iLeCJlvAwCq9BC
DoKgSINw7r2shtZ3/XAhr/CbOy54V4nLQT4PpDeQgemEH2ULWio+Rumkg5prQGtp
caMfbWV32j/bQvoZspK4RhMGFlh+3v2Q3cZHtZXcIvWQrZTp6/dPsf0FTQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFK43TqwHaHmPGV3hArnK5v8lBKrRMB8GA1UdIwQY
MBaAFGwDosrymAGfvWaGIVFsjG4dEOg8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkFPaXl2S1lBWi05Wm9ZaFVXeU1iaDBRNkR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8xNmI4ZTQtMTI1My00ZDllLWJkNDkt
ZmMzN2ZiMGNkNDNiLzEvcmpkT3JBZG9lWThaWGVFQ3Vjcm1feVVFcXRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8xNmI4ZTQtMTI1My00ZDllLWJkNDktZmMzN2ZiMGNkNDNi
LzEvYkFPaXl2S1lBWi05Wm9ZaFVXeU1iaDBRNkR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQCLUIwAwQC
LYPgAwQCLYZMAwQCLZFoMAwDBAE/jSIDBAE/jSQDBAJftdgDBAKozUgDBAKq9SgD
BAK8RAADBALBE8wwDQYJKoZIhvcNAQELBQADggEBAHaa13tj/WNEi7YnOthPbWuM
iLQP0HJHb2eqc/MlygqZApmKVh809u16NQF9SPkiprPn92JcB5DSJyJv9ilSpQRl
R2wUoR/tsRiARyn4V2nPBPHYEkOm/II2CcNJRltGewgyGelDunm/5FWP9fMkjSrg
4jWp9TL0CKFDthjbY99WssmUQEaMYBOozAZ9HNg8qUY513klm4a4RRzkf3YATPn1
QGjOpaNzVzFlNeszeflFyRHlLEGDunFSeuEOZLkGoVK2+i8f3D3UOYblu4GDFEYm
5RD1XJZiwsx8lq52pbb9El/O0L1wF7nc0DkDiJXd4jbc219Ln7N9p/FmhEwZlrc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:50 2024 by rpki-client on console-ams.rpki-client.org