Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/4fbDQWE-FSuwkOWQpslkfo38-mY.roa
File: 4fbDQWE-FSuwkOWQpslkfo38-mY.roa (raw, json)
Hash identifier: 5741unyNCv8ozKyI4sCbOutRZklb2Zayj30RNbJ73jM=
Subject key identifier: E1:F6:C3:41:61:3E:15:2B:B0:90:E5:90:A6:C9:64:7E:8D:FC:FA:66
Certificate issuer: /CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Certificate serial: 018A21DF59C4DD7223657FEBB1CFD462D75A
Authority key identifier: 81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/4fbDQWE-FSuwkOWQpslkfo38-mY.roa
Signing time: Wed 23 Aug 2023 10:10:00 +0000
ROA not before: Wed 23 Aug 2023 10:10:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 45.81.148.0/24 maxlen: 24
185.229.243.0/24 maxlen: 24
5.181.166.0/24 maxlen: 24
2a0a:da40::/29 maxlen: 29
2a0a:1f40::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:21:df:59:c4:dd:72:23:65:7f:eb:b1:cf:d4:62:d7:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Validity
Not Before: Aug 23 10:10:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e1f6c341613e152bb090e590a6c9647e8dfcfa66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:0f:a8:42:22:c5:af:1a:6e:f0:05:90:66:df:
6e:ce:a7:6a:b7:09:63:4c:89:27:eb:57:6e:86:7c:
e4:72:a4:a9:29:cb:42:c6:67:fb:20:bd:16:b8:a9:
1e:0e:12:df:8b:f4:f7:01:00:76:6a:91:af:9f:d3:
ea:ae:96:02:5d:dc:29:d9:87:3f:57:62:7e:82:1b:
57:73:d0:e2:a9:09:c9:89:6a:48:80:9a:22:8a:f6:
5f:75:a9:d2:9f:f7:69:9b:1d:a4:55:05:a9:42:05:
57:f9:1e:76:cc:9c:03:f7:cb:e4:17:f2:b9:47:f7:
3f:e3:b1:39:c5:40:a4:c3:7a:94:8c:51:82:fa:90:
9d:27:81:03:de:3e:c4:a5:7e:0d:b9:12:3e:52:a1:
87:da:5e:56:00:90:c2:28:94:fe:dc:fb:68:62:b8:
5b:56:85:a0:13:7b:e0:9d:c8:6f:61:41:dd:22:a9:
c3:66:09:67:09:88:dc:39:47:13:98:9a:b1:b6:73:
ae:3b:49:bb:b1:8b:d2:8d:95:3c:96:29:7c:bf:80:
cf:b2:d5:6a:22:43:a4:4e:c7:88:85:3e:99:ee:4a:
5b:c3:03:24:1d:64:0a:f1:9a:6a:c6:eb:fd:f7:f6:
f5:3c:b6:b9:6e:bf:ca:a8:2f:85:35:f6:42:b8:3d:
2c:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:F6:C3:41:61:3E:15:2B:B0:90:E5:90:A6:C9:64:7E:8D:FC:FA:66
X509v3 Authority Key Identifier:
keyid:81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/4fbDQWE-FSuwkOWQpslkfo38-mY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/gci3Ore963b_SLLKCZYW7b5xxCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.166.0/24
45.81.148.0/24
185.229.243.0/24
IPv6:
2a0a:1f40::/32
2a0a:da40::/29
Signature Algorithm: sha256WithRSAEncryption
7a:0a:5f:b5:f0:fd:1f:80:1a:fe:c1:eb:c9:63:b5:78:b6:ff:
f0:a6:14:c8:06:64:ea:ec:0f:66:61:c9:83:24:9a:8c:59:40:
50:c3:cc:1f:fd:de:14:82:b4:3e:75:ed:d1:47:01:44:3c:08:
07:08:c5:56:76:b4:8b:6c:36:43:3d:47:28:58:d4:b2:64:2a:
c4:b7:7f:70:5b:08:ee:a6:e5:ed:df:24:29:8c:0a:59:ae:5d:
24:59:6b:7d:8c:89:2f:fe:f1:26:e6:3c:06:eb:c4:4b:51:38:
80:81:10:c8:96:21:90:40:29:a3:f0:6b:f5:20:7a:98:a8:3c:
26:27:0a:b8:dd:51:c5:0b:5e:41:e9:20:10:e0:58:9a:5b:a5:
62:ee:34:02:30:d2:e7:9a:4d:c0:c0:21:b5:35:85:2d:e7:60:
c8:14:44:b9:60:53:d8:4c:cf:d0:82:39:92:61:8c:36:b5:a6:
d0:f0:9d:c9:28:ad:15:d6:35:44:11:a9:ee:18:49:4b:6c:ec:
2d:ce:5a:a4:89:63:33:31:83:5f:5b:ae:ef:14:38:92:d3:58:
92:28:b2:67:4c:e9:0d:4e:cb:96:73:c5:18:de:8a:aa:b4:8e:
3c:85:f0:ad:ca:ca:6e:92:f9:6d:ba:33:79:00:9d:67:c8:af:
0c:df:7b:77
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYoh31nE3XIjZX/rsc/UYtdaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYzhiNzNhYjdiZGViNzZmZjQ4YjJjYTA5OTYxNmVkYmU3
MWM0MjYwHhcNMjMwODIzMTAxMDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWY2YzM0MTYxM2UxNTJiYjA5MGU1OTBhNmM5NjQ3ZThkZmNmYTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQ+oQiLFrxpu8AWQZt9uzqdqtwlj
TIkn61duhnzkcqSpKctCxmf7IL0WuKkeDhLfi/T3AQB2apGvn9PqrpYCXdwp2Yc/
V2J+ghtXc9DiqQnJiWpIgJoiivZfdanSn/dpmx2kVQWpQgVX+R52zJwD98vkF/K5
R/c/47E5xUCkw3qUjFGC+pCdJ4ED3j7EpX4NuRI+UqGH2l5WAJDCKJT+3PtoYrhb
VoWgE3vgnchvYUHdIqnDZglnCYjcOUcTmJqxtnOuO0m7sYvSjZU8lil8v4DPstVq
IkOkTseIhT6Z7kpbwwMkHWQK8Zpqxuv99/b1PLa5br/KqC+FNfZCuD0sAwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFOH2w0FhPhUrsJDlkKbJZH6N/PpmMB8GA1UdIwQY
MBaAFIHItzq3vet2/0iyygmWFu2+ccQmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2NpM09yZTk2M2JfU0xMS0NaWVc3YjV4eENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8yMDc5MzQtOWVkYy00YTg5LTgyMGUt
ZDg0ODhiM2FiNDJmLzEvNGZiRFFXRS1GU3V3a09XUXBzbGtmbzM4LW1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8yMDc5MzQtOWVkYy00YTg5LTgyMGUtZDg0ODhiM2FiNDJm
LzEvZ2NpM09yZTk2M2JfU0xMS0NaWVc3YjV4eENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQABbWmAwQA
LVGUAwQAueXzMBQEAgACMA4DBQAqCh9AAwUDKgraQDANBgkqhkiG9w0BAQsFAAOC
AQEAegpftfD9H4Aa/sHryWO1eLb/8KYUyAZk6uwPZmHJgySajFlAUMPMH/3eFIK0
PnXt0UcBRDwIBwjFVna0i2w2Qz1HKFjUsmQqxLd/cFsI7qbl7d8kKYwKWa5dJFlr
fYyJL/7xJuY8BuvES1E4gIEQyJYhkEApo/Br9SB6mKg8JicKuN1RxQteQekgEOBY
mlulYu40AjDS55pNwMAhtTWFLedgyBREuWBT2EzP0II5kmGMNrWm0PCdySitFdY1
RBGp7hhJS2zsLc5apIljMzGDX1uu7xQ4ktNYkiiyZ0zpDU7LlnPFGN6KqrSOPIXw
rcrKbpL5bbozeQCdZ8ivDN97dw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:02 2024 by rpki-client on console-ams.rpki-client.org