Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/Np2ohr4hO6th-1M5_A8un7PsOeI.roa
File: Np2ohr4hO6th-1M5_A8un7PsOeI.roa (raw, json)
Hash identifier: b3CE4v54hBktZ7VYxPjJKiETvypkLr3OOhHE2T2hFVE=
Subject key identifier: 36:9D:A8:86:BE:21:3B:AB:61:FB:53:39:FC:0F:2E:9F:B3:EC:39:E2
Certificate issuer: /CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Certificate serial: 0657E5C8
Authority key identifier: 81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/Np2ohr4hO6th-1M5_A8un7PsOeI.roa
Signing time: Sun 20 Mar 2022 21:47:34 +0000
ROA not before: Sun 20 Mar 2022 21:47:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62164
IP address blocks: 45.11.88.0/23 maxlen: 24
45.11.90.0/23 maxlen: 23
185.149.233.0/24 maxlen: 24
185.149.234.0/23 maxlen: 23
193.39.184.0/24 maxlen: 24
5.181.164.0/23 maxlen: 23
185.202.174.0/24 maxlen: 24
2a0a:1f46::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106423752 (0x657e5c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Validity
Not Before: Mar 20 21:47:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=369da886be213bab61fb5339fc0f2e9fb3ec39e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:fe:2f:05:4e:90:99:25:3f:a4:7e:d1:2e:b2:
1c:06:df:b6:e7:34:48:3e:5a:32:61:ab:e6:48:5c:
a9:06:c6:67:49:03:e2:21:5a:79:95:96:8d:80:bb:
87:a3:6f:7d:d4:11:b7:ed:ef:1b:27:5b:77:83:4d:
f5:66:7a:a3:23:0b:7e:ba:87:f2:bf:24:98:f8:3a:
3b:fa:91:c1:53:97:d0:e7:0a:e7:3d:8d:7e:9d:e1:
e8:03:87:45:e9:a5:d6:cb:73:fc:1b:97:f0:96:4d:
34:bc:6d:b6:57:bc:35:05:33:0e:b1:68:b9:df:fc:
5e:a6:02:dd:10:16:85:94:93:e6:be:f1:22:bc:a1:
ca:2a:da:5f:32:93:19:91:ce:19:84:18:a7:38:6d:
98:c6:8d:dc:26:79:0c:39:b2:4e:f6:81:10:22:77:
86:69:9c:92:98:30:9c:19:b3:41:73:f6:fe:de:84:
2f:38:24:1f:48:ba:94:10:92:b0:fd:0a:02:5f:37:
fe:47:6a:c2:4b:cb:9c:be:3f:ad:f2:cd:80:4b:67:
4a:d1:06:de:34:2b:ea:d9:91:3a:ca:95:98:74:3d:
ae:33:f9:7e:d4:0f:ab:6f:56:37:ba:3e:42:15:87:
04:52:2c:f3:0c:ac:56:73:d4:93:cc:81:c3:11:10:
14:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:9D:A8:86:BE:21:3B:AB:61:FB:53:39:FC:0F:2E:9F:B3:EC:39:E2
X509v3 Authority Key Identifier:
keyid:81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/Np2ohr4hO6th-1M5_A8un7PsOeI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/gci3Ore963b_SLLKCZYW7b5xxCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.164.0/23
45.11.88.0/22
185.149.233.0-185.149.235.255
185.202.174.0/24
193.39.184.0/24
IPv6:
2a0a:1f46::/32
Signature Algorithm: sha256WithRSAEncryption
33:d1:2d:c1:bd:0d:c6:9e:68:65:7b:99:98:d1:c9:2e:ab:c7:
03:14:d3:54:c1:83:86:e3:e7:3c:83:32:64:2b:01:b9:2d:f3:
de:ab:19:63:2c:45:3a:44:9a:e7:bc:03:24:3a:12:8e:39:c8:
aa:11:10:20:24:61:92:7b:78:90:95:cc:c4:c8:78:fc:b9:95:
8d:61:e3:f8:75:8a:a5:09:0b:49:20:45:19:06:16:46:6b:b6:
c5:ea:8d:77:51:f1:7c:d0:74:4d:df:b1:8d:d7:00:fe:78:43:
ed:76:e1:47:76:af:d5:c9:96:b0:9d:8b:38:d3:60:f5:f0:91:
8f:5b:03:4d:b4:c7:28:ca:47:2c:54:3e:a8:9a:2f:c4:ce:cc:
a0:1f:a9:94:52:6e:39:69:20:60:13:50:3b:7c:51:3a:67:68:
8e:49:9e:ff:cf:cb:c6:dd:34:46:97:be:7c:c9:b4:50:7f:42:
b7:57:6f:ea:b3:c5:a9:b7:10:2a:07:e9:96:cb:a9:64:3e:2f:
b3:8e:87:8d:c3:23:d8:77:f3:99:56:49:05:c2:5c:33:0e:61:
8f:0d:ac:19:93:64:bc:7e:74:a0:31:18:53:23:77:f7:81:b8:
a5:8f:e4:45:76:fe:1a:3d:c2:80:a4:ab:9d:60:15:9e:47:d2:
5f:f1:56:12
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIEBlflyDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MWM4YjczYWI3YmRlYjc2ZmY0OGIyY2EwOTk2MTZlZGJlNzFjNDI2MB4XDTIyMDMy
MDIxNDczNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzY5ZGE4ODZiZTIx
M2JhYjYxZmI1MzM5ZmMwZjJlOWZiM2VjMzllMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL7+LwVOkJklP6R+0S6yHAbftuc0SD5aMmGr5khcqQbGZ0kD
4iFaeZWWjYC7h6NvfdQRt+3vGydbd4NN9WZ6oyMLfrqH8r8kmPg6O/qRwVOX0OcK
5z2Nfp3h6AOHReml1stz/BuX8JZNNLxttle8NQUzDrFoud/8XqYC3RAWhZST5r7x
IryhyiraXzKTGZHOGYQYpzhtmMaN3CZ5DDmyTvaBECJ3hmmckpgwnBmzQXP2/t6E
LzgkH0i6lBCSsP0KAl83/kdqwkvLnL4/rfLNgEtnStEG3jQr6tmROsqVmHQ9rjP5
ftQPq29WN7o+QhWHBFIs8wysVnPUk8yBwxEQFMUCAwEAAaOCAjgwggI0MB0GA1Ud
DgQWBBQ2naiGviE7q2H7Uzn8Dy6fs+w54jAfBgNVHSMEGDAWgBSByLc6t73rdv9I
ssoJlhbtvnHEJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2djaTNPcmU5NjNiX1NMTEtDWllXN2I1eHhDWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTgvMjA3OTM0LTllZGMtNGE4OS04MjBlLWQ4NDg4YjNhYjQyZi8x
L05wMm9ocjRoTzZ0aC0xTTVfQTh1bjdQc09lSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgv
MjA3OTM0LTllZGMtNGE4OS04MjBlLWQ4NDg4YjNhYjQyZi8xL2djaTNPcmU5NjNi
X1NMTEtDWllXN2I1eHhDWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBO
BggrBgEFBQcBBwEB/wQ/MD0wLAQCAAEwJgMEAQW1pAMEAi0LWDAMAwQAuZXpAwQC
uZXoAwQAucquAwQAwSe4MA0EAgACMAcDBQAqCh9GMA0GCSqGSIb3DQEBCwUAA4IB
AQAz0S3BvQ3Gnmhle5mY0ckuq8cDFNNUwYOG4+c8gzJkKwG5LfPeqxljLEU6RJrn
vAMkOhKOOciqERAgJGGSe3iQlczEyHj8uZWNYeP4dYqlCQtJIEUZBhZGa7bF6o13
UfF80HRN37GN1wD+eEPtduFHdq/VyZawnYs402D18JGPWwNNtMcoykcsVD6omi/E
zsygH6mUUm45aSBgE1A7fFE6Z2iOSZ7/z8vG3TRGl758ybRQf0K3V2/qs8WptxAq
B+mWy6lkPi+zjoeNwyPYd/OZVkkFwlwzDmGPDawZk2S8fnSgMRhTI3f3gbilj+RF
dv4aPcKApKudYBWeR9Jf8VYS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:02 2024 by rpki-client on console-ams.rpki-client.org