Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/cTDsOXp9v_hV8_FnZi0JvFh2ZoE.roa
File: cTDsOXp9v_hV8_FnZi0JvFh2ZoE.roa (raw, json)
Hash identifier: 5+i6TTwR9SsqIFC51mKODWNi32YMP8roZNmpCZbTD9U=
Subject key identifier: 71:30:EC:39:7A:7D:BF:F8:55:F3:F1:67:66:2D:09:BC:58:76:66:81
Certificate issuer: /CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Certificate serial: 018CC727541AD8DCC8E547DC8077BA27AC25
Authority key identifier: 81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/cTDsOXp9v_hV8_FnZi0JvFh2ZoE.roa
Signing time: Mon 01 Jan 2024 22:31:32 +0000
ROA not before: Mon 01 Jan 2024 22:31:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 45.81.148.0/24 maxlen: 24
185.229.243.0/24 maxlen: 24
5.181.166.0/24 maxlen: 24
2a0a:da40::/29 maxlen: 29
2a0a:1f40::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:54:1a:d8:dc:c8:e5:47:dc:80:77:ba:27:ac:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Validity
Not Before: Jan 1 22:31:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7130ec397a7dbff855f3f167662d09bc58766681
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:9c:db:2a:22:02:15:58:aa:17:c4:b0:52:13:
d1:e1:31:f4:9e:91:62:bc:55:84:35:50:ca:37:11:
d9:c1:ab:12:3d:ca:3e:fa:ef:e8:2e:61:77:b4:15:
0a:3e:19:6e:e4:d3:e2:7f:81:70:e2:be:1e:58:90:
3b:42:43:27:b6:7d:97:42:37:c3:aa:dd:b5:6c:b8:
68:e1:fa:53:a3:f6:cf:e1:43:48:4b:15:74:f2:20:
f7:3a:1d:d6:2a:e2:fb:6b:fd:c6:3b:37:21:2d:e5:
74:f8:8c:17:98:1e:6d:39:8f:e5:7b:2c:5d:09:74:
ff:57:62:57:bd:b1:c4:09:0b:ab:d1:62:f3:bc:bf:
ad:1c:29:61:ad:99:ce:48:ba:33:90:25:63:70:90:
5d:c4:0c:7a:92:05:b6:b0:0a:4f:4b:4b:6d:fb:ce:
6a:db:74:b9:68:b4:4c:63:27:a7:10:18:12:01:ef:
17:cc:ee:d3:71:57:6e:50:a6:1d:29:df:e5:00:15:
10:40:53:b6:24:00:de:42:af:32:37:0e:2b:22:5d:
54:2d:4c:33:c2:cf:f3:a0:e7:e2:29:57:ed:ad:68:
fc:9e:04:bd:95:f0:8f:73:75:d2:00:17:74:ba:f9:
a0:86:a6:76:bf:7c:29:49:4a:ed:9c:d9:0e:38:45:
98:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:30:EC:39:7A:7D:BF:F8:55:F3:F1:67:66:2D:09:BC:58:76:66:81
X509v3 Authority Key Identifier:
keyid:81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/cTDsOXp9v_hV8_FnZi0JvFh2ZoE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/gci3Ore963b_SLLKCZYW7b5xxCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.166.0/24
45.81.148.0/24
185.229.243.0/24
IPv6:
2a0a:1f40::/32
2a0a:da40::/29
Signature Algorithm: sha256WithRSAEncryption
3e:cd:02:f1:86:29:77:3a:6d:fd:c3:4f:48:c4:66:ae:a1:75:
4e:20:33:31:a7:5b:9d:21:c1:35:a3:09:7a:69:5e:6f:bd:c6:
0f:31:78:0e:ea:e5:21:5a:44:64:ad:78:89:c9:0f:58:cb:3c:
4c:c3:ea:f6:ea:43:bd:e7:ce:02:6f:2e:bb:44:d4:cd:3a:56:
5b:74:82:3a:75:a1:d7:c0:d0:90:af:9b:c9:66:e0:3a:74:bd:
99:08:99:a1:5c:da:f6:28:16:6c:cc:b3:6b:eb:99:f7:90:d1:
04:92:e3:49:26:65:fc:fb:10:79:c0:0d:5f:b3:0f:f1:08:ef:
ed:12:35:03:10:8e:6b:08:eb:70:77:2b:98:cc:73:d5:12:d3:
3e:a4:ba:f6:dd:a2:fa:79:80:9f:45:06:7e:25:b8:60:b6:6a:
6f:b3:ec:d4:f9:ef:1c:f9:0c:74:f8:d9:dd:a2:62:90:d5:d4:
a5:96:9e:53:2f:82:61:47:77:8d:91:a8:5a:a3:80:7d:e9:f6:
cd:47:35:75:5c:7d:ac:31:5d:f6:f3:bf:39:1c:7b:dd:dc:a1:
1d:07:55:ac:c1:4b:cf:cb:52:a2:06:91:da:85:74:8c:a2:32:
ab:a6:59:c0:62:42:ff:68:60:fd:40:16:af:89:f0:75:2e:a4:
63:91:f9:1b
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzHJ1Qa2NzI5UfcgHe6J6wlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYzhiNzNhYjdiZGViNzZmZjQ4YjJjYTA5OTYxNmVkYmU3
MWM0MjYwHhcNMjQwMTAxMjIzMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTMwZWMzOTdhN2RiZmY4NTVmM2YxNjc2NjJkMDliYzU4NzY2NjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZzbKiICFViqF8SwUhPR4TH0npFi
vFWENVDKNxHZwasSPco++u/oLmF3tBUKPhlu5NPif4Fw4r4eWJA7QkMntn2XQjfD
qt21bLho4fpTo/bP4UNISxV08iD3Oh3WKuL7a/3GOzchLeV0+IwXmB5tOY/leyxd
CXT/V2JXvbHECQur0WLzvL+tHClhrZnOSLozkCVjcJBdxAx6kgW2sApPS0tt+85q
23S5aLRMYyenEBgSAe8XzO7TcVduUKYdKd/lABUQQFO2JADeQq8yNw4rIl1ULUwz
ws/zoOfiKVftrWj8ngS9lfCPc3XSABd0uvmghqZ2v3wpSUrtnNkOOEWYmQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFHEw7Dl6fb/4VfPxZ2YtCbxYdmaBMB8GA1UdIwQY
MBaAFIHItzq3vet2/0iyygmWFu2+ccQmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2NpM09yZTk2M2JfU0xMS0NaWVc3YjV4eENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8yMDc5MzQtOWVkYy00YTg5LTgyMGUt
ZDg0ODhiM2FiNDJmLzEvY1REc09YcDl2X2hWOF9GblppMEp2RmgyWm9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8yMDc5MzQtOWVkYy00YTg5LTgyMGUtZDg0ODhiM2FiNDJm
LzEvZ2NpM09yZTk2M2JfU0xMS0NaWVc3YjV4eENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQABbWmAwQA
LVGUAwQAueXzMBQEAgACMA4DBQAqCh9AAwUDKgraQDANBgkqhkiG9w0BAQsFAAOC
AQEAPs0C8YYpdzpt/cNPSMRmrqF1TiAzMadbnSHBNaMJemleb73GDzF4DurlIVpE
ZK14ickPWMs8TMPq9upDvefOAm8uu0TUzTpWW3SCOnWh18DQkK+byWbgOnS9mQiZ
oVza9igWbMyza+uZ95DRBJLjSSZl/PsQecANX7MP8Qjv7RI1AxCOawjrcHcrmMxz
1RLTPqS69t2i+nmAn0UGfiW4YLZqb7Ps1PnvHPkMdPjZ3aJikNXUpZaeUy+CYUd3
jZGoWqOAfen2zUc1dVx9rDFd9vO/ORx73dyhHQdVrMFLz8tSogaR2oV0jKIyq6ZZ
wGJC/2hg/UAWr4nwdS6kY5H5Gw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:02 2024 by rpki-client on console-ams.rpki-client.org