Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/p_8CIn1UqhYUKp44Q_U4q0FXGe4.roa
File: p_8CIn1UqhYUKp44Q_U4q0FXGe4.roa (raw, json)
Hash identifier: Hr0dsJubLQhj/+qntRNjiSjOHs935O9qGBSCQ+4vUM8=
Subject key identifier: A7:FF:02:22:7D:54:AA:16:14:2A:9E:38:43:F5:38:AB:41:57:19:EE
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 0185B396055B51ACB1873A52FBA61BC80C85
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/p_8CIn1UqhYUKp44Q_U4q0FXGe4.roa
Signing time: Sun 15 Jan 2023 04:00:31 +0000
ROA not before: Sun 15 Jan 2023 04:00:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 45.139.48.0/22 maxlen: 22
45.133.88.0/22 maxlen: 22
45.132.136.0/22 maxlen: 22
45.128.197.0/24 maxlen: 24
45.132.140.0/22 maxlen: 22
91.206.169.0/24 maxlen: 24
45.137.196.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:b3:96:05:5b:51:ac:b1:87:3a:52:fb:a6:1b:c8:0c:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 15 04:00:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a7ff02227d54aa16142a9e3843f538ab415719ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:8a:25:07:aa:56:f4:92:92:7d:d2:bb:e8:35:
bf:ea:39:84:f0:eb:c0:ee:ad:08:c1:61:34:7d:84:
0e:36:2d:29:c6:26:22:ba:81:39:70:eb:29:28:9b:
38:1c:f3:c3:e2:ae:6d:5f:f9:17:6d:8a:c2:dc:09:
98:87:96:43:3a:f7:9e:72:95:b7:ba:ba:0c:6f:bc:
ef:92:03:79:c6:80:89:a4:8a:ae:cb:d9:61:bf:c0:
c6:62:2e:cd:67:23:3b:e6:64:ea:ce:d4:6d:e5:99:
ef:51:d2:5b:5a:de:c3:c8:e0:cb:b5:b9:99:d8:e2:
a1:ee:8b:54:71:6e:d3:cc:bd:5b:0a:eb:c1:6b:68:
68:b2:9a:5e:ce:31:81:72:33:b8:7c:de:be:40:3c:
c3:50:53:0a:d1:51:cf:3d:bc:7d:c4:e9:dc:4b:85:
bc:26:6f:34:b7:7c:6c:02:ff:64:02:58:18:cc:8f:
72:5e:ef:67:50:7f:a2:97:77:03:57:a3:a7:a3:62:
30:a7:41:93:c8:89:14:89:31:d0:71:ad:fe:b6:36:
7e:cd:fb:6e:14:70:fe:67:e5:e0:9f:42:2d:d8:6a:
05:16:aa:54:b9:f8:d4:1a:84:e3:f9:12:4c:92:26:
7b:94:78:60:31:78:4d:52:b9:be:c4:df:de:92:4d:
61:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:FF:02:22:7D:54:AA:16:14:2A:9E:38:43:F5:38:AB:41:57:19:EE
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/p_8CIn1UqhYUKp44Q_U4q0FXGe4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.197.0/24
45.132.136.0/21
45.133.88.0/22
45.137.196.0/22
45.139.48.0/22
91.206.169.0/24
Signature Algorithm: sha256WithRSAEncryption
02:68:3a:ff:22:a6:32:3a:de:64:ba:ff:c6:68:aa:5d:df:b1:
ad:f8:81:c4:42:23:27:28:9b:5d:a8:50:79:f7:fc:8c:2d:5f:
9a:6a:2d:a4:5b:0b:a3:67:cb:38:92:3b:38:74:6a:16:c9:d7:
e6:e2:27:94:fc:e0:50:22:00:73:4a:33:db:60:b4:41:c8:90:
63:8b:2c:91:78:07:6a:a6:5a:2e:59:91:39:23:95:f7:76:24:
8a:ac:67:b8:f3:da:96:78:a7:6f:57:dc:53:ab:41:aa:56:fd:
55:69:69:f8:39:f0:32:da:10:a0:85:dd:7d:50:f5:d5:35:80:
c5:73:cb:b6:19:37:d5:cf:05:81:00:2e:46:1e:78:ae:34:27:
bf:2c:40:84:48:be:b3:0d:8b:2f:a0:98:b3:4f:84:ab:75:9b:
c8:4a:4f:d6:17:3f:43:d0:9c:9b:ff:7f:a3:f2:74:a3:ee:d9:
48:31:c5:39:2c:6a:1c:f1:50:87:9a:9a:6c:c4:1f:06:1d:f5:
e1:55:bc:2c:e0:d4:b2:b3:d3:8c:b3:20:7b:2b:c9:fa:6d:79:
a7:b3:b5:4d:2d:6a:f7:1f:ce:8b:e2:81:63:76:c6:8b:21:c6:
6a:5f:51:5f:e4:f9:a1:89:49:d5:b0:3f:a9:88:95:7a:17:2b:
ee:d9:d8:aa
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYWzlgVbUayxhzpS+6YbyAyFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwMTE1MDQwMDMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2ZmMDIyMjdkNTRhYTE2MTQyYTllMzg0M2Y1MzhhYjQxNTcxOWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4olB6pW9JKSfdK76DW/6jmE8OvA
7q0IwWE0fYQONi0pxiYiuoE5cOspKJs4HPPD4q5tX/kXbYrC3AmYh5ZDOveecpW3
uroMb7zvkgN5xoCJpIquy9lhv8DGYi7NZyM75mTqztRt5ZnvUdJbWt7DyODLtbmZ
2OKh7otUcW7TzL1bCuvBa2hosppezjGBcjO4fN6+QDzDUFMK0VHPPbx9xOncS4W8
Jm80t3xsAv9kAlgYzI9yXu9nUH+il3cDV6Ono2Iwp0GTyIkUiTHQca3+tjZ+zftu
FHD+Z+Xgn0It2GoFFqpUufjUGoTj+RJMkiZ7lHhgMXhNUrm+xN/ekk1hCQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKf/AiJ9VKoWFCqeOEP1OKtBVxnuMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvcF84Q0luMVVxaFlVS3A0NFFfVTRxMEZYR2U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALYDFAwQD
LYSIAwQCLYVYAwQCLYnEAwQCLYswAwQAW86pMA0GCSqGSIb3DQEBCwUAA4IBAQAC
aDr/IqYyOt5kuv/GaKpd37Gt+IHEQiMnKJtdqFB59/yMLV+aai2kWwujZ8s4kjs4
dGoWydfm4ieU/OBQIgBzSjPbYLRByJBjiyyReAdqplouWZE5I5X3diSKrGe489qW
eKdvV9xTq0GqVv1VaWn4OfAy2hCghd19UPXVNYDFc8u2GTfVzwWBAC5GHniuNCe/
LECESL6zDYsvoJizT4SrdZvISk/WFz9D0Jyb/3+j8nSj7tlIMcU5LGoc8VCHmpps
xB8GHfXhVbws4NSys9OMsyB7K8n6bXmns7VNLWr3H86L4oFjdsaLIcZqX1Ff5Pmh
iUnVsD+piJV6Fyvu2diq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:52 2024 by rpki-client on console-fra.rpki-client.org