Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/c3adb3nw4hm3ammPt-7CsVSp48k.roa
File: c3adb3nw4hm3ammPt-7CsVSp48k.roa (raw, json)
Hash identifier: EdnKnqmfL2B8zltrBYfNUmIfljOGRSsyYO0mDIlXy34=
Subject key identifier: 73:76:9D:6F:79:F0:E2:19:B7:6A:69:8F:B7:EE:C2:B1:54:A9:E3:C9
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 1203D0D2
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/c3adb3nw4hm3ammPt-7CsVSp48k.roa
Signing time: Thu 10 Mar 2022 07:35:26 +0000
ROA not before: Thu 10 Mar 2022 07:35:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 26636
IP address blocks: 141.98.233.0/24 maxlen: 24
141.98.234.0/24 maxlen: 24
46.16.14.0/24 maxlen: 24
46.16.15.0/24 maxlen: 24
195.80.50.0/24 maxlen: 24
195.80.51.0/24 maxlen: 24
85.92.109.0/24 maxlen: 24
89.191.232.0/24 maxlen: 24
91.200.84.0/24 maxlen: 24
45.8.97.0/24 maxlen: 24
45.8.98.0/24 maxlen: 24
45.80.130.0/23 maxlen: 23
45.80.129.0/24 maxlen: 24
91.107.116.0/24 maxlen: 24
91.107.124.0/23 maxlen: 23
194.31.174.0/24 maxlen: 24
194.31.173.0/24 maxlen: 24
91.107.127.0/24 maxlen: 24
194.5.92.0/24 maxlen: 24
194.5.93.0/24 maxlen: 24
5.44.44.0/24 maxlen: 24
5.44.46.0/24 maxlen: 24
5.44.47.0/24 maxlen: 24
45.129.185.0/24 maxlen: 24
194.28.192.0/24 maxlen: 24
45.66.116.0/24 maxlen: 24
45.66.119.0/24 maxlen: 24
92.118.114.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 302239954 (0x1203d0d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Mar 10 07:35:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=73769d6f79f0e219b76a698fb7eec2b154a9e3c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:6a:92:ed:d3:d9:da:96:ed:d4:53:c7:3a:04:
cc:1b:ee:fc:3a:c3:c0:fd:07:7b:59:b7:96:47:c4:
b3:44:94:bf:2d:dd:d5:7a:53:11:92:e5:e5:4a:61:
66:2a:07:2e:86:a7:30:4c:30:13:fe:4c:e6:50:80:
46:42:4b:51:83:51:25:96:09:11:9f:26:a2:02:07:
26:9d:1f:07:db:39:c3:5e:7f:90:33:ca:0c:9e:29:
1b:66:c3:51:e8:bf:13:f6:49:c9:f4:30:d3:c2:5a:
34:a0:b8:5c:f4:99:cf:6e:75:9f:22:3d:7c:66:13:
40:5c:29:a8:f6:6b:8f:be:e6:d4:22:b0:f3:65:d9:
cb:6c:85:a4:6e:d4:c7:db:76:60:53:a5:16:4d:2a:
6b:1b:dc:87:7b:0e:2b:d2:f7:ad:fe:4e:8d:1f:f4:
62:3d:ff:f6:41:15:7d:8f:ad:a7:67:03:b1:42:03:
92:a3:bf:9b:51:4b:e8:dd:27:b9:b4:7a:7f:20:5e:
11:8d:7e:06:3f:71:44:14:5d:03:90:b2:21:88:65:
7d:1a:15:e7:b8:e7:1a:5f:a6:07:32:47:11:7e:55:
5b:8b:5d:e9:c3:6c:07:97:b9:68:1d:4d:f7:e1:97:
32:76:5c:26:5c:39:6c:67:96:b6:db:24:b0:72:6e:
db:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:76:9D:6F:79:F0:E2:19:B7:6A:69:8F:B7:EE:C2:B1:54:A9:E3:C9
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/c3adb3nw4hm3ammPt-7CsVSp48k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.44.0/24
5.44.46.0/23
45.8.97.0-45.8.98.255
45.66.116.0/24
45.66.119.0/24
45.80.129.0-45.80.131.255
45.129.185.0/24
46.16.14.0/23
85.92.109.0/24
89.191.232.0/24
91.107.116.0/24
91.107.124.0/23
91.107.127.0/24
91.200.84.0/24
92.118.114.0/23
141.98.233.0-141.98.234.255
194.5.92.0/23
194.28.192.0/24
194.31.173.0-194.31.174.255
195.80.50.0/23
Signature Algorithm: sha256WithRSAEncryption
8c:35:19:22:9b:90:fe:cf:b2:cf:24:0f:c3:30:16:36:c7:e4:
b6:e0:80:5e:31:3a:7a:07:1b:58:28:30:58:f8:59:89:4c:e3:
36:6f:39:c5:4f:13:aa:79:88:7b:18:57:43:35:64:5e:9c:f9:
2f:a8:14:87:19:8f:b2:ad:36:d3:0d:35:06:c5:fb:81:46:5a:
d9:05:88:77:65:21:57:4d:18:ee:a6:61:a7:bb:84:cc:1c:e7:
dd:f3:3a:6f:05:42:5c:cd:ee:33:d2:e0:84:ca:6d:54:52:ad:
c2:e9:a6:67:dc:88:d2:dd:a5:f9:8f:c7:45:76:d6:64:23:47:
40:9d:2f:dc:a6:46:46:9e:04:85:61:b8:32:91:ea:70:5f:2b:
67:d6:95:64:5f:2d:e6:94:7f:67:19:5a:a0:35:0c:bb:02:8c:
50:80:13:fd:b7:08:3e:6a:b0:cb:b3:57:7e:60:1c:54:29:ea:
e1:e8:4b:55:4d:13:b4:bd:90:d1:4e:4f:77:70:6f:b0:a6:f7:
ed:50:21:89:79:40:90:a0:cc:44:30:64:a4:b5:c4:3e:34:16:
f5:5b:a3:f9:d9:a7:4e:84:6f:ec:34:cf:21:5a:cf:f7:a5:22:
d3:12:86:67:a3:a6:dc:62:58:7f:f1:2d:a8:bf:6c:fb:aa:35:
5c:a5:5e:4f
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgIEEgPQ0jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NWIxZDEzYzJlMjZlMTI3ODYyNDZhNWVjNGM1YmVhNjk4NjRiMjBmMB4XDTIyMDMx
MDA3MzUyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzM3NjlkNmY3OWYw
ZTIxOWI3NmE2OThmYjdlZWMyYjE1NGE5ZTNjOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN9qku3T2dqW7dRTxzoEzBvu/DrDwP0He1m3lkfEs0SUvy3d
1XpTEZLl5UphZioHLoanMEwwE/5M5lCARkJLUYNRJZYJEZ8mogIHJp0fB9s5w15/
kDPKDJ4pG2bDUei/E/ZJyfQw08JaNKC4XPSZz251nyI9fGYTQFwpqPZrj77m1CKw
82XZy2yFpG7Ux9t2YFOlFk0qaxvch3sOK9L3rf5OjR/0Yj3/9kEVfY+tp2cDsUID
kqO/m1FL6N0nubR6fyBeEY1+Bj9xRBRdA5CyIYhlfRoV57jnGl+mBzJHEX5VW4td
6cNsB5e5aB1N9+GXMnZcJlw5bGeWttsksHJu22kCAwEAAaOCAqAwggKcMB0GA1Ud
DgQWBBRzdp1vefDiGbdqaY+37sKxVKnjyTAfBgNVHSMEGDAWgBQFsdE8LibhJ4Yk
al7Exb6mmGSyDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JiSFJQQzRtNFNlR0pHcGV4TVctcHBoa3NnOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTgvYzYxMDkyLTczNGEtNGVlZi05ZDY3LTQ5MDUyNDNiYzgyOC8x
L2MzYWRiM253NGhtM2FtbVB0LTdDc1ZTcDQ4ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTgv
YzYxMDkyLTczNGEtNGVlZi05ZDY3LTQ5MDUyNDNiYzgyOC8xL0JiSFJQQzRtNFNl
R0pHcGV4TVctcHBoa3NnOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
tQYIKwYBBQUHAQcBAf8EgaUwgaIwgZ8EAgABMIGYAwQABSwsAwQBBSwuMAwDBAAt
CGEDBAAtCGIDBAAtQnQDBAAtQncwDAMEAC1QgQMEAi1QgAMEAC2BuQMEAS4QDgME
AFVcbQMEAFm/6AMEAFtrdAMEAVtrfAMEAFtrfwMEAFvIVAMEAVx2cjAMAwQAjWLp
AwQAjWLqAwQBwgVcAwQAwhzAMAwDBADCH60DBADCH64DBAHDUDIwDQYJKoZIhvcN
AQELBQADggEBAIw1GSKbkP7Pss8kD8MwFjbH5LbggF4xOnoHG1goMFj4WYlM4zZv
OcVPE6p5iHsYV0M1ZF6c+S+oFIcZj7KtNtMNNQbF+4FGWtkFiHdlIVdNGO6mYae7
hMwc593zOm8FQlzN7jPS4ITKbVRSrcLppmfciNLdpfmPx0V21mQjR0CdL9ymRkae
BIVhuDKR6nBfK2fWlWRfLeaUf2cZWqA1DLsCjFCAE/23CD5qsMuzV35gHFQp6uHo
S1VNE7S9kNFOT3dwb7Cm9+1QIYl5QJCgzEQwZKS1xD40FvVbo/nZp06Eb+w0zyFa
z/elItMShmejptxiWH/xLai/bPuqNVylXk8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:15 2024 by rpki-client on console-ams.rpki-client.org