Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/D9bFY5GmL3vWVLsr8sc3cM0oVh0.roa
File: D9bFY5GmL3vWVLsr8sc3cM0oVh0.roa (raw, json)
Hash identifier: uST9+ULjcBV6k8Pwsxjn/dn3dcTC6MRzeODi4LQQDXs=
Subject key identifier: 0F:D6:C5:63:91:A6:2F:7B:D6:54:BB:2B:F2:C7:37:70:CD:28:56:1D
Certificate issuer: /CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Certificate serial: 08308A1C
Authority key identifier: 9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/D9bFY5GmL3vWVLsr8sc3cM0oVh0.roa
Signing time: Sun 20 Mar 2022 15:54:16 +0000
ROA not before: Sun 20 Mar 2022 15:54:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 176.105.228.0/22 maxlen: 24
45.137.16.0/22 maxlen: 24
45.150.52.0/23 maxlen: 24
95.214.176.0/22 maxlen: 24
91.239.148.0/23 maxlen: 24
91.238.92.0/23 maxlen: 24
212.115.124.0/22 maxlen: 24
45.132.80.0/22 maxlen: 24
91.244.196.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 137398812 (0x8308a1c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Validity
Not Before: Mar 20 15:54:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0fd6c56391a62f7bd654bb2bf2c73770cd28561d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:0a:5b:1d:5a:fa:22:f6:ad:bf:f3:c5:11:e3:
5c:7f:7a:46:9b:65:3d:f4:23:b7:89:6c:32:d0:19:
23:43:b8:b0:b6:8c:ba:ba:f0:0b:e0:a5:ff:21:c6:
ac:f2:25:98:22:0e:a8:10:eb:37:fe:da:35:3d:82:
47:fe:73:7b:4e:0b:cb:bc:c5:20:89:ec:ea:7b:5b:
57:b5:af:e0:97:fc:3e:5b:ab:5e:3d:b1:ee:62:01:
ce:9f:4b:37:41:5a:1d:e9:ad:dd:ff:1f:96:a7:a7:
ee:44:d3:2a:d3:bf:4c:55:df:2e:c2:4f:cc:45:cf:
68:43:d4:11:39:97:6f:bb:18:09:0e:b6:f8:70:70:
e3:b3:c9:af:fa:f0:42:9f:19:bc:60:b5:26:12:11:
5c:4c:80:5a:4b:04:00:7f:a6:ec:1a:ab:4b:d0:9c:
8e:50:f2:f1:7a:60:a8:88:9d:f0:2f:b3:1a:d3:99:
76:05:9d:0f:ae:86:a8:68:1d:64:6c:ee:d9:26:67:
3b:b2:4f:60:98:0f:61:c0:57:ec:77:3c:96:9d:e5:
eb:05:b7:05:32:19:8e:1a:a6:a4:14:a8:ff:6a:ef:
7e:11:71:ef:b5:16:a7:9f:0f:af:74:87:90:92:07:
09:2d:f2:43:ad:66:11:16:95:ea:c1:d5:28:2b:32:
4c:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:D6:C5:63:91:A6:2F:7B:D6:54:BB:2B:F2:C7:37:70:CD:28:56:1D
X509v3 Authority Key Identifier:
keyid:9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/D9bFY5GmL3vWVLsr8sc3cM0oVh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/mwwNBCJVZtuV6a07LvYFAUl1qqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.80.0/22
45.137.16.0/22
45.150.52.0/23
91.238.92.0/23
91.239.148.0/23
91.244.196.0/24
95.214.176.0/22
176.105.228.0/22
212.115.124.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:56:0a:45:03:50:8b:8d:e5:89:9c:d1:20:5f:51:b6:29:9b:
7a:97:41:e5:e6:fc:0e:a9:2d:ff:cc:f5:4f:52:47:76:07:05:
8e:2c:0c:2f:42:6f:ed:22:13:d8:50:28:28:e9:4e:4f:d8:4e:
4e:2f:69:08:73:68:0b:ca:ac:51:aa:d5:c5:42:43:a0:92:53:
c7:bb:48:9d:11:c9:fc:78:c9:24:1a:69:00:4c:88:6d:63:c8:
74:90:64:01:10:58:df:bd:60:f8:66:0c:07:9b:6c:4b:57:f4:
64:13:4b:1b:dc:2f:fc:9f:23:10:79:d7:19:ec:26:cb:cf:d0:
b1:cb:90:80:f2:2a:db:b8:06:c7:ae:97:46:a2:47:73:16:ab:
92:10:2e:01:90:4f:47:4e:75:d8:07:3f:f2:89:4b:c8:42:69:
e2:b2:03:49:37:2e:fd:29:ae:e6:3e:7c:1e:18:98:bf:33:f3:
e6:67:c3:6d:c7:a6:8a:77:d6:cc:09:19:dc:85:8e:ce:21:83:
15:08:2e:39:85:7d:79:3a:19:18:f0:eb:6e:55:89:1c:46:1a:
87:31:01:8a:bc:ee:1c:2e:92:4b:e2:67:94:4b:3c:f3:df:46:
ce:b8:ad:85:e4:c3:63:9d:90:96:16:29:8e:56:15:83:18:4f:
8e:f5:22:fa
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIECDCKHDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YjBjMGQwNDIyNTU2NmRiOTVlOWFkM2IyZWY2MDUwMTQ5NzVhYWEyMB4XDTIyMDMy
MDE1NTQxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGZkNmM1NjM5MWE2
MmY3YmQ2NTRiYjJiZjJjNzM3NzBjZDI4NTYxZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALgKWx1a+iL2rb/zxRHjXH96RptlPfQjt4lsMtAZI0O4sLaM
urrwC+Cl/yHGrPIlmCIOqBDrN/7aNT2CR/5ze04Ly7zFIIns6ntbV7Wv4Jf8Plur
Xj2x7mIBzp9LN0FaHemt3f8flqen7kTTKtO/TFXfLsJPzEXPaEPUETmXb7sYCQ62
+HBw47PJr/rwQp8ZvGC1JhIRXEyAWksEAH+m7BqrS9CcjlDy8XpgqIid8C+zGtOZ
dgWdD66GqGgdZGzu2SZnO7JPYJgPYcBX7Hc8lp3l6wW3BTIZjhqmpBSo/2rvfhFx
77UWp58Pr3SHkJIHCS3yQ61mERaV6sHVKCsyTAMCAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBQP1sVjkaYve9ZUuyvyxzdwzShWHTAfBgNVHSMEGDAWgBSbDA0EIlVm25Xp
rTsu9gUBSXWqojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L213d05CQ0pWWnR1VjZhMDdMdllGQVVsMXFxSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvMGVjNmQyLWYxZDctNGIwYS1hZDMzLWU4ZWYyZjA5NTk4ZS8x
L0Q5YkZZNUdtTDN2V1ZMc3I4c2MzY00wb1ZoMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
MGVjNmQyLWYxZDctNGIwYS1hZDMzLWU4ZWYyZjA5NTk4ZS8xL213d05CQ0pWWnR1
VjZhMDdMdllGQVVsMXFxSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAi2EUAMEAi2JEAMEAS2WNAMEAVvu
XAMEAVvvlAMEAFv0xAMEAl/WsAMEArBp5AMEAtRzfDANBgkqhkiG9w0BAQsFAAOC
AQEAC1YKRQNQi43liZzRIF9RtimbepdB5eb8Dqkt/8z1T1JHdgcFjiwML0Jv7SIT
2FAoKOlOT9hOTi9pCHNoC8qsUarVxUJDoJJTx7tInRHJ/HjJJBppAEyIbWPIdJBk
ARBY371g+GYMB5tsS1f0ZBNLG9wv/J8jEHnXGewmy8/QscuQgPIq27gGx66XRqJH
cxarkhAuAZBPR0512Ac/8olLyEJp4rIDSTcu/Smu5j58HhiYvzPz5mfDbceminfW
zAkZ3IWOziGDFQguOYV9eToZGPDrblWJHEYahzEBirzuHC6SS+JnlEs8899Gzrit
heTDY52QlhYpjlYVgxhPjvUi+g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:42 2024 by rpki-client on console-ams.rpki-client.org