Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/aoGuJbph3mRVIv59bCMKmlC538M.roa
File: aoGuJbph3mRVIv59bCMKmlC538M.roa (raw, json)
Hash identifier: /Q81acCnRiAaY/dy+Z/YuiOzPHuOErJL0/2S09P81eE=
Subject key identifier: 6A:81:AE:25:BA:61:DE:64:55:22:FE:7D:6C:23:0A:9A:50:B9:DF:C3
Certificate issuer: /CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Certificate serial: 018237517B832A8D5880653894B6BC8EDB5C
Authority key identifier: 9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/aoGuJbph3mRVIv59bCMKmlC538M.roa
Signing time: Mon 25 Jul 2022 21:44:23 +0000
ROA not before: Mon 25 Jul 2022 21:44:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 176.105.228.0/22 maxlen: 24
45.137.18.0/24 maxlen: 24
81.28.254.0/23 maxlen: 24
91.239.148.0/23 maxlen: 24
45.132.80.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:37:51:7b:83:2a:8d:58:80:65:38:94:b6:bc:8e:db:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Validity
Not Before: Jul 25 21:44:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6a81ae25ba61de645522fe7d6c230a9a50b9dfc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:6d:76:4f:6b:de:7c:fe:36:e8:ea:f6:7d:78:
99:06:07:87:08:67:08:c4:ec:4e:f1:a2:f6:19:34:
25:96:d6:10:d4:ba:d4:12:ac:f9:ab:fd:b4:5b:c9:
e3:0c:ad:94:21:37:0b:a2:8a:54:ea:6e:e0:fb:d4:
3b:89:62:3b:82:1f:2b:1e:54:79:51:9c:e4:3a:6d:
30:0b:78:8d:38:5e:58:e6:4a:b7:11:22:54:ad:ae:
63:bd:db:a2:69:ee:ef:d5:e5:57:c1:36:26:89:9c:
92:60:a5:3d:0c:38:79:5c:d2:d3:0c:78:f4:a4:85:
61:6c:0d:57:46:57:9f:fe:53:ce:cf:38:77:54:72:
77:4f:e3:db:17:7b:c8:f8:2d:56:1c:34:65:36:07:
13:ef:85:54:a8:48:bc:d7:46:6d:f8:b9:80:6d:f3:
65:ef:14:35:33:a9:7d:46:96:b4:33:86:e3:2a:65:
44:77:ec:f0:72:e4:a3:9e:14:f0:be:1e:7e:af:30:
6c:7a:19:fe:65:37:38:b1:fa:3f:d3:ec:80:15:31:
3d:bd:d6:ae:af:47:66:e6:f9:6f:c2:ce:25:ac:2a:
cc:29:35:be:fc:93:71:bb:a8:d7:30:ac:1a:03:7e:
30:c8:6d:a5:48:cd:c8:5e:84:4b:d9:1b:30:0e:20:
c4:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:81:AE:25:BA:61:DE:64:55:22:FE:7D:6C:23:0A:9A:50:B9:DF:C3
X509v3 Authority Key Identifier:
keyid:9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/aoGuJbph3mRVIv59bCMKmlC538M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/mwwNBCJVZtuV6a07LvYFAUl1qqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.80.0/22
45.137.18.0/24
81.28.254.0/23
91.239.148.0/23
176.105.228.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:97:bb:ce:30:40:8c:e1:fc:4e:1e:1e:f5:c7:fd:65:52:10:
a0:da:70:06:3b:0b:7b:cf:cd:42:9e:65:ee:b3:1d:fd:bc:7b:
3a:d4:b8:70:92:b6:f2:6b:ff:54:66:57:db:32:89:e3:8a:b0:
0e:7f:77:50:82:b8:eb:1d:7d:73:31:f3:05:b1:47:d6:2d:69:
c9:f7:e4:11:15:e4:e6:48:12:b6:00:9e:c7:5e:2c:0e:42:50:
ed:9f:c1:b2:94:e1:5e:0e:bf:9e:ba:61:83:4f:0d:97:5e:cb:
74:6a:4f:7f:53:ab:da:27:c3:e6:fb:6a:9f:21:96:b1:a4:ca:
c8:61:06:50:bb:0f:60:c6:c2:2c:eb:5f:b2:2a:57:2c:10:dd:
f4:db:40:21:2a:eb:64:e1:28:37:0b:2b:41:13:43:25:82:00:
56:21:d3:64:70:67:8f:7c:47:4e:fb:4a:5a:e1:46:8d:af:8a:
ea:76:75:25:95:89:6f:e3:55:12:e1:e3:31:30:d1:f7:c3:29:
9f:8c:27:e0:d1:cc:c6:2e:92:13:56:16:37:2b:60:af:22:b8:
93:70:e1:2b:83:9b:24:a2:8e:8a:af:1a:b9:e3:dc:6a:5f:92:
01:7e:66:a6:b1:5e:f9:f2:14:f2:8d:c1:a2:85:0d:91:df:7a:
5c:3b:62:5a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYI3UXuDKo1YgGU4lLa8jttcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMGMwZDA0MjI1NTY2ZGI5NWU5YWQzYjJlZjYwNTAxNDk3
NWFhYTIwHhcNMjIwNzI1MjE0NDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTgxYWUyNWJhNjFkZTY0NTUyMmZlN2Q2YzIzMGE5YTUwYjlkZmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAim12T2vefP426Or2fXiZBgeHCGcI
xOxO8aL2GTQlltYQ1LrUEqz5q/20W8njDK2UITcLoopU6m7g+9Q7iWI7gh8rHlR5
UZzkOm0wC3iNOF5Y5kq3ESJUra5jvduiae7v1eVXwTYmiZySYKU9DDh5XNLTDHj0
pIVhbA1XRlef/lPOzzh3VHJ3T+PbF3vI+C1WHDRlNgcT74VUqEi810Zt+LmAbfNl
7xQ1M6l9Rpa0M4bjKmVEd+zwcuSjnhTwvh5+rzBsehn+ZTc4sfo/0+yAFTE9vdau
r0dm5vlvws4lrCrMKTW+/JNxu6jXMKwaA34wyG2lSM3IXoRL2RswDiDE8QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGqBriW6Yd5kVSL+fWwjCppQud/DMB8GA1UdIwQY
MBaAFJsMDQQiVWbblemtOy72BQFJdaqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXd3TkJDSlZadHVWNmEwN0x2WUZBVWwxcXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8wZWM2ZDItZjFkNy00YjBhLWFkMzMt
ZThlZjJmMDk1OThlLzEvYW9HdUpicGgzbVJWSXY1OWJDTUttbEM1MzhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8wZWM2ZDItZjFkNy00YjBhLWFkMzMtZThlZjJmMDk1OThl
LzEvbXd3TkJDSlZadHVWNmEwN0x2WUZBVWwxcXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCLYRQAwQA
LYkSAwQBURz+AwQBW++UAwQCsGnkMA0GCSqGSIb3DQEBCwUAA4IBAQBfl7vOMECM
4fxOHh71x/1lUhCg2nAGOwt7z81CnmXusx39vHs61Lhwkrbya/9UZlfbMonjirAO
f3dQgrjrHX1zMfMFsUfWLWnJ9+QRFeTmSBK2AJ7HXiwOQlDtn8GylOFeDr+eumGD
Tw2XXst0ak9/U6vaJ8Pm+2qfIZaxpMrIYQZQuw9gxsIs61+yKlcsEN3020AhKutk
4Sg3CytBE0MlggBWIdNkcGePfEdO+0pa4UaNr4rqdnUllYlv41US4eMxMNH3wymf
jCfg0czGLpITVhY3K2CvIriTcOErg5skoo6Krxq549xqX5IBfmamsV758hTyjcGi
hQ2R33pcO2Ja
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:01 2024 by rpki-client on console-fra.rpki-client.org