Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/d_cB2KxN631nvhCe8msXm3r_fVs.roa
File: d_cB2KxN631nvhCe8msXm3r_fVs.roa (raw, json)
Hash identifier: gXdi0c6rd2yadBEw/E5X4xdf0DEseLCOYSMPXfXaPac=
Subject key identifier: 77:F7:01:D8:AC:4D:EB:7D:67:BE:10:9E:F2:6B:17:9B:7A:FF:7D:5B
Certificate issuer: /CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Certificate serial: 087987A7
Authority key identifier: 9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/d_cB2KxN631nvhCe8msXm3r_fVs.roa
Signing time: Thu 21 Apr 2022 06:40:47 +0000
ROA not before: Thu 21 Apr 2022 06:40:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 176.105.228.0/22 maxlen: 24
45.137.16.0/22 maxlen: 24
45.150.52.0/23 maxlen: 24
95.214.176.0/22 maxlen: 24
91.239.148.0/23 maxlen: 24
91.238.92.0/23 maxlen: 24
212.115.124.0/22 maxlen: 24
45.132.80.0/22 maxlen: 24
91.244.199.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 142182311 (0x87987a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Validity
Not Before: Apr 21 06:40:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=77f701d8ac4deb7d67be109ef26b179b7aff7d5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:d0:13:48:40:32:ff:36:1e:5b:25:57:14:d7:
f5:91:5d:56:11:6d:99:60:0f:9d:2d:bc:8a:30:1f:
34:a6:ab:61:28:1b:c1:57:72:29:4b:5d:34:fb:56:
aa:51:33:c5:e7:d2:e0:7f:4c:9c:d0:96:4d:a2:65:
55:04:41:ed:7e:e5:f3:6f:db:f9:9b:0b:19:a4:fe:
9c:2a:5c:2b:29:de:d6:94:cb:05:f6:34:20:77:95:
74:35:ce:5e:04:42:a1:57:c2:77:8f:ed:1c:f1:e9:
85:a8:dd:64:a2:bf:e8:df:26:a6:0b:f5:b0:0d:48:
21:a8:a0:91:5b:f3:da:25:65:47:82:d6:fd:8d:98:
1d:34:9a:75:05:96:89:ee:2a:db:17:89:66:2a:26:
b5:96:61:6f:fe:68:a0:31:5a:70:5d:89:c9:e6:77:
f8:5c:57:9f:98:25:82:a1:ea:a3:68:21:f2:4f:3a:
28:ca:3c:f9:a2:19:ac:4d:78:cd:ca:7d:87:bb:e7:
ea:ca:58:82:7a:69:7c:7e:94:e8:fd:8c:a2:c6:64:
d5:8f:b6:42:72:bc:5a:05:c6:c7:5d:a3:91:7b:7c:
a6:38:b5:e6:42:20:b2:e7:f2:77:32:39:a7:ce:e8:
62:84:78:ba:e1:c1:cd:97:2d:e7:8b:28:67:66:23:
4a:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:F7:01:D8:AC:4D:EB:7D:67:BE:10:9E:F2:6B:17:9B:7A:FF:7D:5B
X509v3 Authority Key Identifier:
keyid:9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/d_cB2KxN631nvhCe8msXm3r_fVs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/mwwNBCJVZtuV6a07LvYFAUl1qqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.80.0/22
45.137.16.0/22
45.150.52.0/23
91.238.92.0/23
91.239.148.0/23
91.244.199.0/24
95.214.176.0/22
176.105.228.0/22
212.115.124.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:1c:ce:42:25:41:2c:df:05:dd:48:30:05:49:1e:83:ec:1d:
a7:61:29:fc:7f:97:cb:61:6e:c9:be:3f:4c:da:60:07:1d:47:
74:cb:4f:79:39:5c:68:b0:1b:c2:56:59:c5:48:81:27:a3:df:
19:97:23:48:e3:53:ba:2c:ce:18:73:6c:a1:f0:d8:ca:05:e6:
85:6d:7d:b3:41:ce:62:cb:9c:85:99:60:9e:98:57:3d:6c:5c:
47:ee:64:6a:67:e0:57:0f:22:e3:8f:bc:04:88:dc:e3:a7:19:
46:81:6f:11:a5:59:11:98:73:d2:94:fc:cc:d2:b9:7e:e4:34:
2d:f6:75:c9:54:7f:6c:6d:4b:26:61:6c:46:ec:7e:88:7f:0f:
70:f8:52:18:32:66:53:56:d4:b7:08:dd:9d:86:f4:0c:57:fc:
f5:39:cf:c9:29:95:9b:ed:89:77:73:71:27:0d:b6:6c:66:9a:
d3:60:9c:6d:8d:65:5e:64:db:6d:9d:ec:9f:e4:3d:c0:3e:4b:
34:d2:1b:12:4f:ef:a7:66:06:e4:82:fc:25:e9:6c:d5:6d:06:
f2:6c:ac:88:4d:04:8e:6e:42:d2:ed:69:fd:1c:2a:bf:2f:12:
f2:15:b3:8a:69:4b:46:f8:37:b0:71:3e:ac:9c:94:7e:9b:36:
61:77:6b:df
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIECHmHpzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YjBjMGQwNDIyNTU2NmRiOTVlOWFkM2IyZWY2MDUwMTQ5NzVhYWEyMB4XDTIyMDQy
MTA2NDA0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzdmNzAxZDhhYzRk
ZWI3ZDY3YmUxMDllZjI2YjE3OWI3YWZmN2Q1YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMfQE0hAMv82HlslVxTX9ZFdVhFtmWAPnS28ijAfNKarYSgb
wVdyKUtdNPtWqlEzxefS4H9MnNCWTaJlVQRB7X7l82/b+ZsLGaT+nCpcKyne1pTL
BfY0IHeVdDXOXgRCoVfCd4/tHPHphajdZKK/6N8mpgv1sA1IIaigkVvz2iVlR4LW
/Y2YHTSadQWWie4q2xeJZiomtZZhb/5ooDFacF2JyeZ3+FxXn5glgqHqo2gh8k86
KMo8+aIZrE14zcp9h7vn6spYgnppfH6U6P2MosZk1Y+2QnK8WgXGx12jkXt8pji1
5kIgsufydzI5p87oYoR4uuHBzZct54soZ2YjSjkCAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBR39wHYrE3rfWe+EJ7yaxebev99WzAfBgNVHSMEGDAWgBSbDA0EIlVm25Xp
rTsu9gUBSXWqojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L213d05CQ0pWWnR1VjZhMDdMdllGQVVsMXFxSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvMGVjNmQyLWYxZDctNGIwYS1hZDMzLWU4ZWYyZjA5NTk4ZS8x
L2RfY0IyS3hONjMxbnZoQ2U4bXNYbTNyX2ZWcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
MGVjNmQyLWYxZDctNGIwYS1hZDMzLWU4ZWYyZjA5NTk4ZS8xL213d05CQ0pWWnR1
VjZhMDdMdllGQVVsMXFxSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAi2EUAMEAi2JEAMEAS2WNAMEAVvu
XAMEAVvvlAMEAFv0xwMEAl/WsAMEArBp5AMEAtRzfDANBgkqhkiG9w0BAQsFAAOC
AQEALhzOQiVBLN8F3UgwBUkeg+wdp2Ep/H+Xy2Fuyb4/TNpgBx1HdMtPeTlcaLAb
wlZZxUiBJ6PfGZcjSONTuizOGHNsofDYygXmhW19s0HOYsuchZlgnphXPWxcR+5k
amfgVw8i44+8BIjc46cZRoFvEaVZEZhz0pT8zNK5fuQ0LfZ1yVR/bG1LJmFsRux+
iH8PcPhSGDJmU1bUtwjdnYb0DFf89TnPySmVm+2Jd3NxJw22bGaa02CcbY1lXmTb
bZ3sn+Q9wD5LNNIbEk/vp2YG5IL8Jels1W0G8mysiE0Ejm5C0u1p/Rwqvy8S8hWz
imlLRvg3sHE+rJyUfps2YXdr3w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:43 2024 by rpki-client on console-ams.rpki-client.org