Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/xLTuzqX_r76hTqazzU-OimkCJ9s.roa
File: xLTuzqX_r76hTqazzU-OimkCJ9s.roa (raw, json)
Hash identifier: N287OEWi/d94qIDVp9DGK0c+OqXQfBXUsC6i4DSsxcQ=
Subject key identifier: C4:B4:EE:CE:A5:FF:AF:BE:A1:4E:A6:B3:CD:4F:8E:8A:69:02:27:DB
Certificate issuer: /CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Certificate serial: 0181DF435F95CC1B6233EF011227687BF0CE
Authority key identifier: 9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/xLTuzqX_r76hTqazzU-OimkCJ9s.roa
Signing time: Fri 08 Jul 2022 19:22:23 +0000
ROA not before: Fri 08 Jul 2022 19:22:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 176.105.229.0/24 maxlen: 24
176.105.228.0/22 maxlen: 24
45.137.18.0/24 maxlen: 24
81.28.254.0/23 maxlen: 24
91.239.148.0/23 maxlen: 24
45.132.80.0/22 maxlen: 24
91.244.199.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:df:43:5f:95:cc:1b:62:33:ef:01:12:27:68:7b:f0:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Validity
Not Before: Jul 8 19:22:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c4b4eecea5ffafbea14ea6b3cd4f8e8a690227db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a0:66:a6:46:0e:c1:82:68:f9:8c:7a:7d:6f:
29:d3:f1:bc:67:6a:01:97:94:04:dd:f1:3e:b0:6b:
ae:2c:63:95:ee:ee:e5:60:68:8f:e5:28:b1:ad:22:
d6:80:4b:b1:31:62:93:4d:c6:3b:29:13:ad:ab:d7:
12:fd:f4:4e:2b:c0:86:2a:bd:b1:69:a4:b9:5e:36:
41:e0:a8:51:46:7b:6b:59:8c:79:fa:d1:fb:57:f5:
04:62:8b:bd:62:50:74:0f:d2:d1:d7:a7:52:e0:b3:
5e:a8:43:ed:ed:e5:c2:3b:07:86:0a:98:ee:a0:97:
43:2b:db:a5:ae:73:bb:dd:37:1f:54:e5:b7:66:8f:
4b:cc:cd:7d:4f:54:49:ef:45:e6:3c:6e:02:8c:9b:
37:6e:f1:d2:fe:f7:0b:88:cd:9c:cd:e2:45:84:ed:
11:3b:f3:c6:73:f3:1e:d1:6c:9c:fe:70:5f:dd:09:
51:1d:9f:82:48:a8:b2:ab:0e:f1:1c:77:2c:59:55:
d7:88:bc:59:0b:91:1d:f6:eb:3d:f3:09:3e:fc:cd:
82:6a:f3:10:38:a9:e3:b6:dc:7d:cd:6a:e9:f7:bd:
d5:d5:2e:8b:9b:65:96:d5:d2:36:33:8c:aa:97:85:
d9:a8:71:9b:86:3b:aa:18:87:c5:86:64:ee:54:35:
6c:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:B4:EE:CE:A5:FF:AF:BE:A1:4E:A6:B3:CD:4F:8E:8A:69:02:27:DB
X509v3 Authority Key Identifier:
keyid:9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/xLTuzqX_r76hTqazzU-OimkCJ9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/mwwNBCJVZtuV6a07LvYFAUl1qqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.80.0/22
45.137.18.0/24
81.28.254.0/23
91.239.148.0/23
91.244.199.0/24
176.105.228.0/22
Signature Algorithm: sha256WithRSAEncryption
bd:29:ca:2a:f2:3d:05:b2:88:de:d7:f8:3e:f2:3c:a8:48:4c:
5d:32:5d:10:2c:76:17:ee:58:52:e3:f2:9d:e3:12:da:b8:a2:
3d:8b:7e:4b:fc:d0:46:03:92:f2:b8:a1:c8:43:10:91:4a:7e:
f8:a9:14:12:2c:3a:3a:cc:cc:1d:63:71:9d:7a:8a:94:48:14:
6f:95:8a:a8:02:ae:e7:de:f9:a6:1c:15:f3:fe:7e:ef:7c:25:
3a:52:35:4c:da:8e:f5:f9:42:66:ad:38:3f:e1:5b:cf:d5:7c:
e8:0e:7e:f6:d5:42:6d:7e:d9:09:25:ca:63:77:61:37:6c:cd:
9d:c0:51:7c:67:da:9e:90:39:f0:4d:59:65:24:37:bb:b5:02:
1b:f4:1e:25:46:d7:ee:08:02:56:8f:ba:92:80:dc:26:bb:c7:
56:6c:92:c8:4e:db:d9:43:a3:77:ae:bf:d2:40:61:09:31:ab:
ff:fd:8c:e1:dc:a3:c4:7f:85:42:3b:da:61:fb:6d:92:1d:5c:
2e:12:c2:41:b6:b6:38:50:ed:8e:98:4c:19:ae:61:c9:51:85:
37:f9:10:ef:88:db:6e:a4:e2:63:59:55:5e:37:1c:22:49:53:
d2:2b:a7:62:06:81:3d:ce:7b:ae:9d:97:3f:d6:39:8c:05:63:
c0:39:e1:ba
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYHfQ1+VzBtiM+8BEidoe/DOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMGMwZDA0MjI1NTY2ZGI5NWU5YWQzYjJlZjYwNTAxNDk3
NWFhYTIwHhcNMjIwNzA4MTkyMjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGI0ZWVjZWE1ZmZhZmJlYTE0ZWE2YjNjZDRmOGU4YTY5MDIyN2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqBmpkYOwYJo+Yx6fW8p0/G8Z2oB
l5QE3fE+sGuuLGOV7u7lYGiP5SixrSLWgEuxMWKTTcY7KROtq9cS/fROK8CGKr2x
aaS5XjZB4KhRRntrWYx5+tH7V/UEYou9YlB0D9LR16dS4LNeqEPt7eXCOweGCpju
oJdDK9ulrnO73TcfVOW3Zo9LzM19T1RJ70XmPG4CjJs3bvHS/vcLiM2czeJFhO0R
O/PGc/Me0Wyc/nBf3QlRHZ+CSKiyqw7xHHcsWVXXiLxZC5Ed9us98wk+/M2CavMQ
OKnjttx9zWrp973V1S6Lm2WW1dI2M4yql4XZqHGbhjuqGIfFhmTuVDVseQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMS07s6l/6++oU6ms81PjoppAifbMB8GA1UdIwQY
MBaAFJsMDQQiVWbblemtOy72BQFJdaqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXd3TkJDSlZadHVWNmEwN0x2WUZBVWwxcXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8wZWM2ZDItZjFkNy00YjBhLWFkMzMt
ZThlZjJmMDk1OThlLzEveExUdXpxWF9yNzZoVHFhenpVLU9pbWtDSjlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8wZWM2ZDItZjFkNy00YjBhLWFkMzMtZThlZjJmMDk1OThl
LzEvbXd3TkJDSlZadHVWNmEwN0x2WUZBVWwxcXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCLYRQAwQA
LYkSAwQBURz+AwQBW++UAwQAW/THAwQCsGnkMA0GCSqGSIb3DQEBCwUAA4IBAQC9
Kcoq8j0Fsoje1/g+8jyoSExdMl0QLHYX7lhS4/Kd4xLauKI9i35L/NBGA5LyuKHI
QxCRSn74qRQSLDo6zMwdY3GdeoqUSBRvlYqoAq7n3vmmHBXz/n7vfCU6UjVM2o71
+UJmrTg/4VvP1XzoDn721UJtftkJJcpjd2E3bM2dwFF8Z9qekDnwTVllJDe7tQIb
9B4lRtfuCAJWj7qSgNwmu8dWbJLITtvZQ6N3rr/SQGEJMav//Yzh3KPEf4VCO9ph
+22SHVwuEsJBtrY4UO2OmEwZrmHJUYU3+RDviNtupOJjWVVeNxwiSVPSK6diBoE9
znuunZc/1jmMBWPAOeG6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:01 2024 by rpki-client on console-fra.rpki-client.org