Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/bcwqaasS1kfgmI8Ii5gleOOiWEw.roa
File: bcwqaasS1kfgmI8Ii5gleOOiWEw.roa (raw, json)
Hash identifier: fSLg64x1xSRmJ3zu2/RGj+CQeqj8cdk2C1pFqm/eXAY=
Subject key identifier: 6D:CC:2A:69:AB:12:D6:47:E0:98:8F:08:8B:98:25:78:E3:A2:58:4C
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0182A1755E36EBAB3BE813750960F829F03D
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/bcwqaasS1kfgmI8Ii5gleOOiWEw.roa
Signing time: Mon 15 Aug 2022 12:23:19 +0000
ROA not before: Mon 15 Aug 2022 12:23:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200740
IP address blocks: 185.103.252.0/24 maxlen: 24
185.117.116.0/24 maxlen: 24
185.103.253.0/24 maxlen: 24
185.103.252.0/23 maxlen: 23
45.9.72.0/24 maxlen: 24
185.103.254.0/24 maxlen: 24
185.117.119.0/24 maxlen: 24
185.103.255.0/24 maxlen: 24
185.103.254.0/23 maxlen: 23
185.40.7.0/24 maxlen: 24
194.36.178.0/23 maxlen: 23
185.94.164.0/24 maxlen: 24
185.200.190.0/24 maxlen: 24
185.94.164.0/23 maxlen: 23
185.94.165.0/24 maxlen: 24
91.217.76.0/24 maxlen: 24
46.17.105.0/24 maxlen: 24
2a04:5200:68::/48 maxlen: 48
2a0d:2cc4::/31 maxlen: 31
2a04:5201:2::/48 maxlen: 48
2a04:5201:7::/48 maxlen: 48
2a04:5201:8018::/48 maxlen: 48
2a04:5201:4::/48 maxlen: 48
2a0d:2cc2::/31 maxlen: 31
2a04:5201:6::/48 maxlen: 48
2a0d:2cc0::/31 maxlen: 31
2a0d:2cc6::/31 maxlen: 31
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:a1:75:5e:36:eb:ab:3b:e8:13:75:09:60:f8:29:f0:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Aug 15 12:23:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6dcc2a69ab12d647e0988f088b982578e3a2584c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:e0:97:95:ce:12:c5:71:17:42:a3:90:06:d5:
54:d3:43:0a:27:36:32:7c:78:c7:a6:b7:54:b1:8a:
b5:9a:28:64:77:80:cf:e8:6c:9d:e0:ab:dd:aa:8a:
68:b0:3d:bd:cb:75:7d:97:e3:08:ce:36:72:2d:5c:
2e:6c:02:77:5a:6d:dc:ae:80:91:1f:56:c1:54:ea:
24:bf:9a:2d:d7:f6:8d:51:c5:b3:1a:d4:7b:0c:7a:
e8:cb:2d:a3:15:7d:55:27:41:d0:0c:81:09:8c:80:
79:c6:8a:dc:50:40:51:7c:74:01:fa:c7:d3:4b:77:
f3:c1:2f:77:12:88:82:2f:27:09:99:c1:e2:33:28:
0e:2a:ad:6b:67:48:12:cb:c5:98:cd:2c:7f:ae:bd:
22:e7:b8:40:9b:63:80:bc:bf:9b:69:31:d3:01:9c:
29:25:4a:d7:e6:2b:cf:3b:81:94:59:1d:c4:e9:f6:
df:d5:f2:84:8c:b3:27:a0:6a:07:e2:6d:c6:97:9a:
9a:80:a8:54:fe:81:4c:1b:c7:2d:b8:e4:3a:3a:55:
4e:ae:99:c7:ff:0b:aa:eb:2c:7f:05:36:b7:33:6e:
61:40:fd:78:10:dd:3d:df:70:09:90:26:62:2b:1e:
a1:45:23:0c:d5:a9:48:21:9f:c1:bb:f0:25:cd:e2:
d4:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:CC:2A:69:AB:12:D6:47:E0:98:8F:08:8B:98:25:78:E3:A2:58:4C
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/bcwqaasS1kfgmI8Ii5gleOOiWEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.72.0/24
46.17.105.0/24
91.217.76.0/24
185.40.7.0/24
185.94.164.0/23
185.103.252.0/22
185.117.116.0/24
185.117.119.0/24
185.200.190.0/24
194.36.178.0/23
IPv6:
2a04:5200:68::/48
2a04:5201:2::/48
2a04:5201:4::/48
2a04:5201:6::/47
2a04:5201:8018::/48
2a0d:2cc0::/29
Signature Algorithm: sha256WithRSAEncryption
4b:d3:26:e1:30:1d:ee:ab:e7:0a:42:b5:45:54:57:e4:12:6c:
dc:76:36:d2:f2:3b:56:8a:97:29:dd:d9:19:93:5d:77:ef:73:
e0:30:a7:74:84:52:cd:b9:66:a4:36:6c:93:30:75:e6:29:8b:
c4:88:5a:de:1d:34:8a:b1:b7:14:e1:2e:ba:23:e9:bb:62:2e:
13:0d:02:2f:1f:ea:48:9a:75:46:39:81:f8:4c:6b:8a:26:11:
59:11:9b:b3:23:82:78:32:5d:08:2a:5b:57:74:c8:9c:45:10:
fb:22:6d:02:0f:6f:af:d4:40:e9:61:8e:fc:c2:93:60:f5:4e:
b9:2f:86:d5:6e:75:96:54:e2:5a:30:da:d4:90:6d:21:76:cc:
4a:2a:27:c6:e4:db:53:ab:48:10:3e:80:77:4d:49:ac:73:78:
5c:17:d7:7a:a9:bb:1d:69:95:ca:ec:8e:b3:30:d9:2f:fc:0e:
95:43:fc:9e:d9:d4:cb:15:35:40:b8:fe:a5:b1:b7:d0:44:93:
56:40:14:38:cf:5b:5c:bd:33:a3:37:31:c6:4b:3e:84:01:24:
e1:77:1c:9f:3a:bd:18:3a:b3:f9:fb:b0:9f:62:2e:f7:c7:bb:
28:ed:62:82:b8:6d:75:fe:77:24:d4:a3:4b:e9:ad:19:0a:d5:
11:64:f5:fa
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAYKhdV4266s76BN1CWD4KfA9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjIwODE1MTIyMzE5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGNjMmE2OWFiMTJkNjQ3ZTA5ODhmMDg4Yjk4MjU3OGUzYTI1ODRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgOCXlc4SxXEXQqOQBtVU00MKJzYy
fHjHprdUsYq1mihkd4DP6Gyd4KvdqoposD29y3V9l+MIzjZyLVwubAJ3Wm3croCR
H1bBVOokv5ot1/aNUcWzGtR7DHroyy2jFX1VJ0HQDIEJjIB5xorcUEBRfHQB+sfT
S3fzwS93EoiCLycJmcHiMygOKq1rZ0gSy8WYzSx/rr0i57hAm2OAvL+baTHTAZwp
JUrX5ivPO4GUWR3E6fbf1fKEjLMnoGoH4m3Gl5qagKhU/oFMG8ctuOQ6OlVOrpnH
/wuq6yx/BTa3M25hQP14EN0933AJkCZiKx6hRSMM1alIIZ/Bu/AlzeLUtQIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFG3MKmmrEtZH4JiPCIuYJXjjolhMMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvYmN3cWFhc1Mxa2ZnbUk4SWk1Z2xlT09pV0V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDBCBAIAATA8AwQALQlI
AwQALhFpAwQAW9lMAwQAuSgHAwQBuV6kAwQCuWf8AwQAuXV0AwQAuXV3AwQAuci+
AwQBwiSyMDoEAgACMDQDBwAqBFIAAGgDBwAqBFIBAAIDBwAqBFIBAAQDBwEqBFIB
AAYDBwAqBFIBgBgDBQMqDSzAMA0GCSqGSIb3DQEBCwUAA4IBAQBL0ybhMB3uq+cK
QrVFVFfkEmzcdjbS8jtWipcp3dkZk11373PgMKd0hFLNuWakNmyTMHXmKYvEiFre
HTSKsbcU4S66I+m7Yi4TDQIvH+pImnVGOYH4TGuKJhFZEZuzI4J4Ml0IKltXdMic
RRD7Im0CD2+v1EDpYY78wpNg9U65L4bVbnWWVOJaMNrUkG0hdsxKKifG5NtTq0gQ
PoB3TUmsc3hcF9d6qbsdaZXK7I6zMNkv/A6VQ/ye2dTLFTVAuP6lsbfQRJNWQBQ4
z1tcvTOjNzHGSz6EASThdxyfOr0YOrP5+7CfYi73x7so7WKCuG11/nck1KNL6a0Z
CtURZPX6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:10 2024 by rpki-client on console-ams.rpki-client.org