Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/CxBtABPPPOl7UShmwn9d5QLuomQ.roa
File: CxBtABPPPOl7UShmwn9d5QLuomQ.roa (raw, json)
Hash identifier: R1XF4+J+NGm/BJjumtqwCELu0TaetHdnoT2eVOo/+u8=
Subject key identifier: 0B:10:6D:00:13:CF:3C:E9:7B:51:28:66:C2:7F:5D:E5:02:EE:A2:64
Certificate issuer: /CN=b9f1d5b06f5701555ff5888154dd141b48896117
Certificate serial: 07C0B7F3
Authority key identifier: B9:F1:D5:B0:6F:57:01:55:5F:F5:88:81:54:DD:14:1B:48:89:61:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ufHVsG9XAVVf9YiBVN0UG0iJYRc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/CxBtABPPPOl7UShmwn9d5QLuomQ.roa
Signing time: Thu 20 Jan 2022 10:16:02 +0000
ROA not before: Thu 20 Jan 2022 10:16:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 52000
IP address blocks: 176.114.80.0/21 maxlen: 21
176.114.88.0/22 maxlen: 22
176.114.92.0/22 maxlen: 22
176.114.66.0/24 maxlen: 24
176.114.69.0/24 maxlen: 24
176.114.71.0/24 maxlen: 24
176.114.76.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 130070515 (0x7c0b7f3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9f1d5b06f5701555ff5888154dd141b48896117
Validity
Not Before: Jan 20 10:16:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0b106d0013cf3ce97b512866c27f5de502eea264
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:8b:92:c2:31:dd:f2:42:99:f3:45:1c:a9:df:
f7:89:42:83:3b:2b:be:58:36:00:ec:5e:39:39:68:
25:ce:8e:d2:59:43:12:c0:98:51:98:2d:df:49:93:
31:9a:ec:5c:9d:ad:98:b9:3c:1f:89:27:2c:57:ea:
27:22:70:4a:4f:75:82:3e:27:d0:ad:eb:fc:e8:23:
51:18:f5:d8:d9:a8:60:9b:e5:19:0b:03:a4:e5:b3:
6d:d9:1b:bf:9d:a2:4b:68:ac:96:26:7e:5f:b9:26:
b8:82:e9:a2:a8:26:6c:27:a5:fa:c5:a4:a2:f7:26:
3c:b7:61:75:52:94:d2:b6:90:84:2a:d6:00:75:ba:
a2:bd:ff:5c:18:0c:f0:df:71:66:b5:4f:bf:a1:7c:
3f:04:c5:26:ea:6a:d0:49:c6:79:42:b1:89:29:a1:
ad:3e:30:9a:2a:9f:bf:88:a4:fa:71:f4:4d:ce:3c:
d9:c3:88:0e:ab:a6:00:37:1b:ef:73:b4:a0:00:e5:
eb:c3:89:2d:95:cd:29:4e:6a:51:60:dd:d5:9d:3d:
78:e9:2d:9e:23:4f:67:f5:93:8b:a9:1a:c9:0d:6f:
50:91:39:58:3c:17:06:c5:f3:33:e8:e5:57:83:8e:
17:fa:b8:a0:a8:20:87:b7:13:ef:48:a9:1d:91:2b:
f6:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:10:6D:00:13:CF:3C:E9:7B:51:28:66:C2:7F:5D:E5:02:EE:A2:64
X509v3 Authority Key Identifier:
keyid:B9:F1:D5:B0:6F:57:01:55:5F:F5:88:81:54:DD:14:1B:48:89:61:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ufHVsG9XAVVf9YiBVN0UG0iJYRc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/CxBtABPPPOl7UShmwn9d5QLuomQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.114.66.0/24
176.114.69.0/24
176.114.71.0/24
176.114.76.0-176.114.95.255
Signature Algorithm: sha256WithRSAEncryption
89:e6:ef:70:4d:c3:4f:25:99:62:a9:76:dd:ea:46:e8:fe:ae:
7c:2a:53:62:34:e8:cb:1c:30:6e:22:a8:75:48:6f:b6:af:c5:
36:3a:6c:d4:7c:ba:96:b2:f1:b1:ab:38:5c:ff:da:03:40:00:
de:b3:ca:7b:06:71:c9:0a:2c:60:f9:87:56:9a:36:d1:82:f0:
10:3c:37:ea:23:ed:86:e1:2f:2b:19:d4:c7:e3:0d:fb:5a:f0:
ef:f8:4a:94:c4:2f:e4:2d:c7:ba:36:28:3d:be:11:8b:77:12:
9b:4a:21:29:87:18:c0:78:e4:79:a5:d3:5f:b0:96:f3:52:af:
93:4a:ea:fb:13:c0:cf:4e:09:6b:81:81:13:4b:cc:86:1f:27:
a1:87:c4:22:b2:c4:64:db:3d:69:1f:2f:c8:08:0b:91:3a:7f:
e8:bd:5d:7a:a0:3e:dc:7f:05:58:dd:76:1a:99:d2:ae:e4:3e:
fd:ee:d2:48:75:c1:31:00:44:ad:c1:d5:b5:b6:90:d9:68:41:
d9:a3:29:d5:2a:2f:bb:1d:26:90:88:05:14:de:08:86:84:35:
57:8b:ca:03:e0:4a:eb:e3:6b:56:4c:82:54:0b:de:54:9f:cf:
82:1e:d2:2c:f3:aa:f1:c2:eb:9d:84:e4:c5:70:4c:66:be:6b:
76:89:25:b3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEB8C38zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
OWYxZDViMDZmNTcwMTU1NWZmNTg4ODE1NGRkMTQxYjQ4ODk2MTE3MB4XDTIyMDEy
MDEwMTYwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGIxMDZkMDAxM2Nm
M2NlOTdiNTEyODY2YzI3ZjVkZTUwMmVlYTI2NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALGLksIx3fJCmfNFHKnf94lCgzsrvlg2AOxeOTloJc6O0llD
EsCYUZgt30mTMZrsXJ2tmLk8H4knLFfqJyJwSk91gj4n0K3r/OgjURj12NmoYJvl
GQsDpOWzbdkbv52iS2isliZ+X7kmuILpoqgmbCel+sWkovcmPLdhdVKU0raQhCrW
AHW6or3/XBgM8N9xZrVPv6F8PwTFJupq0EnGeUKxiSmhrT4wmiqfv4ik+nH0Tc48
2cOIDqumADcb73O0oADl68OJLZXNKU5qUWDd1Z09eOktniNPZ/WTi6kayQ1vUJE5
WDwXBsXzM+jlV4OOF/q4oKggh7cT70ipHZEr9j8CAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBQLEG0AE8886XtRKGbCf13lAu6iZDAfBgNVHSMEGDAWgBS58dWwb1cBVV/1
iIFU3RQbSIlhFzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VmSFZzRzlYQVZWZjlZaUJWTjBVRzBpSllSYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDEvY2FmNWVhLTYyNmUtNDU1YS04NzA4LWY1Y2E4ZmE3MjcwZC8x
L0N4QnRBQlBQUE9sN1VTaG13bjlkNVFMdW9tUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDEv
Y2FmNWVhLTYyNmUtNDU1YS04NzA4LWY1Y2E4ZmE3MjcwZC8xL3VmSFZzRzlYQVZW
ZjlZaUJWTjBVRzBpSllSYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEALByQgMEALByRQMEALByRzAMAwQC
sHJMAwQFsHJAMA0GCSqGSIb3DQEBCwUAA4IBAQCJ5u9wTcNPJZliqXbd6kbo/q58
KlNiNOjLHDBuIqh1SG+2r8U2OmzUfLqWsvGxqzhc/9oDQADes8p7BnHJCixg+YdW
mjbRgvAQPDfqI+2G4S8rGdTH4w37WvDv+EqUxC/kLce6Nig9vhGLdxKbSiEphxjA
eOR5pdNfsJbzUq+TSur7E8DPTglrgYETS8yGHyehh8QissRk2z1pHy/ICAuROn/o
vV16oD7cfwVY3XYamdKu5D797tJIdcExAEStwdW1tpDZaEHZoynVKi+7HSaQiAUU
3giGhDVXi8oD4Err42tWTIJUC95Un8+CHtIs86rxwuudhOTFcExmvmt2iSWz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:49 2024 by rpki-client on console-ams.rpki-client.org