Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/3d2d7b-2c5c-498f-85bf-285ec8fe8ec6/1/eq6a1_eqQ6YST1p7NgsM1asUeZI.roa
File: eq6a1_eqQ6YST1p7NgsM1asUeZI.roa (raw, json)
Hash identifier: 4pTeqHa2SqWxlidBi8bSUAHeMUbFbOXUybQXwqWOV84=
Subject key identifier: 7A:AE:9A:D7:F7:AA:43:A6:12:4F:5A:7B:36:0B:0C:D5:AB:14:79:92
Certificate issuer: /CN=7dbacb1fc2c2063042781631b517ce475233a2bd
Certificate serial: 01856D788D9B7D73F1608AAD5B818EC99650
Authority key identifier: 7D:BA:CB:1F:C2:C2:06:30:42:78:16:31:B5:17:CE:47:52:33:A2:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fbrLH8LCBjBCeBYxtRfOR1Izor0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/3d2d7b-2c5c-498f-85bf-285ec8fe8ec6/1/eq6a1_eqQ6YST1p7NgsM1asUeZI.roa
Signing time: Sun 01 Jan 2023 13:14:55 +0000
ROA not before: Sun 01 Jan 2023 13:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207903
IP address blocks: 185.88.64.0/24 maxlen: 24
185.88.64.0/22 maxlen: 22
185.88.65.0/24 maxlen: 24
185.88.67.0/24 maxlen: 24
185.88.66.0/24 maxlen: 24
45.81.171.0/24 maxlen: 24
45.81.170.0/24 maxlen: 24
45.81.169.0/24 maxlen: 24
45.81.168.0/24 maxlen: 24
45.81.168.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:78:8d:9b:7d:73:f1:60:8a:ad:5b:81:8e:c9:96:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7dbacb1fc2c2063042781631b517ce475233a2bd
Validity
Not Before: Jan 1 13:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7aae9ad7f7aa43a6124f5a7b360b0cd5ab147992
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:17:26:44:6e:93:be:9f:67:61:0b:6a:23:c6:
25:10:30:57:26:0e:b1:76:c6:c5:2d:56:b1:c2:0e:
d8:70:c6:1e:85:8c:31:12:4b:a9:36:46:41:e4:ef:
96:8a:72:0c:d0:cc:67:af:dd:8f:6e:17:74:52:5f:
d7:4b:42:26:64:a5:50:80:98:9f:d7:26:a8:ed:93:
23:83:3a:fd:11:94:e7:6a:18:4f:8e:62:25:3e:d8:
16:0e:4e:08:74:2a:0b:e6:04:1b:b0:fa:a0:00:22:
73:26:84:47:04:ea:ee:f5:21:fb:41:3a:c3:d4:76:
fb:72:5d:12:d6:d7:b1:98:90:fe:c2:5e:d1:d8:a6:
f6:ba:84:66:31:90:0c:4a:49:21:a5:5c:11:d0:6e:
0d:5a:03:d7:b4:3e:1c:58:bf:21:01:ac:9c:58:81:
1d:3f:8d:60:8a:07:f8:e8:f2:ad:de:6c:2c:1e:78:
e6:3c:14:95:d9:85:38:44:c6:37:1b:41:64:e2:58:
9c:9c:f1:e8:1a:d9:f5:53:5a:d7:ce:f6:e9:20:48:
79:5e:78:09:88:28:e1:e0:1b:6f:6a:86:40:aa:c1:
f4:5a:1e:40:68:37:51:bd:a8:70:ab:50:28:2e:1b:
51:91:ad:6c:4b:73:5f:9c:5b:65:95:ef:79:9d:9e:
4f:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:AE:9A:D7:F7:AA:43:A6:12:4F:5A:7B:36:0B:0C:D5:AB:14:79:92
X509v3 Authority Key Identifier:
keyid:7D:BA:CB:1F:C2:C2:06:30:42:78:16:31:B5:17:CE:47:52:33:A2:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fbrLH8LCBjBCeBYxtRfOR1Izor0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/3d2d7b-2c5c-498f-85bf-285ec8fe8ec6/1/eq6a1_eqQ6YST1p7NgsM1asUeZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/3d2d7b-2c5c-498f-85bf-285ec8fe8ec6/1/fbrLH8LCBjBCeBYxtRfOR1Izor0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.168.0/22
185.88.64.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:09:72:f2:7a:a6:26:36:fc:e3:b2:c2:83:3f:97:39:ca:25:
96:35:0d:b6:6a:95:2a:04:f8:2b:ea:73:aa:4b:db:3a:8e:fc:
f5:7e:ba:8d:a3:33:3e:19:d9:f1:55:54:51:49:ea:97:fe:41:
81:df:88:58:0d:68:01:b5:31:27:10:13:aa:db:38:2f:32:37:
a6:d7:e7:e0:41:a5:db:00:25:62:65:7c:15:f4:cf:5a:ee:22:
b2:61:f6:09:e7:09:c2:5e:72:1f:9c:4b:c6:a0:57:4c:30:65:
ae:d6:9f:7e:64:c8:47:85:0d:b8:f1:95:7a:59:99:6c:1a:bf:
0b:98:7c:c6:b4:31:42:af:8b:18:29:b5:9a:80:b1:ee:fb:70:
2e:c6:57:4f:16:4d:db:4d:12:e8:5b:a9:22:ae:d6:a4:ba:4e:
d9:9d:36:3b:55:e0:7b:95:d8:1d:6e:f3:fa:a6:5a:91:2c:fe:
0b:e9:bc:9a:0d:b4:30:84:05:87:33:96:c7:32:30:fc:92:b5:
cb:fb:6c:3c:ad:06:e6:b7:4e:22:17:c4:68:a2:92:26:b9:f9:
02:71:bd:5e:a3:4a:93:a7:e1:4b:14:2a:d6:12:85:e8:d8:6b:
84:91:01:07:29:ca:05:bf:47:89:9d:15:42:37:38:db:48:58:
ef:4f:74:63
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVteI2bfXPxYIqtW4GOyZZQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYmFjYjFmYzJjMjA2MzA0Mjc4MTYzMWI1MTdjZTQ3NTIz
M2EyYmQwHhcNMjMwMTAxMTMxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWFlOWFkN2Y3YWE0M2E2MTI0ZjVhN2IzNjBiMGNkNWFiMTQ3OTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxRcmRG6Tvp9nYQtqI8YlEDBXJg6x
dsbFLVaxwg7YcMYehYwxEkupNkZB5O+WinIM0Mxnr92Pbhd0Ul/XS0ImZKVQgJif
1yao7ZMjgzr9EZTnahhPjmIlPtgWDk4IdCoL5gQbsPqgACJzJoRHBOru9SH7QTrD
1Hb7cl0S1texmJD+wl7R2Kb2uoRmMZAMSkkhpVwR0G4NWgPXtD4cWL8hAaycWIEd
P41gigf46PKt3mwsHnjmPBSV2YU4RMY3G0Fk4licnPHoGtn1U1rXzvbpIEh5XngJ
iCjh4BtvaoZAqsH0Wh5AaDdRvahwq1AoLhtRka1sS3NfnFtlle95nZ5P8QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHqumtf3qkOmEk9aezYLDNWrFHmSMB8GA1UdIwQY
MBaAFH26yx/CwgYwQngWMbUXzkdSM6K9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmJyTEg4TENCakJDZUJZeHRSZk9SMUl6b3IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zZDJkN2ItMmM1Yy00OThmLTg1YmYt
Mjg1ZWM4ZmU4ZWM2LzEvZXE2YTFfZXFRNllTVDFwN05nc00xYXNVZVpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zZDJkN2ItMmM1Yy00OThmLTg1YmYtMjg1ZWM4ZmU4ZWM2
LzEvZmJyTEg4TENCakJDZUJZeHRSZk9SMUl6b3IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLVGoAwQC
uVhAMA0GCSqGSIb3DQEBCwUAA4IBAQBbCXLyeqYmNvzjssKDP5c5yiWWNQ22apUq
BPgr6nOqS9s6jvz1frqNozM+GdnxVVRRSeqX/kGB34hYDWgBtTEnEBOq2zgvMjem
1+fgQaXbACViZXwV9M9a7iKyYfYJ5wnCXnIfnEvGoFdMMGWu1p9+ZMhHhQ248ZV6
WZlsGr8LmHzGtDFCr4sYKbWagLHu+3AuxldPFk3bTRLoW6kirtakuk7ZnTY7VeB7
ldgdbvP6plqRLP4L6byaDbQwhAWHM5bHMjD8krXL+2w8rQbmt04iF8RoopImufkC
cb1eo0qTp+FLFCrWEoXo2GuEkQEHKcoFv0eJnRVCNzjbSFjvT3Rj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:57 2024 by rpki-client on console-ams.rpki-client.org