Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/c8YblEcto6RdpMJ_pKepw4wRRtI.roa
File: c8YblEcto6RdpMJ_pKepw4wRRtI.roa (raw, json)
Hash identifier: NBRoMWRW5x1rbbKpGhKpBYMwxqmhoSyrBGhq8nw21P8=
Subject key identifier: 73:C6:1B:94:47:2D:A3:A4:5D:A4:C2:7F:A4:A7:A9:C3:8C:11:46:D2
Certificate issuer: /CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
Certificate serial: 0183F46262E104249DFB38CD2C2A30ECC1F5
Authority key identifier: 08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/c8YblEcto6RdpMJ_pKepw4wRRtI.roa
Signing time: Thu 20 Oct 2022 07:53:52 +0000
ROA not before: Thu 20 Oct 2022 07:53:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206065
IP address blocks: 45.140.228.0/22 maxlen: 22
85.198.48.0/20 maxlen: 20
45.156.180.0/22 maxlen: 22
45.156.192.0/22 maxlen: 22
45.156.200.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f4:62:62:e1:04:24:9d:fb:38:cd:2c:2a:30:ec:c1:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
Validity
Not Before: Oct 20 07:53:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=73c61b94472da3a45da4c27fa4a7a9c38c1146d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:62:7c:c4:1d:b7:61:bd:dd:df:b8:17:8d:16:
73:6c:7f:64:f2:f5:c7:26:94:87:c7:df:e7:fc:82:
a9:56:d4:3a:a8:7f:0a:c1:cf:10:cc:f3:2a:8e:4c:
b2:ce:78:f6:27:25:49:7d:d0:e0:1d:1c:30:fd:18:
3e:0c:ba:98:e7:2d:16:64:45:ea:13:12:d3:35:e1:
c2:98:a6:2e:3d:83:95:3f:30:8d:38:c2:45:bf:ef:
60:b8:4c:94:5e:ac:f0:dc:fd:bc:94:4d:19:33:bb:
ce:94:03:f1:7f:9c:cc:dd:a8:d9:bd:55:c4:07:1d:
40:82:7f:e2:27:a4:da:1a:01:69:12:66:bd:82:f2:
89:5c:c8:15:0f:e3:d8:2e:cd:7f:88:13:5f:85:49:
0e:1f:bc:ad:1a:91:bc:de:e6:93:07:f3:53:d0:29:
25:a9:77:a2:92:e4:33:a9:46:f8:b3:60:e2:e2:be:
70:af:0c:9a:8e:ad:0a:80:9d:17:f5:94:06:90:b7:
03:64:1e:c4:49:5c:f5:eb:62:0c:8a:f4:0b:56:7a:
b8:4a:09:3a:87:6c:1a:ad:cb:1c:2d:44:b4:8b:11:
53:82:13:a2:92:1e:70:28:7c:ed:d4:48:2d:a0:8a:
16:89:3d:52:16:86:d4:61:0a:47:be:47:9d:3f:e6:
04:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:C6:1B:94:47:2D:A3:A4:5D:A4:C2:7F:A4:A7:A9:C3:8C:11:46:D2
X509v3 Authority Key Identifier:
keyid:08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/c8YblEcto6RdpMJ_pKepw4wRRtI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/CBt6IuUc-5z4QgXkRJmYrVXY8GU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.228.0/22
45.156.180.0/22
45.156.192.0/22
45.156.200.0/22
85.198.48.0/20
Signature Algorithm: sha256WithRSAEncryption
09:7d:91:e7:51:4f:f1:e4:9f:d1:1a:11:34:51:84:e8:26:15:
3a:26:3b:cb:f1:8e:d2:6e:7c:46:0a:9f:e4:97:26:59:e4:7a:
0b:f1:84:e5:57:03:ca:77:80:f2:6c:68:34:07:39:a1:39:f8:
9f:32:fd:70:3b:af:f0:4c:f6:31:91:ab:9e:04:92:91:1d:00:
31:9b:4f:d2:0a:44:bf:5f:6a:fb:88:bb:d7:f1:98:00:8e:54:
97:ed:48:6c:da:26:6d:a0:2d:08:8c:16:78:61:31:04:84:0c:
3c:1c:63:85:5a:1d:0c:45:7a:26:fa:49:9e:e7:82:e4:5c:f0:
d8:a6:22:59:3b:5c:4e:b4:d2:51:23:c0:3c:84:8a:63:1e:91:
52:c2:52:80:d3:70:9f:5a:a6:f7:79:9e:a0:e8:3c:a2:3c:87:
4a:5b:10:f6:98:e1:0d:c6:52:34:4e:01:43:61:14:c4:2a:55:
b4:8d:00:09:9b:ff:2e:20:a2:37:4b:f1:e5:e7:02:1a:2b:32:
d0:69:c6:f7:4d:df:fe:fd:bd:16:25:74:4c:97:9f:5a:ab:7e:
78:28:47:50:88:1a:c0:fe:94:b6:70:53:3c:8b:78:12:b4:19:
ce:0f:f2:c9:8f:42:31:4f:06:91:7f:8f:40:0a:55:f5:4c:54:
b7:67:df:17
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYP0YmLhBCSd+zjNLCow7MH1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MWI3YTIyZTUxY2ZiOWNmODQyMDVlNDQ0OTk5OGFkNTVk
OGYwNjUwHhcNMjIxMDIwMDc1MzUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2M2MWI5NDQ3MmRhM2E0NWRhNGMyN2ZhNGE3YTljMzhjMTE0NmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxWJ8xB23Yb3d37gXjRZzbH9k8vXH
JpSHx9/n/IKpVtQ6qH8Kwc8QzPMqjkyyznj2JyVJfdDgHRww/Rg+DLqY5y0WZEXq
ExLTNeHCmKYuPYOVPzCNOMJFv+9guEyUXqzw3P28lE0ZM7vOlAPxf5zM3ajZvVXE
Bx1Agn/iJ6TaGgFpEma9gvKJXMgVD+PYLs1/iBNfhUkOH7ytGpG83uaTB/NT0Ckl
qXeikuQzqUb4s2Di4r5wrwyajq0KgJ0X9ZQGkLcDZB7ESVz162IMivQLVnq4Sgk6
h2warcscLUS0ixFTghOikh5wKHzt1EgtoIoWiT1SFobUYQpHvkedP+YEVQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHPGG5RHLaOkXaTCf6SnqcOMEUbSMB8GA1UdIwQY
MBaAFAgbeiLlHPuc+EIF5ESZmK1V2PBlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0J0Nkl1VWMtNXo0UWdYa1JKbVlyVlhZOEdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9jNTE1YzktZGYwOC00MjZjLTgwZTYt
MDM2NzI2OGZmODcxLzEvYzhZYmxFY3RvNlJkcE1KX3BLZXB3NHdSUnRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9jNTE1YzktZGYwOC00MjZjLTgwZTYtMDM2NzI2OGZmODcx
LzEvQ0J0Nkl1VWMtNXo0UWdYa1JKbVlyVlhZOEdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCLYzkAwQC
LZy0AwQCLZzAAwQCLZzIAwQEVcYwMA0GCSqGSIb3DQEBCwUAA4IBAQAJfZHnUU/x
5J/RGhE0UYToJhU6JjvL8Y7SbnxGCp/klyZZ5HoL8YTlVwPKd4DybGg0BzmhOfif
Mv1wO6/wTPYxkaueBJKRHQAxm0/SCkS/X2r7iLvX8ZgAjlSX7Uhs2iZtoC0IjBZ4
YTEEhAw8HGOFWh0MRXom+kme54LkXPDYpiJZO1xOtNJRI8A8hIpjHpFSwlKA03Cf
Wqb3eZ6g6DyiPIdKWxD2mOENxlI0TgFDYRTEKlW0jQAJm/8uIKI3S/Hl5wIaKzLQ
acb3Td/+/b0WJXRMl59aq354KEdQiBrA/pS2cFM8i3gStBnOD/LJj0IxTwaRf49A
ClX1TFS3Z98X
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:49 2024 by rpki-client on console-ams.rpki-client.org