Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/160md_nuvCaE1SjXC3xXXZVwoNg.roa
File: 160md_nuvCaE1SjXC3xXXZVwoNg.roa (raw, json)
Hash identifier: b+HwZqG7KupNGZQm3PVCqj3wlOK7ZZ4pV/Ni0UilyPI=
Subject key identifier: D7:AD:26:77:F9:EE:BC:26:84:D5:28:D7:0B:7C:57:5D:95:70:A0:D8
Certificate issuer: /CN=429361cd181d86ef54ebe2fc91a80ec534ceac78
Certificate serial: 01882A76E335F98E4F61EE5A5E152B1C9F34
Authority key identifier: 42:93:61:CD:18:1D:86:EF:54:EB:E2:FC:91:A8:0E:C5:34:CE:AC:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QpNhzRgdhu9U6-L8kagOxTTOrHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/160md_nuvCaE1SjXC3xXXZVwoNg.roa
Signing time: Wed 17 May 2023 16:06:54 +0000
ROA not before: Wed 17 May 2023 16:06:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200845
IP address blocks: 185.198.48.0/24 maxlen: 24
94.103.245.0/24 maxlen: 24
45.138.246.0/24 maxlen: 24
45.138.245.0/24 maxlen: 24
45.138.244.0/24 maxlen: 24
62.122.35.0/24 maxlen: 24
62.122.34.0/24 maxlen: 24
62.122.33.0/24 maxlen: 24
45.138.247.0/24 maxlen: 24
62.122.32.0/24 maxlen: 24
185.25.52.0/24 maxlen: 24
185.193.105.0/24 maxlen: 24
185.193.104.0/24 maxlen: 24
185.193.106.0/24 maxlen: 24
185.195.37.0/24 maxlen: 24
185.195.36.0/24 maxlen: 24
185.192.73.0/24 maxlen: 24
45.10.112.0/24 maxlen: 24
45.10.114.0/24 maxlen: 24
45.10.113.0/24 maxlen: 24
45.10.115.0/24 maxlen: 24
185.195.111.0/24 maxlen: 24
185.195.110.0/24 maxlen: 24
185.195.109.0/24 maxlen: 24
185.195.108.0/24 maxlen: 24
194.5.29.0/24 maxlen: 24
194.5.28.0/24 maxlen: 24
194.5.33.0/24 maxlen: 24
194.5.32.0/24 maxlen: 24
194.59.196.0/24 maxlen: 24
185.192.117.0/24 maxlen: 24
185.192.119.0/24 maxlen: 24
193.8.244.0/24 maxlen: 24
193.8.249.0/24 maxlen: 24
193.8.247.0/24 maxlen: 24
185.194.63.0/24 maxlen: 24
193.8.255.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:2a:76:e3:35:f9:8e:4f:61:ee:5a:5e:15:2b:1c:9f:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=429361cd181d86ef54ebe2fc91a80ec534ceac78
Validity
Not Before: May 17 16:06:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d7ad2677f9eebc2684d528d70b7c575d9570a0d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:cf:88:79:78:68:d6:89:2f:ac:52:64:83:27:
70:6f:09:79:20:32:93:86:8e:01:3d:2d:19:e6:ce:
5e:f1:44:96:5c:03:e1:a6:4e:de:30:52:c0:24:61:
b0:6a:5e:08:be:e0:c3:06:2f:1c:eb:7c:04:f0:f3:
1a:68:30:b0:4d:b0:2f:56:f5:cc:a4:09:e2:74:01:
e3:82:49:38:3d:31:57:35:5d:9e:ed:e9:b6:42:62:
70:47:3f:31:d8:4e:00:23:29:43:c9:7c:64:de:bc:
a7:54:6a:fc:d1:c3:1f:67:fe:2e:dd:4a:87:e7:b6:
81:79:86:f1:17:9c:04:34:c3:04:b3:34:ae:ef:11:
c8:a7:b1:3f:fa:72:3f:f5:01:6c:05:78:71:32:59:
af:e0:cf:3a:4a:b2:dc:b4:ea:11:5c:99:5f:62:35:
6d:19:f4:b3:96:34:cf:df:9b:5c:39:7b:d7:85:d5:
07:51:8e:4c:4e:cf:10:1c:cc:cc:94:19:26:77:e4:
7e:0a:a5:eb:27:e2:00:19:1c:23:45:c7:69:81:4b:
5c:3e:53:2f:85:03:77:30:31:de:1d:45:8e:f3:7e:
00:5a:d7:9b:ab:71:a0:2b:5f:d0:63:39:b0:f6:fc:
8d:f2:a1:68:24:57:6d:b4:70:cd:93:7b:49:94:d9:
89:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:AD:26:77:F9:EE:BC:26:84:D5:28:D7:0B:7C:57:5D:95:70:A0:D8
X509v3 Authority Key Identifier:
keyid:42:93:61:CD:18:1D:86:EF:54:EB:E2:FC:91:A8:0E:C5:34:CE:AC:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpNhzRgdhu9U6-L8kagOxTTOrHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/160md_nuvCaE1SjXC3xXXZVwoNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/QpNhzRgdhu9U6-L8kagOxTTOrHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.112.0/22
45.138.244.0/22
62.122.32.0/22
94.103.245.0/24
185.25.52.0/24
185.192.73.0/24
185.192.117.0/24
185.192.119.0/24
185.193.104.0-185.193.106.255
185.194.63.0/24
185.195.36.0/23
185.195.108.0/22
185.198.48.0/24
193.8.244.0/24
193.8.247.0/24
193.8.249.0/24
193.8.255.0/24
194.5.28.0/23
194.5.32.0/23
194.59.196.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:2c:71:e1:ae:2d:4b:7b:66:98:3b:a7:40:09:67:b7:ef:db:
72:53:0c:95:fc:ff:41:ee:46:99:34:d6:92:f1:63:fa:55:6b:
b0:63:a3:83:60:39:38:b0:fe:73:6e:7c:ed:f8:b3:e1:66:a9:
49:e1:60:b7:01:14:3c:f9:34:e2:bf:9c:70:6c:44:63:ae:1b:
25:fb:39:54:36:77:d3:0c:0f:8a:9a:6b:59:4a:be:a8:86:ed:
c6:c5:26:f9:a1:5e:ad:f6:99:3d:73:d4:88:49:34:1a:90:43:
a4:8c:1c:e4:5d:79:59:52:64:65:a2:a8:bb:34:33:bb:4e:a9:
15:d0:5a:5e:52:3a:48:9f:6c:87:1a:8b:fd:01:c4:55:28:68:
bc:a2:f7:04:38:ba:7a:1b:92:93:a7:fd:ce:78:25:71:67:14:
7b:b0:e5:f7:da:f3:23:b6:7e:83:db:7b:34:dc:f3:af:5f:88:
b6:13:07:44:70:1d:55:1c:22:90:9d:29:39:b9:7b:18:c0:3d:
64:c8:3c:cd:90:cc:0a:c8:01:94:44:3a:65:49:06:f9:55:fb:
71:53:ad:5a:0f:7e:8f:e2:e9:e2:fa:68:0c:50:fd:fe:99:ea:
da:44:ca:fb:0c:9a:68:a6:50:1b:2a:bc:d4:47:eb:e5:5e:55:
2a:9f:73:55
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAYgqduM1+Y5PYe5aXhUrHJ80MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOTM2MWNkMTgxZDg2ZWY1NGViZTJmYzkxYTgwZWM1MzRj
ZWFjNzgwHhcNMjMwNTE3MTYwNjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2FkMjY3N2Y5ZWViYzI2ODRkNTI4ZDcwYjdjNTc1ZDk1NzBhMGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8+IeXho1okvrFJkgydwbwl5IDKT
ho4BPS0Z5s5e8USWXAPhpk7eMFLAJGGwal4IvuDDBi8c63wE8PMaaDCwTbAvVvXM
pAnidAHjgkk4PTFXNV2e7em2QmJwRz8x2E4AIylDyXxk3rynVGr80cMfZ/4u3UqH
57aBeYbxF5wENMMEszSu7xHIp7E/+nI/9QFsBXhxMlmv4M86SrLctOoRXJlfYjVt
GfSzljTP35tcOXvXhdUHUY5MTs8QHMzMlBkmd+R+CqXrJ+IAGRwjRcdpgUtcPlMv
hQN3MDHeHUWO834AWtebq3GgK1/QYzmw9vyN8qFoJFdttHDNk3tJlNmJTwIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFNetJnf57rwmhNUo1wt8V12VcKDYMB8GA1UdIwQY
MBaAFEKTYc0YHYbvVOvi/JGoDsU0zqx4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBOaHpSZ2RodTlVNi1MOGthZ094VFRPckhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS83MjMwYmQtMGM3Yy00YTAyLWFkYjkt
OWJiYjQyZmE4Y2VkLzEvMTYwbWRfbnV2Q2FFMVNqWEMzeFhYWlZ3b05nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS83MjMwYmQtMGM3Yy00YTAyLWFkYjktOWJiYjQyZmE4Y2Vk
LzEvUXBOaHpSZ2RodTlVNi1MOGthZ094VFRPckhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijCBhwQCAAEwgYADBAIt
CnADBAItivQDBAI+eiADBABeZ/UDBAC5GTQDBAC5wEkDBAC5wHUDBAC5wHcwDAME
A7nBaAMEALnBagMEALnCPwMEAbnDJAMEArnDbAMEALnGMAMEAMEI9AMEAMEI9wME
AMEI+QMEAMEI/wMEAcIFHAMEAcIFIAMEAMI7xDANBgkqhkiG9w0BAQsFAAOCAQEA
nyxx4a4tS3tmmDunQAlnt+/bclMMlfz/Qe5GmTTWkvFj+lVrsGOjg2A5OLD+c258
7fiz4WapSeFgtwEUPPk04r+ccGxEY64bJfs5VDZ30wwPipprWUq+qIbtxsUm+aFe
rfaZPXPUiEk0GpBDpIwc5F15WVJkZaKouzQzu06pFdBaXlI6SJ9shxqL/QHEVSho
vKL3BDi6ehuSk6f9znglcWcUe7Dl99rzI7Z+g9t7NNzzr1+IthMHRHAdVRwikJ0p
Obl7GMA9ZMg8zZDMCsgBlEQ6ZUkG+VX7cVOtWg9+j+Lp4vpoDFD9/pnq2kTK+wya
aKZQGyq81Efr5V5VKp9zVQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:34 2024 by rpki-client on console-fra.rpki-client.org