Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/1qrdGwHnw1NPAQKBfsXNsDq7Zq4.roa
File: 1qrdGwHnw1NPAQKBfsXNsDq7Zq4.roa (raw, json)
Hash identifier: gzKgKCRjduzYGvYoYwUcbEAU6zvMWX6hfpLjrVOXJO4=
Subject key identifier: D6:AA:DD:1B:01:E7:C3:53:4F:01:02:81:7E:C5:CD:B0:3A:BB:66:AE
Certificate issuer: /CN=429361cd181d86ef54ebe2fc91a80ec534ceac78
Certificate serial: 0187B761041E3FAF34A263F232C197567F24
Authority key identifier: 42:93:61:CD:18:1D:86:EF:54:EB:E2:FC:91:A8:0E:C5:34:CE:AC:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QpNhzRgdhu9U6-L8kagOxTTOrHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/1qrdGwHnw1NPAQKBfsXNsDq7Zq4.roa
Signing time: Tue 25 Apr 2023 07:46:41 +0000
ROA not before: Tue 25 Apr 2023 07:46:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48146
IP address blocks: 185.198.48.0/24 maxlen: 24
45.10.112.0/24 maxlen: 24
185.25.52.0/24 maxlen: 24
94.103.245.0/24 maxlen: 24
194.59.196.0/24 maxlen: 24
185.192.117.0/24 maxlen: 24
185.192.119.0/24 maxlen: 24
185.195.111.0/24 maxlen: 24
193.8.244.0/24 maxlen: 24
185.194.63.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b7:61:04:1e:3f:af:34:a2:63:f2:32:c1:97:56:7f:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=429361cd181d86ef54ebe2fc91a80ec534ceac78
Validity
Not Before: Apr 25 07:46:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d6aadd1b01e7c3534f0102817ec5cdb03abb66ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:41:11:10:59:ed:f3:5f:03:b7:1d:af:e6:07:
4a:9e:b2:4b:52:03:0f:a3:70:e2:b1:af:c4:3e:b2:
b5:f1:2d:af:fe:e8:f5:54:48:20:d4:9f:3b:a2:f3:
b6:09:21:b1:aa:71:8e:b5:31:4c:5e:41:c0:30:13:
81:3b:fb:bc:b1:e2:1d:b7:26:8c:2d:3b:fd:2f:39:
3c:fc:4b:7e:6a:3b:b7:35:e9:f2:3e:f1:c2:9a:29:
c2:72:d4:7f:7f:a9:1a:01:9c:25:0b:f2:2e:ff:e1:
80:1b:03:5a:3c:7a:cf:60:28:68:3d:9c:2f:85:ab:
de:83:72:18:3c:6a:e4:c3:1a:f2:84:41:40:83:22:
b4:1b:90:aa:4c:fa:94:f3:af:54:41:ac:ae:c0:06:
6b:0b:03:f0:4f:39:8d:38:81:11:af:d4:cc:a6:a0:
31:60:55:6f:91:ed:33:6d:70:49:fb:d7:b5:f5:9c:
3e:2c:e0:56:d4:af:9e:7e:c2:67:0a:fe:c7:b0:9c:
68:8d:09:c9:12:34:0c:e2:e4:6e:e9:bc:b7:31:aa:
4a:8c:fd:67:57:36:43:94:53:f5:db:f1:38:aa:00:
a8:6b:c5:72:11:be:8c:af:fc:04:dc:61:4c:84:84:
d0:e5:c7:d4:6a:ed:7e:da:6b:7f:cd:85:f3:b5:83:
a7:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:AA:DD:1B:01:E7:C3:53:4F:01:02:81:7E:C5:CD:B0:3A:BB:66:AE
X509v3 Authority Key Identifier:
keyid:42:93:61:CD:18:1D:86:EF:54:EB:E2:FC:91:A8:0E:C5:34:CE:AC:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpNhzRgdhu9U6-L8kagOxTTOrHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/1qrdGwHnw1NPAQKBfsXNsDq7Zq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/QpNhzRgdhu9U6-L8kagOxTTOrHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.112.0/24
94.103.245.0/24
185.25.52.0/24
185.192.117.0/24
185.192.119.0/24
185.194.63.0/24
185.195.111.0/24
185.198.48.0/24
193.8.244.0/24
194.59.196.0/24
Signature Algorithm: sha256WithRSAEncryption
93:c2:ec:ba:25:8d:6e:93:d9:7d:a6:0b:14:fb:d7:e3:db:6b:
67:f4:a0:35:76:e3:41:42:47:56:a3:ba:ae:f3:3a:ac:48:4f:
eb:61:6d:b0:ea:20:3f:5b:fc:5e:41:8c:09:04:f6:96:01:15:
bb:57:96:b9:14:6d:5d:d8:fa:00:4d:d5:c9:5c:e0:b6:5d:e1:
0c:13:2b:dc:38:df:08:eb:9a:a0:ce:00:4e:85:38:b2:41:66:
d4:8c:82:77:6a:57:73:86:97:74:7d:2b:28:c0:e1:7c:1d:a6:
fb:01:ff:f1:11:a4:b8:bd:e4:0c:43:c8:f7:54:ed:87:11:a9:
21:58:9e:99:0f:97:ee:0e:9f:cd:d3:6e:a7:12:12:03:e0:8f:
6c:00:92:11:10:f5:6b:65:b8:13:ab:2f:d7:b5:43:3e:2f:1b:
af:c5:b4:e3:c0:d4:32:72:4c:20:9b:d9:4a:5c:a9:75:10:43:
d1:ad:02:d6:0c:2c:7f:be:0d:4a:d0:15:ea:85:30:c1:34:c2:
cd:e3:78:33:bf:40:33:ea:a4:d6:3e:a9:8d:67:2a:41:31:b4:
ad:0d:41:04:5c:47:0f:55:82:96:32:55:c3:6b:64:e5:be:f4:
31:ff:f9:72:d1:7d:50:f4:98:4b:b9:f2:0a:64:9d:da:a7:28:
f5:78:01:a5
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYe3YQQeP680omPyMsGXVn8kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOTM2MWNkMTgxZDg2ZWY1NGViZTJmYzkxYTgwZWM1MzRj
ZWFjNzgwHhcNMjMwNDI1MDc0NjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmFhZGQxYjAxZTdjMzUzNGYwMTAyODE3ZWM1Y2RiMDNhYmI2NmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0EREFnt818Dtx2v5gdKnrJLUgMP
o3Disa/EPrK18S2v/uj1VEgg1J87ovO2CSGxqnGOtTFMXkHAMBOBO/u8seIdtyaM
LTv9Lzk8/Et+aju3NenyPvHCminCctR/f6kaAZwlC/Iu/+GAGwNaPHrPYChoPZwv
haveg3IYPGrkwxryhEFAgyK0G5CqTPqU869UQayuwAZrCwPwTzmNOIERr9TMpqAx
YFVvke0zbXBJ+9e19Zw+LOBW1K+efsJnCv7HsJxojQnJEjQM4uRu6by3MapKjP1n
VzZDlFP12/E4qgCoa8VyEb6Mr/wE3GFMhITQ5cfUau1+2mt/zYXztYOn9QIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFNaq3RsB58NTTwECgX7FzbA6u2auMB8GA1UdIwQY
MBaAFEKTYc0YHYbvVOvi/JGoDsU0zqx4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBOaHpSZ2RodTlVNi1MOGthZ094VFRPckhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS83MjMwYmQtMGM3Yy00YTAyLWFkYjkt
OWJiYjQyZmE4Y2VkLzEvMXFyZEd3SG53MU5QQVFLQmZzWE5zRHE3WnE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS83MjMwYmQtMGM3Yy00YTAyLWFkYjktOWJiYjQyZmE4Y2Vk
LzEvUXBOaHpSZ2RodTlVNi1MOGthZ094VFRPckhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALQpwAwQA
Xmf1AwQAuRk0AwQAucB1AwQAucB3AwQAucI/AwQAucNvAwQAucYwAwQAwQj0AwQA
wjvEMA0GCSqGSIb3DQEBCwUAA4IBAQCTwuy6JY1uk9l9pgsU+9fj22tn9KA1duNB
QkdWo7qu8zqsSE/rYW2w6iA/W/xeQYwJBPaWARW7V5a5FG1d2PoATdXJXOC2XeEM
EyvcON8I65qgzgBOhTiyQWbUjIJ3aldzhpd0fSsowOF8Hab7Af/xEaS4veQMQ8j3
VO2HEakhWJ6ZD5fuDp/N026nEhID4I9sAJIREPVrZbgTqy/XtUM+LxuvxbTjwNQy
ckwgm9lKXKl1EEPRrQLWDCx/vg1K0BXqhTDBNMLN43gzv0Az6qTWPqmNZypBMbSt
DUEEXEcPVYKWMlXDa2TlvvQx//ly0X1Q9JhLufIKZJ3apyj1eAGl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:39 2024 by rpki-client on console-ams.rpki-client.org