Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/C-as7d3tJljvFg1KdRQKf0EIA40.roa
File: C-as7d3tJljvFg1KdRQKf0EIA40.roa (raw, json)
Hash identifier: ZDwxewPeJvlCM+68ZxH6l4SzHYMbEiSuK/B4Mf5aJ3Q=
Subject key identifier: 0B:E6:AC:ED:DD:ED:26:58:EF:16:0D:4A:75:14:0A:7F:41:08:03:8D
Certificate issuer: /CN=429361cd181d86ef54ebe2fc91a80ec534ceac78
Certificate serial: 0187FC47FE9AD05E49A83550AF9F7AB7A3C3
Authority key identifier: 42:93:61:CD:18:1D:86:EF:54:EB:E2:FC:91:A8:0E:C5:34:CE:AC:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QpNhzRgdhu9U6-L8kagOxTTOrHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/C-as7d3tJljvFg1KdRQKf0EIA40.roa
Signing time: Mon 08 May 2023 16:53:09 +0000
ROA not before: Mon 08 May 2023 16:53:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48146
IP address blocks: 185.198.48.0/24 maxlen: 24
94.103.245.0/24 maxlen: 24
45.138.244.0/24 maxlen: 24
45.138.245.0/24 maxlen: 24
45.138.246.0/24 maxlen: 24
45.138.247.0/24 maxlen: 24
62.122.32.0/24 maxlen: 24
62.122.33.0/24 maxlen: 24
62.122.34.0/24 maxlen: 24
62.122.35.0/24 maxlen: 24
185.25.52.0/24 maxlen: 24
185.193.104.0/24 maxlen: 24
185.193.105.0/24 maxlen: 24
185.193.106.0/24 maxlen: 24
185.195.36.0/24 maxlen: 24
185.195.37.0/24 maxlen: 24
45.10.112.0/24 maxlen: 24
45.10.115.0/24 maxlen: 24
45.10.114.0/24 maxlen: 24
185.195.108.0/24 maxlen: 24
185.195.111.0/24 maxlen: 24
194.59.196.0/24 maxlen: 24
185.192.117.0/24 maxlen: 24
185.192.119.0/24 maxlen: 24
193.8.244.0/24 maxlen: 24
185.194.63.0/24 maxlen: 24
193.8.247.0/24 maxlen: 24
193.8.249.0/24 maxlen: 24
193.8.255.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:fc:47:fe:9a:d0:5e:49:a8:35:50:af:9f:7a:b7:a3:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=429361cd181d86ef54ebe2fc91a80ec534ceac78
Validity
Not Before: May 8 16:53:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0be6aceddded2658ef160d4a75140a7f4108038d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:46:17:15:38:01:1e:cb:52:d8:7a:e3:45:f2:
e6:f3:fe:cc:2a:c9:83:03:11:ba:bf:86:10:bb:45:
50:a2:4b:f8:e2:10:c9:a7:30:53:b9:6d:76:c3:56:
07:7e:84:38:c2:92:73:df:4b:db:7b:4e:37:35:b3:
b2:06:ca:37:e9:ab:cc:a2:2c:dc:f5:01:00:27:7b:
3d:e5:a7:9c:70:0b:c5:4b:c6:29:04:8f:b5:87:df:
69:88:77:b9:47:87:f6:4e:b7:bd:01:36:0a:4d:ea:
6f:75:70:49:b8:30:fe:9b:11:da:6a:3a:68:45:a1:
fe:36:1a:5b:2e:f9:d5:17:bb:36:5f:0a:e2:cf:24:
9f:44:fd:1e:77:3f:ea:c6:c8:19:34:54:37:34:a3:
37:44:10:8d:d1:b5:ca:dd:9c:47:63:f0:c5:08:dc:
ca:b4:2e:98:a1:a7:ba:d5:c8:d7:8d:97:70:48:bd:
33:11:de:97:d8:3c:1a:93:a4:f4:df:fc:dd:2d:e0:
b5:7a:c7:38:54:5f:fb:76:3e:0f:22:41:dc:1e:c6:
b0:50:c7:67:c6:fd:19:d4:94:fb:94:df:e9:a5:0e:
33:2f:74:40:54:bc:50:5c:10:29:94:44:fb:0a:62:
8c:4a:26:9a:99:06:57:38:9b:ae:76:39:bf:5d:ff:
fa:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:E6:AC:ED:DD:ED:26:58:EF:16:0D:4A:75:14:0A:7F:41:08:03:8D
X509v3 Authority Key Identifier:
keyid:42:93:61:CD:18:1D:86:EF:54:EB:E2:FC:91:A8:0E:C5:34:CE:AC:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpNhzRgdhu9U6-L8kagOxTTOrHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/C-as7d3tJljvFg1KdRQKf0EIA40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/QpNhzRgdhu9U6-L8kagOxTTOrHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.112.0/24
45.10.114.0/23
45.138.244.0/22
62.122.32.0/22
94.103.245.0/24
185.25.52.0/24
185.192.117.0/24
185.192.119.0/24
185.193.104.0-185.193.106.255
185.194.63.0/24
185.195.36.0/23
185.195.108.0/24
185.195.111.0/24
185.198.48.0/24
193.8.244.0/24
193.8.247.0/24
193.8.249.0/24
193.8.255.0/24
194.59.196.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:21:85:94:16:3c:b8:60:cf:af:eb:ed:61:c0:da:5a:84:c8:
d9:b4:31:8b:4f:d8:73:f9:ae:85:3a:ee:31:76:7f:a2:3e:dd:
d8:24:5d:bd:e9:b6:01:07:47:45:a8:7a:78:61:b6:48:e5:3a:
1e:49:e8:e8:86:36:0e:1c:1f:9b:46:5f:08:0f:9d:d0:95:2e:
88:53:bd:b3:9b:b4:b3:5f:cd:cf:d9:93:b4:12:de:89:0c:90:
1e:73:b5:8d:ef:1b:33:12:37:fc:21:55:a5:1e:74:d4:6e:6a:
9c:89:96:cf:10:de:42:63:c4:d9:16:c2:76:62:ff:f4:db:e6:
de:b7:85:29:3d:a2:e7:97:b1:17:5a:2f:b1:08:28:40:e9:16:
85:65:c6:8f:27:24:cf:aa:cd:4e:49:26:94:a3:e3:e5:38:92:
36:ab:87:1a:8b:8c:df:b5:e9:b5:55:1c:66:3e:3c:64:7c:6f:
00:da:26:11:1c:52:cc:e9:ee:64:18:f7:b8:e7:c7:c5:f1:b0:
90:9b:46:bc:1c:bf:08:4a:a8:d6:5f:4e:d8:6a:ed:ef:9f:de:
7a:7e:10:19:ed:61:19:10:a7:80:4f:d7:08:4f:17:7a:e5:5c:
ae:1d:1f:05:9f:ee:ae:31:cb:1b:3d:cd:37:6c:58:1e:2e:bb:
bd:2c:36:68
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAYf8R/6a0F5JqDVQr596t6PDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOTM2MWNkMTgxZDg2ZWY1NGViZTJmYzkxYTgwZWM1MzRj
ZWFjNzgwHhcNMjMwNTA4MTY1MzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmU2YWNlZGRkZWQyNjU4ZWYxNjBkNGE3NTE0MGE3ZjQxMDgwMzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkYXFTgBHstS2HrjRfLm8/7MKsmD
AxG6v4YQu0VQokv44hDJpzBTuW12w1YHfoQ4wpJz30vbe043NbOyBso36avMoizc
9QEAJ3s95aeccAvFS8YpBI+1h99piHe5R4f2Tre9ATYKTepvdXBJuDD+mxHaajpo
RaH+NhpbLvnVF7s2XwrizySfRP0edz/qxsgZNFQ3NKM3RBCN0bXK3ZxHY/DFCNzK
tC6Yoae61cjXjZdwSL0zEd6X2Dwak6T03/zdLeC1esc4VF/7dj4PIkHcHsawUMdn
xv0Z1JT7lN/ppQ4zL3RAVLxQXBAplET7CmKMSiaamQZXOJuudjm/Xf/6/wIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFAvmrO3d7SZY7xYNSnUUCn9BCAONMB8GA1UdIwQY
MBaAFEKTYc0YHYbvVOvi/JGoDsU0zqx4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBOaHpSZ2RodTlVNi1MOGthZ094VFRPckhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS83MjMwYmQtMGM3Yy00YTAyLWFkYjkt
OWJiYjQyZmE4Y2VkLzEvQy1hczdkM3RKbGp2RmcxS2RSUUtmMEVJQTQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS83MjMwYmQtMGM3Yy00YTAyLWFkYjktOWJiYjQyZmE4Y2Vk
LzEvUXBOaHpSZ2RodTlVNi1MOGthZ094VFRPckhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwegMEAC0K
cAMEAS0KcgMEAi2K9AMEAj56IAMEAF5n9QMEALkZNAMEALnAdQMEALnAdzAMAwQD
ucFoAwQAucFqAwQAucI/AwQBucMkAwQAucNsAwQAucNvAwQAucYwAwQAwQj0AwQA
wQj3AwQAwQj5AwQAwQj/AwQAwjvEMA0GCSqGSIb3DQEBCwUAA4IBAQCiIYWUFjy4
YM+v6+1hwNpahMjZtDGLT9hz+a6FOu4xdn+iPt3YJF296bYBB0dFqHp4YbZI5Toe
SejohjYOHB+bRl8ID53QlS6IU72zm7SzX83P2ZO0Et6JDJAec7WN7xszEjf8IVWl
HnTUbmqciZbPEN5CY8TZFsJ2Yv/02+bet4UpPaLnl7EXWi+xCChA6RaFZcaPJyTP
qs1OSSaUo+PlOJI2q4cai4zftem1VRxmPjxkfG8A2iYRHFLM6e5kGPe458fF8bCQ
m0a8HL8ISqjWX07Yau3vn956fhAZ7WEZEKeAT9cITxd65VyuHR8Fn+6uMcsbPc03
bFgeLru9LDZo
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:39 2024 by rpki-client on console-ams.rpki-client.org