Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/dBVcgcWetZGzvJiO3faXSlxwZqc.roa
File: dBVcgcWetZGzvJiO3faXSlxwZqc.roa (raw, json)
Hash identifier: P8JauFb/3B+MQy1htv+0GegthojC0K3dOQN+PJRJBgo=
Subject key identifier: 74:15:5C:81:C5:9E:B5:91:B3:BC:98:8E:DD:F6:97:4A:5C:70:66:A7
Certificate issuer: /CN=429361cd181d86ef54ebe2fc91a80ec534ceac78
Certificate serial: 0187FC3D01C1A0609E603029008730B35DDF
Authority key identifier: 42:93:61:CD:18:1D:86:EF:54:EB:E2:FC:91:A8:0E:C5:34:CE:AC:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QpNhzRgdhu9U6-L8kagOxTTOrHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/dBVcgcWetZGzvJiO3faXSlxwZqc.roa
Signing time: Mon 08 May 2023 16:41:09 +0000
ROA not before: Mon 08 May 2023 16:41:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200845
IP address blocks: 185.198.48.0/24 maxlen: 24
45.10.112.0/24 maxlen: 24
45.10.114.0/24 maxlen: 24
45.10.115.0/24 maxlen: 24
94.103.245.0/24 maxlen: 24
45.138.246.0/24 maxlen: 24
45.138.245.0/24 maxlen: 24
45.138.244.0/24 maxlen: 24
45.138.247.0/24 maxlen: 24
185.195.111.0/24 maxlen: 24
185.25.52.0/24 maxlen: 24
194.59.196.0/24 maxlen: 24
185.192.117.0/24 maxlen: 24
185.192.119.0/24 maxlen: 24
193.8.244.0/24 maxlen: 24
185.194.63.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:fc:3d:01:c1:a0:60:9e:60:30:29:00:87:30:b3:5d:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=429361cd181d86ef54ebe2fc91a80ec534ceac78
Validity
Not Before: May 8 16:41:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=74155c81c59eb591b3bc988eddf6974a5c7066a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:8d:c6:b1:e4:33:2c:8b:67:8b:ed:7e:b8:42:
25:ec:6e:59:2e:94:3a:03:bf:f9:46:de:ae:58:a7:
65:5a:3f:ab:a0:fa:a8:21:58:5d:20:4c:6f:c4:57:
a1:be:bc:1f:49:e4:e7:13:05:1c:d2:7b:92:7b:35:
a8:69:a1:42:30:53:e5:88:86:26:7f:53:77:89:d9:
5f:f4:1b:ed:b9:c9:e1:99:18:cd:4b:7f:42:9d:de:
3b:6d:f6:0a:c7:d4:39:8f:dc:06:36:98:5e:6f:e6:
46:1c:79:85:a7:65:d2:cb:a8:e2:d4:aa:fb:e4:04:
6d:88:6f:f6:c6:c1:f2:39:6a:50:cd:52:3d:d8:c6:
e4:79:f8:0b:fb:6f:2a:b6:64:26:34:bc:cf:d0:b0:
ec:a7:45:65:98:fe:45:69:bd:4e:51:8e:2f:fa:3a:
ad:f7:17:9a:79:1d:49:b4:54:39:68:4b:ac:ff:cd:
6e:85:73:3b:93:37:83:f2:71:93:72:73:00:54:67:
35:70:fa:3e:3d:8a:37:1d:50:f7:cf:23:7f:98:92:
86:13:86:dd:92:c0:f2:be:e0:00:d7:de:d4:44:1b:
58:ba:75:58:4d:04:23:44:e9:8b:50:71:8f:f0:5b:
46:fb:3b:04:cc:70:64:9b:18:ae:8e:e5:1a:f7:2a:
a2:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:15:5C:81:C5:9E:B5:91:B3:BC:98:8E:DD:F6:97:4A:5C:70:66:A7
X509v3 Authority Key Identifier:
keyid:42:93:61:CD:18:1D:86:EF:54:EB:E2:FC:91:A8:0E:C5:34:CE:AC:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpNhzRgdhu9U6-L8kagOxTTOrHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/dBVcgcWetZGzvJiO3faXSlxwZqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/QpNhzRgdhu9U6-L8kagOxTTOrHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.112.0/24
45.10.114.0/23
45.138.244.0/22
94.103.245.0/24
185.25.52.0/24
185.192.117.0/24
185.192.119.0/24
185.194.63.0/24
185.195.111.0/24
185.198.48.0/24
193.8.244.0/24
194.59.196.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:a5:8d:a5:f0:5f:19:89:5a:38:11:54:19:4e:79:81:9c:f1:
8b:3a:62:b2:ca:50:60:3d:ab:13:dc:b8:a2:df:08:52:29:6a:
45:bb:24:c5:d5:fb:5e:bd:ff:13:ef:b2:72:3b:18:22:de:c9:
29:fd:4c:6d:cd:81:8c:de:9c:40:bc:2a:13:7e:9a:a5:6a:a2:
a0:52:de:2c:98:cd:fc:1c:dc:5d:6e:be:bb:d5:64:46:d4:83:
51:ad:c6:de:13:b8:37:98:bc:89:e0:86:0c:b3:14:75:2d:f4:
01:bc:f6:f4:af:d5:89:e1:e6:56:29:44:0e:be:e4:9e:5b:a2:
d9:3a:47:8d:13:50:7f:7d:49:d3:ff:17:8b:b5:27:4c:29:97:
d6:81:d3:9c:23:cd:72:5c:3a:ab:ae:e9:58:d4:5f:4a:0e:b0:
55:0a:b2:e4:33:5e:8a:85:b4:11:68:96:06:4a:da:06:91:89:
2c:12:bc:6d:76:cc:48:79:66:95:78:a2:7b:a3:46:b2:41:ab:
48:e8:9e:df:8b:76:eb:54:fa:4b:fc:15:4c:4c:d6:11:a5:b5:
e7:6b:50:26:b3:22:3b:f0:a2:74:76:0a:79:99:98:4c:82:79:
76:06:9e:03:7e:4d:33:2e:8e:19:2e:13:f4:32:bd:42:04:da:
ba:3b:6c:45
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYf8PQHBoGCeYDApAIcws13fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOTM2MWNkMTgxZDg2ZWY1NGViZTJmYzkxYTgwZWM1MzRj
ZWFjNzgwHhcNMjMwNTA4MTY0MTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDE1NWM4MWM1OWViNTkxYjNiYzk4OGVkZGY2OTc0YTVjNzA2NmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo43GseQzLItni+1+uEIl7G5ZLpQ6
A7/5Rt6uWKdlWj+roPqoIVhdIExvxFehvrwfSeTnEwUc0nuSezWoaaFCMFPliIYm
f1N3idlf9BvtucnhmRjNS39Cnd47bfYKx9Q5j9wGNpheb+ZGHHmFp2XSy6ji1Kr7
5ARtiG/2xsHyOWpQzVI92MbkefgL+28qtmQmNLzP0LDsp0VlmP5Fab1OUY4v+jqt
9xeaeR1JtFQ5aEus/81uhXM7kzeD8nGTcnMAVGc1cPo+PYo3HVD3zyN/mJKGE4bd
ksDyvuAA197URBtYunVYTQQjROmLUHGP8FtG+zsEzHBkmxiujuUa9yqiJwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFHQVXIHFnrWRs7yYjt32l0pccGanMB8GA1UdIwQY
MBaAFEKTYc0YHYbvVOvi/JGoDsU0zqx4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBOaHpSZ2RodTlVNi1MOGthZ094VFRPckhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS83MjMwYmQtMGM3Yy00YTAyLWFkYjkt
OWJiYjQyZmE4Y2VkLzEvZEJWY2djV2V0Wkd6dkppTzNmYVhTbHh3WnFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS83MjMwYmQtMGM3Yy00YTAyLWFkYjktOWJiYjQyZmE4Y2Vk
LzEvUXBOaHpSZ2RodTlVNi1MOGthZ094VFRPckhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQALQpwAwQB
LQpyAwQCLYr0AwQAXmf1AwQAuRk0AwQAucB1AwQAucB3AwQAucI/AwQAucNvAwQA
ucYwAwQAwQj0AwQAwjvEMA0GCSqGSIb3DQEBCwUAA4IBAQAspY2l8F8ZiVo4EVQZ
TnmBnPGLOmKyylBgPasT3Lii3whSKWpFuyTF1ftevf8T77JyOxgi3skp/UxtzYGM
3pxAvCoTfpqlaqKgUt4smM38HNxdbr671WRG1INRrcbeE7g3mLyJ4IYMsxR1LfQB
vPb0r9WJ4eZWKUQOvuSeW6LZOkeNE1B/fUnT/xeLtSdMKZfWgdOcI81yXDqrrulY
1F9KDrBVCrLkM16KhbQRaJYGStoGkYksErxtdsxIeWaVeKJ7o0ayQatI6J7fi3br
VPpL/BVMTNYRpbXna1AmsyI78KJ0dgp5mZhMgnl2Bp4Dfk0zLo4ZLhP0Mr1CBNq6
O2xF
-----END CERTIFICATE-----
Generated at Fri Apr 18 20:11:12 2025 by rpki-client