Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/fv_7hmKFiTFucMYb9sSjTyJoqy8.roa
File: fv_7hmKFiTFucMYb9sSjTyJoqy8.roa (raw, json)
Hash identifier: PwvMMn+X6hfJqdC+f44f0r+VuNeGr2P1mYq/vKTs5vg=
Subject key identifier: 7E:FF:FB:86:62:85:89:31:6E:70:C6:1B:F6:C4:A3:4F:22:68:AB:2F
Certificate issuer: /CN=429361cd181d86ef54ebe2fc91a80ec534ceac78
Certificate serial: 0187B51D7DDF119556EAD55A2B7C11F7A668
Authority key identifier: 42:93:61:CD:18:1D:86:EF:54:EB:E2:FC:91:A8:0E:C5:34:CE:AC:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QpNhzRgdhu9U6-L8kagOxTTOrHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/fv_7hmKFiTFucMYb9sSjTyJoqy8.roa
Signing time: Mon 24 Apr 2023 21:13:41 +0000
ROA not before: Mon 24 Apr 2023 21:13:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200845
IP address blocks: 185.198.48.0/24 maxlen: 24
45.10.112.0/24 maxlen: 24
94.103.245.0/24 maxlen: 24
185.25.52.0/24 maxlen: 24
185.192.117.0/24 maxlen: 24
185.195.111.0/24 maxlen: 24
185.192.119.0/24 maxlen: 24
193.8.244.0/24 maxlen: 24
185.194.63.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b5:1d:7d:df:11:95:56:ea:d5:5a:2b:7c:11:f7:a6:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=429361cd181d86ef54ebe2fc91a80ec534ceac78
Validity
Not Before: Apr 24 21:13:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7efffb86628589316e70c61bf6c4a34f2268ab2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:79:d9:5f:ad:12:ce:be:e7:35:9d:df:71:19:
8b:bf:3e:00:4f:44:83:43:0b:55:ac:8e:c7:7e:30:
9a:44:50:c5:13:98:b3:65:2f:e8:22:84:59:b4:1c:
49:3a:b1:1b:ce:5f:bb:e2:a9:30:af:e6:9d:af:44:
25:65:42:70:7d:3b:50:35:f5:bd:7d:a4:bb:21:50:
9c:28:d4:32:2c:f1:6d:f4:62:85:1a:af:83:5c:8e:
2f:61:1c:b4:a7:2d:e5:1a:88:14:d0:32:50:41:cf:
39:de:53:bb:d1:21:92:4a:99:8d:26:65:7c:3a:bf:
7a:c1:47:5e:a1:15:93:d3:35:40:be:a9:6d:40:42:
70:3e:95:7c:6e:23:e0:b0:56:4b:47:2a:cf:9b:99:
41:66:a1:5b:74:1b:93:74:31:4e:a5:21:b4:c9:3f:
99:9b:24:fa:8f:51:33:6e:46:1c:6b:c8:df:2f:66:
6b:dd:b7:b8:cc:af:44:6d:cc:94:23:3b:e7:e2:b3:
4c:a0:20:45:e0:28:68:de:2a:38:c2:18:d2:59:10:
d4:3e:d4:5c:d4:62:ab:ab:78:dd:34:2b:05:20:e5:
e2:4b:9b:4b:9c:2e:93:26:a6:16:7b:8e:17:74:47:
97:c0:68:56:d9:b3:5a:9f:ab:b8:3f:c6:9c:8a:51:
b7:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:FF:FB:86:62:85:89:31:6E:70:C6:1B:F6:C4:A3:4F:22:68:AB:2F
X509v3 Authority Key Identifier:
keyid:42:93:61:CD:18:1D:86:EF:54:EB:E2:FC:91:A8:0E:C5:34:CE:AC:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpNhzRgdhu9U6-L8kagOxTTOrHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/fv_7hmKFiTFucMYb9sSjTyJoqy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/QpNhzRgdhu9U6-L8kagOxTTOrHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.112.0/24
94.103.245.0/24
185.25.52.0/24
185.192.117.0/24
185.192.119.0/24
185.194.63.0/24
185.195.111.0/24
185.198.48.0/24
193.8.244.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:4c:53:37:50:78:64:55:bb:04:64:f5:53:79:94:03:82:08:
b0:38:d5:d3:32:3b:71:4a:dc:d4:2b:92:31:02:6c:c8:c5:1a:
a6:3c:4d:38:f6:83:d5:78:2a:f5:98:47:64:4e:ba:4d:3a:a1:
74:8c:ef:fe:18:45:fc:67:d9:93:56:e4:07:33:ef:0b:ca:d7:
fa:3e:74:e7:c5:bd:ac:b3:92:50:89:2a:98:e0:5d:2c:bd:70:
5d:1a:1f:8e:34:6a:ba:36:df:c5:b3:0a:3e:08:a7:a8:52:57:
4a:d8:88:6c:7f:63:64:92:67:dd:13:fb:4e:31:16:4e:99:03:
1e:b0:79:af:e2:db:a3:dd:e2:da:24:b3:9a:4e:cd:75:11:73:
1c:b3:ca:c0:0f:e6:fc:bc:4b:8e:96:40:31:4a:0d:03:d3:d0:
2f:0c:86:fc:5e:7b:1c:3b:4b:86:d7:63:ac:cd:11:35:60:f2:
b8:8c:42:bd:27:14:0a:08:97:dc:70:27:55:94:9e:c5:0e:08:
66:e3:1c:aa:00:93:d9:df:a0:4c:b4:31:7e:32:8d:fb:c9:b1:
5c:ce:0d:83:83:72:30:18:5e:51:40:a9:4d:9f:f7:f2:09:6b:
0e:9b:4e:e8:e5:65:8a:a3:96:d7:8f:9b:60:dc:ba:5e:88:9e:
18:c8:19:66
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYe1HX3fEZVW6tVaK3wR96ZoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOTM2MWNkMTgxZDg2ZWY1NGViZTJmYzkxYTgwZWM1MzRj
ZWFjNzgwHhcNMjMwNDI0MjExMzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWZmZmI4NjYyODU4OTMxNmU3MGM2MWJmNmM0YTM0ZjIyNjhhYjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXnZX60Szr7nNZ3fcRmLvz4AT0SD
QwtVrI7HfjCaRFDFE5izZS/oIoRZtBxJOrEbzl+74qkwr+adr0QlZUJwfTtQNfW9
faS7IVCcKNQyLPFt9GKFGq+DXI4vYRy0py3lGogU0DJQQc853lO70SGSSpmNJmV8
Or96wUdeoRWT0zVAvqltQEJwPpV8biPgsFZLRyrPm5lBZqFbdBuTdDFOpSG0yT+Z
myT6j1EzbkYca8jfL2Zr3be4zK9EbcyUIzvn4rNMoCBF4Cho3io4whjSWRDUPtRc
1GKrq3jdNCsFIOXiS5tLnC6TJqYWe44XdEeXwGhW2bNan6u4P8acilG3lQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFH7/+4ZihYkxbnDGG/bEo08iaKsvMB8GA1UdIwQY
MBaAFEKTYc0YHYbvVOvi/JGoDsU0zqx4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBOaHpSZ2RodTlVNi1MOGthZ094VFRPckhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS83MjMwYmQtMGM3Yy00YTAyLWFkYjkt
OWJiYjQyZmE4Y2VkLzEvZnZfN2htS0ZpVEZ1Y01ZYjlzU2pUeUpvcXk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS83MjMwYmQtMGM3Yy00YTAyLWFkYjktOWJiYjQyZmE4Y2Vk
LzEvUXBOaHpSZ2RodTlVNi1MOGthZ094VFRPckhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALQpwAwQA
Xmf1AwQAuRk0AwQAucB1AwQAucB3AwQAucI/AwQAucNvAwQAucYwAwQAwQj0MA0G
CSqGSIb3DQEBCwUAA4IBAQChTFM3UHhkVbsEZPVTeZQDggiwONXTMjtxStzUK5Ix
AmzIxRqmPE049oPVeCr1mEdkTrpNOqF0jO/+GEX8Z9mTVuQHM+8Lytf6PnTnxb2s
s5JQiSqY4F0svXBdGh+ONGq6Nt/Fswo+CKeoUldK2Ihsf2NkkmfdE/tOMRZOmQMe
sHmv4tuj3eLaJLOaTs11EXMcs8rAD+b8vEuOlkAxSg0D09AvDIb8XnscO0uG12Os
zRE1YPK4jEK9JxQKCJfccCdVlJ7FDghm4xyqAJPZ36BMtDF+Mo37ybFczg2Dg3Iw
GF5RQKlNn/fyCWsOm07o5WWKo5bXj5tg3LpeiJ4YyBlm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:34 2024 by rpki-client on console-fra.rpki-client.org