Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/qVYhdcjwH1ahEQ06pqe03gK0Rbc.roa
File: qVYhdcjwH1ahEQ06pqe03gK0Rbc.roa (raw, json)
Hash identifier: dgEZ7+QqVd/M294sLY535L69hji1JycOAXQ7FlOKKr0=
Subject key identifier: A9:56:21:75:C8:F0:1F:56:A1:11:0D:3A:A6:A7:B4:DE:02:B4:45:B7
Certificate issuer: /CN=429361cd181d86ef54ebe2fc91a80ec534ceac78
Certificate serial: 0186CAF7EE555C1C66258C6ED913A427C058
Authority key identifier: 42:93:61:CD:18:1D:86:EF:54:EB:E2:FC:91:A8:0E:C5:34:CE:AC:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QpNhzRgdhu9U6-L8kagOxTTOrHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/qVYhdcjwH1ahEQ06pqe03gK0Rbc.roa
Signing time: Fri 10 Mar 2023 10:01:31 +0000
ROA not before: Fri 10 Mar 2023 10:01:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200845
IP address blocks: 185.198.48.0/24 maxlen: 24
45.10.112.0/24 maxlen: 24
94.103.245.0/24 maxlen: 24
185.25.52.0/24 maxlen: 24
185.192.117.0/24 maxlen: 24
185.195.111.0/24 maxlen: 24
185.192.119.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ca:f7:ee:55:5c:1c:66:25:8c:6e:d9:13:a4:27:c0:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=429361cd181d86ef54ebe2fc91a80ec534ceac78
Validity
Not Before: Mar 10 10:01:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9562175c8f01f56a1110d3aa6a7b4de02b445b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:8d:ee:ef:d4:0e:f2:38:88:f4:f9:5b:8f:e5:
77:8e:b1:b2:d3:66:82:26:86:f3:3e:fa:b9:2e:1a:
91:f6:ff:17:e9:ea:66:9d:58:e8:87:ba:a8:b9:ac:
5a:2d:13:4b:bf:b2:ef:d5:4a:ef:32:07:31:47:81:
4d:f9:52:e5:82:27:f3:78:29:44:64:a0:00:da:1c:
1f:2f:f8:8d:e5:57:2d:f5:76:e0:b3:5f:8a:f2:7f:
99:9c:2c:4e:46:80:fe:ae:4b:7e:18:3a:41:24:e5:
52:cc:84:7e:1f:c0:92:8d:6a:2d:ec:2b:c9:1e:14:
2d:b7:47:b3:f7:84:07:46:b5:7c:03:1a:12:a4:2d:
d6:29:2d:9d:db:c3:6c:c7:a2:e6:b0:6d:d3:ce:83:
36:ed:b6:f6:8c:67:5f:99:90:38:e6:a9:8d:71:7e:
04:53:4f:b9:24:a8:7c:47:37:56:b8:18:34:34:0a:
ff:14:06:54:d6:6d:8a:db:e6:a4:9e:9a:52:f6:1d:
91:1b:9b:68:2c:f5:75:cf:43:90:07:8b:ee:f4:fe:
e9:b3:5a:35:cb:06:6b:a5:76:7c:4f:6a:c8:36:7f:
ea:97:3a:81:32:66:4f:88:91:85:7f:ca:43:77:ba:
82:4a:1f:49:46:c7:73:44:de:03:da:39:5a:d9:5a:
25:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:56:21:75:C8:F0:1F:56:A1:11:0D:3A:A6:A7:B4:DE:02:B4:45:B7
X509v3 Authority Key Identifier:
keyid:42:93:61:CD:18:1D:86:EF:54:EB:E2:FC:91:A8:0E:C5:34:CE:AC:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpNhzRgdhu9U6-L8kagOxTTOrHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/qVYhdcjwH1ahEQ06pqe03gK0Rbc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/QpNhzRgdhu9U6-L8kagOxTTOrHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.112.0/24
94.103.245.0/24
185.25.52.0/24
185.192.117.0/24
185.192.119.0/24
185.195.111.0/24
185.198.48.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:1a:9c:d6:57:d9:0c:40:7d:1e:66:b1:4b:5d:09:97:24:78:
fa:2a:0c:b5:6b:95:e6:04:77:1d:f2:4c:3f:6e:08:20:f6:11:
e1:f3:00:30:31:59:69:a9:06:86:5b:f4:54:de:6a:36:c3:56:
f7:08:fc:b2:db:ba:1a:23:cc:91:1d:e0:5c:0e:05:c3:51:50:
e5:cf:1a:2b:aa:55:eb:10:b1:51:9a:ea:33:d7:f8:ae:ed:c9:
73:00:11:c3:29:94:80:49:cc:9a:32:6a:b7:07:a5:95:50:a5:
5f:ce:99:f3:d6:f7:95:67:e8:d3:a2:9f:d2:38:20:28:53:26:
69:e3:11:29:94:47:4b:8d:11:0c:de:9b:84:6d:90:a1:18:fb:
78:d1:f0:c0:64:4f:30:67:d6:6d:e3:5b:8d:1b:47:a9:cc:27:
b5:63:5c:c6:98:bd:24:23:bd:6b:e8:4a:46:4b:0c:26:e9:79:
86:26:43:17:b3:ed:08:02:02:cf:ef:f9:67:a5:11:7f:df:cd:
21:f4:b3:9b:a4:6b:59:2e:44:7d:46:a3:45:e2:34:84:eb:59:
6d:1f:8d:40:91:4c:66:9d:af:b2:b1:8d:56:d1:54:b9:5c:ae:
66:10:94:86:db:5f:02:12:ed:c6:c4:b0:97:94:88:53:29:45:
55:56:38:dc
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYbK9+5VXBxmJYxu2ROkJ8BYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOTM2MWNkMTgxZDg2ZWY1NGViZTJmYzkxYTgwZWM1MzRj
ZWFjNzgwHhcNMjMwMzEwMTAwMTMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTU2MjE3NWM4ZjAxZjU2YTExMTBkM2FhNmE3YjRkZTAyYjQ0NWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkI3u79QO8jiI9Plbj+V3jrGy02aC
JobzPvq5LhqR9v8X6epmnVjoh7qouaxaLRNLv7Lv1UrvMgcxR4FN+VLlgifzeClE
ZKAA2hwfL/iN5Vct9Xbgs1+K8n+ZnCxORoD+rkt+GDpBJOVSzIR+H8CSjWot7CvJ
HhQtt0ez94QHRrV8AxoSpC3WKS2d28Nsx6LmsG3TzoM27bb2jGdfmZA45qmNcX4E
U0+5JKh8RzdWuBg0NAr/FAZU1m2K2+aknppS9h2RG5toLPV1z0OQB4vu9P7ps1o1
ywZrpXZ8T2rINn/qlzqBMmZPiJGFf8pDd7qCSh9JRsdzRN4D2jla2VolfwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKlWIXXI8B9WoRENOqantN4CtEW3MB8GA1UdIwQY
MBaAFEKTYc0YHYbvVOvi/JGoDsU0zqx4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBOaHpSZ2RodTlVNi1MOGthZ094VFRPckhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS83MjMwYmQtMGM3Yy00YTAyLWFkYjkt
OWJiYjQyZmE4Y2VkLzEvcVZZaGRjandIMWFoRVEwNnBxZTAzZ0swUmJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS83MjMwYmQtMGM3Yy00YTAyLWFkYjktOWJiYjQyZmE4Y2Vk
LzEvUXBOaHpSZ2RodTlVNi1MOGthZ094VFRPckhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALQpwAwQA
Xmf1AwQAuRk0AwQAucB1AwQAucB3AwQAucNvAwQAucYwMA0GCSqGSIb3DQEBCwUA
A4IBAQCaGpzWV9kMQH0eZrFLXQmXJHj6Kgy1a5XmBHcd8kw/bggg9hHh8wAwMVlp
qQaGW/RU3mo2w1b3CPyy27oaI8yRHeBcDgXDUVDlzxorqlXrELFRmuoz1/iu7clz
ABHDKZSAScyaMmq3B6WVUKVfzpnz1veVZ+jTop/SOCAoUyZp4xEplEdLjREM3puE
bZChGPt40fDAZE8wZ9Zt41uNG0epzCe1Y1zGmL0kI71r6EpGSwwm6XmGJkMXs+0I
AgLP7/lnpRF/380h9LObpGtZLkR9RqNF4jSE61ltH41AkUxmna+ysY1W0VS5XK5m
EJSG218CEu3GxLCXlIhTKUVVVjjc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:34 2024 by rpki-client on console-fra.rpki-client.org