Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/wttY2A8XzN03VhlSbjDHnoM9fPY.roa
File: wttY2A8XzN03VhlSbjDHnoM9fPY.roa (raw, json)
Hash identifier: aYKHzGDwhEi7bbI3DtRwU2sRxaDF6O6hT2DK5fs4M+E=
Subject key identifier: C2:DB:58:D8:0F:17:CC:DD:37:56:19:52:6E:30:C7:9E:83:3D:7C:F6
Certificate issuer: /CN=429361cd181d86ef54ebe2fc91a80ec534ceac78
Certificate serial: 0186CAF7EDDD7075CD969C98DF9E3350A7FA
Authority key identifier: 42:93:61:CD:18:1D:86:EF:54:EB:E2:FC:91:A8:0E:C5:34:CE:AC:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QpNhzRgdhu9U6-L8kagOxTTOrHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/wttY2A8XzN03VhlSbjDHnoM9fPY.roa
Signing time: Fri 10 Mar 2023 10:01:31 +0000
ROA not before: Fri 10 Mar 2023 10:01:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48146
IP address blocks: 185.198.48.0/24 maxlen: 24
45.10.112.0/24 maxlen: 24
185.25.52.0/24 maxlen: 24
94.103.245.0/24 maxlen: 24
185.192.117.0/24 maxlen: 24
185.192.119.0/24 maxlen: 24
185.195.111.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ca:f7:ed:dd:70:75:cd:96:9c:98:df:9e:33:50:a7:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=429361cd181d86ef54ebe2fc91a80ec534ceac78
Validity
Not Before: Mar 10 10:01:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c2db58d80f17ccdd375619526e30c79e833d7cf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:0e:93:87:00:79:cd:df:25:21:4f:e3:26:bb:
f9:29:58:6c:6f:3b:4c:5e:eb:bd:5d:ac:41:5e:1c:
37:7b:c5:f2:d5:65:8b:d8:13:d7:aa:41:3b:93:2a:
f3:ea:1e:b6:12:e0:65:64:2b:56:a9:9a:a7:5e:1a:
51:95:3f:40:26:d9:bc:8c:e7:65:f1:c6:20:22:02:
6a:ad:06:86:f8:08:9f:fc:40:35:ba:a5:d6:6e:fb:
de:23:15:7d:f6:40:2d:b2:4e:d9:2d:fb:b2:5a:65:
f9:bf:1a:53:30:31:65:e3:88:de:75:76:cf:78:3e:
f1:1f:b9:cb:49:be:34:18:0f:f6:e1:0a:13:82:d8:
25:18:52:19:f5:93:22:8a:b7:b2:fc:11:76:32:cf:
44:9c:ca:ad:1d:ab:93:03:67:fc:48:aa:b6:1e:eb:
ce:11:40:a4:5a:89:4b:cc:58:7a:8b:d5:be:87:8e:
5c:ea:81:cb:9c:49:73:4e:21:4f:b7:a6:64:e9:26:
c0:60:e2:a0:c6:b2:0b:57:c7:f7:c2:dd:00:cb:ec:
3e:97:4d:ea:9a:a1:c7:73:2d:ee:c1:ee:bb:d1:53:
2d:fa:a3:dc:f6:fd:75:6e:93:cb:1c:02:38:97:86:
89:9a:5a:26:d2:ff:a2:a2:f1:dd:64:5a:43:37:69:
a6:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:DB:58:D8:0F:17:CC:DD:37:56:19:52:6E:30:C7:9E:83:3D:7C:F6
X509v3 Authority Key Identifier:
keyid:42:93:61:CD:18:1D:86:EF:54:EB:E2:FC:91:A8:0E:C5:34:CE:AC:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpNhzRgdhu9U6-L8kagOxTTOrHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/wttY2A8XzN03VhlSbjDHnoM9fPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/QpNhzRgdhu9U6-L8kagOxTTOrHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.112.0/24
94.103.245.0/24
185.25.52.0/24
185.192.117.0/24
185.192.119.0/24
185.195.111.0/24
185.198.48.0/24
Signature Algorithm: sha256WithRSAEncryption
57:2c:13:26:03:b3:84:63:7f:99:c8:03:00:ac:9c:f2:74:3b:
42:70:43:34:f6:c0:a3:be:ed:9a:42:de:b9:a7:26:52:16:ee:
0f:f8:ad:7e:8a:a9:3f:32:8d:69:61:c3:30:c1:7d:f7:3e:e8:
b4:c7:9e:ee:ee:41:38:c0:0c:78:c2:19:02:04:ad:54:31:7c:
4e:be:53:c5:16:f2:37:cf:0d:e8:13:b5:76:0e:18:f0:1d:8b:
48:e3:16:eb:97:89:97:57:03:b9:29:66:62:f3:dd:fd:94:86:
3f:ab:3b:6d:f5:d0:e3:5c:b1:c0:83:34:e8:01:3c:53:80:37:
6d:d0:89:37:48:4c:01:00:be:6c:2b:74:9e:99:34:ce:c6:f2:
27:1a:50:e6:18:dd:ab:83:8d:7f:f6:23:4a:21:ce:d5:af:9b:
9c:3c:66:a7:49:e1:eb:b6:be:76:f3:8c:2b:9a:e5:54:19:24:
02:34:c6:ed:04:a8:a0:78:80:d7:65:a1:c4:4a:3c:54:08:e8:
2b:6d:99:80:47:cc:82:09:b6:20:b0:4b:25:eb:a7:9f:03:0d:
ff:7c:88:70:e8:e9:88:04:c4:ad:26:e4:61:d6:3d:a4:69:9e:
0d:0d:5a:fe:04:e7:4e:0c:36:d7:7f:b4:ba:3e:c8:64:47:32:
f7:26:e9:4c
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYbK9+3dcHXNlpyY354zUKf6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOTM2MWNkMTgxZDg2ZWY1NGViZTJmYzkxYTgwZWM1MzRj
ZWFjNzgwHhcNMjMwMzEwMTAwMTMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmRiNThkODBmMTdjY2RkMzc1NjE5NTI2ZTMwYzc5ZTgzM2Q3Y2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjg6ThwB5zd8lIU/jJrv5KVhsbztM
Xuu9XaxBXhw3e8Xy1WWL2BPXqkE7kyrz6h62EuBlZCtWqZqnXhpRlT9AJtm8jOdl
8cYgIgJqrQaG+Aif/EA1uqXWbvveIxV99kAtsk7ZLfuyWmX5vxpTMDFl44jedXbP
eD7xH7nLSb40GA/24QoTgtglGFIZ9ZMiirey/BF2Ms9EnMqtHauTA2f8SKq2HuvO
EUCkWolLzFh6i9W+h45c6oHLnElzTiFPt6Zk6SbAYOKgxrILV8f3wt0Ay+w+l03q
mqHHcy3uwe670VMt+qPc9v11bpPLHAI4l4aJmlom0v+iovHdZFpDN2mmIwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFMLbWNgPF8zdN1YZUm4wx56DPXz2MB8GA1UdIwQY
MBaAFEKTYc0YHYbvVOvi/JGoDsU0zqx4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBOaHpSZ2RodTlVNi1MOGthZ094VFRPckhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS83MjMwYmQtMGM3Yy00YTAyLWFkYjkt
OWJiYjQyZmE4Y2VkLzEvd3R0WTJBOFh6TjAzVmhsU2JqREhub005ZlBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS83MjMwYmQtMGM3Yy00YTAyLWFkYjktOWJiYjQyZmE4Y2Vk
LzEvUXBOaHpSZ2RodTlVNi1MOGthZ094VFRPckhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALQpwAwQA
Xmf1AwQAuRk0AwQAucB1AwQAucB3AwQAucNvAwQAucYwMA0GCSqGSIb3DQEBCwUA
A4IBAQBXLBMmA7OEY3+ZyAMArJzydDtCcEM09sCjvu2aQt65pyZSFu4P+K1+iqk/
Mo1pYcMwwX33Pui0x57u7kE4wAx4whkCBK1UMXxOvlPFFvI3zw3oE7V2DhjwHYtI
4xbrl4mXVwO5KWZi8939lIY/qztt9dDjXLHAgzToATxTgDdt0Ik3SEwBAL5sK3Se
mTTOxvInGlDmGN2rg41/9iNKIc7Vr5ucPGanSeHrtr5284wrmuVUGSQCNMbtBKig
eIDXZaHESjxUCOgrbZmAR8yCCbYgsEsl66efAw3/fIhw6OmIBMStJuRh1j2kaZ4N
DVr+BOdODDbXf7S6PshkRzL3JulM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:39 2024 by rpki-client on console-ams.rpki-client.org