Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/xFqquGrDalSCpBO--MFLYfWpC3I.roa
File: xFqquGrDalSCpBO--MFLYfWpC3I.roa (raw, json)
Hash identifier: 01Z5A7kHcmSJai1VFXJcnzstteBjUY9G3owq8T5Q0fs=
Subject key identifier: C4:5A:AA:B8:6A:C3:6A:54:82:A4:13:BE:F8:C1:4B:61:F5:A9:0B:72
Certificate issuer: /CN=83991afcd455eb1b174fcf89f8e10eaf7f70b355
Certificate serial: 1C134763
Authority key identifier: 83:99:1A:FC:D4:55:EB:1B:17:4F:CF:89:F8:E1:0E:AF:7F:70:B3:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g5ka_NRV6xsXT8-J-OEOr39ws1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/xFqquGrDalSCpBO--MFLYfWpC3I.roa
Signing time: Wed 22 Jun 2022 20:09:32 +0000
ROA not before: Wed 22 Jun 2022 20:09:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203020
IP address blocks: 5.180.8.0/22 maxlen: 32
45.67.4.0/22 maxlen: 32
92.119.168.0/22 maxlen: 32
185.209.4.0/22 maxlen: 32
2.58.76.0/22 maxlen: 32
213.173.60.0/22 maxlen: 32
83.150.240.0/22 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 471025507 (0x1c134763)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83991afcd455eb1b174fcf89f8e10eaf7f70b355
Validity
Not Before: Jun 22 20:09:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c45aaab86ac36a5482a413bef8c14b61f5a90b72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:c7:2c:40:fa:5c:b2:d1:c0:a8:3b:a0:0e:7e:
8a:97:55:3a:17:82:37:9f:60:f1:da:cb:ac:37:d7:
77:d8:a5:5e:a4:8c:63:7b:9b:56:98:dd:ca:d8:ea:
61:36:bc:d0:fd:8f:ed:05:46:6c:1d:cc:ad:29:15:
f0:86:bc:fe:23:61:78:1d:05:48:5b:98:be:fb:de:
ad:ed:70:d0:61:f1:34:b2:bf:b1:ba:cf:22:ce:2d:
1f:d3:ca:65:18:6a:79:39:ad:bf:b1:ac:b6:16:c1:
7d:e5:f9:eb:b9:3a:cf:bd:d4:2e:6f:79:a1:fd:e7:
62:e7:a3:3f:99:70:17:f6:74:03:7c:02:54:0c:cc:
35:e3:a3:29:2d:94:e4:eb:f7:fa:c0:9d:0e:a3:1f:
10:99:8b:d9:0c:2f:22:98:f4:fb:36:1e:e9:23:c5:
26:d4:50:f3:b8:56:81:c7:f3:69:8d:d5:dc:88:57:
a3:f0:35:f2:9b:9b:69:85:6e:6b:fe:80:de:0a:f8:
c0:b7:f6:7a:2f:3a:b7:98:f2:c3:a0:c0:8e:b7:d6:
8f:2c:2b:73:bc:6b:ca:01:85:12:06:ac:33:55:f0:
b9:cb:06:0b:b1:c9:08:0a:e4:a6:8d:18:ee:8e:c9:
e7:99:25:69:66:11:93:bb:28:a7:18:1c:14:d4:47:
89:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:5A:AA:B8:6A:C3:6A:54:82:A4:13:BE:F8:C1:4B:61:F5:A9:0B:72
X509v3 Authority Key Identifier:
keyid:83:99:1A:FC:D4:55:EB:1B:17:4F:CF:89:F8:E1:0E:AF:7F:70:B3:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g5ka_NRV6xsXT8-J-OEOr39ws1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/xFqquGrDalSCpBO--MFLYfWpC3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/g5ka_NRV6xsXT8-J-OEOr39ws1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.76.0/22
5.180.8.0/22
45.67.4.0/22
83.150.240.0/22
92.119.168.0/22
185.209.4.0/22
213.173.60.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:8b:39:a9:83:7a:92:37:33:43:72:a7:46:8c:6a:f5:63:60:
ad:6d:3c:0a:e9:70:a8:d2:5c:42:96:62:b8:27:bc:22:7c:3e:
fb:fa:0a:39:2b:29:f8:22:31:50:c4:03:f7:c3:f2:fe:f6:43:
0b:a9:96:4c:eb:60:cc:bd:ed:41:5d:cd:8b:67:fd:88:3d:c4:
14:55:ab:4b:89:85:a3:1d:65:25:58:89:bc:10:f7:b8:42:31:
15:4f:11:d0:45:1a:44:7f:2a:d8:76:af:6f:1d:7a:8a:82:e6:
36:2b:f8:5b:b1:d2:a1:12:5d:c5:53:19:7c:9f:6e:3c:7f:46:
45:b3:b6:eb:65:40:24:ab:1e:a2:d0:75:52:c5:30:cd:ed:2e:
6d:ae:df:f8:69:71:4f:e8:eb:1b:75:82:3e:bd:df:f2:e8:9e:
19:28:8f:c4:b2:1c:87:6f:99:7a:3d:65:f3:2b:8d:c3:36:36:
98:34:10:8d:38:00:50:2d:08:11:f8:73:39:b5:0d:1f:5f:02:
36:eb:06:e8:99:15:96:60:f6:57:42:c8:28:0b:24:10:d8:f7:
0f:42:17:33:c7:1a:45:d5:b1:cf:5e:80:07:02:c1:88:2e:0a:
58:e7:72:32:cd:4d:28:a9:e8:ce:fd:47:15:db:66:f9:58:7a:
0c:30:3d:83
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIEHBNHYzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
Mzk5MWFmY2Q0NTVlYjFiMTc0ZmNmODlmOGUxMGVhZjdmNzBiMzU1MB4XDTIyMDYy
MjIwMDkzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzQ1YWFhYjg2YWMz
NmE1NDgyYTQxM2JlZjhjMTRiNjFmNWE5MGI3MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIfHLED6XLLRwKg7oA5+ipdVOheCN59g8drLrDfXd9ilXqSM
Y3ubVpjdytjqYTa80P2P7QVGbB3MrSkV8Ia8/iNheB0FSFuYvvvere1w0GHxNLK/
sbrPIs4tH9PKZRhqeTmtv7GsthbBfeX567k6z73ULm95of3nYuejP5lwF/Z0A3wC
VAzMNeOjKS2U5Ov3+sCdDqMfEJmL2QwvIpj0+zYe6SPFJtRQ87hWgcfzaY3V3IhX
o/A18pubaYVua/6A3gr4wLf2ei86t5jyw6DAjrfWjywrc7xrygGFEgasM1XwucsG
C7HJCArkpo0Y7o7J55klaWYRk7sopxgcFNRHicUCAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBTEWqq4asNqVIKkE774wUth9akLcjAfBgNVHSMEGDAWgBSDmRr81FXrGxdP
z4n44Q6vf3CzVTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2c1a2FfTlJWNnhzWFQ4LUotT0VPcjM5d3MxVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDkvNjllZDI5LWFmNGUtNDUyNC1hZGZiLWUxNTQzNzM4MDA5OS8x
L3hGcXF1R3JEYWxTQ3BCTy0tTUZMWWZXcEMzSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkv
NjllZDI5LWFmNGUtNDUyNC1hZGZiLWUxNTQzNzM4MDA5OS8xL2c1a2FfTlJWNnhz
WFQ4LUotT0VPcjM5d3MxVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAgI6TAMEAgW0CAMEAi1DBAMEAlOW
8AMEAlx3qAMEArnRBAMEAtWtPDANBgkqhkiG9w0BAQsFAAOCAQEAL4s5qYN6kjcz
Q3KnRoxq9WNgrW08CulwqNJcQpZiuCe8Inw++/oKOSsp+CIxUMQD98Py/vZDC6mW
TOtgzL3tQV3Ni2f9iD3EFFWrS4mFox1lJViJvBD3uEIxFU8R0EUaRH8q2Havbx16
ioLmNiv4W7HSoRJdxVMZfJ9uPH9GRbO262VAJKseotB1UsUwze0uba7f+GlxT+jr
G3WCPr3f8uieGSiPxLIch2+Zej1l8yuNwzY2mDQQjTgAUC0IEfhzObUNH18CNusG
6JkVlmD2V0LIKAskENj3D0IXM8caRdWxz16ABwLBiC4KWOdyMs1NKKnozv1HFdtm
+Vh6DDA9gw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:53 2024 by rpki-client on console-ams.rpki-client.org