Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/3K5aLg4ls0XyeroPMWf8GGzx_Pw.roa
File: 3K5aLg4ls0XyeroPMWf8GGzx_Pw.roa (raw, json)
Hash identifier: wyhrsSLN+P7tsSLIrGcNwtzaK9ndYJBHy3vMEYyg+94=
Subject key identifier: DC:AE:5A:2E:0E:25:B3:45:F2:7A:BA:0F:31:67:FC:18:6C:F1:FC:FC
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 421A47F5
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/3K5aLg4ls0XyeroPMWf8GGzx_Pw.roa
Signing time: Thu 03 Mar 2022 10:40:15 +0000
ROA not before: Thu 03 Mar 2022 10:40:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12325
IP address blocks: 94.177.28.0/24 maxlen: 24
77.81.50.0/23 maxlen: 24
77.81.48.0/21 maxlen: 21
77.81.52.0/22 maxlen: 24
89.35.124.0/23 maxlen: 24
93.114.176.0/22 maxlen: 22
93.114.178.0/23 maxlen: 24
89.46.42.0/24 maxlen: 24
188.213.212.0/24 maxlen: 24
188.213.216.0/24 maxlen: 24
94.176.213.0/24 maxlen: 24
89.47.36.0/24 maxlen: 24
92.114.32.0/24 maxlen: 24
89.40.222.0/23 maxlen: 24
92.114.54.0/24 maxlen: 24
89.44.105.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1109018613 (0x421a47f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Mar 3 10:40:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dcae5a2e0e25b345f27aba0f3167fc186cf1fcfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c6:b7:fa:81:fe:54:b4:7f:19:63:35:a3:60:
2e:02:13:9e:03:77:ff:b6:3a:53:d9:72:ef:65:ca:
ef:da:f2:f7:49:47:22:51:7b:b9:55:6a:94:1d:a9:
7d:67:d0:fe:fe:49:5e:ee:fe:54:94:a7:32:2f:d2:
59:15:d5:2d:5d:91:eb:8e:4f:f0:3e:8d:32:12:17:
f0:da:d5:bb:56:2c:a0:32:84:7f:33:a9:9a:b0:db:
aa:60:e3:26:61:35:9b:42:46:1b:4a:73:9f:49:fe:
56:b1:d8:ef:04:a5:1c:11:f6:ea:ff:1f:1c:f2:d4:
f3:1d:95:86:88:47:25:3d:d4:9d:8e:ed:0a:94:f1:
99:72:a8:e5:b4:46:5a:e8:f4:aa:bd:43:39:09:92:
24:5d:68:e0:c2:fc:01:ce:96:f8:b3:8c:03:ee:40:
66:7b:6f:eb:ff:05:52:6d:e1:df:9e:ba:24:dd:7b:
00:77:a5:73:30:26:1b:15:f7:6b:59:2e:d6:ad:cf:
be:48:82:30:47:18:39:6b:b9:ae:21:78:32:1d:c9:
d4:60:61:73:03:ca:ae:29:9e:6c:41:73:77:bc:8b:
87:e6:0a:87:61:9b:86:ba:cf:08:69:e6:42:76:aa:
0b:48:1d:0d:db:46:60:0c:0c:af:10:52:99:f6:f9:
e0:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:AE:5A:2E:0E:25:B3:45:F2:7A:BA:0F:31:67:FC:18:6C:F1:FC:FC
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/3K5aLg4ls0XyeroPMWf8GGzx_Pw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.48.0/21
89.35.124.0/23
89.40.222.0/23
89.44.105.0/24
89.46.42.0/24
89.47.36.0/24
92.114.32.0/24
92.114.54.0/24
93.114.176.0/22
94.176.213.0/24
94.177.28.0/24
188.213.212.0/24
188.213.216.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:d8:62:4f:32:4e:e5:d1:35:06:22:04:18:53:99:c0:e0:81:
14:31:ac:d2:0b:f7:66:e8:fb:71:44:0e:ed:dc:32:a3:ea:89:
37:31:84:17:8d:48:26:8a:1d:05:1e:c0:76:87:ff:b8:fe:fa:
dd:bf:0b:16:14:64:4a:df:a9:51:f3:2d:8e:41:2d:fb:d1:3f:
bf:f8:fe:a1:66:92:37:1e:c7:56:64:35:54:93:9b:bb:43:ab:
18:a4:51:b0:8f:23:6e:b9:b5:03:4a:aa:e7:a3:bf:f5:1e:28:
5d:47:77:7e:2d:2f:3a:41:ec:54:28:c6:85:4d:02:cd:d4:29:
5e:72:55:88:67:5a:ac:49:e4:89:23:c5:81:5a:ea:40:22:ee:
27:1c:aa:1a:a1:67:60:f5:24:b1:18:2c:ee:53:8a:7d:b5:5c:
fb:e5:0b:9e:db:ef:26:9f:51:28:78:aa:29:c7:f9:3e:fa:ab:
fc:c8:e1:78:a5:bd:a4:79:e2:07:0a:43:43:39:62:94:c8:7a:
fd:58:ef:45:14:17:4d:8c:3b:ff:f9:86:6b:7e:b7:70:f9:7a:
9a:0a:74:17:32:93:0e:94:a6:6a:58:ed:a4:83:73:3a:32:a0:
20:30:2b:10:19:f2:01:27:09:83:28:bf:fd:b6:16:88:5b:92:
ff:cf:03:c8
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgIEQhpH9TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
OGU2MjYzNGUxYmQ1MTMzYTlkZTQ1MTJhZTk4Y2FkMWIyMjE5YjU5MB4XDTIyMDMw
MzEwNDAxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGNhZTVhMmUwZTI1
YjM0NWYyN2FiYTBmMzE2N2ZjMTg2Y2YxZmNmYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALrGt/qB/lS0fxljNaNgLgITngN3/7Y6U9ly72XK79ry90lH
IlF7uVVqlB2pfWfQ/v5JXu7+VJSnMi/SWRXVLV2R645P8D6NMhIX8NrVu1YsoDKE
fzOpmrDbqmDjJmE1m0JGG0pzn0n+VrHY7wSlHBH26v8fHPLU8x2VhohHJT3UnY7t
CpTxmXKo5bRGWuj0qr1DOQmSJF1o4ML8Ac6W+LOMA+5AZntv6/8FUm3h3566JN17
AHelczAmGxX3a1ku1q3PvkiCMEcYOWu5riF4Mh3J1GBhcwPKrimebEFzd7yLh+YK
h2GbhrrPCGnmQnaqC0gdDdtGYAwMrxBSmfb54PMCAwEAAaOCAlMwggJPMB0GA1Ud
DgQWBBTcrlouDiWzRfJ6ug8xZ/wYbPH8/DAfBgNVHSMEGDAWgBT45iY04b1RM6ne
RRKumMrRsiGbWTAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzc4L2RhMzM5OC02Njk4LTQ1ZjItYmFhZS05MmUyNWZlMTYzMzEv
MS8zSzVhTGc0bHMwWHllcm9QTVdmOEdHenhfUHcucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc4
L2RhMzM5OC02Njk4LTQ1ZjItYmFhZS05MmUyNWZlMTYzMzEvMS8xLU9ZbU5PRzlV
VE9wM2tVU3JwakswYklobTFrLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQDTVEwAwQBWSN8AwQBWSjeAwQA
WSxpAwQAWS4qAwQAWS8kAwQAXHIgAwQAXHI2AwQCXXKwAwQAXrDVAwQAXrEcAwQA
vNXUAwQAvNXYMA0GCSqGSIb3DQEBCwUAA4IBAQC12GJPMk7l0TUGIgQYU5nA4IEU
MazSC/dm6PtxRA7t3DKj6ok3MYQXjUgmih0FHsB2h/+4/vrdvwsWFGRK36lR8y2O
QS370T+/+P6hZpI3HsdWZDVUk5u7Q6sYpFGwjyNuubUDSqrno7/1HihdR3d+LS86
QexUKMaFTQLN1CleclWIZ1qsSeSJI8WBWupAIu4nHKoaoWdg9SSxGCzuU4p9tVz7
5Que2+8mn1EoeKopx/k++qv8yOF4pb2keeIHCkNDOWKUyHr9WO9FFBdNjDv/+YZr
frdw+XqaCnQXMpMOlKZqWO2kg3M6MqAgMCsQGfIBJwmDKL/9thaIW5L/zwPI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:42 2024 by rpki-client on console-fra.rpki-client.org