Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/a188bc-deee-42ec-8289-ed84a0058a9f/1/FGVTaiQIApqrkpEWpO4ElsQVUHc.roa
File: FGVTaiQIApqrkpEWpO4ElsQVUHc.roa (raw, json)
Hash identifier: Y29KF/nm839r1qrC2XgfegswQoBSQousITsLuzGgwNY=
Subject key identifier: 14:65:53:6A:24:08:02:9A:AB:92:91:16:A4:EE:04:96:C4:15:50:77
Certificate issuer: /CN=b328fe258a1b9bf6148a6ce0e8a712f18840904c
Certificate serial: 018E108C68B59CADB2F79B9C0F46C8C428C4
Authority key identifier: B3:28:FE:25:8A:1B:9B:F6:14:8A:6C:E0:E8:A7:12:F1:88:40:90:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/syj-JYobm_YUimzg6KcS8YhAkEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/a188bc-deee-42ec-8289-ed84a0058a9f/1/FGVTaiQIApqrkpEWpO4ElsQVUHc.roa
Signing time: Tue 05 Mar 2024 21:37:01 +0000
ROA not before: Tue 05 Mar 2024 21:37:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25459
IP address blocks: 83.172.128.0/19 maxlen: 19
83.172.128.0/21 maxlen: 21
83.172.136.0/24 maxlen: 24
83.172.138.0/23 maxlen: 23
83.172.140.0/22 maxlen: 22
83.172.144.0/21 maxlen: 21
83.172.152.0/23 maxlen: 23
83.172.158.0/23 maxlen: 23
83.172.160.0/21 maxlen: 21
83.172.160.0/22 maxlen: 22
83.172.164.0/23 maxlen: 23
83.172.168.0/22 maxlen: 22
83.172.168.0/23 maxlen: 23
83.172.180.0/22 maxlen: 22
83.172.184.0/21 maxlen: 21
83.172.186.0/24 maxlen: 24
83.172.188.0/23 maxlen: 23
83.172.190.0/24 maxlen: 24
2a02:cec0::/30 maxlen: 30
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:10:8c:68:b5:9c:ad:b2:f7:9b:9c:0f:46:c8:c4:28:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b328fe258a1b9bf6148a6ce0e8a712f18840904c
Validity
Not Before: Mar 5 21:37:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1465536a2408029aab929116a4ee0496c4155077
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:c6:66:16:3b:aa:9b:f6:56:94:93:dc:6e:fd:
17:6e:1b:17:56:26:fa:11:29:7d:be:52:ee:e8:a4:
c0:75:23:6b:ad:3d:5c:55:1e:89:4e:86:8b:7f:1e:
93:ee:d0:04:5b:15:d0:6d:a6:1b:62:be:f5:e6:68:
cc:b3:72:d2:f4:3c:b2:67:6b:68:b8:59:30:1f:d8:
c7:d3:53:be:ac:77:0d:46:1f:15:11:9a:ae:5f:3a:
41:9d:e9:8f:4a:6c:c7:36:09:cc:e8:8e:4a:b8:5f:
cb:fd:18:29:50:6a:17:1c:a8:0c:a2:22:79:7e:5c:
ef:42:0b:65:c2:08:a6:f4:e3:9f:9a:1d:58:a4:a0:
a3:17:f3:73:d4:2a:50:82:c3:91:50:06:8d:5b:c7:
94:00:7a:60:4b:2b:35:1a:68:75:1e:bd:de:96:53:
02:78:db:ff:ac:c3:61:22:c5:cb:8c:db:e0:bc:64:
69:56:2a:a0:2e:04:cc:ec:10:80:8b:7e:26:59:21:
91:ec:03:b9:44:81:09:33:fc:2e:3e:fa:ad:6e:70:
e2:9a:60:da:ad:f0:f6:2e:20:58:07:46:df:88:82:
bd:59:92:83:4f:0f:96:80:4c:a3:0f:7f:2a:61:af:
ae:33:5a:1a:a3:6b:f2:ba:51:97:3b:82:31:41:fd:
e3:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:65:53:6A:24:08:02:9A:AB:92:91:16:A4:EE:04:96:C4:15:50:77
X509v3 Authority Key Identifier:
keyid:B3:28:FE:25:8A:1B:9B:F6:14:8A:6C:E0:E8:A7:12:F1:88:40:90:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/syj-JYobm_YUimzg6KcS8YhAkEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/a188bc-deee-42ec-8289-ed84a0058a9f/1/FGVTaiQIApqrkpEWpO4ElsQVUHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/a188bc-deee-42ec-8289-ed84a0058a9f/1/syj-JYobm_YUimzg6KcS8YhAkEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.172.128.0-83.172.171.255
83.172.180.0-83.172.191.255
IPv6:
2a02:cec0::/30
Signature Algorithm: sha256WithRSAEncryption
a3:e4:3a:b4:df:3a:24:43:39:78:ef:9f:ba:a1:dd:8d:92:08:
b7:e5:f4:cb:db:e7:e1:c9:7f:b5:2b:0f:1f:99:24:dd:a2:ba:
cc:ff:54:91:b8:92:78:d1:bc:f3:15:02:f2:a1:6b:2c:1f:c9:
65:d0:56:94:0c:0d:35:6e:6a:14:d6:cc:cc:cc:34:dc:50:f4:
0a:e1:03:92:3e:5e:b9:16:04:64:b8:cd:30:a6:ea:f1:5e:54:
20:63:92:f5:94:55:8c:89:c4:fd:3b:26:5e:18:97:4e:38:64:
bc:7e:bc:30:cc:03:d5:17:e6:35:7d:47:a7:6c:30:c1:c5:51:
9d:97:7e:c1:20:6f:b2:6b:a8:db:b1:47:9f:ba:f2:31:0c:a3:
16:84:7e:99:8b:94:fc:b7:0f:00:4d:e7:10:83:56:45:c8:cc:
43:10:70:d6:50:c1:c1:53:ae:70:dd:ce:03:da:0b:aa:6c:2b:
de:46:be:10:ed:9c:27:b9:b3:27:87:7a:71:c2:af:7b:34:9f:
7a:4e:7c:6b:9e:0f:cd:56:2c:5d:6a:08:8e:f3:f8:fc:66:79:
a4:c1:80:15:29:e8:aa:8c:0a:52:7e:18:17:d2:b4:61:ef:c6:
b7:2c:6c:13:4d:5a:09:9b:86:04:99:f0:50:38:6b:3e:75:bd:
d4:64:ca:ad
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAY4QjGi1nK2y95ucD0bIxCjEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMjhmZTI1OGExYjliZjYxNDhhNmNlMGU4YTcxMmYxODg0
MDkwNGMwHhcNMjQwMzA1MjEzNzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDY1NTM2YTI0MDgwMjlhYWI5MjkxMTZhNGVlMDQ5NmM0MTU1MDc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMZmFjuqm/ZWlJPcbv0XbhsXVib6
ESl9vlLu6KTAdSNrrT1cVR6JToaLfx6T7tAEWxXQbaYbYr715mjMs3LS9DyyZ2to
uFkwH9jH01O+rHcNRh8VEZquXzpBnemPSmzHNgnM6I5KuF/L/RgpUGoXHKgMoiJ5
flzvQgtlwgim9OOfmh1YpKCjF/Nz1CpQgsORUAaNW8eUAHpgSys1Gmh1Hr3ellMC
eNv/rMNhIsXLjNvgvGRpViqgLgTM7BCAi34mWSGR7AO5RIEJM/wuPvqtbnDimmDa
rfD2LiBYB0bfiIK9WZKDTw+WgEyjD38qYa+uM1oao2vyulGXO4IxQf3jqwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFBRlU2okCAKaq5KRFqTuBJbEFVB3MB8GA1UdIwQY
MBaAFLMo/iWKG5v2FIps4OinEvGIQJBMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3lqLUpZb2JtX1lVaW16ZzZLY1M4WWhBa0V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9hMTg4YmMtZGVlZS00MmVjLTgyODkt
ZWQ4NGEwMDU4YTlmLzEvRkdWVGFpUUlBcHFya3BFV3BPNEVsc1FWVUhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9hMTg4YmMtZGVlZS00MmVjLTgyODktZWQ4NGEwMDU4YTlm
LzEvc3lqLUpZb2JtX1lVaW16ZzZLY1M4WWhBa0V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAiBAIAATAcMAwDBAdTrIAD
BAJTrKgwDAMEAlOstAMEBlOsgDANBAIAAjAHAwUCKgLOwDANBgkqhkiG9w0BAQsF
AAOCAQEAo+Q6tN86JEM5eO+fuqHdjZIIt+X0y9vn4cl/tSsPH5kk3aK6zP9UkbiS
eNG88xUC8qFrLB/JZdBWlAwNNW5qFNbMzMw03FD0CuEDkj5euRYEZLjNMKbq8V5U
IGOS9ZRVjInE/TsmXhiXTjhkvH68MMwD1RfmNX1Hp2wwwcVRnZd+wSBvsmuo27FH
n7ryMQyjFoR+mYuU/LcPAE3nEINWRcjMQxBw1lDBwVOucN3OA9oLqmwr3ka+EO2c
J7mzJ4d6ccKvezSfek58a54PzVYsXWoIjvP4/GZ5pMGAFSnoqowKUn4YF9K0Ye/G
tyxsE01aCZuGBJnwUDhrPnW91GTKrQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:51 2024 by rpki-client on console-ams.rpki-client.org