Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/S-VsvfxUeWXJ37G5ZlRxs7d_6qQ.roa
File: S-VsvfxUeWXJ37G5ZlRxs7d_6qQ.roa (raw, json)
Hash identifier: +mTM4aeEN8nm6H7QtKeQmeJ9FwPZSa2VQWIl+NwhvWU=
Subject key identifier: 4B:E5:6C:BD:FC:54:79:65:C9:DF:B1:B9:66:54:71:B3:B7:7F:EA:A4
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 03A30756
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/S-VsvfxUeWXJ37G5ZlRxs7d_6qQ.roa
Signing time: Sat 01 Jan 2022 14:07:06 +0000
ROA not before: Sat 01 Jan 2022 14:07:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57271
IP address blocks: 85.202.87.0/24 maxlen: 24
85.235.82.0/24 maxlen: 24
77.83.93.0/24 maxlen: 24
5.183.154.0/24 maxlen: 24
5.183.155.0/24 maxlen: 24
37.44.198.0/24 maxlen: 24
81.16.141.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61015894 (0x3a30756)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Jan 1 14:07:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4be56cbdfc547965c9dfb1b9665471b3b77feaa4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:50:eb:3d:9f:14:98:07:40:34:e2:09:ea:46:
a9:2b:01:e8:ef:44:99:0e:3d:c1:11:97:14:c1:6a:
8d:08:2a:a1:9f:f4:25:dc:0e:98:94:b1:f3:2d:28:
f0:a5:8b:6c:06:0b:ee:be:24:bb:f3:35:5f:84:a4:
98:67:d4:36:71:0b:46:d6:1a:18:bd:70:52:8f:be:
50:91:19:02:b3:f4:6b:f9:6c:36:6a:6a:6f:37:62:
ac:a3:88:c0:f5:a5:ef:77:57:2e:89:1f:cc:89:d6:
15:53:91:60:ea:49:3d:05:3a:42:b7:55:bc:51:55:
26:c2:21:a0:0a:ef:bc:c1:4b:84:68:de:72:68:24:
66:fa:25:a7:52:08:64:da:59:9f:c1:26:3f:b4:17:
ad:d5:da:92:29:b0:bc:ff:ab:c0:cf:7d:a0:bc:9d:
9d:2f:96:f3:85:6d:0a:92:fc:58:55:2d:1d:74:ce:
77:dd:55:fe:3d:e8:fd:42:41:32:c7:52:30:bf:f8:
05:47:1a:fb:f3:5d:c1:23:60:80:7c:e1:7b:fc:0f:
9f:ca:41:5e:23:a8:71:a5:2a:54:fa:f2:ca:74:52:
41:fd:e3:2b:4e:72:34:72:ea:1c:51:7d:c3:26:2f:
02:19:73:a5:84:01:52:f4:56:b5:d0:a5:3c:a6:58:
1a:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:E5:6C:BD:FC:54:79:65:C9:DF:B1:B9:66:54:71:B3:B7:7F:EA:A4
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/S-VsvfxUeWXJ37G5ZlRxs7d_6qQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.154.0/23
37.44.198.0/24
77.83.93.0/24
81.16.141.0/24
85.202.87.0/24
85.235.82.0/24
Signature Algorithm: sha256WithRSAEncryption
02:f6:0d:c1:64:d5:17:20:ba:41:0b:b5:4b:9c:1f:32:8b:c7:
eb:34:d9:59:9c:25:90:d8:b5:97:e9:d6:a3:a3:07:c9:27:c8:
90:fd:b0:25:5c:c1:98:dd:61:3f:0f:7f:64:8b:d5:cb:3f:0b:
d5:12:b0:ac:bd:66:43:b1:9c:be:3a:7a:27:69:ee:3e:58:8b:
a7:6e:6d:e3:62:ce:a2:bc:09:33:a6:49:47:b3:91:80:99:3b:
f0:4e:a4:3c:67:85:f0:1e:a6:f0:e9:ab:68:a6:04:41:e8:f8:
0d:8c:95:4f:93:a7:68:e7:9d:09:dc:fb:52:04:fb:93:de:7a:
1f:86:ea:3e:63:8e:a3:bf:5b:79:27:81:6a:76:a3:d6:2d:6a:
4e:5e:44:30:d4:fb:58:db:b0:73:5d:d4:af:19:4d:be:a6:f2:
60:d3:d1:95:6f:fa:e9:52:65:dd:2e:39:c6:cd:8e:a5:88:54:
a8:46:b8:57:07:d1:24:25:36:6b:59:7b:44:7b:d8:17:1d:b9:
cb:dd:a6:f4:81:b7:7a:4c:c8:85:7f:77:19:42:7d:a4:d2:90:
5c:ca:af:49:bd:a7:6a:53:20:35:f9:7b:72:e5:ce:87:e9:eb:
6b:0c:9f:b2:47:22:08:a7:ab:f1:d9:95:4f:40:9f:54:b4:cd:
74:9b:26:a5
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEA6MHVjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZGEzOTQxYzI3Y2ZlNWMyMzRjNGJmMjIxZWNiMmE1NzliMmRlYWFiMB4XDTIyMDEw
MTE0MDcwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGJlNTZjYmRmYzU0
Nzk2NWM5ZGZiMWI5NjY1NDcxYjNiNzdmZWFhNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKlQ6z2fFJgHQDTiCepGqSsB6O9EmQ49wRGXFMFqjQgqoZ/0
JdwOmJSx8y0o8KWLbAYL7r4ku/M1X4SkmGfUNnELRtYaGL1wUo++UJEZArP0a/ls
NmpqbzdirKOIwPWl73dXLokfzInWFVORYOpJPQU6QrdVvFFVJsIhoArvvMFLhGje
cmgkZvolp1IIZNpZn8EmP7QXrdXakimwvP+rwM99oLydnS+W84VtCpL8WFUtHXTO
d91V/j3o/UJBMsdSML/4BUca+/NdwSNggHzhe/wPn8pBXiOocaUqVPryynRSQf3j
K05yNHLqHFF9wyYvAhlzpYQBUvRWtdClPKZYGhcCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBRL5Wy9/FR5ZcnfsblmVHGzt3/qpDAfBgNVHSMEGDAWgBRdo5QcJ8/lwjTE
vyIeyypXmy3qqzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hhT1VIQ2ZQNWNJMHhMOGlIc3NxVjVzdDZxcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODAvMzBlZDNlLWM0YzQtNGRlOC1iNGYxLWYxMWEzOWYyNmMzYi8x
L1MtVnN2ZnhVZVdYSjM3RzVabFJ4czdkXzZxUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODAv
MzBlZDNlLWM0YzQtNGRlOC1iNGYxLWYxMWEzOWYyNmMzYi8xL1hhT1VIQ2ZQNWNJ
MHhMOGlIc3NxVjVzdDZxcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAQW3mgMEACUsxgMEAE1TXQMEAFEQ
jQMEAFXKVwMEAFXrUjANBgkqhkiG9w0BAQsFAAOCAQEAAvYNwWTVFyC6QQu1S5wf
MovH6zTZWZwlkNi1l+nWo6MHySfIkP2wJVzBmN1hPw9/ZIvVyz8L1RKwrL1mQ7Gc
vjp6J2nuPliLp25t42LOorwJM6ZJR7ORgJk78E6kPGeF8B6m8OmraKYEQej4DYyV
T5OnaOedCdz7UgT7k956H4bqPmOOo79beSeBanaj1i1qTl5EMNT7WNuwc13UrxlN
vqbyYNPRlW/66VJl3S45xs2OpYhUqEa4VwfRJCU2a1l7RHvYFx25y92m9IG3ekzI
hX93GUJ9pNKQXMqvSb2nalMgNfl7cuXOh+nrawyfskciCKer8dmVT0CfVLTNdJsm
pQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:47 2024 by rpki-client on console-fra.rpki-client.org