Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/6bb227-5b36-4f2a-a1c5-9ef36d251517/1/kiNeFytMvxktIMhx0pqTgH87h68.roa
File: kiNeFytMvxktIMhx0pqTgH87h68.roa (raw, json)
Hash identifier: d7DK2unrrZE4rL4wSBDbz3iQQdr3jdHmhcOkCnajSr4=
Subject key identifier: 92:23:5E:17:2B:4C:BF:19:2D:20:C8:71:D2:9A:93:80:7F:3B:87:AF
Certificate issuer: /CN=84a4aca020fb2bdc93a47266e87ec67cdc8857c5
Certificate serial: 0E779A25
Authority key identifier: 84:A4:AC:A0:20:FB:2B:DC:93:A4:72:66:E8:7E:C6:7C:DC:88:57:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hKSsoCD7K9yTpHJm6H7GfNyIV8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/6bb227-5b36-4f2a-a1c5-9ef36d251517/1/kiNeFytMvxktIMhx0pqTgH87h68.roa
Signing time: Sat 01 Jan 2022 14:59:09 +0000
ROA not before: Sat 01 Jan 2022 14:59:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50627
IP address blocks: 46.227.152.0/21 maxlen: 22
178.20.32.0/21 maxlen: 22
5.42.144.0/21 maxlen: 22
178.132.104.0/21 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 242719269 (0xe779a25)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84a4aca020fb2bdc93a47266e87ec67cdc8857c5
Validity
Not Before: Jan 1 14:59:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=92235e172b4cbf192d20c871d29a93807f3b87af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:8e:75:ef:fc:e7:25:3c:e4:65:2d:21:31:e4:
ce:7a:8f:c8:ab:52:85:d4:77:6e:1a:cf:36:36:c1:
d6:61:aa:fc:5b:0e:0a:72:df:76:f9:49:6c:eb:aa:
01:31:85:58:99:14:3f:85:be:11:00:87:75:04:35:
f2:d3:99:db:d9:9b:17:13:3b:d2:78:89:c1:d3:8f:
66:ae:9b:6b:b7:8f:de:f5:44:cc:56:79:32:86:a3:
69:05:0a:9f:d7:3d:ed:cb:4d:e2:2a:03:76:40:f1:
ff:71:26:47:0d:16:08:3f:d2:da:72:e7:5d:36:05:
c1:18:c0:7c:16:2f:13:29:81:6f:e4:c2:17:f6:12:
1d:87:5b:19:3e:77:89:f6:c6:da:da:f9:3e:12:4a:
b2:f8:6b:41:9d:f6:6e:9c:c5:9a:69:7f:38:d6:c4:
2d:84:b0:65:a1:36:9f:13:3d:db:4b:e8:25:cd:19:
d8:f2:c8:5f:81:45:b3:3d:1b:87:8b:b8:12:5e:b5:
d8:a6:0c:4c:28:94:98:fb:2e:b2:38:2d:28:9c:fc:
e9:a9:70:7c:f9:90:6a:0d:10:67:7c:1e:c8:5e:a0:
8a:02:ad:e0:d0:ca:8c:5d:23:01:33:bf:20:ad:ee:
ad:44:9e:10:c9:85:10:81:aa:f5:4f:64:7e:f9:51:
71:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:23:5E:17:2B:4C:BF:19:2D:20:C8:71:D2:9A:93:80:7F:3B:87:AF
X509v3 Authority Key Identifier:
keyid:84:A4:AC:A0:20:FB:2B:DC:93:A4:72:66:E8:7E:C6:7C:DC:88:57:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hKSsoCD7K9yTpHJm6H7GfNyIV8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/6bb227-5b36-4f2a-a1c5-9ef36d251517/1/kiNeFytMvxktIMhx0pqTgH87h68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/6bb227-5b36-4f2a-a1c5-9ef36d251517/1/hKSsoCD7K9yTpHJm6H7GfNyIV8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.144.0/21
46.227.152.0/21
178.20.32.0/21
178.132.104.0/21
Signature Algorithm: sha256WithRSAEncryption
14:5b:92:3c:d7:b0:5a:ae:e5:16:99:04:88:1e:03:01:b4:9d:
bc:3f:14:ed:29:25:79:e4:7a:5c:9e:f1:59:37:b7:c0:09:fc:
e8:e0:a0:b7:12:67:97:c1:73:65:7e:03:02:ea:17:d5:74:09:
a3:8f:6c:93:48:dc:91:0c:ec:42:34:ae:17:22:a0:57:b0:f4:
56:42:d9:03:e7:49:8f:2c:86:dc:1b:d5:74:38:6d:85:cc:41:
ec:94:99:d8:88:e4:fa:b8:4e:17:c3:87:27:48:6a:b0:04:13:
4c:7d:c2:0d:7a:5f:36:08:5f:33:24:ed:e8:d1:bd:21:97:6b:
b7:7f:a5:6d:f8:73:cf:1b:f3:3a:8b:93:4c:93:bc:f9:cc:35:
e9:89:18:72:a7:69:b2:62:d5:f9:7a:aa:36:85:b7:ff:5d:06:
bf:98:71:bf:2b:c3:cf:cf:e1:60:0e:77:07:3c:b8:ae:2e:51:
85:82:97:53:2a:e3:c8:80:22:51:8f:26:a0:34:44:0a:b6:15:
28:c1:85:db:6a:50:35:fe:46:51:c0:fa:aa:67:bb:6d:38:7b:
9c:d8:b4:57:f7:85:2a:0c:10:7c:8c:0e:33:2e:50:9d:e8:36:
8f:83:4e:bf:ee:5e:e8:2e:dc:0f:61:5e:59:a5:25:6b:17:04:
34:56:7a:45
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEDneaJTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NGE0YWNhMDIwZmIyYmRjOTNhNDcyNjZlODdlYzY3Y2RjODg1N2M1MB4XDTIyMDEw
MTE0NTkwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTIyMzVlMTcyYjRj
YmYxOTJkMjBjODcxZDI5YTkzODA3ZjNiODdhZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANuOde/85yU85GUtITHkznqPyKtShdR3bhrPNjbB1mGq/FsO
CnLfdvlJbOuqATGFWJkUP4W+EQCHdQQ18tOZ29mbFxM70niJwdOPZq6ba7eP3vVE
zFZ5MoajaQUKn9c97ctN4ioDdkDx/3EmRw0WCD/S2nLnXTYFwRjAfBYvEymBb+TC
F/YSHYdbGT53ifbG2tr5PhJKsvhrQZ32bpzFmml/ONbELYSwZaE2nxM920voJc0Z
2PLIX4FFsz0bh4u4El612KYMTCiUmPsusjgtKJz86alwfPmQag0QZ3weyF6gigKt
4NDKjF0jATO/IK3urUSeEMmFEIGq9U9kfvlRcfcCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBSSI14XK0y/GS0gyHHSmpOAfzuHrzAfBgNVHSMEGDAWgBSEpKygIPsr3JOk
cmbofsZ83IhXxTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hLU3NvQ0Q3Szl5VHBISm02SDdHZk55SVY4VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGYvNmJiMjI3LTViMzYtNGYyYS1hMWM1LTllZjM2ZDI1MTUxNy8x
L2tpTmVGeXRNdnhrdElNaHgwcHFUZ0g4N2g2OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGYv
NmJiMjI3LTViMzYtNGYyYS1hMWM1LTllZjM2ZDI1MTUxNy8xL2hLU3NvQ0Q3Szl5
VHBISm02SDdHZk55SVY4VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAwUqkAMEAy7jmAMEA7IUIAMEA7KE
aDANBgkqhkiG9w0BAQsFAAOCAQEAFFuSPNewWq7lFpkEiB4DAbSdvD8U7SkleeR6
XJ7xWTe3wAn86OCgtxJnl8FzZX4DAuoX1XQJo49sk0jckQzsQjSuFyKgV7D0VkLZ
A+dJjyyG3BvVdDhthcxB7JSZ2Ijk+rhOF8OHJ0hqsAQTTH3CDXpfNghfMyTt6NG9
IZdrt3+lbfhzzxvzOouTTJO8+cw16YkYcqdpsmLV+XqqNoW3/10Gv5hxvyvDz8/h
YA53Bzy4ri5RhYKXUyrjyIAiUY8moDRECrYVKMGF22pQNf5GUcD6qme7bTh7nNi0
V/eFKgwQfIwOMy5Qneg2j4NOv+5e6C7cD2FeWaUlaxcENFZ6RQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:03 2024 by rpki-client on console-fra.rpki-client.org