Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/_0fhWp0ITQlDAYNPWjbO3LrbRQg.roa
File: _0fhWp0ITQlDAYNPWjbO3LrbRQg.roa (raw, json)
Hash identifier: OdHqpa9fnZmdCf4Z82jbvTnXiBd7pY8Ye5PET1VwEjU=
Subject key identifier: FF:47:E1:5A:9D:08:4D:09:43:01:83:4F:5A:36:CE:DC:BA:DB:45:08
Certificate issuer: /CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Certificate serial: 37ECE06C
Authority key identifier: 35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/_0fhWp0ITQlDAYNPWjbO3LrbRQg.roa
Signing time: Sat 01 Jan 2022 06:00:59 +0000
ROA not before: Sat 01 Jan 2022 06:00:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47232
IP address blocks: 5.39.200.0/22 maxlen: 32
147.161.28.0/22 maxlen: 32
185.15.108.0/22 maxlen: 32
78.111.114.0/23 maxlen: 32
78.111.116.0/23 maxlen: 32
78.111.112.0/20 maxlen: 32
46.29.224.0/21 maxlen: 32
213.108.162.0/23 maxlen: 32
217.75.208.0/20 maxlen: 32
185.64.220.0/22 maxlen: 32
185.125.128.0/22 maxlen: 32
93.91.150.0/23 maxlen: 32
93.91.152.0/24 maxlen: 32
93.91.149.0/24 maxlen: 32
93.91.153.0/24 maxlen: 32
93.91.154.0/24 maxlen: 32
46.29.228.0/23 maxlen: 32
185.52.172.0/24 maxlen: 32
93.91.144.0/20 maxlen: 32
2a02:17a0::/32 maxlen: 48
2a02:17a0::/29 maxlen: 48
2a03:2a82::/31 maxlen: 48
2a04:7bc0::/29 maxlen: 48
2a03:2a80::/29 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 938270828 (0x37ece06c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Validity
Not Before: Jan 1 06:00:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ff47e15a9d084d094301834f5a36cedcbadb4508
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:0b:52:a1:98:3e:dc:84:8c:cb:b9:fa:d0:b7:
50:6d:27:4b:89:b8:19:f2:35:53:c2:75:07:e9:7c:
1a:6b:03:43:3d:43:1b:35:39:fb:8c:78:17:18:a5:
1d:9e:f4:fd:6c:5e:3c:41:e9:54:cc:67:29:b6:3a:
be:e3:ba:bd:11:9b:4b:5a:28:bf:16:9b:e2:f9:c4:
f4:e2:6f:d6:d2:c9:40:20:23:64:5f:e4:42:58:55:
d2:fb:5d:a0:dd:d1:c5:52:c9:e4:28:dd:c2:c6:46:
94:e6:99:7f:f3:2c:29:c2:f0:2f:c5:93:f8:de:f8:
65:48:55:b3:98:99:02:55:33:8e:24:f4:0b:fd:a5:
af:f1:3d:4f:b0:9a:d5:11:38:e3:27:59:3e:2b:79:
a3:97:9d:9f:62:80:2c:8f:5e:59:02:10:ee:5f:50:
78:01:dc:c1:51:a6:b8:b3:bc:44:5f:c2:17:79:af:
c8:04:ef:34:d5:3c:47:11:c2:49:aa:28:e8:47:85:
04:69:47:26:3e:02:34:09:fe:ec:a7:da:e5:4c:5d:
7f:26:b9:f0:78:62:6c:e4:48:43:52:31:ce:60:e3:
97:b2:3b:e0:7b:7e:c8:31:f4:f0:cf:67:de:e4:7a:
a0:0c:5c:84:b2:10:4e:3f:12:7b:fe:59:3c:93:0a:
1a:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:47:E1:5A:9D:08:4D:09:43:01:83:4F:5A:36:CE:DC:BA:DB:45:08
X509v3 Authority Key Identifier:
keyid:35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/_0fhWp0ITQlDAYNPWjbO3LrbRQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.200.0/22
46.29.224.0/21
78.111.112.0/20
93.91.144.0/20
147.161.28.0/22
185.15.108.0/22
185.52.172.0/24
185.64.220.0/22
185.125.128.0/22
213.108.162.0/23
217.75.208.0/20
IPv6:
2a02:17a0::/29
2a03:2a80::/29
2a04:7bc0::/29
Signature Algorithm: sha256WithRSAEncryption
2e:44:09:db:a1:37:fe:3c:de:33:5e:29:7e:eb:89:8d:dd:04:
bf:23:57:79:a7:0f:e3:22:33:3a:1c:8b:e7:d8:2e:68:c7:92:
9c:c4:1a:3a:ae:62:09:45:d0:aa:0a:40:6d:d0:5b:83:c5:c4:
31:f5:49:a9:1a:ef:c4:52:90:a9:62:b3:a9:1d:e5:58:d9:39:
32:65:8d:80:57:35:a2:e3:0d:c4:81:98:9a:ab:8e:60:3f:cb:
3c:c8:4f:c5:b5:11:ca:47:34:bf:b7:fa:30:3c:25:33:d1:3f:
7a:21:f2:65:94:68:0e:85:fb:e4:89:ea:4d:a2:de:f0:21:f4:
68:a8:e6:46:4b:10:df:2d:d5:75:cb:0b:b3:0c:01:9b:a1:6b:
ab:3e:4a:69:84:91:61:de:d1:3c:ea:29:34:e6:76:39:71:49:
bb:e9:e1:ff:39:7b:dd:ae:ac:95:5c:68:3b:36:50:86:56:3f:
5a:ed:32:b7:d5:31:ef:ae:fe:0d:26:61:cb:ff:11:f3:fc:51:
60:11:1c:c5:ca:93:a8:3e:5b:2c:05:21:78:c6:3a:91:b2:3d:
75:cb:07:a7:4a:d7:80:17:6c:8b:be:df:1c:03:f1:e0:9a:2a:
f5:6e:9a:7c:41:c7:10:39:21:80:0d:13:91:c1:1a:d5:e7:cd:
d0:a9:de:1e
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIEN+zgbDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTlmMGY1ZmY2MjBlMGRiNTMxMWY2NDczNjkwOTk3M2FjNjBmNmYzMB4XDTIyMDEw
MTA2MDA1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmY0N2UxNWE5ZDA4
NGQwOTQzMDE4MzRmNWEzNmNlZGNiYWRiNDUwODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKoLUqGYPtyEjMu5+tC3UG0nS4m4GfI1U8J1B+l8GmsDQz1D
GzU5+4x4FxilHZ70/WxePEHpVMxnKbY6vuO6vRGbS1oovxab4vnE9OJv1tLJQCAj
ZF/kQlhV0vtdoN3RxVLJ5CjdwsZGlOaZf/MsKcLwL8WT+N74ZUhVs5iZAlUzjiT0
C/2lr/E9T7Ca1RE44ydZPit5o5edn2KALI9eWQIQ7l9QeAHcwVGmuLO8RF/CF3mv
yATvNNU8RxHCSaoo6EeFBGlHJj4CNAn+7Kfa5Uxdfya58HhibORIQ1IxzmDjl7I7
4Ht+yDH08M9n3uR6oAxchLIQTj8Se/5ZPJMKGrMCAwEAAaOCAmIwggJeMB0GA1Ud
DgQWBBT/R+FanQhNCUMBg09aNs7cuttFCDAfBgNVHSMEGDAWgBQ1nw9f9iDg21MR
9kc2kJlzrGD28zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05aOFBYX1lnNE50VEVmWkhOcENaYzZ4Zzl2TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWEvNDBkOWE1LTI1NjYtNDllMS1hNTdiLWQxYWJmNGVlMzJjYi8x
L18wZmhXcDBJVFFsREFZTlBXamJPM0xyYlJRZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWEv
NDBkOWE1LTI1NjYtNDllMS1hNTdiLWQxYWJmNGVlMzJjYi8xL05aOFBYX1lnNE50
VEVmWkhOcENaYzZ4Zzl2TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB4
BggrBgEFBQcBBwEB/wRpMGcwSAQCAAEwQgMEAgUnyAMEAy4d4AMEBE5vcAMEBF1b
kAMEApOhHAMEArkPbAMEALk0rAMEArlA3AMEArl9gAMEAdVsogMEBNlL0DAbBAIA
AjAVAwUDKgIXoAMFAyoDKoADBQMqBHvAMA0GCSqGSIb3DQEBCwUAA4IBAQAuRAnb
oTf+PN4zXil+64mN3QS/I1d5pw/jIjM6HIvn2C5ox5KcxBo6rmIJRdCqCkBt0FuD
xcQx9UmpGu/EUpCpYrOpHeVY2TkyZY2AVzWi4w3EgZiaq45gP8s8yE/FtRHKRzS/
t/owPCUz0T96IfJllGgOhfvkiepNot7wIfRoqOZGSxDfLdV1ywuzDAGboWurPkpp
hJFh3tE86ik05nY5cUm76eH/OXvdrqyVXGg7NlCGVj9a7TK31THvrv4NJmHL/xHz
/FFgERzFypOoPlssBSF4xjqRsj11ywenSteAF2yLvt8cA/Hgmir1bpp8QccQOSGA
DRORwRrV583Qqd4e
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:32 2024 by rpki-client on console-ams.rpki-client.org