Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/l0uVYmmz0dj5vcgBEJyNVXalHKc.roa
File: l0uVYmmz0dj5vcgBEJyNVXalHKc.roa (raw, json)
Hash identifier: kc07ogjTqm8w/cPyrudXO7aAvN3KBzTBnbElsDricOI=
Subject key identifier: 97:4B:95:62:69:B3:D1:D8:F9:BD:C8:01:10:9C:8D:55:76:A5:1C:A7
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 0185A10D0A3A9E33E1D1F0B99B4849CD31B2
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/l0uVYmmz0dj5vcgBEJyNVXalHKc.roa
Signing time: Wed 11 Jan 2023 13:37:44 +0000
ROA not before: Wed 11 Jan 2023 13:37:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 26636
IP address blocks: 194.5.92.0/24 maxlen: 24
91.200.84.0/24 maxlen: 24
45.66.116.0/24 maxlen: 24
5.44.44.0/24 maxlen: 24
109.236.58.0/24 maxlen: 24
92.118.114.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a1:0d:0a:3a:9e:33:e1:d1:f0:b9:9b:48:49:cd:31:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Jan 11 13:37:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=974b956269b3d1d8f9bdc801109c8d5576a51ca7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:fa:2f:b9:f5:ee:95:9c:f8:86:c8:17:79:c5:
54:10:7b:ce:f3:4d:c2:e0:75:15:1b:54:ad:86:e9:
ee:50:7a:60:b7:db:9c:fc:bf:ec:72:d0:80:b7:ab:
a8:7f:31:ef:cf:e2:3d:98:f9:47:12:8a:14:76:4d:
df:8f:af:e7:73:ed:6d:af:e0:15:01:73:bc:07:69:
15:39:54:ea:85:2a:3f:0a:3f:01:ab:d3:14:54:67:
65:e8:9a:b0:ad:3b:62:0a:bc:e0:ba:55:75:1a:cc:
5e:04:a9:72:04:af:1d:1a:79:84:d1:6a:89:62:31:
ee:a9:d3:21:1d:6e:5e:ad:20:02:45:c1:e8:77:74:
17:d3:6a:61:7f:c4:16:4d:3d:56:0d:25:df:fd:a6:
96:e2:f6:d4:7f:3e:0b:5d:fc:8f:7b:be:4d:5d:1e:
68:14:4c:58:04:bb:38:bc:d1:7f:d6:15:c9:c0:ef:
a7:af:04:5c:b9:8d:5c:8d:c6:c2:b0:eb:89:68:ae:
71:f5:8f:58:18:ee:f5:d1:41:5d:2b:eb:74:fe:68:
ae:d7:2c:df:61:b6:c3:11:67:8f:aa:97:09:d0:66:
f6:8f:31:30:7f:52:8d:67:b4:43:79:f0:da:49:55:
8d:11:0d:38:36:c9:73:df:41:c7:86:d0:84:ad:bd:
28:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:4B:95:62:69:B3:D1:D8:F9:BD:C8:01:10:9C:8D:55:76:A5:1C:A7
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/l0uVYmmz0dj5vcgBEJyNVXalHKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.44.0/24
45.66.116.0/24
91.200.84.0/24
92.118.114.0/23
109.236.58.0/24
194.5.92.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:6d:d9:2b:a4:ca:b3:f9:8c:4c:f0:e8:a4:02:e0:73:ca:ed:
97:9f:62:b2:b4:47:df:ea:b4:9c:81:c4:e2:4c:d3:dd:c8:66:
a7:41:1d:b3:b4:0a:d8:43:2e:a2:75:10:38:26:64:b0:e9:1a:
d6:1a:89:3d:17:6e:3b:63:34:63:fc:97:54:22:ea:02:d7:10:
49:4b:57:4d:f9:7a:6f:f9:e0:67:99:95:27:c5:e7:96:43:f2:
30:66:e0:8b:ec:a3:56:37:a7:60:a9:68:60:14:73:4d:73:ae:
e4:99:76:ce:c4:0c:3d:b1:99:51:34:9d:23:85:6c:bd:0c:9c:
7d:80:f2:15:8a:f2:1a:88:14:c2:39:00:5f:77:c5:af:52:01:
af:ed:ee:37:1c:c6:28:3c:11:be:d4:90:d2:81:2a:e3:c0:13:
8a:03:8b:a1:57:4e:b8:0f:30:e3:a1:06:43:ae:75:65:8a:09:
64:b9:47:d8:a4:83:33:2a:4a:df:23:e9:c0:36:22:f8:e2:e5:
48:2f:09:8b:f8:d8:42:c9:bc:f8:8a:5f:09:04:82:07:d5:bf:
7d:15:5b:65:6a:2b:ce:50:3d:44:27:12:3b:14:b0:d0:d9:12:
39:06:42:6a:37:6a:71:bf:70:f8:e6:b9:ad:8c:10:e2:75:30:
2b:c0:6a:8a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYWhDQo6njPh0fC5m0hJzTGyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwMTExMTMzNzQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzRiOTU2MjY5YjNkMWQ4ZjliZGM4MDExMDljOGQ1NTc2YTUxY2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxvovufXulZz4hsgXecVUEHvO803C
4HUVG1SthunuUHpgt9uc/L/sctCAt6uofzHvz+I9mPlHEooUdk3fj6/nc+1tr+AV
AXO8B2kVOVTqhSo/Cj8Bq9MUVGdl6JqwrTtiCrzgulV1GsxeBKlyBK8dGnmE0WqJ
YjHuqdMhHW5erSACRcHod3QX02phf8QWTT1WDSXf/aaW4vbUfz4LXfyPe75NXR5o
FExYBLs4vNF/1hXJwO+nrwRcuY1cjcbCsOuJaK5x9Y9YGO710UFdK+t0/miu1yzf
YbbDEWePqpcJ0Gb2jzEwf1KNZ7RDefDaSVWNEQ04Nslz30HHhtCErb0oXQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJdLlWJps9HY+b3IARCcjVV2pRynMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvbDB1VlltbXowZGo1dmNnQkVKeU5WWGFsSEtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABSwsAwQA
LUJ0AwQAW8hUAwQBXHZyAwQAbew6AwQAwgVcMA0GCSqGSIb3DQEBCwUAA4IBAQB+
bdkrpMqz+YxM8OikAuBzyu2Xn2KytEff6rScgcTiTNPdyGanQR2ztArYQy6idRA4
JmSw6RrWGok9F247YzRj/JdUIuoC1xBJS1dN+Xpv+eBnmZUnxeeWQ/IwZuCL7KNW
N6dgqWhgFHNNc67kmXbOxAw9sZlRNJ0jhWy9DJx9gPIVivIaiBTCOQBfd8WvUgGv
7e43HMYoPBG+1JDSgSrjwBOKA4uhV064DzDjoQZDrnVliglkuUfYpIMzKkrfI+nA
NiL44uVILwmL+NhCybz4il8JBIIH1b99FVtlaivOUD1EJxI7FLDQ2RI5BkJqN2px
v3D45rmtjBDidTArwGqK
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:47 2023 by rpki-client on console-ams.rpki-client.org