Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/5No5aXU7HpzFfHkGdPeywgGMRbg.roa
File: 5No5aXU7HpzFfHkGdPeywgGMRbg.roa (raw, json)
Hash identifier: PbzdUYCPeXchCVFsujOvc6x0r14tMu0emiEv0cHzTtA=
Subject key identifier: E4:DA:39:69:75:3B:1E:9C:C5:7C:79:06:74:F7:B2:C2:01:8C:45:B8
Certificate issuer: /CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02
Certificate serial: 04922995
Authority key identifier: 8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/5No5aXU7HpzFfHkGdPeywgGMRbg.roa
Signing time: Mon 04 Apr 2022 11:45:07 +0000
ROA not before: Mon 04 Apr 2022 11:45:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39130
IP address blocks: 5.102.36.0/24 maxlen: 24
5.102.36.0/23 maxlen: 23
5.102.37.0/24 maxlen: 24
5.102.36.0/22 maxlen: 22
5.102.38.0/24 maxlen: 24
5.102.39.0/24 maxlen: 24
178.159.208.0/24 maxlen: 24
178.159.208.0/20 maxlen: 20
178.159.211.0/24 maxlen: 24
178.159.212.0/24 maxlen: 24
178.159.209.0/24 maxlen: 24
178.159.210.0/24 maxlen: 24
178.159.213.0/24 maxlen: 24
178.159.214.0/24 maxlen: 24
178.159.215.0/24 maxlen: 24
178.159.218.0/24 maxlen: 24
178.159.219.0/24 maxlen: 24
178.159.216.0/24 maxlen: 24
178.159.217.0/24 maxlen: 24
178.159.221.0/24 maxlen: 24
178.159.220.0/24 maxlen: 24
178.159.223.0/24 maxlen: 24
195.222.124.0/24 maxlen: 24
195.222.124.0/22 maxlen: 22
195.222.125.0/24 maxlen: 24
195.222.126.0/24 maxlen: 24
195.222.127.0/24 maxlen: 24
195.5.124.0/23 maxlen: 23
2a10:d80::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76687765 (0x4922995)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02
Validity
Not Before: Apr 4 11:45:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e4da3969753b1e9cc57c790674f7b2c2018c45b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:7f:c7:66:0b:0f:0c:5a:70:c5:bb:54:76:3e:
42:96:cb:1e:e3:e4:77:d8:3e:46:67:c5:d3:cf:48:
e3:f1:94:56:7c:b0:c9:e0:f1:5b:99:f2:2f:fa:2c:
84:98:4e:a8:24:db:5b:e2:35:2f:a4:b5:55:f4:30:
99:31:8b:3b:2f:05:10:57:49:98:62:3b:ca:ea:82:
d1:86:c8:85:8c:c9:29:8b:ea:c9:a1:71:2a:8d:34:
b7:05:80:ba:17:5d:e3:00:dc:ea:32:d4:e8:a7:cf:
1c:2e:1b:8d:60:1e:8c:df:55:99:b2:85:86:b8:ec:
66:cf:7e:c2:c1:f2:8d:74:2b:03:e3:ef:8d:6d:a6:
05:fe:0c:a6:4c:4b:99:c4:bf:bf:76:25:dd:52:0c:
b9:5d:10:86:27:c9:93:f2:ab:45:6d:7b:1e:f2:cf:
c8:72:d6:a6:af:7b:f0:26:9d:cd:79:57:66:c1:e1:
fb:a4:36:42:08:c9:dd:94:2d:6d:f4:cf:04:15:14:
e9:e5:dd:5d:31:86:f0:5f:f4:f9:fa:69:f1:ef:4c:
e9:b4:9f:c2:1a:0b:1e:37:9c:79:aa:fe:22:c0:4c:
6a:76:f4:29:68:8c:d3:36:27:a0:71:23:dd:be:48:
02:df:8a:67:bf:ea:82:56:14:99:fe:0a:3e:b0:eb:
10:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:DA:39:69:75:3B:1E:9C:C5:7C:79:06:74:F7:B2:C2:01:8C:45:B8
X509v3 Authority Key Identifier:
keyid:8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/5No5aXU7HpzFfHkGdPeywgGMRbg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/i992xUueaTXDCptMm6kwmsRw7AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.36.0/22
178.159.208.0/20
195.5.124.0/23
195.222.124.0/22
IPv6:
2a10:d80::/29
Signature Algorithm: sha256WithRSAEncryption
82:4a:9c:ee:a5:96:ba:6c:b6:7a:3f:3b:4b:3e:24:5d:02:6f:
7e:de:c7:d7:0a:d4:a2:e3:34:15:33:d8:44:9d:3d:09:96:40:
cc:e5:1b:09:aa:06:9b:80:9c:1f:ad:12:25:52:6c:c0:b9:48:
9a:e1:15:95:10:39:cc:45:8a:ad:14:e9:25:b4:8f:41:b7:ef:
5d:7c:56:4c:c1:2b:7e:1d:c6:5b:57:17:f5:a3:cc:aa:bb:a5:
e0:70:63:51:60:66:3f:37:ee:ca:b6:a0:d2:0a:8c:76:50:c6:
63:9f:9b:11:3b:17:ed:bc:da:70:be:63:a8:4f:19:7f:6f:34:
22:e4:05:73:b0:3b:4b:c9:3c:35:6d:3b:d5:2b:9e:96:03:07:
94:9a:2e:b2:7f:69:f2:16:7e:b9:b3:09:78:fd:7a:2a:f8:2f:
64:cd:51:3b:d2:7e:b5:f4:41:03:a8:b1:71:a9:fb:13:84:21:
59:e8:83:00:bf:21:bd:8a:06:c4:60:59:e1:2a:c0:d2:2a:35:
21:71:e5:fe:1e:bd:0b:8b:e3:c4:7e:d4:f6:e1:ab:13:6b:ef:
d7:e7:90:2b:99:27:85:00:11:ca:27:78:4f:1c:e7:06:48:1d:
f3:cd:0b:e6:76:be:52:7f:a7:7f:15:3b:2d:27:c5:81:40:c1:
1c:c3:a0:58
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEBJIplTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmRmNzZjNTRiOWU2OTM1YzMwYTliNGM5YmE5MzA5YWM0NzBlYzAyMB4XDTIyMDQw
NDExNDUwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTRkYTM5Njk3NTNi
MWU5Y2M1N2M3OTA2NzRmN2IyYzIwMThjNDViODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMV/x2YLDwxacMW7VHY+QpbLHuPkd9g+RmfF089I4/GUVnyw
yeDxW5nyL/oshJhOqCTbW+I1L6S1VfQwmTGLOy8FEFdJmGI7yuqC0YbIhYzJKYvq
yaFxKo00twWAuhdd4wDc6jLU6KfPHC4bjWAejN9VmbKFhrjsZs9+wsHyjXQrA+Pv
jW2mBf4MpkxLmcS/v3Yl3VIMuV0QhifJk/KrRW17HvLPyHLWpq978CadzXlXZsHh
+6Q2QgjJ3ZQtbfTPBBUU6eXdXTGG8F/0+fpp8e9M6bSfwhoLHjecear+IsBManb0
KWiM0zYnoHEj3b5IAt+KZ7/qglYUmf4KPrDrEN0CAwEAAaOCAiowggImMB0GA1Ud
DgQWBBTk2jlpdTsenMV8eQZ097LCAYxFuDAfBgNVHSMEGDAWgBSL33bFS55pNcMK
m0ybqTCaxHDsAjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k5OTJ4VXVlYVRYRENwdE1tNmt3bXNSdzdBSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvMjE1MTllLWI4ZGMtNDI0MC1hYTc4LThkMjE4NjY1MDI3ZC8x
LzVObzVhWFU3SHB6RmZIa0dkUGV5d2dHTVJiZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
MjE1MTllLWI4ZGMtNDI0MC1hYTc4LThkMjE4NjY1MDI3ZC8xL2k5OTJ4VXVlYVRY
RENwdE1tNmt3bXNSdzdBSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAgVmJAMEBLKf0AMEAcMFfAMEAsPe
fDANBAIAAjAHAwUDKhANgDANBgkqhkiG9w0BAQsFAAOCAQEAgkqc7qWWumy2ej87
Sz4kXQJvft7H1wrUouM0FTPYRJ09CZZAzOUbCaoGm4CcH60SJVJswLlImuEVlRA5
zEWKrRTpJbSPQbfvXXxWTMErfh3GW1cX9aPMqrul4HBjUWBmPzfuyrag0gqMdlDG
Y5+bETsX7bzacL5jqE8Zf280IuQFc7A7S8k8NW071SuelgMHlJousn9p8hZ+ubMJ
eP16KvgvZM1RO9J+tfRBA6ixcan7E4QhWeiDAL8hvYoGxGBZ4SrA0io1IXHl/h69
C4vjxH7U9uGrE2vv1+eQK5knhQARyid4TxznBkgd880L5na+Un+nfxU7LSfFgUDB
HMOgWA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:06 2024 by rpki-client on console-ams.rpki-client.org