Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/WSGUEsJxqaLxjdyuDxaCwsMwssQ.roa
File: WSGUEsJxqaLxjdyuDxaCwsMwssQ.roa (raw, json)
Hash identifier: yFIxkHHsBx7MyxG0XwIR2L5wN1N8MFEni/9HOrY65Yw=
Subject key identifier: 59:21:94:12:C2:71:A9:A2:F1:8D:DC:AE:0F:16:82:C2:C3:30:B2:C4
Certificate issuer: /CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02
Certificate serial: 03BEBA9C
Authority key identifier: 8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/WSGUEsJxqaLxjdyuDxaCwsMwssQ.roa
Signing time: Sat 01 Jan 2022 05:57:54 +0000
ROA not before: Sat 01 Jan 2022 05:57:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39130
IP address blocks: 5.102.36.0/23 maxlen: 23
5.102.36.0/22 maxlen: 22
5.102.38.0/24 maxlen: 24
5.102.39.0/24 maxlen: 24
178.159.208.0/24 maxlen: 24
178.159.208.0/20 maxlen: 20
178.159.211.0/24 maxlen: 24
178.159.212.0/24 maxlen: 24
178.159.209.0/24 maxlen: 24
178.159.210.0/24 maxlen: 24
178.159.213.0/24 maxlen: 24
178.159.214.0/24 maxlen: 24
178.159.215.0/24 maxlen: 24
178.159.218.0/24 maxlen: 24
178.159.219.0/24 maxlen: 24
178.159.216.0/24 maxlen: 24
178.159.217.0/24 maxlen: 24
178.159.221.0/24 maxlen: 24
178.159.220.0/24 maxlen: 24
178.159.223.0/24 maxlen: 24
195.222.124.0/24 maxlen: 24
195.222.124.0/22 maxlen: 22
195.222.125.0/24 maxlen: 24
195.222.126.0/24 maxlen: 24
195.222.127.0/24 maxlen: 24
195.5.124.0/23 maxlen: 23
2a10:d80::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62831260 (0x3beba9c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02
Validity
Not Before: Jan 1 05:57:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=59219412c271a9a2f18ddcae0f1682c2c330b2c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:d1:20:67:c6:4b:43:66:ac:ea:9d:16:3a:25:
57:cb:02:a1:2d:66:2a:37:18:c5:94:89:9a:a6:b1:
15:86:0d:ee:ea:cd:3f:8e:6c:0a:12:b7:90:be:a2:
fc:68:5c:71:2f:67:e4:91:f3:b9:ec:cd:72:98:da:
15:d2:0a:2b:ac:de:4d:4a:ee:57:b5:c2:ce:88:7b:
93:16:03:94:30:7e:27:a3:b1:91:1d:e3:f2:a1:e2:
f0:22:71:85:8c:31:73:4e:35:58:6e:44:d0:e4:fa:
fc:f4:91:b2:29:2c:c2:f3:34:33:8f:87:7e:7c:5f:
da:28:f6:2a:4f:66:03:30:ed:b5:2a:8c:6b:ae:65:
e5:2b:8b:1a:19:0e:d3:e4:14:ef:fd:86:8c:4a:f3:
d2:d3:27:e8:55:84:4e:c9:28:73:fd:40:0f:5b:48:
d3:f6:a6:27:84:44:5f:3b:02:da:c5:b3:4f:9c:b8:
40:49:d2:dc:ae:0b:47:ae:fd:18:fa:a2:4e:e6:33:
e5:f8:f6:94:2b:c7:b5:37:48:3a:cd:8c:d9:ff:8a:
a7:5f:d7:88:76:79:3b:36:95:2f:23:72:62:ee:86:
88:81:1b:3e:40:90:e4:9c:81:20:5a:b5:df:69:75:
02:99:5a:f3:64:bb:b2:f9:58:ac:e1:53:39:47:97:
7e:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:21:94:12:C2:71:A9:A2:F1:8D:DC:AE:0F:16:82:C2:C3:30:B2:C4
X509v3 Authority Key Identifier:
keyid:8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/WSGUEsJxqaLxjdyuDxaCwsMwssQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/i992xUueaTXDCptMm6kwmsRw7AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.36.0/22
178.159.208.0/20
195.5.124.0/23
195.222.124.0/22
IPv6:
2a10:d80::/29
Signature Algorithm: sha256WithRSAEncryption
9b:b6:ed:17:52:d0:d4:e3:7e:21:cd:e3:02:88:dc:86:e6:0e:
4b:1a:f8:b0:4c:19:1e:85:fc:23:e6:dd:f6:a6:5c:d2:60:d4:
a6:09:f2:27:7d:88:66:6d:23:e6:a9:54:d7:96:35:26:35:68:
39:d0:43:83:0a:57:89:2d:dc:6e:f5:c1:e4:91:88:7b:a3:bb:
f2:30:6e:ab:12:d3:bc:f1:1b:28:a4:9c:57:27:b8:a3:93:be:
64:79:9e:97:29:f0:05:9f:ab:69:2a:73:92:9c:14:4f:0f:a9:
6c:b6:b5:82:9b:02:13:48:4f:31:05:8c:1a:e8:93:90:cd:ff:
ab:e5:4d:b3:b8:5b:dd:14:bc:c2:be:19:28:59:3c:58:a7:85:
1d:45:0f:90:b2:ef:69:86:bf:18:ed:5a:1a:44:93:63:1e:60:
8f:80:c8:55:a6:32:8f:7e:30:a5:22:ef:f0:b7:19:1a:83:2d:
66:21:2a:fa:41:1d:fe:27:aa:40:26:f0:0c:56:76:14:3a:78:
6d:0c:4d:c5:b3:83:1f:60:38:86:d6:db:fd:01:ab:46:21:ec:
cb:07:bf:72:3f:69:26:08:6e:00:d4:57:8f:51:34:89:d5:5a:
fc:4a:5b:93:22:ad:e7:4a:9b:44:73:04:46:ef:6b:01:22:04:
16:eb:97:96
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEA766nDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmRmNzZjNTRiOWU2OTM1YzMwYTliNGM5YmE5MzA5YWM0NzBlYzAyMB4XDTIyMDEw
MTA1NTc1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTkyMTk0MTJjMjcx
YTlhMmYxOGRkY2FlMGYxNjgyYzJjMzMwYjJjNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANXRIGfGS0NmrOqdFjolV8sCoS1mKjcYxZSJmqaxFYYN7urN
P45sChK3kL6i/GhccS9n5JHzuezNcpjaFdIKK6zeTUruV7XCzoh7kxYDlDB+J6Ox
kR3j8qHi8CJxhYwxc041WG5E0OT6/PSRsikswvM0M4+Hfnxf2ij2Kk9mAzDttSqM
a65l5SuLGhkO0+QU7/2GjErz0tMn6FWETskoc/1AD1tI0/amJ4REXzsC2sWzT5y4
QEnS3K4LR679GPqiTuYz5fj2lCvHtTdIOs2M2f+Kp1/XiHZ5OzaVLyNyYu6GiIEb
PkCQ5JyBIFq132l1Apla82S7svlYrOFTOUeXfj0CAwEAAaOCAiowggImMB0GA1Ud
DgQWBBRZIZQSwnGpovGN3K4PFoLCwzCyxDAfBgNVHSMEGDAWgBSL33bFS55pNcMK
m0ybqTCaxHDsAjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k5OTJ4VXVlYVRYRENwdE1tNmt3bXNSdzdBSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvMjE1MTllLWI4ZGMtNDI0MC1hYTc4LThkMjE4NjY1MDI3ZC8x
L1dTR1VFc0p4cWFMeGpkeXVEeGFDd3NNd3NzUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
MjE1MTllLWI4ZGMtNDI0MC1hYTc4LThkMjE4NjY1MDI3ZC8xL2k5OTJ4VXVlYVRY
RENwdE1tNmt3bXNSdzdBSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAgVmJAMEBLKf0AMEAcMFfAMEAsPe
fDANBAIAAjAHAwUDKhANgDANBgkqhkiG9w0BAQsFAAOCAQEAm7btF1LQ1ON+Ic3j
AojchuYOSxr4sEwZHoX8I+bd9qZc0mDUpgnyJ32IZm0j5qlU15Y1JjVoOdBDgwpX
iS3cbvXB5JGIe6O78jBuqxLTvPEbKKScVye4o5O+ZHmelynwBZ+raSpzkpwUTw+p
bLa1gpsCE0hPMQWMGuiTkM3/q+VNs7hb3RS8wr4ZKFk8WKeFHUUPkLLvaYa/GO1a
GkSTYx5gj4DIVaYyj34wpSLv8LcZGoMtZiEq+kEd/ieqQCbwDFZ2FDp4bQxNxbOD
H2A4htbb/QGrRiHsywe/cj9pJghuANRXj1E0idVa/EpbkyKt50qbRHMERu9rASIE
FuuXlg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:50 2024 by rpki-client on console-fra.rpki-client.org