Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/513734-a485-4c28-8aa6-9555d30f6f8f/1/Eg3vb6yeZj2-nqWB6G7_Y2ffpj0.roa
File: Eg3vb6yeZj2-nqWB6G7_Y2ffpj0.roa (raw, json)
Hash identifier: 3kzWDl8mGT8JiyFipLL+PeSSEFkno4Zur2h5stVcGOw=
Subject key identifier: 12:0D:EF:6F:AC:9E:66:3D:BE:9E:A5:81:E8:6E:FF:63:67:DF:A6:3D
Certificate issuer: /CN=fd3a1e8465bfc4df700894372d0b9808e8b629ea
Certificate serial: 29519DCB
Authority key identifier: FD:3A:1E:84:65:BF:C4:DF:70:08:94:37:2D:0B:98:08:E8:B6:29:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_ToehGW_xN9wCJQ3LQuYCOi2Keo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/513734-a485-4c28-8aa6-9555d30f6f8f/1/Eg3vb6yeZj2-nqWB6G7_Y2ffpj0.roa
Signing time: Sat 01 Jan 2022 01:00:53 +0000
ROA not before: Sat 01 Jan 2022 01:00:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47692
IP address blocks: 192.166.242.0/23 maxlen: 23
192.166.241.0/24 maxlen: 24
84.242.8.0/21 maxlen: 24
146.255.56.0/21 maxlen: 24
5.183.173.0/24 maxlen: 24
5.183.174.0/23 maxlen: 23
45.155.244.0/22 maxlen: 24
83.137.112.0/21 maxlen: 24
77.244.240.0/20 maxlen: 24
217.74.8.0/21 maxlen: 24
92.42.136.0/21 maxlen: 24
185.51.8.0/22 maxlen: 24
212.232.24.0/21 maxlen: 24
2a02:1b9::/32 maxlen: 32
2a01:aee0::/32 maxlen: 32
2a02:1b8::/29 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 693214667 (0x29519dcb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd3a1e8465bfc4df700894372d0b9808e8b629ea
Validity
Not Before: Jan 1 01:00:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=120def6fac9e663dbe9ea581e86eff6367dfa63d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:b3:b7:06:2e:77:78:31:b1:94:0e:22:61:14:
1d:25:94:3b:37:d3:49:9f:ca:75:23:4e:e3:6a:be:
7d:5c:08:be:fc:ad:3d:40:63:b0:05:88:71:0e:2d:
e9:01:ce:64:45:b1:5a:48:21:08:08:46:35:55:55:
89:01:b9:53:bf:d1:bb:86:88:ac:d8:28:56:e9:1a:
7f:25:8b:70:e5:2e:0d:a7:75:86:55:9a:e2:de:57:
63:c0:10:f5:ed:33:bb:4e:57:43:44:41:7c:0f:27:
51:d1:47:50:78:6f:b3:87:dc:f4:ff:8a:f2:d2:06:
de:ad:0b:bf:bc:73:86:c0:65:87:e5:59:cd:e1:da:
9d:e8:30:53:9d:c2:53:fd:fc:24:2b:9a:5c:ef:b0:
d0:b0:e0:e0:9f:86:b0:51:c5:9c:ab:bf:57:9f:d7:
f7:f8:39:33:81:ae:47:19:df:2e:a5:81:96:e1:05:
ce:e1:7a:75:6a:35:93:5c:e3:bc:82:b9:2b:d7:97:
13:de:5e:f1:24:66:77:6a:70:da:63:f3:33:6d:22:
8c:ea:a0:94:0e:e9:ff:64:31:ca:d5:56:42:bd:f4:
b5:d2:4d:f9:47:3e:18:4f:91:db:07:76:ff:28:4a:
73:f1:d6:e8:09:d8:41:3f:b6:ef:51:6e:70:0d:b0:
1f:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:0D:EF:6F:AC:9E:66:3D:BE:9E:A5:81:E8:6E:FF:63:67:DF:A6:3D
X509v3 Authority Key Identifier:
keyid:FD:3A:1E:84:65:BF:C4:DF:70:08:94:37:2D:0B:98:08:E8:B6:29:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_ToehGW_xN9wCJQ3LQuYCOi2Keo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/513734-a485-4c28-8aa6-9555d30f6f8f/1/Eg3vb6yeZj2-nqWB6G7_Y2ffpj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/513734-a485-4c28-8aa6-9555d30f6f8f/1/_ToehGW_xN9wCJQ3LQuYCOi2Keo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.173.0-5.183.175.255
45.155.244.0/22
77.244.240.0/20
83.137.112.0/21
84.242.8.0/21
92.42.136.0/21
146.255.56.0/21
185.51.8.0/22
192.166.241.0-192.166.243.255
212.232.24.0/21
217.74.8.0/21
IPv6:
2a01:aee0::/32
2a02:1b8::/29
Signature Algorithm: sha256WithRSAEncryption
83:20:bc:68:ef:04:e1:85:ac:7b:79:8d:12:f5:d3:56:27:3c:
2a:ea:af:6c:8b:0a:69:fe:00:f9:4f:fd:11:63:30:8c:2f:14:
c8:1a:25:fa:c2:bd:31:08:52:c7:b1:d8:50:c6:00:02:ab:c8:
ba:a7:2f:da:b6:86:65:e8:36:6b:da:f2:6b:9f:ce:37:44:e8:
2e:e2:4e:00:4a:fc:f9:b8:bb:78:08:70:3b:b9:4d:ae:aa:71:
d7:73:1a:7e:ca:c8:1c:94:d2:fb:f1:ed:9e:0e:a8:e5:46:ab:
e6:08:2f:1c:7f:3a:e0:d3:b6:00:09:b0:a8:a7:aa:91:5f:a9:
74:6c:a7:fe:61:6f:7d:41:92:df:43:14:fc:41:fb:7b:59:a4:
3f:15:12:12:30:02:ad:fb:56:9b:66:e9:69:47:84:90:bf:a4:
25:2d:94:b9:02:a3:22:2c:37:ce:57:81:5c:98:4e:44:10:2c:
5d:05:49:2f:09:7f:84:9b:57:9f:ab:d1:68:17:6b:ba:45:5e:
15:4a:71:f5:3a:34:b9:a0:b5:0d:41:10:ba:b7:4f:d5:9c:82:
ce:c9:65:b0:86:6a:63:6f:4b:b1:96:9e:fe:db:69:b0:7e:e3:
3b:7f:44:7e:ff:b1:b6:55:4f:9b:4d:7a:07:3d:91:a1:1f:a9:
7c:20:9b:5d
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgIEKVGdyzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZDNhMWU4NDY1YmZjNGRmNzAwODk0MzcyZDBiOTgwOGU4YjYyOWVhMB4XDTIyMDEw
MTAxMDA1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTIwZGVmNmZhYzll
NjYzZGJlOWVhNTgxZTg2ZWZmNjM2N2RmYTYzZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI2ztwYud3gxsZQOImEUHSWUOzfTSZ/KdSNO42q+fVwIvvyt
PUBjsAWIcQ4t6QHOZEWxWkghCAhGNVVViQG5U7/Ru4aIrNgoVukafyWLcOUuDad1
hlWa4t5XY8AQ9e0zu05XQ0RBfA8nUdFHUHhvs4fc9P+K8tIG3q0Lv7xzhsBlh+VZ
zeHanegwU53CU/38JCuaXO+w0LDg4J+GsFHFnKu/V5/X9/g5M4GuRxnfLqWBluEF
zuF6dWo1k1zjvIK5K9eXE95e8SRmd2pw2mPzM20ijOqglA7p/2QxytVWQr30tdJN
+Uc+GE+R2wd2/yhKc/HW6AnYQT+271FucA2wH30CAwEAAaOCAmwwggJoMB0GA1Ud
DgQWBBQSDe9vrJ5mPb6epYHobv9jZ9+mPTAfBgNVHSMEGDAWgBT9Oh6EZb/E33AI
lDctC5gI6LYp6jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19Ub2VoR1dfeE45d0NKUTNMUXVZQ09pMktlby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDEvNTEzNzM0LWE0ODUtNGMyOC04YWE2LTk1NTVkMzBmNmY4Zi8x
L0VnM3ZiNnllWmoyLW5xV0I2RzdfWTJmZnBqMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDEv
NTEzNzM0LWE0ODUtNGMyOC04YWE2LTk1NTVkMzBmNmY4Zi8xL19Ub2VoR1dfeE45
d0NKUTNMUXVZQ09pMktlby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
gQYIKwYBBQUHAQcBAf8EcjBwMFgEAgABMFIwDAMEAAW3rQMEBAW3oAMEAi2b9AME
BE308AMEA1OJcAMEA1TyCAMEA1wqiAMEA5L/OAMEArkzCDAMAwQAwKbxAwQCwKbw
AwQD1OgYAwQD2UoIMBQEAgACMA4DBQAqAa7gAwUDKgIBuDANBgkqhkiG9w0BAQsF
AAOCAQEAgyC8aO8E4YWse3mNEvXTVic8KuqvbIsKaf4A+U/9EWMwjC8UyBol+sK9
MQhSx7HYUMYAAqvIuqcv2raGZeg2a9rya5/ON0ToLuJOAEr8+bi7eAhwO7lNrqpx
13MafsrIHJTS+/Htng6o5Uar5ggvHH864NO2AAmwqKeqkV+pdGyn/mFvfUGS30MU
/EH7e1mkPxUSEjACrftWm2bpaUeEkL+kJS2UuQKjIiw3zleBXJhORBAsXQVJLwl/
hJtXn6vRaBdrukVeFUpx9To0uaC1DUEQurdP1ZyCzsllsIZqY29LsZae/ttpsH7j
O39Efv+xtlVPm016Bz2RoR+pfCCbXQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:56 2024 by rpki-client on console-ams.rpki-client.org