Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/1-15PLiKiwok1P2yfP4LG0nN8n1M.roa
File: 1-15PLiKiwok1P2yfP4LG0nN8n1M.roa (raw, json)
Hash identifier: icf9WWWbP4KL7FyiU3X12o8JMcHkRTpnGQeGqDJ+yU8=
Subject key identifier: FB:5E:4F:2E:22:A2:C2:89:35:3F:6C:9F:3F:82:C6:D2:73:7C:9F:53
Certificate issuer: /CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Certificate serial: 05209D4E
Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/1-15PLiKiwok1P2yfP4LG0nN8n1M.roa
Signing time: Sat 01 Jan 2022 09:01:50 +0000
ROA not before: Sat 01 Jan 2022 09:01:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57844
IP address blocks: 194.113.34.0/24 maxlen: 24
45.83.180.0/24 maxlen: 24
45.83.181.0/24 maxlen: 24
45.83.182.0/24 maxlen: 24
45.83.183.0/24 maxlen: 24
2.58.124.0/22 maxlen: 22
194.110.246.0/24 maxlen: 24
5.181.0.0/22 maxlen: 22
45.66.250.0/23 maxlen: 23
45.143.165.0/24 maxlen: 24
139.28.73.0/24 maxlen: 24
139.28.74.0/24 maxlen: 24
139.28.75.0/24 maxlen: 24
139.28.72.0/24 maxlen: 24
45.150.109.0/24 maxlen: 24
45.150.110.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86023502 (0x5209d4e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Validity
Not Before: Jan 1 09:01:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fb5e4f2e22a2c289353f6c9f3f82c6d2737c9f53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:cb:9c:3e:a6:9d:17:ce:79:86:ce:3f:28:43:
bf:2a:d6:da:bd:9e:9b:aa:31:27:82:0d:ff:ae:34:
ff:b3:96:7c:c3:12:a1:7f:b0:c7:be:97:2e:d2:10:
10:4f:2c:5e:c4:8e:82:3c:e4:24:a2:ce:c2:1e:e7:
8c:15:24:02:a2:c6:71:d8:5a:6e:b8:cf:70:91:a8:
cf:91:38:aa:38:cf:0c:eb:5a:0a:c8:99:a9:ba:f5:
b0:56:6e:5f:4b:13:72:ca:63:b6:2c:43:ad:ea:37:
90:f6:aa:49:77:ec:f9:bb:95:19:aa:8f:c7:6a:b0:
c9:2b:7d:46:7e:18:3f:74:a7:9d:18:08:19:03:c2:
0a:93:2b:eb:73:d8:26:fd:37:fa:bc:ea:8e:8e:25:
56:43:d9:13:50:c4:29:d4:06:5e:51:38:6c:25:9c:
b9:1a:a0:25:8d:1c:3f:dd:e2:fd:93:f8:fb:d9:6e:
4c:2d:84:4a:26:63:4e:35:0d:82:1a:d3:df:06:80:
98:64:ce:1d:9b:64:e6:80:42:23:93:81:ba:92:12:
41:84:3a:70:d6:3f:a3:da:5c:82:a5:ee:e1:83:30:
4c:ed:70:13:5e:18:87:8c:6d:ab:98:07:e3:97:c3:
73:72:c1:ab:dd:ce:2d:02:82:6c:22:30:4e:d0:ea:
2a:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:5E:4F:2E:22:A2:C2:89:35:3F:6C:9F:3F:82:C6:D2:73:7C:9F:53
X509v3 Authority Key Identifier:
keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/1-15PLiKiwok1P2yfP4LG0nN8n1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.124.0/22
5.181.0.0/22
45.66.250.0/23
45.83.180.0/22
45.143.165.0/24
45.150.109.0-45.150.111.255
139.28.72.0/22
194.110.246.0/24
194.113.34.0/24
Signature Algorithm: sha256WithRSAEncryption
21:69:b3:95:11:ad:60:68:59:ac:69:ed:a0:69:a2:a0:09:d1:
32:af:c5:5c:04:40:d1:53:b8:27:8e:5d:07:cd:be:40:0a:c5:
a1:9b:51:47:9a:2b:2f:3a:92:86:2b:ed:a0:b7:f3:17:23:6b:
87:22:0e:76:7f:4f:1f:de:02:6f:42:cb:e8:4b:28:97:97:1d:
0d:c7:50:cb:4f:25:3f:8a:e9:ba:92:fc:19:83:07:c3:2a:ae:
e0:6f:83:3f:c3:d4:96:6b:fd:03:37:af:bb:fd:8a:2a:70:78:
54:67:3c:79:83:e3:f6:55:1d:d7:2b:59:d1:eb:d9:31:3d:63:
d2:ee:5b:63:6f:92:e5:b5:76:e9:28:04:7c:b0:07:74:41:50:
74:28:f1:69:3f:de:3a:0c:05:eb:aa:16:bc:b5:c2:e8:1f:36:
45:c6:e6:a8:4e:02:01:80:37:27:80:ca:f2:f3:e3:e3:48:01:
dc:e9:a8:1e:42:7e:b7:ee:d9:67:f0:b3:3f:46:b1:19:ac:6a:
7e:bf:fe:79:12:c7:77:49:76:46:3b:4c:e2:b1:5c:88:de:8a:
ae:d3:d6:b2:08:77:e7:bd:20:9c:1e:62:99:fe:ee:eb:86:b8:
d6:51:86:8a:8e:3f:1c:17:cb:10:e9:bf:5f:76:47:c1:88:9d:
33:af:22:df
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIEBSCdTjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZDIwZGRkMzk4ZGFjOGY2MmNjMTI1MjYzMjVmMTgyMWZiNzI0Zjc1MB4XDTIyMDEw
MTA5MDE1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmI1ZTRmMmUyMmEy
YzI4OTM1M2Y2YzlmM2Y4MmM2ZDI3MzdjOWY1MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMbLnD6mnRfOeYbOPyhDvyrW2r2em6oxJ4IN/640/7OWfMMS
oX+wx76XLtIQEE8sXsSOgjzkJKLOwh7njBUkAqLGcdhabrjPcJGoz5E4qjjPDOta
CsiZqbr1sFZuX0sTcspjtixDreo3kPaqSXfs+buVGaqPx2qwySt9Rn4YP3SnnRgI
GQPCCpMr63PYJv03+rzqjo4lVkPZE1DEKdQGXlE4bCWcuRqgJY0cP93i/ZP4+9lu
TC2ESiZjTjUNghrT3waAmGTOHZtk5oBCI5OBupISQYQ6cNY/o9pcgqXu4YMwTO1w
E14Yh4xtq5gH45fDc3LBq93OLQKCbCIwTtDqKosCAwEAAaOCAkIwggI+MB0GA1Ud
DgQWBBT7Xk8uIqLCiTU/bJ8/gsbSc3yfUzAfBgNVHSMEGDAWgBRtIN3TmNrI9izB
JSYyXxgh+3JPdTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JTRGQwNWpheVBZc3dTVW1NbDhZSWZ0eVQzVS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDEvYTFhODhmLTFkZmYtNGVmZi04MjZiLTM2ZGU2NTcyMzJiZS8x
LzEtMTVQTGlLaXdvazFQMnlmUDRMRzBuTjhuMU0ucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzAx
L2ExYTg4Zi0xZGZmLTRlZmYtODI2Yi0zNmRlNjU3MjMyYmUvMS9iU0RkMDVqYXlQ
WXN3U1VtTWw4WUlmdHlUM1UuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
VwYIKwYBBQUHAQcBAf8ESDBGMEQEAgABMD4DBAICOnwDBAIFtQADBAEtQvoDBAIt
U7QDBAAtj6UwDAMEAC2WbQMEBC2WYAMEAoscSAMEAMJu9gMEAMJxIjANBgkqhkiG
9w0BAQsFAAOCAQEAIWmzlRGtYGhZrGntoGmioAnRMq/FXARA0VO4J45dB82+QArF
oZtRR5orLzqShivtoLfzFyNrhyIOdn9PH94Cb0LL6Esol5cdDcdQy08lP4rpupL8
GYMHwyqu4G+DP8PUlmv9Azevu/2KKnB4VGc8eYPj9lUd1ytZ0evZMT1j0u5bY2+S
5bV26SgEfLAHdEFQdCjxaT/eOgwF66oWvLXC6B82RcbmqE4CAYA3J4DK8vPj40gB
3OmoHkJ+t+7ZZ/CzP0axGaxqfr/+eRLHd0l2RjtM4rFciN6KrtPWsgh3570gnB5i
mf7u64a41lGGio4/HBfLEOm/X3ZHwYidM68i3w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:00 2024 by rpki-client on console-ams.rpki-client.org