Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/Ar5Wem1MyPOy-SC4YTHWOqJ9Q68.roa
File: Ar5Wem1MyPOy-SC4YTHWOqJ9Q68.roa (raw, json)
Hash identifier: XEsxSVcnnEipATgdWDx3OuM1xsE44cXK7ByHVVGGQCo=
Subject key identifier: 02:BE:56:7A:6D:4C:C8:F3:B2:F9:20:B8:61:31:D6:3A:A2:7D:43:AF
Certificate issuer: /CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Certificate serial: 018557D9113297B359E9731838CF7CC42DC9
Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/Ar5Wem1MyPOy-SC4YTHWOqJ9Q68.roa
Signing time: Wed 28 Dec 2022 08:28:41 +0000
ROA not before: Wed 28 Dec 2022 08:28:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35913
IP address blocks: 194.110.246.0/24 maxlen: 24
194.113.35.0/24 maxlen: 24
5.181.3.0/24 maxlen: 24
5.181.1.0/24 maxlen: 24
5.181.2.0/24 maxlen: 24
5.181.0.0/24 maxlen: 24
45.143.164.0/24 maxlen: 24
45.143.165.0/24 maxlen: 24
192.144.12.0/22 maxlen: 24
2a09:fb86::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:57:d9:11:32:97:b3:59:e9:73:18:38:cf:7c:c4:2d:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Validity
Not Before: Dec 28 08:28:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=02be567a6d4cc8f3b2f920b86131d63aa27d43af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:eb:88:6f:e0:ea:a2:e3:34:8e:45:fa:eb:a2:
92:91:5c:0f:19:c0:98:aa:2a:f7:e8:f2:aa:d4:b1:
67:6d:ae:96:d0:19:73:5d:62:c5:61:10:0a:65:27:
9d:e0:bc:fe:bd:59:36:55:3e:47:e1:0e:9a:b3:09:
55:3e:c6:ca:15:0c:06:f4:a6:71:78:73:3c:25:0f:
95:a0:91:ec:9d:4d:8b:2e:e5:7e:64:6b:c9:5f:a6:
64:97:bc:80:7a:22:fc:48:01:24:d1:7f:77:76:31:
71:49:bd:f0:e5:69:a0:1e:6d:1b:9c:69:e3:ac:28:
14:55:4e:37:3d:3c:4e:1a:99:59:26:0b:f8:e2:13:
b4:7e:68:41:86:e5:78:49:8f:09:c9:61:99:2f:f5:
fd:4e:30:a7:88:e6:69:27:52:ec:54:68:35:85:d5:
9e:0c:c5:2a:12:c3:f5:89:6f:37:8a:f9:67:a4:af:
45:43:7d:d9:3a:0d:de:cb:74:fa:82:e0:94:1e:26:
5a:c2:25:3e:dc:1e:f9:09:c7:d2:8a:4f:e9:aa:fa:
fb:29:a2:5c:6c:42:61:a9:6f:4f:ac:22:56:ab:1a:
4e:a1:c4:a6:94:73:75:58:6a:ec:63:fe:b3:6e:01:
de:c0:1d:d9:f3:48:ab:ab:71:2e:41:1a:83:4c:e4:
f5:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:BE:56:7A:6D:4C:C8:F3:B2:F9:20:B8:61:31:D6:3A:A2:7D:43:AF
X509v3 Authority Key Identifier:
keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/Ar5Wem1MyPOy-SC4YTHWOqJ9Q68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.0.0/22
45.143.164.0/23
192.144.12.0/22
194.110.246.0/24
194.113.35.0/24
IPv6:
2a09:fb86::/32
Signature Algorithm: sha256WithRSAEncryption
2e:70:63:39:16:12:dd:d4:1d:14:0b:19:d2:32:b2:b4:92:ec:
a5:a7:83:8f:7c:03:3a:8b:e9:70:30:d1:a2:0a:ab:34:a8:a4:
3f:e0:a1:48:8b:f1:50:6b:33:4c:59:90:ea:f8:4d:32:af:94:
f9:49:7b:73:0a:01:81:0b:33:7a:a1:6f:cd:71:2f:64:b8:da:
2c:87:70:e4:e3:88:de:a2:f2:3f:53:b8:ac:21:0a:c1:53:fe:
b2:07:29:97:06:8e:2a:4b:ae:9b:36:eb:3a:cd:2e:0a:60:76:
0e:c3:61:c8:f8:d5:3f:90:33:25:b2:cf:0c:8c:0d:bd:fa:8a:
75:9d:04:7e:3f:f2:60:89:0b:05:ee:48:bd:a4:77:5e:c7:aa:
0e:3a:0e:7d:8d:32:6d:86:19:49:1c:00:f3:4e:73:90:f2:6b:
22:87:fb:41:16:01:4d:ce:44:74:36:90:fa:cf:22:c4:dd:9c:
6e:4c:93:c5:f4:99:8d:25:a8:6a:0b:d3:bd:37:c6:20:9c:e3:
c3:bb:86:5e:f0:08:71:02:19:ab:39:85:ad:ac:be:d3:81:bb:
63:6e:c8:66:2c:b8:01:2e:ec:f3:4c:f6:9a:45:a7:e8:c5:af:
5e:f5:cb:01:e6:e0:c6:57:ce:f2:28:59:e1:2d:1a:01:b4:0e:
b1:7c:f2:5a
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVX2REyl7NZ6XMYOM98xC3JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMjBkZGQzOThkYWM4ZjYyY2MxMjUyNjMyNWYxODIxZmI3
MjRmNzUwHhcNMjIxMjI4MDgyODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmJlNTY3YTZkNGNjOGYzYjJmOTIwYjg2MTMxZDYzYWEyN2Q0M2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhuuIb+DqouM0jkX666KSkVwPGcCY
qir36PKq1LFnba6W0BlzXWLFYRAKZSed4Lz+vVk2VT5H4Q6aswlVPsbKFQwG9KZx
eHM8JQ+VoJHsnU2LLuV+ZGvJX6Zkl7yAeiL8SAEk0X93djFxSb3w5WmgHm0bnGnj
rCgUVU43PTxOGplZJgv44hO0fmhBhuV4SY8JyWGZL/X9TjCniOZpJ1LsVGg1hdWe
DMUqEsP1iW83ivlnpK9FQ33ZOg3ey3T6guCUHiZawiU+3B75CcfSik/pqvr7KaJc
bEJhqW9PrCJWqxpOocSmlHN1WGrsY/6zbgHewB3Z80irq3EuQRqDTOT1twIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFAK+VnptTMjzsvkguGEx1jqifUOvMB8GA1UdIwQY
MBaAFG0g3dOY2sj2LMElJjJfGCH7ck91MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmIt
MzZkZTY1NzIzMmJlLzEvQXI1V2VtMU15UE95LVNDNFlUSFdPcUo5UTY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmItMzZkZTY1NzIzMmJl
LzEvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCBbUAAwQB
LY+kAwQCwJAMAwQAwm72AwQAwnEjMA0EAgACMAcDBQAqCfuGMA0GCSqGSIb3DQEB
CwUAA4IBAQAucGM5FhLd1B0UCxnSMrK0kuylp4OPfAM6i+lwMNGiCqs0qKQ/4KFI
i/FQazNMWZDq+E0yr5T5SXtzCgGBCzN6oW/NcS9kuNosh3Dk44jeovI/U7isIQrB
U/6yBymXBo4qS66bNus6zS4KYHYOw2HI+NU/kDMlss8MjA29+op1nQR+P/JgiQsF
7ki9pHdex6oOOg59jTJthhlJHADzTnOQ8msih/tBFgFNzkR0NpD6zyLE3ZxuTJPF
9JmNJahqC9O9N8YgnOPDu4Ze8AhxAhmrOYWtrL7TgbtjbshmLLgBLuzzTPaaRafo
xa9e9csB5uDGV87yKFnhLRoBtA6xfPJa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:37 2024 by rpki-client on console-fra.rpki-client.org